From 9f448be8ab76767feba6c7c0c39cccede7ab6875 Mon Sep 17 00:00:00 2001 From: Gaurav Agrawal Date: Tue, 13 Jun 2023 00:31:03 -0400 Subject: [PATCH 1/2] Upgrade to .Net 7 to resolve the vulnerability --- src/Thycotic.SecretServer.psd1 | 250 +++++++++--------- .../Thycotic.SecretServer.csproj | 10 +- .../classes/authentication/Session.cs | 106 ++++---- .../cmdlets/private/InvokeTssApiCmdlet.cs | 32 +-- .../cmdlets/private/NewTssApiToken.cs | 25 +- 5 files changed, 213 insertions(+), 210 deletions(-) diff --git a/src/Thycotic.SecretServer.psd1 b/src/Thycotic.SecretServer.psd1 index 1967e730..b8e32f20 100644 --- a/src/Thycotic.SecretServer.psd1 +++ b/src/Thycotic.SecretServer.psd1 @@ -3,7 +3,7 @@ # # Generated by: Delinea Professional Services # -# Generated on: 6/22/2022 +# Generated on: 6/9/2023 # @{ @@ -33,7 +33,7 @@ Copyright = '(c) Delinea Professional Services. All rights reserved.' Description = 'Interact with the Secret Server REST API' # Minimum version of the PowerShell engine required by this module -PowerShellVersion = '5.1' +PowerShellVersion = '7.3.4' # Name of the PowerShell host required by this module # PowerShellHostName = '' @@ -69,129 +69,129 @@ FormatsToProcess = 'Thycotic.SecretServer.Format.ps1xml' NestedModules = @('bin\Thycotic.SecretServer.dll') # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. -FunctionsToExport = 'Add-TssDirectoryServiceGroup', 'Add-TssEventPipeline', - 'Add-TssFolderPermission', 'Add-TssGroupMember', 'Add-TssListOption', - 'Add-TssSecretPermission', 'Add-TssSecretTemplateField', - 'Clear-TssList', 'Clear-TssListOption', 'Close-TssSecret', - 'Close-TssSession', 'Disable-TssEventPipeline', - 'Disable-TssEventPipelinePolicy', 'Disable-TssSecretCheckout', - 'Disable-TssSecretEmail', 'Disable-TssUnlimitedAdmin', - 'Disable-TssUser', 'Enable-TssEventPipeline', - 'Enable-TssEventPipelinePolicy', 'Enable-TssSecretCheckout', - 'Enable-TssSecretEmail', 'Enable-TssUnlimitedAdmin', 'Enable-TssUser', - 'Export-TssAutoExportStorageItem', 'Export-TssReport', - 'Find-TssFolder', 'Find-TssGroup', 'Find-TssReport', 'Find-TssSecret', - 'Find-TssUser', 'Get-TssConfiguration', - 'Get-TssConfigurationAutoExport', 'Get-TssConfigurationBackup', - 'Get-TssConfigurationLocalUserPassword', - 'Get-TssConfigurationLogin', 'Get-TssConfigurationRpc', - 'Get-TssConfigurationSaml', 'Get-TssConfigurationSearchIndex', - 'Get-TssConfigurationSecurity', 'Get-TssConfigurationSiteConnector', - 'Get-TssDiagnostic', 'Get-TssDiagnosticBackgroundProcess', - 'Get-TssDiagnosticConnectivityReport', - 'Get-TssDirectoryServiceDomain', - 'Get-TssDirectoryServiceSyncStatus', 'Get-TssDiscoveryStatus', - 'Get-TssDistributedEngineConfiguration', - 'Get-TssDistributedEngineConnectorCredential', - 'Get-TssDistributedEngineDownload', - 'Get-TssDistributedEngineServerCapabilities', - 'Get-TssDistributedEngineSite', - 'Get-TssDistributedEngineSiteConnector', 'Get-TssEventPipeline', - 'Get-TssEventPipelinePolicy', 'Get-TssEventPipelinePolicyActivity', - 'Get-TssEventPipelineRun', 'Get-TssFolder', 'Get-TssFolderAudit', - 'Get-TssFolderPermission', 'Get-TssFolderState', 'Get-TssGroup', - 'Get-TssGroupMember', 'Get-TssGroupRole', 'Get-TssGroupUser', - 'Get-TssList', 'Get-TssListCategory', 'Get-TssListOption', - 'Get-TssMetadataField', 'Get-TssReport', 'Get-TssReportCategory', - 'Get-TssReportParameter', 'Get-TssReportSchedule', - 'Get-TssRpcAssociatedSecret', 'Get-TssRpcPasswordType', - 'Get-TssScript', 'Get-TssSecret', 'Get-TssSecretAccessRequest', - 'Get-TssSecretAccessRequestOption', - 