Skip to content

Rename $broker to $authSessionBroker in examples and documentation #206

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
blindzero merged 2 commits into from
Feb 21, 2026
Merged

Rename $broker to $authSessionBroker in examples and documentation #206

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e394667
Initial plan
Copilot Feb 21, 2026
85c2a3a
Rename $broker to $authSessionBroker in examples and documentation
Copilot Feb 21, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/reference/cmdlets/Invoke-IdlePlan.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ Provider resolution:
### EXAMPLE 1
```
# Default: plan built with providers, execution uses Plan.Providers
$providers = @{ Identity = $provider; AuthSessionBroker = $broker }
$providers = @{ Identity = $provider; AuthSessionBroker = $authSessionBroker }
$plan = New-IdlePlan -WorkflowPath ./joiner.psd1 -Request $req -Providers $providers
Invoke-IdlePlan -Plan $plan
```
Expand Down
4 changes: 2 additions & 2 deletions docs/reference/cmdlets/New-IdleAuthSession.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,13 @@ This is a thin wrapper that delegates to IdLE.Core\New-IdleAuthSessionBroker.
### EXAMPLE 1
```
# Simple broker with single credential
$broker = New-IdleAuthSession -DefaultAuthSession $credential -AuthSessionType 'Credential'
$authSessionBroker = New-IdleAuthSession -DefaultAuthSession $credential -AuthSessionType 'Credential'
```

### EXAMPLE 2
```
# Mixed-type broker for AD + EXO
$broker = New-IdleAuthSession -SessionMap @{
$authSessionBroker = New-IdleAuthSession -SessionMap @{
@{ AuthSessionName = 'AD' } = @{ AuthSessionType = 'Credential'; Credential = $adCred }
@{ AuthSessionName = 'EXO' } = @{ AuthSessionType = 'OAuth'; Credential = $token }
}
Expand Down
6 changes: 3 additions & 3 deletions docs/use/walkthrough/05-providers-authentication.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ A minimal broker for a single credential:
```powershell
$cred = Get-Credential

