Login with One-time password for Two-factor authentication

Corsinvest · Sep 8, 2023 · 52311ee · 52311ee
1 parent e4b0e6f
commit 52311ee
Show file tree

Hide file tree

Showing 6 changed files with 691 additions and 681 deletions.
diff --git a/3rd-party-licenses.md b/3rd-party-licenses.md
@@ -1,6 +1,6 @@
 # License overview of included 3rd party libraries
 
-The project is licensed under the terms of the [LICENSE.md](LICENSE.md)
+The project is licensed under the terms of the [LICENSE](LICENSE)
 
 However, includes several third-party Open-Source libraries, which are licensed under their own respective Open-Source licenses.
 

diff --git a/Corsinvest.ProxmoxVE.Api/Corsinvest.ProxmoxVE.Api.psd1 b/Corsinvest.ProxmoxVE.Api/Corsinvest.ProxmoxVE.Api.psd1
@@ -3,7 +3,7 @@
 #
 # Generated by: Daniele Corsini
 #
-# Generated on: 26/08/2023
+# Generated on: 08/09/2023
 #
 
 @{
@@ -12,7 +12,7 @@
 RootModule = 'Corsinvest.ProxmoxVE.Api.psm1'
 
 # Version number of this module.
-ModuleVersion = '8.0.1'
+ModuleVersion = '8.0.2'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

diff --git a/Corsinvest.ProxmoxVE.Api/Corsinvest.ProxmoxVE.Api.psm1 b/Corsinvest.ProxmoxVE.Api/Corsinvest.ProxmoxVE.Api.psm1
@@ -62,6 +62,8 @@ Skips certificate validation checks.
 Username and password, username formatted as user@pam, user@pve, user@yourdomain or user (default domain pam).
 .PARAMETER ApiToken
 Api Token format USER@REALM!TOKENID=UUID
+.PARAMETER Otp
+One-time password for Two-factor authentication.
 .PARAMETER SkipRefreshPveTicketLast
 Skip refresh PveTicket Last global variable
 .EXAMPLE
@@ -79,6 +81,8 @@ PveTicket. Return ticket connection.
 
         [string]$ApiToken,
 
+        [string]$Otp,
+
         [switch]$SkipCertificateCheck,
 
         [switch]$SkipRefreshPveTicketLast
@@ -127,13 +131,19 @@ PveTicket. Return ticket connection.
                 password = $Credentials.GetNetworkCredential().Password
             }
 
+            if($PSBoundParameters['Otp']) { $parameters['otp'] = $Otp }
+
             $response = Invoke-PveRestApi -PveTicket $pveTicket -Method Create -Resource '/access/ticket' -Parameters $parameters
 
             #erro response
             if (!$response.IsSuccessStatusCode -or $response.StatusCode -le 0) {
                 throw $response.ReasonPhrase
             }
 
+            if ($response.Response.data.NeedTFA){
+                throw "Couldn't authenticate user: missing Two Factor Authentication (TFA)"
+            }
+
             $pveTicket.Ticket = $response.Response.data.ticket
             $pveTicket.CSRFPreventionToken = $response.Response.data.CSRFPreventionToken
         }