-
Notifications
You must be signed in to change notification settings - Fork 4
/
store-credential.ps1
76 lines (60 loc) · 3.12 KB
/
store-credential.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#
# Copyright 2024 gematik GmbH
#
# The Authenticator App is licensed under the European Union Public Licence (EUPL); every use of the Authenticator App
# Sourcecode must be in compliance with the EUPL.
#
# You will find more details about the EUPL here: https://joinup.ec.europa.eu/collection/eupl
#
# Unless required by applicable law or agreed to in writing, software distributed under the EUPL is distributed on an "AS
# IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the EUPL for the specific
# language governing permissions and limitations under the License.ee the Licence for the specific language governing
# permissions and limitations under the Licence.
#
# DISCLAIMER:
# This piece of software is an example to deploy credentials into the local Windows Credential Manager. It is not an
# official part of the Authenticator application. It is rather a helpful tool for administrators to assist the
# credentials distribution in a scaled environment. Hence, the gematik neither does offer support nor will the gematik
# be obliged to update this software.
# However, the gematik is free to do this voluntarily.
# Store credentials in Windows Credential Manager using cmdkey
# https://learn.microsoft.com/de-de/windows-server/administration/windows-commands/cmdkey
################################################################################
# Choosing the Correct Credential Type
################################################################################
# Target name: 'Gematik_Authenticator/Connector_BasicAuth'
# Username and Password is required
# Target name: 'Gematik_Authenticator/Connector_ClientCert_Password'
# a generic (unused) username is required as well as the password of the pfx file. This is due to the fact, that the
# credential manager interface does not take password-only entries.
# Target name: 'Gematik_Authenticator/Proxy_BasicAuth'
# Username and Password is required
$validTargetNames = @(
"Gematik_Authenticator/Connector_BasicAuth",
"Gematik_Authenticator/Connector_ClientCert_Password",
"Gematik_Authenticator/Proxy_BasicAuth"
)
$targetName = ""
if ($targetName -notin $validTargetNames) {
write-host "targetName only supports the following values:`n" ($validTargetNames -join "`n")
return
}
################################################################################
# Setting Up Credentials According to the Requirements for the Target
################################################################################
$userName = ""
$password = ""
# The following commented-out param command enables the parametrization of this script with a prompt.
# However, this only makes sense, if the script is run locally because the parameters are only usable on runtime.
#param ($userName, $password)
if ([string]::IsNullOrEmpty($userName)) {
write-host "userName must be defined"
return
}
if ([string]::IsNullOrEmpty($password)) {
write-host "password must be defined"
return
}
# This is the relevant command which is invoked.
$cmdkeyCommand = "cmdkey /generic:$targetName /user:$userName /pass:'$password'"
Invoke-Expression -Command $cmdkeyCommand;