| | | 1 | | <# |
| | | 2 | | .SYNOPSIS |
| | | 3 | | Adds Windows authentication to the Kestrun server. |
| | | 4 | | .DESCRIPTION |
| | | 5 | | Configures the Kestrun server to use Windows authentication for incoming requests. |
| | | 6 | | This allows the server to authenticate users based on their Windows credentials. |
| | | 7 | | This enables the server to use Kerberos or NTLM for authentication. |
| | | 8 | | .PARAMETER Server |
| | | 9 | | The Kestrun server instance to configure. |
| | | 10 | | If not specified, the current server instance is used. |
| | | 11 | | .PARAMETER AuthenticationScheme |
| | | 12 | | The name of the Windows authentication scheme (default is 'Negotiate'). |
| | | 13 | | .PARAMETER DisplayName |
| | | 14 | | The display name for the authentication scheme. |
| | | 15 | | .PARAMETER Description |
| | | 16 | | A description of the Windows authentication scheme. |
| | | 17 | | .PARAMETER Deprecated |
| | | 18 | | If specified, marks the authentication scheme as deprecated in OpenAPI documentation. |
| | | 19 | | .PARAMETER Options |
| | | 20 | | The Windows authentication options to configure. |
| | | 21 | | If not specified, default options are used. |
| | | 22 | | .PARAMETER PassThru |
| | | 23 | | If specified, returns the modified server instance after adding the authentication. |
| | | 24 | | .EXAMPLE |
| | | 25 | | Add-KrWindowsAuthentication -Server $myServer -PassThru |
| | | 26 | | This example adds Windows authentication to the specified Kestrun server instance and returns the modified insta |
| | | 27 | | .LINK |
| | | 28 | | https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.authentication.windowsauthentication?view=aspn |
| | | 29 | | .NOTES |
| | | 30 | | This cmdlet is used to configure Windows authentication for the Kestrun server, allowing you to secure your APIs |
| | | 31 | | #> |
| | | 32 | | function Add-KrWindowsAuthentication { |
| | | 33 | | [KestrunRuntimeApi('Definition')] |
| | | 34 | | [CmdletBinding(defaultParameterSetName = 'ItemsScriptBlock')] |
| | | 35 | | [OutputType([Kestrun.Hosting.KestrunHost])] |
| | | 36 | | param( |
| | | 37 | | [Parameter(Mandatory = $false, ValueFromPipeline)] |
| | | 38 | | [Kestrun.Hosting.KestrunHost]$Server, |
| | | 39 | | |
| | | 40 | | [Parameter(Mandatory = $false)] |
| | | 41 | | [string]$AuthenticationScheme = [Kestrun.Authentication.AuthenticationDefaults]::WindowsSchemeName, |
| | | 42 | | |
| | | 43 | | [Parameter()] |
| | | 44 | | [string]$DisplayName = [Kestrun.Authentication.AuthenticationDefaults]::WindowsDisplayName, |
| | | 45 | | |
| | | 46 | | [Parameter(Mandatory = $false)] |
| | | 47 | | [string]$Description, |
| | | 48 | | |
| | | 49 | | [Parameter(Mandatory = $false)] |
| | | 50 | | [switch]$Deprecated, |
| | | 51 | | |
| | | 52 | | [Parameter(Mandatory = $false)] |
| | | 53 | | [Kestrun.Authentication.WindowsAuthOptions]$Options, |
| | | 54 | | |
| | | 55 | | [Parameter()] |
| | | 56 | | [switch]$PassThru |
| | | 57 | | ) |
| | | 58 | | begin { |
| | | 59 | | # Ensure the server instance is resolved |
| | 0 | 60 | | $Server = Resolve-KestrunServer -Server $Server |
| | | 61 | | } |
| | | 62 | | process { |
| | 0 | 63 | | if ( $null -eq $Options ) { |
| | | 64 | | # Build options from individual parameters if not provided |
| | 0 | 65 | | $Options = [Kestrun.Authentication.WindowsAuthOptions]::new() |
| | | 66 | | } |
| | | 67 | | |
| | 0 | 68 | | if ($Description) { $Options.Description = $Description } |
| | | 69 | | |
| | | 70 | | # Set the Deprecated option |
| | 0 | 71 | | $Options.Deprecated = $Deprecated.IsPresent |
| | | 72 | | |
| | | 73 | | # Add Windows authentication to the server instance --- |
| | 0 | 74 | | [Kestrun.Hosting.KestrunHostAuthnExtensions]::AddWindowsAuthentication($Server, $AuthenticationScheme, $DisplayN |
| | 0 | 75 | | if ($PassThru.IsPresent) { |
| | | 76 | | # if the PassThru switch is specified, return the modified server instance |
| | 0 | 77 | | return $Server |
| | | 78 | | } |
| | | 79 | | } |
| | | 80 | | } |
| | | 81 | | |