'Get-TssSecretAccessRequestSecret', 'Get-TssSecretAttachment', - 'Get-TssSecretAudit', 'Get-TssSecretDependency', - 'Get-TssSecretDependencyGroup', 'Get-TssSecretDependencyRunStatus', - 'Get-TssSecretDependencyScript', 'Get-TssSecretDependencyStub', - 'Get-TssSecretDependencyTemplate', 'Get-TssSecretField', - 'Get-TssSecretHeartbeatStatus', 'Get-TssSecretHook', - 'Get-TssSecretHookStub', 'Get-TssSecretPasswordStatus', - 'Get-TssSecretPolicy', 'Get-TssSecretPolicyItemStub', - 'Get-TssSecretPolicyStub', 'Get-TssSecretSetting', - 'Get-TssSecretState', 'Get-TssSecretStub', 'Get-TssSecretSummary', - 'Get-TssSecretTemplate', 'Get-TssSecretTemplateFolder', - 'Get-TssSecretWebTemplate', 'Get-TssSite', 'Get-TssUser', - 'Get-TssUserAudit', 'Get-TssUserGroup', 'Get-TssUserOwner', - 'Get-TssUserRole', 'Get-TssUserRoleAssigned', 'Get-TssVersion', - 'Initialize-TssSdkClient', 'Invoke-TssReport', 'Invoke-TssRestApi', - 'Invoke-TssSecretGeneratePassword', 'Lock-TssUser', 'Move-TssFolder', - 'New-TssDirectoryService', 'New-TssDistributedEngineSite', - 'New-TssDistributedEngineSiteConnector', 'New-TssFolder', - 'New-TssFolderPermission', 'New-TssGroup', 'New-TssIpRestriction', - 'New-TssList', 'New-TssMetadataField', 'New-TssReport', - 'New-TssReportSchedule', 'New-TssScript', 'New-TssSecret', - 'New-TssSecretDependency', 'New-TssSecretDependencyGroup', - 'New-TssSecretHook', 'New-TssSecretPermission', 'New-TssSecretPolicy', - 'New-TssSecretTemplate', 'New-TssSecretTemplateField', - 'New-TssSession', 'New-TssUser', 'Open-TssSecret', - 'Register-TssDistributedEngine', 'Remove-TssDirectoryServiceGroup', - 'Remove-TssDistributedEngine', 'Remove-TssEventPipeline', - 'Remove-TssFolder', 'Remove-TssFolderPermission', - 'Remove-TssFolderTemplate', 'Remove-TssGroupMember', - 'Remove-TssIpRestriction', 'Remove-TssIpRestrictionGroup', - 'Remove-TssIpRestrictionUser', 'Remove-TssList', 'Remove-TssMetadata', - 'Remove-TssReport', 'Remove-TssReportCategory', - 'Remove-TssReportSchedule', 'Remove-TssSecret', - 'Remove-TssSecretDependency', 'Remove-TssSecretHook', - 'Remove-TssSecretPermission', 'Remove-TssUserPii', - 'Reset-TssUserPassword', 'Restore-TssSecret', 'Revoke-TssSecret', - 'Search-TssAutoExportStorage', 'Search-TssConfigurationAudit', - 'Search-TssConfigurationBackupLog', - 'Search-TssDirectoryServiceDomain', - 'Search-TssDirectoryServiceGroup', - 'Search-TssDirectoryServiceGroupMember', - 'Search-TssDistributedEngine', - 'Search-TssDistributedEngineConnector', - 'Search-TssDistributedEngineSite', 'Search-TssEventPipeline', - 'Search-TssEventPipelinePolicy', 'Search-TssFolder', - 'Search-TssFolderPermission', 'Search-TssGroup', - 'Search-TssIpRestriction', 'Search-TssIpRestrictionGroup', - 'Search-TssIpRestrictionUser', 'Search-TssList', 'Search-TssMetadata', - 'Search-TssMetadataHistory', 'Search-TssMetadataSection', - 'Search-TssReport', 'Search-TssReportSchedule', 'Search-TssRole', - 'Search-TssRpcPasswordType', 'Search-TssScript', 'Search-TssSecret', - 'Search-TssSecretAccessRequest', 'Search-TssSecretDependency', - 'Search-TssSecretHook', 'Search-TssSecretPermission', - 'Search-TssSecretPolicy', 'Search-TssSecretsByUrl', - 'Search-TssSecretTemplate', 'Search-TssServerNode', - 'Search-TssSystemLog', 'Search-TssUser', 'Search-TssWorkflowTemplate', - 'Set-TssConfigurationAutoExport', 'Set-TssConfigurationGeneral', - 'Set-TssConfigurationLocalUserPassword', - 'Set-TssConfigurationLogin', 'Set-TssConfigurationRpc', - 'Set-TssConfigurationSecurity', 