-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathzweefapp.psm1
291 lines (230 loc) · 11.4 KB
/
zweefapp.psm1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
#Requires -Version 7.0
######### Parameters ##########
$club = "zvc" #change to your club, can be retreived from the zweefapp URL >> Todo store club on disk
$client_secret = 'LmwtuTeToDALLZpzDAEG' ### client_secret is fixed for zweef.app, this is a potential security risk because a stolen bearer token can be used on any client.
### Client secret methods are the most commonly used authentication mechanisms for regular server OAuth applications, daemons, machine-to-machine or regular web applications. In other words, client secret methods can be used by confidential applications. An application is confidential when it is able to store its client secret securely.
### On the other hand, client secrets must not be used for public applications like desktop or mobile apps which are not able to store their client secrets securely. Users of such applications have direct access to the code of the app, therefore, it can be decompiled. This may lead to a situation that your client secret is compromised and not safe anymore. Such applications should use authentication set to None and elevate the use of Proof Key for Code Exchange (PKCE).
$bearerTokenPath = $env:LOCALAPPDATA ### path where the bearertoken is stored
####### Nothing to change below this line #######
function Connect-ZweefApp {
<#
.SYNOPSIS
Retreives a bearer token from Zweef.App.
.DESCRIPTION
Stores a bearer ZweefAppToken in global variable $ZweefAppToken in memory and on disk for future use from Zweef.App when typing in a correct user/password combination
It is also possible to store the credentials and pass them as an PScredential object to Connect-ZweefApp
.PARAMETER credentialsParam
Specifies the credential object.
.PARAMETER RefreshBearerToken
Request a new bearer token.
.INPUTS
None. You cannot pipe objects to Connect-ZweefApp.
.OUTPUTS
None.
.EXAMPLE
PS> Connect-ZweefApp
username:
password:
.EXAMPLE
PS> Connect-ZweefApp -credentialObject
#>
param (
[pscredential]$CredentialObject,
[switch]$RefreshBearerToken
)
$StoredBearerToken = Get-Content -Path $bearerTokenPath\zweefappbearertoken.txt -ErrorAction SilentlyContinue | ConvertTo-SecureString
If ($StoredBearerToken -and !$RefreshBearerToken) {
$StoredBearerToken = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR((($StoredBearerToken))))
Write-Host "[+] Connecting using bearer token found on disk, use parameter -RefreshBearerToken to create a new token" -ForegroundColor Green
$global:ZweefAppToken = $StoredBearerToken
break
}
else {
if ($CredentialObject) {
$credentials = $CredentialObject
}
else {
$credentials = Get-Credential -Message "Please enter your Zweef.App credentials"
}
$password = ConvertFrom-SecureString -SecureString $credentials.password -AsPlainText
$oAuthUri = "https://admin.zweef.app/club/$club/internal_api/auth/login.json"
$authBody = [Ordered] @{
grant_type = "login"
client_secret = "$client_secret"
email = "$($credentials.UserName)"
password = "$password"
}
try {
$ZweefAppToken = ""
$authResponse = Invoke-RestMethod -Method Post -Uri $oAuthUri -Body $authBody -ErrorAction Stop
}
catch {
Write-Host ("[+] Wrong credentials") -ForegroundColor Red
Break
}
### Store bearer ZweefAppToken in ZweefAppToken variable
$global:ZweefAppToken = $authResponse.access_token
$global:ZweefAppToken | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString | Set-Content -Path $bearerTokenPath\zweefappbearertoken.txt
}
if ($global:ZweefAppToken) {
Write-Host "[+] Bearer token loaded in variable zweefAppToken and stored to disk for Zweef.App" -ForegroundColor Green
}
}
function Get-ZweefAppVliegdagen {
<#
.SYNOPSIS
Lists all flight day's
.DESCRIPTION
Lists all flight day's. Can be used to get the ID of a specific flightday for use as dag_id parameter in other commands
.INPUTS
None. You cannot pipe objects to Get-ZweefAppVliegdagen.
.OUTPUTS
None.
.EXAMPLE
PS> Get-ZweefAppVliegdagen
#>
$url = " https://admin.zweef.app/club/$club/internal_api/days.json"
# Set the WebRequest headers
$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $ZweefAppToken"
}
$response = Invoke-restmethod -Method Get -Uri $url -Headers $headers -ErrorAction Stop
return $response.days
}
function Get-ZweefAppVliegdag {
<#
.SYNOPSIS
Lists a specific flight day
.DESCRIPTION
Lists a specific flight day
.INPUTS
None. You cannot pipe objects to Get-ZweefAppVliegdagen.
.OUTPUTS
None.
.EXAMPLE
PS> Get-ZweefAppVliegdag -DagId <dag_id>
#>
param (
[int]$DagId
)
$body = @{
"dag_id" = "$DagId";
}
$url = "https://admin.zweef.app/$club/zvc/internal_api/aanmeldingen/get_dag.json"
# Set the WebRequest headers
$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $ZweefAppToken"
}
$response = Invoke-restmethod -Method Post -Uri $url -Headers $headers -Body ($body | ConvertTo-Json) -ErrorAction Stop
return $response
}
function Get-ZweefAppVliegdagAanmeldingen {
<#
.SYNOPSIS
List subscriptions
.DESCRIPTION
List subscriptions of a flight day, if you just run the command without any parameter the first available flight day will be listed
.INPUTS
None. You cannot pipe objects to Get-ZweefAppVliegdagAanmeldingen.
