diff --git a/src/IdLE.Core/Private/Resolve-IdleStepMetadataCatalog.ps1 b/src/IdLE.Core/Private/Resolve-IdleStepMetadataCatalog.ps1 index d415f8b5..83caf0b6 100644 --- a/src/IdLE.Core/Private/Resolve-IdleStepMetadataCatalog.ps1 +++ b/src/IdLE.Core/Private/Resolve-IdleStepMetadataCatalog.ps1 @@ -224,8 +224,8 @@ function Resolve-IdleStepMetadataCatalog { # Check for duplicates across step packs if ($StepTypeOwners.ContainsKey([string]$key)) { $existingOwner = $StepTypeOwners[[string]$key] - $errorMessage = "DuplicateStepTypeMetadata: Step type '$key' is defined in both '$existingOwner' and '$SourceModuleName'. " + - "Step packs must own unique step types." + $errorMessage = "DuplicateStepTypeMetadata: Step type '$key' is defined in both '$existingOwner' and '$SourceModuleName'. " + ` + "Step packs must own unique step types." throw [System.InvalidOperationException]::new($errorMessage) } @@ -265,8 +265,8 @@ function Resolve-IdleStepMetadataCatalog { # Check if this step type already exists in step pack catalog (no override allowed) if ($catalog.ContainsKey([string]$key)) { $existingOwner = $stepTypeOwners[[string]$key] - $errorMessage = "DuplicateStepTypeMetadata: Step type '$key' is already defined in step pack '$existingOwner'. " + - "Host metadata (Providers.StepMetadata) can only supplement with new step types, not override existing ones." + $errorMessage = "DuplicateStepTypeMetadata: Step type '$key' is already defined in step pack '$existingOwner'. " + ` + "Host metadata (Providers.StepMetadata) can only supplement with new step types, not override existing ones." throw [System.InvalidOperationException]::new($errorMessage) } diff --git a/src/IdLE.Core/Public/New-IdleAuthSessionBroker.ps1 b/src/IdLE.Core/Public/New-IdleAuthSessionBroker.ps1 index f22c76ab..9e439cb6 100644 --- a/src/IdLE.Core/Public/New-IdleAuthSessionBroker.ps1 +++ b/src/IdLE.Core/Public/New-IdleAuthSessionBroker.ps1 @@ -76,6 +76,10 @@ function New-IdleAuthSessionBroker { [hashtable] $Options ) + # $Name is part of the broker contract but not used in this simple implementation + # This broker routes based on Options only; custom brokers may use Name for additional routing + $null = $Name + # If no options provided, return default if ($null -eq $Options -or $Options.Count -eq 0) { if ($null -ne $this.DefaultCredential) { diff --git a/src/IdLE.Core/Public/New-IdlePlanObject.ps1 b/src/IdLE.Core/Public/New-IdlePlanObject.ps1 index cff9617a..4956ae01 100644 --- a/src/IdLE.Core/Public/New-IdlePlanObject.ps1 +++ b/src/IdLE.Core/Public/New-IdlePlanObject.ps1 @@ -501,9 +501,9 @@ function New-IdlePlanObject { } else { # Workflow references a Step.Type for which no StepMetadata entry is available - fail fast. - $errorMessage = "MissingStepTypeMetadata: Workflow step '$stepName' references step type '$stepType' which has no metadata entry. " + - "To resolve this: (1) Import/load the step pack module (IdLE.Steps.*) that provides metadata for '$stepType' via Get-IdleStepMetadataCatalog, OR " + - "(2) For host-defined/custom step types only, provide Providers.StepMetadata['$stepType'] = @{ RequiredCapabilities = @(...) }." + $errorMessage = "MissingStepTypeMetadata: Workflow step '$stepName' references step type '$stepType' which has no metadata entry. " + ` + "To resolve this: (1) Import/load the step pack module (IdLE.Steps.*) that provides metadata for '$stepType' via Get-IdleStepMetadataCatalog, OR " + ` + "(2) For host-defined/custom step types only, provide Providers.StepMetadata['$stepType'] = @{ RequiredCapabilities = @(...) }." throw [System.InvalidOperationException]::new($errorMessage) } diff --git a/src/IdLE.Provider.AD/Public/New-IdleADIdentityProvider.ps1 b/src/IdLE.Provider.AD/Public/New-IdleADIdentityProvider.ps1 index d3c16ccc..1b80caae 100644 --- a/src/IdLE.Provider.AD/Public/New-IdleADIdentityProvider.ps1 +++ b/src/IdLE.Provider.AD/Public/New-IdleADIdentityProvider.ps1 @@ -297,7 +297,8 @@ function New-IdleADIdentityProvider { [object] $AuthSession ) - $adapter = $this.GetEffectiveAdapter($AuthSession) + # Validate adapter is available + $this.GetEffectiveAdapter($AuthSession) | Out-Null $user = $this.ResolveIdentity($IdentityKey, $AuthSession) diff --git a/src/IdLE.Provider.DirectorySync.EntraConnect/Public/New-IdleEntraConnectDirectorySyncProvider.ps1 b/src/IdLE.Provider.DirectorySync.EntraConnect/Public/New-IdleEntraConnectDirectorySyncProvider.ps1 index e903de38..297bb91c 100644 --- a/src/IdLE.Provider.DirectorySync.EntraConnect/Public/New-IdleEntraConnectDirectorySyncProvider.ps1 +++ b/src/IdLE.Provider.DirectorySync.EntraConnect/Public/New-IdleEntraConnectDirectorySyncProvider.ps1 @@ -90,16 +90,16 @@ function New-IdleEntraConnectDirectorySyncProvider { # Validate AuthSession contract if ($null -eq $AuthSession.PSObject.Methods['InvokeCommand']) { - throw "AuthSession must implement InvokeCommand(CommandName, Parameters) method. " + - "The host must provide an elevated remote session via AuthSessionBroker." + throw "AuthSession must implement InvokeCommand(CommandName, Parameters) method. " + ` + "The host must provide an elevated remote session via AuthSessionBroker." } try { # Execute Start-ADSyncSyncCycle remotely # The remote session should already have ADSync module available or will import it - $result = $AuthSession.InvokeCommand('Start-ADSyncSyncCycle', @{ - PolicyType = $PolicyType - }) + $AuthSession.InvokeCommand('Start-ADSyncSyncCycle', @{ + PolicyType = $PolicyType + }) | Out-Null # Start-ADSyncSyncCycle returns a result object or throws on error # Success case: return Started = true @@ -113,8 +113,8 @@ function New-IdleEntraConnectDirectorySyncProvider { $errorMessage = $_.Exception.Message if ($errorMessage -match 'access.*denied|permission|privilege|elevation|administrator|unauthorized') { - throw "Failed to start sync cycle. Missing privileges or elevation. " + - "The AuthSession must provide an elevated execution context. Original error: $errorMessage" + throw "Failed to start sync cycle. Missing privileges or elevation. " + ` + "The AuthSession must provide an elevated execution context. Original error: $errorMessage" } # Re-throw other errors @@ -149,8 +149,8 @@ function New-IdleEntraConnectDirectorySyncProvider { # Validate AuthSession contract if ($null -eq $AuthSession.PSObject.Methods['InvokeCommand']) { - throw "AuthSession must implement InvokeCommand(CommandName, Parameters) method. " + - "The host must provide an elevated remote session via AuthSessionBroker." + throw "AuthSession must implement InvokeCommand(CommandName, Parameters) method. " + ` + "The host must provide an elevated remote session via AuthSessionBroker." } try { @@ -189,8 +189,8 @@ function New-IdleEntraConnectDirectorySyncProvider { $errorMessage = $_.Exception.Message if ($errorMessage -match 'access.*denied|permission|privilege|elevation|administrator|unauthorized') { - throw "Failed to get sync cycle state. Missing privileges or elevation. " + - "The AuthSession must provide an elevated execution context. Original error: $errorMessage" + throw "Failed to get sync cycle state. Missing privileges or elevation. " + ` + "The AuthSession must provide an elevated execution context. Original error: $errorMessage" } throw "Failed to get sync cycle state: $errorMessage" diff --git a/src/IdLE.Provider.EntraID/Public/New-IdleEntraIDIdentityProvider.ps1 b/src/IdLE.Provider.EntraID/Public/New-IdleEntraIDIdentityProvider.ps1 index a6ef2336..c89dc566 100644 --- a/src/IdLE.Provider.EntraID/Public/New-IdleEntraIDIdentityProvider.ps1 +++ b/src/IdLE.Provider.EntraID/Public/New-IdleEntraIDIdentityProvider.ps1 @@ -503,7 +503,7 @@ function New-IdleEntraIDIdentityProvider { $payload['accountEnabled'] = [bool]$Attributes['Enabled'] } - $user = $this.Adapter.CreateUser($payload, $accessToken) + $this.Adapter.CreateUser($payload, $accessToken) | Out-Null return [pscustomobject]@{ PSTypeName = 'IdLE.ProviderResult' diff --git a/src/IdLE.Provider.ExchangeOnline/Private/New-IdleExchangeOnlineAdapter.ps1 b/src/IdLE.Provider.ExchangeOnline/Private/New-IdleExchangeOnlineAdapter.ps1 index 4973f0e9..7013d6c2 100644 --- a/src/IdLE.Provider.ExchangeOnline/Private/New-IdleExchangeOnlineAdapter.ps1 +++ b/src/IdLE.Provider.ExchangeOnline/Private/New-IdleExchangeOnlineAdapter.ps1 @@ -71,6 +71,9 @@ function New-IdleExchangeOnlineAdapter { [string] $AccessToken ) + # AccessToken is reserved for future Graph API integration + $null = $AccessToken + try { $params = @{ Identity = $MailboxIdentity @@ -119,6 +122,9 @@ function New-IdleExchangeOnlineAdapter { [string] $AccessToken ) + # AccessToken is reserved for future Graph API integration + $null = $AccessToken + $params = @{ Identity = $MailboxIdentity ErrorAction = 'Stop' @@ -156,6 +162,9 @@ function New-IdleExchangeOnlineAdapter { [string] $AccessToken ) + # AccessToken is reserved for future Graph API integration + $null = $AccessToken + try { $params = @{ Identity = $MailboxIdentity @@ -207,6 +216,9 @@ function New-IdleExchangeOnlineAdapter { [string] $AccessToken ) + # AccessToken is reserved for future Graph API integration + $null = $AccessToken + $params = @{ Identity = $MailboxIdentity ErrorAction = 'Stop' diff --git a/src/IdLE.Steps.DirectorySync/Public/Invoke-IdleStepTriggerDirectorySync.ps1 b/src/IdLE.Steps.DirectorySync/Public/Invoke-IdleStepTriggerDirectorySync.ps1 index 8056112f..b1733cb1 100644 --- a/src/IdLE.Steps.DirectorySync/Public/Invoke-IdleStepTriggerDirectorySync.ps1 +++ b/src/IdLE.Steps.DirectorySync/Public/Invoke-IdleStepTriggerDirectorySync.ps1 @@ -104,8 +104,8 @@ function Invoke-IdleStepTriggerDirectorySync { try { # Trigger sync cycle $Context.EventSink.WriteEvent('DirectorySyncTriggered', "Triggering $policyType sync cycle", $stepName, @{ - PolicyType = $policyType - }) + PolicyType = $policyType + }) $startResult = Invoke-IdleProviderMethod ` -Context $Context ` @@ -122,9 +122,9 @@ function Invoke-IdleStepTriggerDirectorySync { # If wait is requested, poll until complete or timeout if ($wait) { $Context.EventSink.WriteEvent('DirectorySyncWaiting', "Waiting for sync cycle to complete (timeout: ${timeoutSeconds}s)", $stepName, @{ - TimeoutSeconds = $timeoutSeconds - PollIntervalSeconds = $pollIntervalSeconds - }) + TimeoutSeconds = $timeoutSeconds + PollIntervalSeconds = $pollIntervalSeconds + }) $startTime = [datetime]::UtcNow $attempt = 0 @@ -145,10 +145,10 @@ function Invoke-IdleStepTriggerDirectorySync { $lastState = if ($null -ne $stateResult) { $stateResult.State } else { 'Unknown' } $Context.EventSink.WriteEvent('DirectorySyncFailed', "Sync cycle wait timeout after ${timeoutSeconds}s", $stepName, @{ - TimeoutSeconds = $timeoutSeconds - ElapsedSeconds = [int]$elapsed - LastKnownState = $lastState - }) + TimeoutSeconds = $timeoutSeconds + ElapsedSeconds = [int]$elapsed + LastKnownState = $lastState + }) throw "TriggerDirectorySync: Timeout waiting for sync cycle to complete after ${timeoutSeconds}s. Last known state: $lastState" } @@ -169,18 +169,18 @@ function Invoke-IdleStepTriggerDirectorySync { $currentState = if ($null -ne $stateResult) { $stateResult.State } else { 'Unknown' } $Context.EventSink.WriteEvent('DirectorySyncPoll', "Poll attempt $attempt - State: $currentState", $stepName, @{ - Attempt = $attempt - State = $currentState - InProgress = $inProgress - ElapsedSeconds = [int]$elapsed - }) + Attempt = $attempt + State = $currentState + InProgress = $inProgress + ElapsedSeconds = [int]$elapsed + }) if (-not $inProgress) { # Sync cycle completed $Context.EventSink.WriteEvent('DirectorySyncCompleted', "Sync cycle completed", $stepName, @{ - Attempts = $attempt - ElapsedSeconds = [int]$elapsed - }) + Attempts = $attempt + ElapsedSeconds = [int]$elapsed + }) break } @@ -191,8 +191,8 @@ function Invoke-IdleStepTriggerDirectorySync { else { # Not waiting - sync triggered successfully $Context.EventSink.WriteEvent('DirectorySyncCompleted', "Sync cycle triggered (not waiting)", $stepName, @{ - PolicyType = $policyType - }) + PolicyType = $policyType + }) } return [pscustomobject]@{ @@ -206,8 +206,8 @@ function Invoke-IdleStepTriggerDirectorySync { } catch { $Context.EventSink.WriteEvent('DirectorySyncFailed', "Failed to trigger or wait for sync cycle: $_", $stepName, @{ - Error = $_.Exception.Message - }) + Error = $_.Exception.Message + }) throw } }