'Set-TssDistributedEngine', - 'Set-TssDistributedEngineSite', - 'Set-TssDistributedEngineSiteConnector', 'Set-TssFolder', - 'Set-TssIpRestrictionGroup', 'Set-TssIpRestrictionUser', - 'Set-TssSecret', 'Set-TssSecretExpiration', 'Set-TssSecretField', - 'Set-TssSecretPolicy', 'Set-TssSecretRpcAssociated', - 'Set-TssSecretRpcPrivileged', 'Set-TssSecretSecurity', - 'Set-TssSecretTemplate', 'Show-TssCurrentUser', - 'Show-TssListCurrentUser', 'Start-TssConfigurationBackup', - 'Start-TssConfigurationSearchIndex', - 'Start-TssDirectoryServiceSync', 'Start-TssDiscovery', - 'Start-TssSecretChangePassword', 'Start-TssSecretDependency', - 'Start-TssSecretHeartbeat', 'Stop-TssSecretChangePassword', - 'Test-TssDistributedEngineCloudAccess', - 'Test-TssDistributedEngineSiteConnector', 'Test-TssFolderAction', - 'Test-TssSdkClient', 'Test-TssSecretAction', 'Test-TssSecretState', - 'Test-TssSession', 'Test-TssVersion', 'Unlock-TssUser', - 'Unregister-TssDistributedEngine', 'Update-TssDistributedEngine', - 'Update-TssFolder', 'Update-TssFolderPermission', - 'Update-TssGroupMember', 'Update-TssIpRestriction', 'Update-TssList', - 'Update-TssMetadataField', 'Update-TssMetadataSection', - 'Update-TssSecret', 'Update-TssSecretAccessRequest', - 'Update-TssSecretHook', 'Update-TssSecretPermission', - 'Update-TssSecretRdpLauncherSetting', - 'Update-TssSecretTemplateField', 'Update-TssServerNode', - 'Update-TssUser', 'Update-TssUserPassword', +FunctionsToExport = 'Add-TssDirectoryServiceGroup', 'Add-TssEventPipeline', + 'Add-TssFolderPermission', 'Add-TssGroupMember', 'Add-TssListOption', + 'Add-TssSecretPermission', 'Add-TssSecretTemplateField', + 'Clear-TssList', 'Clear-TssListOption', 'Close-TssSecret', + 'Close-TssSession', 'Disable-TssEventPipeline', + 'Disable-TssEventPipelinePolicy', 'Disable-TssSecretCheckout', + 'Disable-TssSecretEmail', 'Disable-TssUnlimitedAdmin', + 'Disable-TssUser', 'Enable-TssEventPipeline', + 'Enable-TssEventPipelinePolicy', 'Enable-TssSecretCheckout', + 'Enable-TssSecretEmail', 'Enable-TssUnlimitedAdmin', 'Enable-TssUser', + 'Export-TssAutoExportStorageItem', 'Export-TssReport', + 'Find-TssFolder', 'Find-TssGroup', 'Find-TssReport', 'Find-TssSecret', + 'Find-TssUser', 'Get-TssConfiguration', + 'Get-TssConfigurationAutoExport', 'Get-TssConfigurationBackup', + 'Get-TssConfigurationLocalUserPassword', + 'Get-TssConfigurationLogin', 'Get-TssConfigurationRpc', + 'Get-TssConfigurationSaml', 'Get-TssConfigurationSearchIndex', + 'Get-TssConfigurationSecurity', 'Get-TssConfigurationSiteConnector', + 'Get-TssDiagnostic', 'Get-TssDiagnosticBackgroundProcess', + 'Get-TssDiagnosticConnectivityReport', + 'Get-TssDirectoryServiceDomain', + 'Get-TssDirectoryServiceSyncStatus', 'Get-TssDiscoveryStatus', + 'Get-TssDistributedEngineConfiguration', + 'Get-TssDistributedEngineConnectorCredential', + 'Get-TssDistributedEngineDownload', + 'Get-TssDistributedEngineServerCapabilities', + 'Get-TssDistributedEngineSite', + 'Get-TssDistributedEngineSiteConnector', 'Get-TssEventPipeline', + 'Get-TssEventPipelinePolicy', 'Get-TssEventPipelinePolicyActivity', + 'Get-TssEventPipelineRun', 'Get-TssFolder', 'Get-TssFolderAudit', + 'Get-TssFolderPermission', 'Get-TssFolderState', 'Get-TssGroup', + 'Get-TssGroupMember', 'Get-TssGroupRole', 'Get-TssGroupUser', + 'Get-TssList', 'Get-TssListCategory', 'Get-TssListOption', + 'Get-TssMetadataField', 'Get-TssReport', 'Get-TssReportCategory', + 'Get-TssReportParameter', 'Get-TssReportSchedule', + 'Get-TssRpcAssociatedSecret', 'Get-TssRpcPasswordType', + 