#1234 : Added support of shared secret to file commands.

Author: michaellwest

Modules/Remoting Tests - Download with RemoteScriptCall.Tests.ps1

@@ -14,7 +14,9 @@ Describe "Download with RemoteScriptCall" {
         }
         New-Item -Path $destinationMediaPath -ItemType Directory | Out-Null
 
-        $session = New-ScriptSession -Username "sitecore\admin" -Password "b" -ConnectionUri $protocolHost
+        $sharedSecret = '7AF6F59C14A05786E97012F054D1FB98AC756A2E54E5C9ACBAEE147D9ED0E0DB'
+        #$session = New-ScriptSession -Username "sitecore\admin" -Password "b" -ConnectionUri $protocolHost
+        $session = New-ScriptSession -Username "sitecore\admin" -SharedSecret $sharedSecret -ConnectionUri $protocolHost
     }
     AfterEach {
         Stop-ScriptSession -Session $session

Modules/Remoting Tests - Upload with RemoteScriptCall.Tests.ps1

@@ -11,7 +11,9 @@ if(!$protocolHost){
 
 Describe "Upload with RemoteScriptCall" {
     BeforeEach {
-        $session = New-ScriptSession -Username "sitecore\admin" -Password "b" -ConnectionUri $protocolHost
+        $sharedSecret = '7AF6F59C14A05786E97012F054D1FB98AC756A2E54E5C9ACBAEE147D9ED0E0DB'
+        #$session = New-ScriptSession -Username "sitecore\admin" -Password "b" -ConnectionUri $protocolHost
+        $session = New-ScriptSession -Username "sitecore\admin" -SharedSecret $sharedSecret -ConnectionUri $protocolHost
         $localFilePath = Join-Path -Path $PSScriptRoot -ChildPath "spe-test"
     }
     AfterEach {

Modules/SPE/Receive-RemoteItem.ps1

@@ -136,6 +136,7 @@ function Receive-RemoteItem {
         if($Session) {
             $Username = $Session.Username
             $Password = $Session.Password
+            $SharedSecret = $Session.SharedSecret
             $Credential = $Session.Credential
             $UseDefaultCredentials = $Session.UseDefaultCredentials
             $ConnectionUri = $Session | ForEach-Object { $_.Connection.BaseUri }
@@ -164,9 +165,15 @@ function Receive-RemoteItem {
             $handler = New-Object System.Net.Http.HttpClientHandler
             $handler.AutomaticDecompression = [System.Net.DecompressionMethods]::GZip -bor [System.Net.DecompressionMethods]::Deflate
             $client = New-Object -TypeName System.Net.Http.Httpclient $handler
-            $authBytes = [System.Text.Encoding]::GetEncoding("iso-8859-1").GetBytes("$($Username):$($Password)")
-            $client.DefaultRequestHeaders.Authorization = New-Object System.Net.Http.Headers.AuthenticationHeaderValue("Basic", [System.Convert]::ToBase64String($authBytes))
-          
+
+            if(![string]::IsNullOrEmpty($SharedSecret)) {
+                $token = New-Jwt -Algorithm 'HS256' -Issuer 'SPE Remoting' -Audience ($uri.GetLeftPart([System.UriPartial]::Authority)) -Name $Username -SecretKey $SharedSecret -ValidforSeconds 30
+                $client.DefaultRequestHeaders.Authorization = New-Object System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", $token)
+            } else {
+                $authBytes = [System.Text.Encoding]::GetEncoding("iso-8859-1").GetBytes("$($Username):$($Password)")
+                $client.DefaultRequestHeaders.Authorization = New-Object System.Net.Http.Headers.AuthenticationHeaderValue("Basic", [System.Convert]::ToBase64String($authBytes))
+            }
+                      
             if($Credential) {
                 $handler.Credentials = $Credential
             }

Modules/SPE/SPE.psd1

@@ -11,7 +11,7 @@
     RootModule = '.\SPE.psm1'
 
     # Version number of this module.
-    ModuleVersion = '6.2.0'
+    ModuleVersion = '6.3.0'
 
     # ID used to uniquely identify this module
     GUID = 'cf8d3b69-b293-4d8b-9974-e1ab80509724'
@@ -23,7 +23,7 @@
     CompanyName = 'Sitecore PowerShell Extensions'
 
     # Copyright statement for this module
-    Copyright = '(c) 2010-2020 Adam Najmanowicz, Michael West. All rights Reserved.'
+    Copyright = '(c) 2010-2021 Adam Najmanowicz, Michael West. All rights Reserved.'
 
     # Description of the functionality provided by this module
     Description = 'The SPE Remoting module provides remote connectivity to a Sitecore instance. The Sitecore PowerShell Extensions (SPE) module must be installed and configured to accept remoting connections.'

Modules/SPE/Send-RemoteItem.ps1

@@ -142,6 +142,7 @@ function Send-RemoteItem {
         if($Session) {
             $Username = $Session.Username
             $Password = $Session.Password
+            $SharedSecret = $Session.SharedSecret
             $Credential = $Session.Credential
             $UseDefaultCredentials = $Session.UseDefaultCredentials
             $ConnectionUri = $Session | ForEach-Object { $_.Connection.BaseUri }
@@ -172,8 +173,14 @@ function Send-RemoteItem {
             $handler = New-Object System.Net.Http.HttpClientHandler
             $handler.AutomaticDecompression = [System.Net.DecompressionMethods]::GZip -bor [System.Net.DecompressionMethods]::Deflate
             $client = New-Object -TypeName System.Net.Http.Httpclient $handler
-            $authBytes = [System.Text.Encoding]::GetEncoding("iso-8859-1").GetBytes("$($Username):$($Password)")
-            $client.DefaultRequestHeaders.Authorization = New-Object System.Net.Http.Headers.AuthenticationHeaderValue("Basic", [System.Convert]::ToBase64String($authBytes))
+            
+            if(![string]::IsNullOrEmpty($SharedSecret)) {
+                $token = New-Jwt -Algorithm 'HS256' -Issuer 'SPE Remoting' -Audience ($uri.GetLeftPart([System.UriPartial]::Authority)) -Name $Username -SecretKey $SharedSecret -ValidforSeconds 30
+                $client.DefaultRequestHeaders.Authorization = New-Object System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", $token)
+            } else {
+                $authBytes = [System.Text.Encoding]::GetEncoding("iso-8859-1").GetBytes("$($Username):$($Password)")
+                $client.DefaultRequestHeaders.Authorization = New-Object System.Net.Http.Headers.AuthenticationHeaderValue("Basic", [System.Convert]::ToBase64String($authBytes))
+            }
 
             if($Credential) {
                 $client.Credentials = $Credential