Command line options now take priority over config file settings if

config file is being used.  Allows reuse of config file with modications
on command line.  Authentication paramters are supported.

PowerShell/ScubaGear/Modules/Orchestrator.psm1

@@ -110,29 +110,34 @@ function Invoke-SCuBA {
     #>
     [CmdletBinding(DefaultParameterSetName='Report')]
     param (
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [ValidateSet("teams", "exo", "defender", "aad", "powerplatform", "sharepoint", '*', IgnoreCase = $false)]
         [string[]]
         $ProductNames = @("teams", "exo", "defender", "aad", "sharepoint"),
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateSet("commercial", "gcc", "gcchigh", "dod", IgnoreCase = $false)]
         [ValidateNotNullOrEmpty()]
         [string]
         $M365Environment = "commercial",
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateScript({Test-Path -PathType Container $_})]
         [string]
         $OPAPath = (Join-Path -Path $PSScriptRoot -ChildPath "..\..\.."),
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [ValidateSet($true, $false)]
         [boolean]
         $LogIn = $true,
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [switch]
@@ -143,21 +148,25 @@ function Invoke-SCuBA {
         [switch]
         $Version,
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
         $AppID,
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
         $CertificateThumbprint,
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
         $Organization,
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
@@ -168,16 +177,19 @@ function Invoke-SCuBA {
         [string]
         $OutFolderName = "M365BaselineConformance",
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
         $OutProviderFileName = "ProviderSettingsExport",
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
         $OutRegoFileName = "TestResults",
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [string]
@@ -197,6 +209,7 @@ function Invoke-SCuBA {
         [System.IO.FileInfo]
         $ConfigFilePath,
 
+        [Parameter(Mandatory = $false, ParameterSetName = 'Configuration')]
         [Parameter(Mandatory = $false, ParameterSetName = 'Report')]
         [ValidateNotNullOrEmpty()]
         [switch]
@@ -252,10 +265,34 @@ function Invoke-SCuBA {
                 $ScubaConfig = [ScubaConfig]::GetInstance().Configuration
             }
 
-            if ($ScubaConfig.AppID){
-                $PSBoundParameters.Add("AppID", $ScubaConfig.AppID)
-                $PSBoundParameters.Add("CertificateThumbprint", $ScubaConfig.CertificateThumbprint)
-                $PSBoundParameters.Add("Organization", $ScubaConfig.Organization)
+            # Authentications parameters use below
+            $SPparams = 'AppID', 'CertificateThumbprint', 'Organization'
+
+            # Bound parameters indicate a parameter has been passed in.
+            # However authentication parameters are special and are not handled within
+            # the config module (since you can't make a default).  If an authentication
+            # parameter is set in the config file but not supplied on the command line
+            # set the Bound parameters value which make it appear as if it was supplied on the
+            # command line
+
+            foreach ( $value in $SPparams )
+            {
+                if  ( $ScubaConfig[$value] -and  (-not  $PSBoundParameters[$value] )) {
+                    $PSBoundParameters.Add($value, $ScubaConfig[$value])
+                }
+            }
+
+            # New the bound parameters contain the following
+            # 1) Parameters explicitly passed in ( which may include authentication ones )
+            # 2) Authentication parameters from the config file
+            # Use these to set the final config values, which will be used in
+            # processing
+            $ScubaConfigClone = $ScubaConfig.Clone()
+            # If a config value has been explictly set as a parameter override it
+            foreach ( $value in $ScubaConfigClone.keys ) {
+                if ( $PSBoundParameters[$value] -and $ScubaConfigClone[$value] ) {
+                    $ScubaConfig[$value] = $PSBoundParameters[$value] 
+                }
             }
         }