'Get-TssScript', 'Get-TssSecret', 'Get-TssSecretAccessRequest', + 'Get-TssSecretAccessRequestOption', + 'Get-TssSecretAccessRequestSecret', 'Get-TssSecretAttachment', + 'Get-TssSecretAudit', 'Get-TssSecretDependency', + 'Get-TssSecretDependencyGroup', 'Get-TssSecretDependencyRunStatus', + 'Get-TssSecretDependencyScript', 'Get-TssSecretDependencyStub', + 'Get-TssSecretDependencyTemplate', 'Get-TssSecretField', + 'Get-TssSecretHeartbeatStatus', 'Get-TssSecretHook', + 'Get-TssSecretHookStub', 'Get-TssSecretPasswordStatus', + 'Get-TssSecretPolicy', 'Get-TssSecretPolicyItemStub', + 'Get-TssSecretPolicyStub', 'Get-TssSecretSetting', + 'Get-TssSecretState', 'Get-TssSecretStub', 'Get-TssSecretSummary', + 'Get-TssSecretTemplate', 'Get-TssSecretTemplateFolder', + 'Get-TssSecretWebTemplate', 'Get-TssSite', 'Get-TssUser', + 'Get-TssUserAudit', 'Get-TssUserGroup', 'Get-TssUserOwner', + 'Get-TssUserRole', 'Get-TssUserRoleAssigned', 'Get-TssVersion', + 'Initialize-TssSdkClient', 'Invoke-TssReport', 'Invoke-TssRestApi', + 'Invoke-TssSecretGeneratePassword', 'Lock-TssUser', 'Move-TssFolder', + 'New-TssDirectoryService', 'New-TssDistributedEngineSite', + 'New-TssDistributedEngineSiteConnector', 'New-TssFolder', + 'New-TssFolderPermission', 'New-TssGroup', 'New-TssIpRestriction', + 'New-TssList', 'New-TssMetadataField', 'New-TssReport', + 'New-TssReportSchedule', 'New-TssScript', 'New-TssSecret', + 'New-TssSecretDependency', 'New-TssSecretDependencyGroup', + 'New-TssSecretHook', 'New-TssSecretPermission', 'New-TssSecretPolicy', + 'New-TssSecretTemplate', 'New-TssSecretTemplateField', + 'New-TssSession', 'New-TssUser', 'Open-TssSecret', + 'Register-TssDistributedEngine', 'Remove-TssDirectoryServiceGroup', + 'Remove-TssDistributedEngine', 'Remove-TssEventPipeline', + 'Remove-TssFolder', 'Remove-TssFolderPermission', + 'Remove-TssFolderTemplate', 'Remove-TssGroupMember', + 'Remove-TssIpRestriction', 'Remove-TssIpRestrictionGroup', + 'Remove-TssIpRestrictionUser', 'Remove-TssList', 'Remove-TssMetadata', + 'Remove-TssReport', 'Remove-TssReportCategory', + 'Remove-TssReportSchedule', 'Remove-TssSecret', + 'Remove-TssSecretDependency', 'Remove-TssSecretHook', + 'Remove-TssSecretPermission', 'Remove-TssUserPii', + 'Reset-TssUserPassword', 'Restore-TssSecret', 'Revoke-TssSecret', + 'Search-TssAutoExportStorage', 'Search-TssConfigurationAudit', + 'Search-TssConfigurationBackupLog', + 'Search-TssDirectoryServiceDomain', + 'Search-TssDirectoryServiceGroup', + 'Search-TssDirectoryServiceGroupMember', + 'Search-TssDistributedEngine', + 'Search-TssDistributedEngineConnector', + 'Search-TssDistributedEngineSite', 'Search-TssEventPipeline', + 'Search-TssEventPipelinePolicy', 'Search-TssFolder', + 'Search-TssFolderPermission', 'Search-TssGroup', + 'Search-TssIpRestriction', 'Search-TssIpRestrictionGroup', + 'Search-TssIpRestrictionUser', 'Search-TssList', 'Search-TssMetadata', + 'Search-TssMetadataHistory', 'Search-TssMetadataSection', + 'Search-TssReport', 'Search-TssReportSchedule', 'Search-TssRole', + 'Search-TssRpcPasswordType', 'Search-TssScript', 'Search-TssSecret', + 'Search-TssSecretAccessRequest', 'Search-TssSecretDependency', + 'Search-TssSecretHook', 'Search-TssSecretPermission', + 'Search-TssSecretPolicy', 'Search-TssSecretsByUrl', + 'Search-TssSecretTemplate', 'Search-TssServerNode', + 'Search-TssSystemLog', 'Search-TssUser', 'Search-TssWorkflowTemplate', + 'Set-TssConfigurationAutoExport', 'Set-TssConfigurationGeneral', + 'Set-TssConfigurationLocalUserPassword', + 'Set-TssConfigurationLogin', 