Merge pull request #12 from alagoutte/enhance-connect

Enhance Connection (Support -SkipCertificateCheck, Cipher options)
Indentation fixes

Fixes #8

Functions/Helpers/InvokeNetboxRequest.ps1

@@ -47,6 +47,8 @@ function InvokeNetboxRequest {
         'Verbose'     = $VerbosePreference
     }
 
+    $splat += Get-NetboxInvokeParams
+
     if ($Body) {
         Write-Verbose "BODY: $($Body | ConvertTo-Json -Compress)"
         $null = $splat.Add('Body', ($Body | ConvertTo-Json -Compress))
@@ -93,11 +95,13 @@ function InvokeNetboxRequest {
     if ($Raw) {
         Write-Verbose "Returning raw result by choice"
         return $result
-    } else {
+    }
+    else {
         if ($result.psobject.Properties.Name.Contains('results')) {
             Write-Verbose "Found Results property on data, returning results directly"
             return $result.Results
-        } else {
+        }
+        else {
             Write-Verbose "Did NOT find results property on data, returning raw result"
             return $result
         }

Functions/Setup/Connect-NetboxAPI.ps1

@@ -49,13 +49,17 @@
 
         [Parameter(ParameterSetName = 'URI',
                    Mandatory = $true)]
-        [string]$URI
+        [string]$URI,
+
+        [Parameter(Mandatory = $false)]
+        [switch]$SkipCertificateCheck = $false
     )
 
     if (-not $Credential) {
         try {
             $Credential = Get-NetboxCredential -ErrorAction Stop
-        } catch {
+        }
+        catch {
             # Credentials are not set... Try to obtain from the user
             if (-not ($Credential = Get-Credential -UserName 'username-not-applicable' -Message "Enter token for Netbox")) {
                 throw "Token is necessary to connect to a Netbox API."
@@ -63,7 +67,22 @@
         }
     }
 
-    $null = Set-NetboxCredential -Credential $Credential
+    $invokeParams = @{ SkipCertificateCheck = $SkipCertificateCheck; }
+
+    if ("Desktop" -eq $PSVersionTable.PsEdition) {
+        #Remove -SkipCertificateCheck from Invoke Parameter (not supported <= PS 5)
+        $invokeParams.remove("SkipCertificateCheck")
+    }
+
+    #for PowerShell (<=) 5 (Desktop), Enable TLS 1.1, 1.2 and Disable SSL chain trust
+    if ("Desktop" -eq $PSVersionTable.PsEdition) {
+        #Enable TLS 1.1 and 1.2
+        Set-NetboxCipherSSL
+        if ($SkipCertificateCheck) {
+            #Disable SSL chain trust...
+            Set-NetboxuntrustedSSL
+        }
+    }
 
     switch ($PSCmdlet.ParameterSetName) {
         'Manual' {
@@ -79,18 +98,22 @@
     }
 
     $null = Set-NetboxHostName -Hostname $uriBuilder.Host
+    $null = Set-NetboxCredential -Credential $Credential
     $null = Set-NetboxHostScheme -Scheme $uriBuilder.Scheme
     $null = Set-NetboxHostPort -Port $uriBuilder.Port
+    $null = Set-NetboxInvokeParams -invokeParams $invokeParams
 
     try {
         Write-Verbose "Verifying API connectivity..."
         $null = VerifyAPIConnectivity
-    } catch {
+    }
+    catch {
         Write-Verbose "Failed to connect. Generating error"
         Write-Verbose $_.Exception.Message
         if (($_.Exception.Response) -and ($_.Exception.Response.StatusCode -eq 403)) {
             throw "Invalid token"
-        } else {
+        }
+        else {
             throw $_
         }
     }

Functions/Setup/Get-NetboxInvokeParams.ps1

@@ -0,0 +1,11 @@
+function Get-NetboxInvokeParams {
+    [CmdletBinding()]
+    param ()
+
+    Write-Verbose "Getting Netbox InvokeParams"
+    if ($null -eq $script:NetboxConfig.InvokeParams) {
+        throw "Netbox Invoke Parms is not set! You may set it with Set-NetboxInvokeParams -InvokeParams ..."
+    }
+
+    $script:NetboxConfig.InvokeParams
+}

Functions/Setup/Set-NetboxCipherSSL.ps1

@@ -0,0 +1,8 @@
+Function Set-NetboxCipherSSL {
+    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessforStateChangingFunctions", "")]
+    Param(  )
+    # Hack for allowing TLS 1.1 and TLS 1.2 (by default it is only SSL3 and TLS (1.0))
+    $AllProtocols = [System.Net.SecurityProtocolType]'Ssl3,Tls,Tls11,Tls12'
+    [System.Net.ServicePointManager]::SecurityProtocol = $AllProtocols
+
+}

Functions/Setup/Set-NetboxInvokeParams.ps1

@@ -0,0 +1,15 @@
+function Set-NetboxInvokeParams {
+    [CmdletBinding(ConfirmImpact = 'Low',
+        SupportsShouldProcess = $true)]
+    [OutputType([string])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [array]$InvokeParams
+    )
+
+    if ($PSCmdlet.ShouldProcess('Netbox Invoke Params', 'Set')) {
+        $script:NetboxConfig.InvokeParams = $InvokeParams
+        $script:NetboxConfig.InvokeParams
+    }
+}

Functions/Setup/Set-NetboxUnstrustedSSL.ps1

@@ -0,0 +1,19 @@
+Function Set-NetboxUntrustedSSL {
+    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessforStateChangingFunctions", "")]
+    Param(  )
+    # Hack for allowing untrusted SSL certs with https connections
+    Add-Type -TypeDefinition @"
+    using System.Net;
+    using System.Security.Cryptography.X509Certificates;
+    public class TrustAllCertsPolicy : ICertificatePolicy {
+        public bool CheckValidationResult(
+        ServicePoint srvPoint, X509Certificate certificate,
+        WebRequest request, int certificateProblem) {
+            return true;
+        }
+    }
+"@
+
+    [System.Net.ServicePointManager]::CertificatePolicy = New-Object -TypeName TrustAllCertsPolicy
+
+}