Testing PSMSALNet because MSAL.PS has been archived

Testing PSMSALNet because MSAL.PS has been archived

Hi All,

Recently i have learned that the MSAL.PS PowerShell Module has been archived.

I am using the new PSResourceGet here instead of the PowerShellGet commands.

Find the PSMSALNet PowerShell Module in the PowerShell Gallery.

Import-Module Microsoft.PowerShell.PSResourceGet
Find-PSResource PSMSALNet

Install the Module

Install-PSResource PSMSALNet -Scope AllUsers
Get-InstalledPSResource PSMSALNet -Scope AllUsers

List all Commands of the Module

Get-Command -Module PSMSALNet

Here i declare the Variables that are used in all Scripts

###############################################################################
# Setting up Variables
###############################################################################
Import-Module PSMSALNet
$TenantId = "46bbad84-29f0-4e03-8d34-f6841a5071ad"
$AppID = "c1a5903b-cd73-48fe-ac1f-e71bde968412"
$RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient"

Authenticate with AppID and ClientSecret. One thing i don’t like here is that the ClientSecret is passed in Cleartext an not within a SecureString Variable.

###############################################################################
# Authenticate with ClientSecret
###############################################################################
$ClientSecret = "PaZ8Q~-TE92.52FpvTUSXjfUgWUBEOGpud14kbuK"
$HashArguments = @{
  ClientId = $AppID
  ClientSecret = $ClientSecret
  TenantId = $TenantId
  Resource = "GraphAPI"
}
$Token = Get-EntraToken -ClientCredentialFlowWithSecret @HashArguments
$AccessToken = $Token.AccessToken
#$AccessToken
Get-JWTDetails -token $AccessToken

Authenticate with AppID and a Certificate

###############################################################################
# Authenticate with Certificate
###############################################################################
$CertificateThumbprint = "07EFF3918F47995EB53B91848F69B5C0E78622FD" #O365Powershell3.cer
$Certificate = Get-ChildItem -Path cert:\CurrentUser\my\$CertificateThumbprint

$HashArguments = @{
  ClientId = $AppID
  ClientCertificate = $Certificate
  TenantId = $TenantId
  Resource = "GraphAPI"
}
$Token = Get-EntraToken -ClientCredentialFlowWithCertificate @HashArguments
$AccessToken = $Token.AccessToken
#$AccessToken
Get-JWTDetails -token $AccessToken

Authenticate via DeviceCode

###############################################################################
# DeviceCode
###############################################################################
$HashArguments = @{
  ClientId = $AppID
  TenantId = $TenantId
  Resource = "GraphAPI"
  Permissions = @("Mail.ReadWrite", "Mail.Send", "Calendars.ReadWrite", "Contacts.ReadWrite", "Tasks.ReadWrite")
  verbose = $true
}
$Token = Get-EntraToken -DeviceCodeFlow @HashArguments
$AccessToken = $Token.AccessToken
#$AccessToken
Get-JWTDetails -token $AccessToken

Authenticate with Authorization code with PKCE

###############################################################################
# Authorization code with PKCE
###############################################################################
$RedirectUri = "http://localhost"
$HashArguments = @{
  ClientId = $AppID
  TenantId = $TenantId
  RedirectUri = $RedirectUri
  Resource = 'GraphAPI'
  Permissions =  @("Mail.ReadWrite", "Mail.Send", "Calendars.ReadWrite", "Contacts.ReadWrite", "Tasks.ReadWrite")
  verbose = $false
}
$Token = Get-EntraToken -PublicAuthorizationCodeFlow @HashArguments
$AccessToken = $Token.AccessToken
#$AccessToken
Get-JWTDetails -token $AccessToken

I’ve updated the Scripts with MSAL.PS on my GitHub Repo

Regards
Andres Bohren

PowerShell Logo