'Set-TssConfigurationRpc', + 'Set-TssConfigurationSecurity', 'Set-TssDistributedEngine', + 'Set-TssDistributedEngineSite', + 'Set-TssDistributedEngineSiteConnector', 'Set-TssFolder', + 'Set-TssIpRestrictionGroup', 'Set-TssIpRestrictionUser', + 'Set-TssSecret', 'Set-TssSecretExpiration', 'Set-TssSecretField', + 'Set-TssSecretPolicy', 'Set-TssSecretRpcAssociated', + 'Set-TssSecretRpcPrivileged', 'Set-TssSecretSecurity', + 'Set-TssSecretTemplate', 'Show-TssCurrentUser', + 'Show-TssListCurrentUser', 'Start-TssConfigurationBackup', + 'Start-TssConfigurationSearchIndex', + 'Start-TssDirectoryServiceSync', 'Start-TssDiscovery', + 'Start-TssSecretChangePassword', 'Start-TssSecretDependency', + 'Start-TssSecretHeartbeat', 'Stop-TssSecretChangePassword', + 'Test-TssDistributedEngineCloudAccess', + 'Test-TssDistributedEngineSiteConnector', 'Test-TssFolderAction', + 'Test-TssSdkClient', 'Test-TssSecretAction', 'Test-TssSecretState', + 'Test-TssSession', 'Test-TssVersion', 'Unlock-TssUser', + 'Unregister-TssDistributedEngine', 'Update-TssDistributedEngine', + 'Update-TssFolder', 'Update-TssFolderPermission', + 'Update-TssGroupMember', 'Update-TssIpRestriction', 'Update-TssList', + 'Update-TssMetadataField', 'Update-TssMetadataSection', + 'Update-TssSecret', 'Update-TssSecretAccessRequest', + 'Update-TssSecretHook', 'Update-TssSecretPermission', + 'Update-TssSecretRdpLauncherSetting', + 'Update-TssSecretTemplateField', 'Update-TssServerNode', + 'Update-TssUser', 'Update-TssUserPassword', 'Write-TssSecretAccessRequestViewComment' # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. diff --git a/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj b/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj index d5d0fe73..4f8102e1 100644 --- a/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj +++ b/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj @@ -1,6 +1,6 @@ - netstandard2.0 + net7.0 false Thycotic.SecretServer Thycotic.SecretServer @@ -11,10 +11,8 @@ true - - - All - - + + + diff --git a/src/Thycotic.SecretServer/classes/authentication/Session.cs b/src/Thycotic.SecretServer/classes/authentication/Session.cs index d6261dfd..d8114b7d 100644 --- a/src/Thycotic.SecretServer/classes/authentication/Session.cs +++ b/src/Thycotic.SecretServer/classes/authentication/Session.cs @@ -6,7 +6,7 @@ using System.Management.Automation; using System.Management.Automation.Runspaces; using RestSharp; -using RestSharp.Serialization.Json; +using RestSharp.Serializers.Json; namespace Thycotic.PowerShell.Authentication { @@ -27,8 +27,8 @@ public class Session public bool IsValidSession() { - // check if string is null or empty - if (string.IsNullOrEmpty(this.AccessToken) & this.StartTime == default(DateTime)) + // check if string is null or empty + if (string.IsNullOrEmpty(this.AccessToken) & this.StartTime == default(DateTime)) { return false; } @@ -46,8 +46,8 @@ public bool IsValidSession() public bool IsValidToken() { - // check if AccessToken is empty or null - if (string.IsNullOrEmpty(this.AccessToken)) + // check if AccessToken is empty or null + if (string.IsNullOrEmpty(this.AccessToken)) { return false; } @@ -72,7 +72,7 @@ public bool IsValidToken() public bool CheckTokenTtl(int Value) { - if (this.TimeOfDeath <= DateTime.Now.AddMinutes(Value)) + if (this.TimeOfDeath <= DateTime.Now.AddMinutes(Value)) { return true; } @@ -84,14 +84,14 @@ public bool CheckTokenTtl(int Value) public bool SessionExpire() { - if (!this.TokenType.Equals("WindowsAuth") || !this.TokenType.Equals("SdkClient")) + if (!this.TokenType.Equals("WindowsAuth") || !this.TokenType.Equals("SdkClient")) { try { var sessionClient = new RestClient(this.ApiUrl + "/oauth-expiration"); - var sessionRequest = new RestRequest(Method.POST); + var sessionRequest = new RestRequest() { Method = Method.Post }; sessionRequest.AddHeader("Authorization", "Bearer " + this.AccessToken); - IRestResponse sessionResponse = sessionClient.Execute(sessionRequest); + RestResponse sessionResponse = sessionClient.Execute(sessionRequest); return true; } catch @@ -107,19 +107,19 @@ public bool SessionExpire() public bool SessionRefresh() { - try - { - var obj = Request.RefreshToken(this.SecretServer, this.RefreshToken, null); - JsonDeserializer deserial = new JsonDeserializer(); - var jsonObj = deserial.Deserialize(obj); - this.AccessToken = jsonObj.access_token; - this.RefreshToken = jsonObj.refresh_token; - this.ExpiresIn = jsonObj.expires_in; - this.TokenType = jsonObj.token_type; - this.StartTime = DateTime.Now; - this.TimeOfDeath = DateTime.Now.Add(TimeSpan.FromSeconds(jsonObj.expires_in)); - return true; - } + try + { + var obj = Request.RefreshToken(this.SecretServer, this.RefreshToken, null); + SystemTextJsonSerializer ds = new SystemTextJsonSerializer(); + var jsonObj = ds.Deserialize(obj); + this.AccessToken = jsonObj.access_token; + this.RefreshToken = jsonObj.refresh_token; + this.ExpiresIn = jsonObj.expires_in; + this.TokenType = jsonObj.token_type; + this.StartTime = DateTime.Now; + this.TimeOfDeath = DateTime.Now.Add(TimeSpan.FromSeconds(jsonObj.expires_in)); + return true; + } catch { return false; @@ -136,38 +136,42 @@ private class ApiTokenResponse } public class Request { - public static IRestResponse AccessToken(string SecretServerHost, string Username, string Password, string ProxyServer, int Timeout = 0) + public static RestResponse AccessToken(string SecretServerHost, string Username, string Password, string ProxyServer, int Timeout = 0) { - var client = new RestClient(SecretServerHost + "/oauth2/token"); - client.Timeout = Timeout; - if (string.IsNullOrEmpty(ProxyServer)) - { - client.Proxy = new WebProxy(ProxyServer); - } - var request = new RestRequest(Method.POST); - request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); - request.AddParameter("username", Username); - request.AddParameter("password", Password); - request.AddParameter("grant_type", "password"); - IRestResponse response = client.Execute(request); - return response; - } + var options = new RestClientOptions(SecretServerHost + "/oauth2/token"); + options.MaxTimeout = Timeout; - public static IRestResponse RefreshToken(string SecretServerHost, string TokenValue, string ProxyServer, int Timeout = 0) + if (string.IsNullOrEmpty(ProxyServer)) + { + options.Proxy = new WebProxy(ProxyServer); + } + var client = new RestClient(options); + var request = new RestRequest() { Method = Method.Post }; + request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); + request.AddParameter("username", Username); + request.AddParameter("password", Password); + request.AddParameter("grant_type", "password"); + RestResponse response = client.Execute(request); + return response; + } + + public static RestResponse RefreshToken(string SecretServerHost, string TokenValue, string ProxyServer, int Timeout = 0) { - var client = new RestClient(SecretServerHost + "/oauth2/token"); - client.Timeout = Timeout; - if (string.IsNullOrEmpty(ProxyServer)) - { - client.Proxy = new WebProxy(ProxyServer); - } - var