.OUTPUTS
None.
.EXAMPLE
PS> Get-ZweefAppVliegdagAanmeldingen
.EXAMPLE
PS> Get-ZweefAppVliegdagAanmeldingen -DagId <dag_id>
#>
param (
[int]$DagId
)
if (!$DagId) {
$DagId = (Get-ZweefAppVliegdagen | where-object status -eq "open" | sort-object dag_id)[0].dag_id #get first available flight day
}
$body = @{
"dag_id" = "$DagId";
}
$url = "https://admin.zweef.app/club/$club/internal_api/aanmeldingen/get_dag.json"
# Set the WebRequest headers
$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $ZweefAppToken"
}
$response = Invoke-restmethod -Method Post -Uri $url -Headers $headers -Body ($body | ConvertTo-Json) -ErrorAction Stop
return $response.aanmeldingen | Where-Object aangemeld -eq "True" | select @{Name = "Datum"; Expression = { $_.datum } }, @{Name = "Naam"; Expression = { $_.vlieger.name } }, @{Name = "Currency"; Expression = { $_.vlieger.currency.currency } }, @{Name = "Lierstarts"; Expression = { $_.vlieger.currency.lier } }, @{Name = "Sleepstarts"; Expression = { $_.vlieger.currency.sleep } }, @{Name = "DBO starts"; Expression = { $_.vlieger.currency.dbo } }, @{Name = "DBO Uren"; Expression = { $_.vlieger.currency.dbo_uren } }, @{Name = "PIC starts"; Expression = { $_.vlieger.currency.pic } }, @{Name = "PIC uren"; Expression = { $_.vlieger.currency.pic_uren } }, @{Name = "Tag"; Expression = { $_.vlieger.currency.tag } }, @{Name = "Opmerking"; Expression = { $_.opmerking } }
}
function Get-ZweefAppMijnVliegdagen {
<#
.SYNOPSIS
Lists all flight day subscriptions of the user logged in
.DESCRIPTION
Lists all flight day subscriptions of the user logged in
.INPUTS
None. You cannot pipe objects to Get-ZweefAppMijnVliegdagen.
.OUTPUTS
None.
.EXAMPLE
PS> Get-ZweefAppMijnVliegdagen
.EXAMPLE
PS> Get-ZweefAppMijnVliegdagen -DagId <dag_id>
#>
$url = " https://admin.zweef.app/club/$club/internal_api/days.json"
# Set the WebRequest headers
$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $ZweefAppToken"
}
$MijnDagen = @()
$response = Invoke-restmethod -Method Get -Uri $url -Headers $headers -ErrorAction Stop
foreach ($Aanmelding in $response.mijn_aanmeldingen) {
foreach ($day in $response.days) {
if ($day.dag_id -match $Aanmelding) {
$MijnDagen += $day
}
}
}
return $MijnDagen
}
function Get-ZweefAppDagTotaal {
param (
[int]$DagId
)
if (!$DagId) {
$DagId = (Get-ZweefAppVliegdagen | where-object status -ne "open")[0].dag_id #get last closed day
}
$body = @{
"dag_id" = "$DagId";
}
$url = "https://admin.zweef.app/club/$club/internal_api/flights/day_total.json"
# Set the WebRequest headers
$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $ZweefAppToken"
}
$day_totals = Invoke-restmethod -Method Post -Uri $url -Headers $headers -Body ($body | ConvertTo-Json) -ErrorAction Stop
$url = "https://admin.zweef.app/club/$club/internal_api/flights/$DagId/flights.json"
# Set the WebRequest headers
$headers = @{
'Content-Type' = 'application/json'
Accept = 'application/json'
Authorization = "Bearer $ZweefAppToken"
}
$flights = Invoke-restmethod -Method Get -Uri $url -Headers $headers -ErrorAction Stop
foreach ($day_total in $day_totals) {
#$Starttijd = @()
$startTime = $flights.allFlights | Where-Object { ($_.registratie -eq $day_total.registratie) -and ($_.start_methode -eq $day_total.start_methode) } | Select-Object @{Name = 'start_tijd'; Expression = { $_.start_tijd -as [DateTime] } } | Sort-Object date
$landingsTime = $flights.allFlights | Where-Object { ($_.registratie -eq $day_total.registratie) -and ($_.start_methode -eq $day_total.start_methode) } | Select-Object @{Name = 'landings_tijd'; Expression = { $_.landings_tijd -as [DateTime] } } | Sort-Object date
#$startTime[0]
$day_total | Add-Member -MemberType NoteProperty -Name Vertrektijd -Value $startTime.start_tijd[0].ToString("HH:mm")
$day_total | Add-Member -MemberType NoteProperty -Name LandingsTijd -Value $landingsTime.landings_tijd[$landingsTime.landings_tijd.lenght - 1].ToString("HH:mm")
$ts = new-timespan -minutes $day_total.minutes
$day_total | Add-Member -MemberType NoteProperty -Name Uren -Value $ts.hours
$day_total | Add-Member -MemberType NoteProperty -Name Minuten -Value $ts.minutes
}
return $day_totals | Select-Object @{Name = 'Datum'; Expression = { $_.datum } } , @{Name = 'Registratie'; Expression = { $_.registratie } }, @{Name = 'StartMethode'; Expression = { $_.start_methode } }, @{Name = 'Starts'; Expression = { $_.Starts } }, Uren, Minuten, Vertrektijd, Landingstijd
}