protected override void EndProcessing()
{
if (!Force && !ShouldProcess(
target: "SecretStore module local store",
action: "Erase all secrets in the local store and reset the configuration settings to default values"))
{
return;
}
var defaultConfigData = SecureStoreConfig.GetDefault();
var newConfigData = new SecureStoreConfig(
scope: MyInvocation.BoundParameters.ContainsKey(nameof(Scope)) ? Scope : defaultConfigData.Scope,
passwordRequired: MyInvocation.BoundParameters.ContainsKey(nameof(PasswordRequired)) ? (bool)PasswordRequired : defaultConfigData.PasswordRequired,
passwordTimeout: MyInvocation.BoundParameters.ContainsKey(nameof(PasswordTimeout)) ? PasswordTimeout : defaultConfigData.PasswordTimeout,
doNotPrompt: MyInvocation.BoundParameters.ContainsKey(nameof(DoNotPrompt)) ? (bool)DoNotPrompt : defaultConfigData.DoNotPrompt);
if (!SecureStoreFile.RemoveStoreFile(out string errorMsg))
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSInvalidOperationException(errorMsg),
errorId: "ResetSecretStoreCannotRemoveStoreFile",
errorCategory: ErrorCategory.InvalidOperation,
targetObject: this));
}
if (!SecureStoreFile.WriteConfigFile(
configData: newConfigData,
out errorMsg))
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSInvalidOperationException(errorMsg),
errorId: "ResetSecretStoreCannotWriteConfigFile",
errorCategory: ErrorCategory.InvalidOperation,
targetObject: this));
}
LocalSecretStore.Reset();
WriteObject(newConfigData);
}
protected override void EndProcessing()
{
bool yesToAll = false;
bool noToAll = false;
if (!Force && !ShouldContinue(
query: "Are you sure you want to erase all secrets in SecretStore and reset configuration settings to default?",
caption: "Reset SecretStore",
hasSecurityImpact: true,
ref yesToAll,
ref noToAll))
{
return;
}
var defaultConfigData = SecureStoreConfig.GetDefault();
var interaction = MyInvocation.BoundParameters.ContainsKey(nameof(Interaction)) ? Interaction : defaultConfigData.Interaction;
var newConfigData = new SecureStoreConfig(
scope: MyInvocation.BoundParameters.ContainsKey(nameof(Scope)) ? Scope : defaultConfigData.Scope,
authentication: MyInvocation.BoundParameters.ContainsKey(nameof(Authentication)) ? Authentication : defaultConfigData.Authentication,
passwordTimeout: MyInvocation.BoundParameters.ContainsKey(nameof(PasswordTimeout)) ? PasswordTimeout : defaultConfigData.PasswordTimeout,
interaction: interaction);
if (!SecureStoreFile.RemoveStoreFile(out string errorMsg))
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSInvalidOperationException(errorMsg),
errorId: "ResetSecretStoreCannotRemoveStoreFile",
errorCategory: ErrorCategory.InvalidOperation,
targetObject: this));
}
if (!SecureStoreFile.WriteConfigFile(
configData: newConfigData,
out errorMsg))
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSInvalidOperationException(errorMsg),
errorId: "ResetSecretStoreCannotWriteConfigFile",
errorCategory: ErrorCategory.InvalidOperation,
targetObject: this));
}
LocalSecretStore.Reset();
if (Password != null)
{
var password = Utils.CheckPassword(Password);
LocalSecretStore.GetInstance(
password: password).UnlockLocalStore(
password: password,
passwordTimeout: MyInvocation.BoundParameters.ContainsKey(nameof(PasswordTimeout)) ?
(int?)PasswordTimeout : null);
}
else if (interaction == Microsoft.PowerShell.SecretStore.Interaction.Prompt)
{
// Invoke the password prompt.
LocalSecretStore.GetInstance(cmdlet: this);
}
if (PassThru.IsPresent)
{
WriteObject(newConfigData);
}
}
protected override void EndProcessing()
{
if (Scope == SecureStoreScope.AllUsers)
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSNotSupportedException("AllUsers scope is not yet supported."),
errorId: "SecretStoreConfigurationNotSupported",
errorCategory: ErrorCategory.NotEnabled,
this));
}
var password = Utils.CheckPassword(Password);
var passwordRequired = LocalSecretStore.PasswordRequired;
if (passwordRequired == SecureStoreFile.PasswordConfiguration.Required &&
Authentication == Authenticate.Password &&
SecureStoreFile.StoreFileExists() &&
password != null)
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSNotSupportedException("The Microsoft.PowerShell.SecretStore is already configured to require a password, and a new password cannot be added.\nUse the Set-SecretStorePassword cmdlet to change an existing password."),
errorId: "SecretStoreInvalidConfiguration",
errorCategory: ErrorCategory.NotEnabled,
this));
}
if (!ShouldProcess(
target: "SecretStore module local store",
action: "Changes local store configuration"))
{
return;
}
var oldConfigData = LocalSecretStore.GetInstance(
password: passwordRequired == SecureStoreFile.PasswordConfiguration.NotRequired ? null : password,
cmdlet: this).Configuration;
SecureStoreConfig newConfigData;
if (ParameterSetName == ParameterSet)
{
newConfigData = new SecureStoreConfig(
scope: MyInvocation.BoundParameters.ContainsKey(nameof(Scope)) ? Scope : oldConfigData.Scope,
authentication: MyInvocation.BoundParameters.ContainsKey(nameof(Authentication)) ? Authentication : oldConfigData.Authentication,
passwordTimeout: MyInvocation.BoundParameters.ContainsKey(nameof(PasswordTimeout)) ? PasswordTimeout : oldConfigData.PasswordTimeout,
interaction: MyInvocation.BoundParameters.ContainsKey(nameof(Interaction)) ? Interaction : oldConfigData.Interaction);
}
else
{
newConfigData = SecureStoreConfig.GetDefault();
}
if (!LocalSecretStore.GetInstance(cmdlet: this).UpdateConfiguration(
newConfigData: newConfigData,
password: password,
cmdlet: this,
out string errorMsg))
{
ThrowTerminatingError(
new ErrorRecord(
exception: new PSInvalidOperationException(errorMsg),
errorId: "SecretStoreConfigurationUpdateFailed",
errorCategory: ErrorCategory.InvalidOperation,
this));
}
if (PassThru.IsPresent)
{
WriteObject(newConfigData);
}
}
