Extended script with app Registration certificates

2025-02-17 18:08:50 +01:00
parent 81504cde36
commit 503041fa0b
1 changed files with 65 additions and 6 deletions
--- a/Azure/Azure-App-Expiration.ps1
+++ b/Azure/Azure-App-Expiration.ps1
@@ -26,7 +26,7 @@

 #region Global script settings and variables
    #General    
-    $Version = "v1.0"
+    $Version = "v1.1"
    $logfilelocation = "$($MyInvocation.MyCommand.Path | Split-Path -Parent)\Logs"
    $logfilename = "$(Get-Date -Format yyyyMMddHHmmss)-Azure-App-Expiration-Report.log"
    $summaryfilename = "$(Get-Date -Format yyyyMMddHHmmss)-Azure-App-Expiration-Summary.txt"
@@ -123,10 +123,10 @@
 #endregion

 #region execute script
-    #Collect all app information
-    $AzureADApps = Get-MgApplication | Sort-Object DisplayName
-    $AppCertificateDetails = @() #Initiate the array to store the collected information
+    #Collect all app Registration information
+    $AzureADApps = Get-MgApplication -all | Sort-Object DisplayName
    $AppClientSecretsDetails = @() #Initiate the array to store the collected information
+    $AppCertificateDetails = @() #Initiate the array to store the collected information

    foreach ($App in $AzureADApps) {
        #Script should be extended to also include Certificates, preparations are already made.         
@@ -151,6 +151,27 @@
                }
            }
        }
+        #Collect Client Secret details if available
+        if ($null -ne $App.KeyCredentials) {
+            foreach ($KeyCredential in $App.KeyCredentials) {
+                #Calculate remaining days
+                $RemainingDays = New-TimeSpan -Start $(Get-Date) -End $KeyCredential.EndDateTime
+                $DaysRemaining = $RemainingDays.Days
+                switch ($DaysRemaining) {
+                    {$_ -le '0'} {$CalculatedStatus = "ERROR"}
+                    {$_ -le $WarningDays} {$CalculatedStatus = "WARNING"}
+                    Default {$CalculatedStatus = "OK"}
+                }
+
+                $AppCertificateDetails += [PSCustomObject]@{
+                    AppDisplayName = $App.DisplayName
+                    CertificateName = $KeyCredential.Displayname
+                    Enddate = $KeyCredential.EndDateTime
+                    DaysRemaining = $DaysRemaining
+                    Status = $CalculatedStatus
+                }
+            }
+        }
    }
 #endregion

@@ -183,7 +204,7 @@ $htmlReport = @"
        Script version: $Version <br/></p>
 "@
    if ("" -ne $AppClientSecretsDetails) { $htmlReport += @"
-        <h2>Application Secrets Overview</h2>
+        <h2>App Registration Secrets Overview</h2>
        <table border='1'>
            <tr>
                <th>App DisplayName</th>
@@ -195,7 +216,6 @@ $htmlReport = @"
 "@
        foreach ($AppClientSecretsDetail in $AppClientSecretsDetails) {
        $htmlReport += @"
-        
        <tr>
            <td>$($AppClientSecretsDetail.AppDisplayName)</td>
            <td>$($AppClientSecretsDetail.SecretName)</td>
@@ -207,6 +227,34 @@ $htmlReport = @"
                default {"<td>$($AppClientSecretsDetail.Status)</td>"}
            } )
        </tr>
+"@
+        }
+    $htmlReport += "</table>"
+    }
+    if ("" -ne $AppCertificateDetails) { $htmlReport += @"
+        <h2>App Registration Certificates Overview</h2>
+        <table border='1'>
+            <tr>
+                <th>App DisplayName</th>
+                <th>Certificate Name</th>
+                <th>Enddate</th>
+                <th>Days Remaining</th>
+                <th>Status</th>
+            </tr>
+"@
+        foreach ($AppCertificateDetail in $AppCertificateDetails) {
+        $htmlReport += @"
+        <tr>
+            <td>$($AppCertificateDetail.AppDisplayName)</td>
+            <td>$($AppCertificateDetail.CertificateName)</td>
+            <td>$($AppCertificateDetail.Enddate)</td>
+            <td>$($AppCertificateDetail.DaysRemaining)</td>
+            $(switch ($AppCertificateDetail.Status) {
+                'ERROR' {"<td bgcolor='red'>$($AppCertificateDetail.Status)</td>"}
+                'WARNING' {"<td bgcolor='Yellow'>$($AppCertificateDetail.Status)</td>"}
+                default {"<td>$($AppCertificateDetail.Status)</td>"}
+            } )
+        </tr>
 "@
        }
    $htmlReport += "</table>"
@@ -250,5 +298,16 @@ $htmlReport = @"
            Write-Summary "Status:          $($AppClientSecretsDetail.Status)"
        }
    }
+    if ("" -ne $AppCertificateDetails) {
+        Write-Summary "App Client Secrets"
+        foreach ($AppCertificateDetail in $AppCertificateDetails) {
+            Write-Summary "******************" 
+            Write-Summary "App DisplayName: $($AppCertificateDetail.AppDisplayName)"
+            Write-Summary "Certificate Name:     $($AppCertificateDetail.CertificateName)"
+            Write-Summary "Enddate:         $($AppCertificateDetail.Enddate)"
+            Write-Summary "Days Remaining:  $($AppCertificateDetail.DaysRemaining)"
+            Write-Summary "Status:          $($AppCertificateDetail.Status)"
+        }
+    }
    Write-Summary "---------------------------"
 #endregion