request = new RestRequest(Method.POST); - request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); - request.AddParameter("refresh_token", TokenValue); - request.AddParameter("grant_type", "refresh_token"); - IRestResponse response = client.Execute(request); - return response; - } + var options = new RestClientOptions(SecretServerHost + "/oauth2/token"); + options.MaxTimeout = Timeout; + + if (string.IsNullOrEmpty(ProxyServer)) + { + options.Proxy = new WebProxy(ProxyServer); + } + var client = new RestClient(options); + var request = new RestRequest() { Method = Method.Post }; + request.AddHeader("Content-Type", "application/x-www-form-urlencoded"); + request.AddParameter("refresh_token", TokenValue); + request.AddParameter("grant_type", "refresh_token"); + RestResponse response = client.Execute(request); + return response; + } } } \ No newline at end of file diff --git a/src/Thycotic.SecretServer/cmdlets/private/InvokeTssApiCmdlet.cs b/src/Thycotic.SecretServer/cmdlets/private/InvokeTssApiCmdlet.cs index cc409cd2..d701c612 100644 --- a/src/Thycotic.SecretServer/cmdlets/private/InvokeTssApiCmdlet.cs +++ b/src/Thycotic.SecretServer/cmdlets/private/InvokeTssApiCmdlet.cs @@ -89,48 +89,48 @@ public class InvokeTssApiCmdlet : PSCmdlet protected override void ProcessRecord() { - Uri requestUri = new Uri(Uri); - var apiClient = new RestClient(); - apiClient.BaseUrl = requestUri; - apiClient.Timeout = Timeout; + var options = new RestClientOptions(); + Uri requestUri = new Uri(Uri); + options.BaseUrl = requestUri; + options.MaxTimeout = Timeout; - if (MyInvocation.BoundParameters.ContainsKey("Proxy")) + if (MyInvocation.BoundParameters.ContainsKey("Proxy")) { - apiClient.Proxy = new WebProxy(Proxy); + options.Proxy = new WebProxy(Proxy); if (ProxyUseDefaultCredentials.IsPresent) { - apiClient.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials; + options.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials; } if (MyInvocation.BoundParameters.ContainsKey("ProxyCredential")) { - apiClient.Proxy.Credentials = new NetworkCredential(ProxyCredential.UserName, ProxyCredential.Password); + options.Proxy.Credentials = new NetworkCredential(ProxyCredential.UserName, ProxyCredential.Password); } } - var apiRequest = new RestRequest(Method); - apiRequest.AddHeader("Content-Type", ContentType); + var apiRequest = new RestRequest() { Method = Method }; + apiRequest.AddHeader("Content-Type", ContentType); if (MyInvocation.BoundParameters.ContainsKey("AccessToken")) { apiRequest.AddHeader("Authorization", "Bearer " + AccessToken); } if (MyInvocation.BoundParameters.ContainsKey("UseDefaultCredential")) { - apiRequest.UseDefaultCredentials = true; - } + options.UseDefaultCredentials = true; + } if (MyInvocation.BoundParameters.ContainsKey("Body")) { apiRequest.AddParameter(ContentType, Body, ParameterType.RequestBody); } - - if (!String.IsNullOrEmpty(OutFile)) + var apiClient = new RestClient(options); + if (!String.IsNullOrEmpty(OutFile)) { // stream file content out - IRestResponse apiResponse = apiClient.Execute(apiRequest); + RestResponse apiResponse = apiClient.Execute(apiRequest); File.WriteAllBytes(OutFile, apiResponse.RawBytes); } else { - IRestResponse apiResponse = apiClient.Execute(apiRequest); + RestResponse apiResponse = apiClient.Execute(apiRequest); WriteObject(apiResponse); } } diff --git a/src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs b/src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs index 9f158e04..beb9a3b7 100644 --- a/src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs +++ b/src/Thycotic.SecretServer/cmdlets/private/NewTssApiToken.cs @@ -44,32 +44,33 @@ public class NameCmdlet : PSCmdlet protected override void ProcessRecord() { - Uri requestUri = new Uri(Uri); - var apiClient = new RestClient(); - apiClient.BaseUrl = requestUri; - apiClient.Timeout = Timeout; + var options = new RestClientOptions(); + Uri requestUri = new Uri(Uri); + options.BaseUrl = requestUri; + options.MaxTimeout = Timeout; - WriteVerbose("Base URL set to: " + requestUri); + WriteVerbose("Base URL set to: " + requestUri); WriteVerbose("Request timeout set to : " + Timeout); if (MyInvocation.BoundParameters.ContainsKey("Proxy")) { - apiClient.Proxy = new WebProxy(Proxy); + options.Proxy = new WebProxy(Proxy); WriteVerbose("Configuring Proxy for request"); if (ProxyUseDefaultCredentials.IsPresent) { - apiClient.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials; + options.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials; WriteVerbose("Default Credentials being used for Proxy"); } if (MyInvocation.BoundParameters.ContainsKey("ProxyCredential")) { - apiClient.Proxy.Credentials = new NetworkCredential(ProxyCredential.UserName, ProxyCredential.Password); + options.Proxy.Credentials = new NetworkCredential(ProxyCredential.UserName, ProxyCredential.Password); WriteVerbose("Proxy credential username being set to: " + ProxyCredential.UserName); } } - var apiRequest = new RestRequest(Method.POST); - apiRequest.AddHeader("Content-Type", "application/x-www-form-urlencoded"); + var apiClient = new RestClient(options); + var apiRequest = new RestRequest() { Method = Method.Post }; + apiRequest.AddHeader("Content-Type", "application/x-www-form-urlencoded"); if (MyInvocation.BoundParameters.ContainsKey("OtpCode")) { @@ -82,8 +83,8 @@ protected override void ProcessRecord() apiRequest.AddParameter("password", Password); apiRequest.AddParameter("grant_type", "password"); - WriteVerbose("Performing the operation " + apiRequest.Method + " " + apiClient.BaseUrl); - IRestResponse apiResponse = apiClient.Execute(apiRequest); + WriteVerbose("Performing the operation " + apiRequest.Method + " " + options.BaseUrl); + RestResponse apiResponse = apiClient.Execute(apiRequest); WriteObject(apiResponse); } } From 8e4e4306c8ec0c90895c5577f493d85fe846a1ef Mon Sep 17 00:00:00 2001 From: Gaurav Agrawal Date: Mon, 19 Jun 2023 23:59:24 -0400 Subject: [PATCH 2/2] Upgraded the project to .Net 6 --- src/Thycotic.SecretServer.psd1 | 2 +- src/Thycotic.SecretServer/Thycotic.SecretServer.csproj | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Thycotic.SecretServer.psd1 b/src/Thycotic.SecretServer.psd1 index b8e32f20..8bb26244 100644 --- a/src/Thycotic.SecretServer.psd1 +++ b/src/Thycotic.SecretServer.psd1 @@ -33,7 +33,7 @@ Copyright = '(c) Delinea Professional Services. All rights reserved.' Description = 'Interact with the Secret Server REST API' # Minimum version of the PowerShell engine required by this module -PowerShellVersion = '7.3.4' +PowerShellVersion = '7.2.11' # Name of the PowerShell host required by this module # PowerShellHostName = '' diff --git a/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj b/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj index 4f8102e1..e9b09e2d 100644 --- a/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj +++ b/src/Thycotic.SecretServer/Thycotic.SecretServer.csproj @@ -1,6 +1,6 @@ - net7.0 + net6.0 false Thycotic.SecretServer Thycotic.SecretServer @@ -13,6 +13,6 @@ - +