Tag Archives: PoC

“Logon” Processing Code

I’m working on something new and there’s not much on this topic in relation to PowerShell. Compared to some other topics, there’s not much on it anyway. I want to use PowerShell to authenticate with Shibboleth, and I want to use its ECP profile. Shibboleth is typically implemented with a browser and its SSO profile. My goal, while I’m not sure if I’ll get there or not, is to authenticate with Shibboleth from a non-browser-based client: my PowerShell ConsoleHost.

As a part of this effort, I wrote some Proof of Concept (PoC) code that requires a logon. There’s nothing special about this code, but I’m going to dump it here, right on my website, just in case anyone wants to read through it. It’s mostly straightforward, but it does present a momentary challenge as you walk through what does what. You might just use it for that — a challenge — while I’ll use this post for the storage of the code itself. Feel free to read over the code and then the short information section beneath it. Again, just locking the ability to use a specific function until I’m “logged” on.

Function Get-Process5 {
	$Script:OriginalPrompt = prompt
	If ($Script:LoggedOn) {
		Get-Process | Select-Object -First 5
		Disconnect-Shibboleth
	} Else {
		$Script:CommandToInvoke = $MyInvocation.MyCommand.Name
		Invoke-UserIDPassPrompt
	} # End If-Else.
} # End Function: Get-Process5.

Function Invoke-UserIDPassPrompt {
	$Script:UserIDUserName = Read-Host -Prompt "$Script:OriginalPrompt   UserID"
	$Script:UserIDPassword = Read-Host -Prompt "$Script:OriginalPrompt Password" -AsSecureString
	Connect-Shibboleth
} # End Function: Invoke-UserIDPassPrompt.

Function Connect-Shibboleth {
	If ($Script:UserIDUserName -and $Script:UserIDPassword) {
		$Script:LoggedOn = $true
		& $Script:CommandToInvoke
	} # End If.
} # End Function: Connect-Shibboleth.

Function Disconnect-Shibboleth {
	$Message = 'Do you want to disconnect from Shibboleth [Y/N]'
	Do {
		$Response = Read-Host -Prompt $Message
		If ($Response -eq 'y') {$Script:LoggedOn = $false} # End If.
	} Until ($Response -eq 'y' -or $Response -eq 'n') # End Do-Until.
} # End Function: Disconnect-Shibboleth.

There are four separate functions: Get-Process5, Invoke-UserIDPassPrompt, Connect-Shibboleth, and Disconnect-Shibboleth. When the above code is executed, it will first attempt to invoke the Get-Process5 function. If you’re “logged on,” it will return the first five processes running on the computer and then prompt you to disconnect (think “logoff”). I put quotes around “logged on” and “logoff” because there is no true log on/off going on here. It really is just PoC code that runs regardless of the UserID and or password that is entered. If this is of interest, then have a peek. For me, I doubt I’ll actually be back for this, as most of what I needed to write (so far), has been written. Still, a neat little moment in time that produced some PowerShell worth more than being fully discarded.