Skip to content

Commit 6822e4b

Browse files
KelvinTegelaarKelvinTegelaar
authored
Merge pull request KelvinTegelaar#1184 from kris6673/per-user-mfa-entrypoint
Add Per User MFA endpoint and improve null comparisons
2 parents b3ef641 + 9784888 commit 6822e4b

File tree

2 files changed

+52
-2
lines changed

2 files changed

+52
-2
lines changed

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListPerUserMFA.ps1

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
using namespace System.Net
2+
3+
function Invoke-ListPerUserMFA {
4+
<#
5+
.FUNCTIONALITY
6+
Entrypoint
7+
.ROLE
8+
Identity.User.Read
9+
#>
10+
[CmdletBinding()]
11+
param($Request, $TriggerMetadata)
12+
13+
$APIName = $TriggerMetadata.FunctionName
14+
$User = $request.headers.'x-ms-client-principal'
15+
Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
16+
17+
# Write to the Azure Functions log stream.
18+
Write-Host 'PowerShell HTTP trigger function processed a request.'
19+
20+
# Parse query parameters
21+
$Tenant = $Request.query.tenantFilter
22+
try {
23+
$AllUsers = [System.Convert]::ToBoolean($Request.query.allUsers)
24+
} catch {
25+
$AllUsers = $false
26+
}
27+
$UserId = $Request.query.userId
28+
29+
# Get the MFA state for the user/all users
30+
try {
31+
if ($AllUsers -eq $true) {
32+
$Results = Get-CIPPPerUserMFA -TenantFilter $Tenant -AllUsers $true
33+
} else {
34+
$Results = Get-CIPPPerUserMFA -TenantFilter $Tenant -userId $UserId
35+
}
36+
$StatusCode = [HttpStatusCode]::OK
37+
} catch {
38+
$ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
39+
$Results = "Failed to get MFA State for $UserId : $ErrorMessage"
40+
$StatusCode = [HttpStatusCode]::Forbidden
41+
}
42+
43+
# Associate values to output bindings by calling 'Push-OutputBinding'.
44+
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
45+
StatusCode = $StatusCode
46+
Body = @($Results)
47+
})
48+
49+
50+
}

Modules/CIPPCore/Public/Get-CIPPMFAState.ps1

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -92,9 +92,9 @@ function Get-CIPPMFAState {
9292
}
9393
}
9494

95-
$PerUser = if ($PerUserMFAState -eq $null) { $null } else { ($PerUserMFAState | Where-Object -Property UserPrincipalName -EQ $_.UserPrincipalName).PerUserMFAState }
95+
$PerUser = if ($null -eq $PerUserMFAState) { $null } else { ($PerUserMFAState | Where-Object -Property UserPrincipalName -EQ $_.UserPrincipalName).PerUserMFAState }
9696

97-
$MFARegUser = if (($MFARegistration | Where-Object -Property UserPrincipalName -EQ $_.userPrincipalName).isMFARegistered -eq $null) { $false } else { ($MFARegistration | Where-Object -Property UserPrincipalName -EQ $_.userPrincipalName) }
97+
$MFARegUser = if ($null -eq ($MFARegistration | Where-Object -Property UserPrincipalName -EQ $_.userPrincipalName).isMFARegistered) { $false } else { ($MFARegistration | Where-Object -Property UserPrincipalName -EQ $_.userPrincipalName) }
9898

9999
[PSCustomObject]@{
100100
Tenant = $TenantFilter

0 commit comments

Comments
 (0)