$broker = New-IdleAuthSession -DefaultAuthSession $cred -AuthSessionType 'Credential'
$authSessionBroker = New-IdleAuthSession -DefaultAuthSession $cred -AuthSessionType 'Credential'
```

A broker that supports named routing (example: `AD` and `EXO`):
Expand All @@ -140,7 +140,7 @@ A broker that supports named routing (example: `AD` and `EXO`):
$adCred = Get-Credential
$exoToken = '<token-or-object-from-your-exo-login-flow>'

$broker = New-IdleAuthSession -SessionMap @{
$authSessionBroker = New-IdleAuthSession -SessionMap @{
@{ AuthSessionName = 'AD' } = @{ AuthSessionType = 'Credential'; Credential = $adCred }
@{ AuthSessionName = 'EXO' } = @{ AuthSessionType = 'OAuth'; Credential = $exoToken }
}
Expand All @@ -161,7 +161,7 @@ To make the broker available at runtime, add it to the provider registry under t
```powershell
$providers = @{
Identity = New-IdleMockIdentityProvider
AuthSessionBroker = $broker
AuthSessionBroker = $authSessionBroker
}
```

Expand Down
14 changes: 7 additions & 7 deletions src/IdLE.Core/Public/New-IdleAuthSessionBroker.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,44 +48,44 @@ function New-IdleAuthSessionBroker {

.EXAMPLE
# Simple single-credential broker (with AuthSessionType)
$broker = New-IdleAuthSessionBroker -DefaultAuthSession $admCred -AuthSessionType 'Credential'
$authSessionBroker = New-IdleAuthSessionBroker -DefaultAuthSession $admCred -AuthSessionType 'Credential'

.EXAMPLE
# AuthSessionName-based routing with roles (with AuthSessionType)
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ AuthSessionName = 'AD'; Role = 'ADAdm' } = $tier0Credential
@{ AuthSessionName = 'AD'; Role = 'ADRead' } = $readOnlyCredential
} -DefaultAuthSession $adminCredential -AuthSessionType 'Credential'

.EXAMPLE
# OAuth broker with token strings (with AuthSessionType)
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ Role = 'Admin' } = $graphToken
} -DefaultAuthSession $graphToken -AuthSessionType 'OAuth'

.EXAMPLE
# Domain-based broker for multi-forest scenarios (with AuthSessionType)
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ Domain = 'SourceAD' } = $sourceCred
@{ Domain = 'TargetAD' } = $targetCred
} -AuthSessionType 'Credential'

.EXAMPLE
# PSRemoting broker for Entra Connect directory sync (with AuthSessionType)
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ Server = 'AADConnect01' } = $remoteSessionCred
} -AuthSessionType 'PSRemoting'

.EXAMPLE
# Environment-based routing (with AuthSessionType)
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ Environment = 'Production' } = $prodCred
@{ Environment = 'Test' } = $testCred
} -DefaultAuthSession $devCred -AuthSessionType 'Credential'

.EXAMPLE
# Mixed-type broker for AD (Credential) + EXO (OAuth) - typed descriptors
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ AuthSessionName = 'AD' } = @{ AuthSessionType = 'Credential'; Credential = $adCred }
@{ AuthSessionName = 'EXO' } = @{ AuthSessionType = 'OAuth'; Credential = $exoToken }
}
Expand Down
10 changes: 5 additions & 5 deletions src/IdLE.Provider.AD/Public/New-IdleADIdentityProvider.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,15 +70,15 @@ function New-IdleADIdentityProvider {
$tier0Credential = Get-Credential -Message "Enter Tier0 admin credentials"
$adminCredential = Get-Credential -Message "Enter regular admin credentials"

$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ Role = 'Tier0' } = $tier0Credential
@{ Role = 'Admin' } = $adminCredential
} -DefaultCredential $adminCredential

$provider = New-IdleADIdentityProvider
$plan = New-IdlePlan -WorkflowPath './workflow.psd1' -Request $request -Providers @{
Identity = $provider
AuthSessionBroker = $broker
AuthSessionBroker = $authSessionBroker
}

# Workflow steps can specify different auth contexts:
Expand All @@ -87,8 +87,8 @@ function New-IdleADIdentityProvider {

.EXAMPLE
# Custom broker for advanced scenarios (vault integration, MFA)
$broker = [pscustomobject]@{}
$broker | Add-Member -MemberType ScriptMethod -Name AcquireAuthSession -Value {
$authSessionBroker = [pscustomobject]@{}
$authSessionBroker | Add-Member -MemberType ScriptMethod -Name AcquireAuthSession -Value {
param($Name, $Options)
if ($Options.Role -eq 'Tier0') {
return Get-SecretFromVault -Name 'AD-Tier0'
Expand All @@ -99,7 +99,7 @@ function New-IdleADIdentityProvider {
$provider = New-IdleADIdentityProvider
$plan = New-IdlePlan -WorkflowPath './workflow.psd1' -Request $request -Providers @{
Identity = $provider
AuthSessionBroker = $broker
AuthSessionBroker = $authSessionBroker
}
#>
[CmdletBinding()]
Expand Down
8 changes: 4 additions & 4 deletions src/IdLE.Provider.EntraID/Public/New-IdleEntraIDIdentityProvider.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,30 +43,30 @@ function New-IdleEntraIDIdentityProvider {
# Basic usage with delegated auth
# Host obtains token via secure method (not shown here - see provider documentation)
$accessToken = Get-SecureGraphToken
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{} = $accessToken
} -DefaultCredential $accessToken

$provider = New-IdleEntraIDIdentityProvider
$plan = New-IdlePlan -WorkflowPath './workflow.psd1' -Request $request -Providers @{
Identity = $provider
AuthSessionBroker = $broker
AuthSessionBroker = $authSessionBroker
}

.EXAMPLE
# Multi-role scenario
$tier0Token = Get-GraphTokenForTier0 # host-managed auth
$adminToken = Get-GraphTokenForAdmin

$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{ Role = 'Tier0' } = $tier0Token
@{ Role = 'Admin' } = $adminToken
} -DefaultCredential $adminToken

$provider = New-IdleEntraIDIdentityProvider
$plan = New-IdlePlan -WorkflowPath './workflow.psd1' -Request $request -Providers @{
Identity = $provider
AuthSessionBroker = $broker
AuthSessionBroker = $authSessionBroker
}

# Workflow steps specify: With.AuthSessionOptions = @{ Role = 'Tier0' }
Expand Down
4 changes: 2 additions & 2 deletions src/IdLE.Provider.EntraID/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ Import-Module IdLE
$token = Get-GraphToken

# Create broker for auth routing
$broker = New-IdleAuthSessionBroker -SessionMap @{
$authSessionBroker = New-IdleAuthSessionBroker -SessionMap @{
@{} = $token
} -DefaultCredential $token

Expand All @@ -22,7 +22,7 @@ $provider = New-IdleEntraIDIdentityProvider
# Use in workflows
$providers = @{
Identity = $provider
AuthSessionBroker = $broker
AuthSessionBroker = $authSessionBroker
}
$plan = New-IdlePlan -WorkflowPath '.\joiner.psd1' -Request $request -Providers $providers
```
Expand Down
2 changes: 1 addition & 1 deletion src/IdLE/Public/Invoke-IdlePlan.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ function Invoke-IdlePlan {

.EXAMPLE
# Default: plan built with providers, execution uses Plan.Providers
$providers = @{ Identity = $provider; AuthSessionBroker = $broker }
$providers = @{ Identity = $provider; AuthSessionBroker = $authSessionBroker }
$plan = New-IdlePlan -WorkflowPath ./joiner.psd1 -Request $req -Providers $providers
Invoke-IdlePlan -Plan $plan

Expand Down
4 changes: 2 additions & 2 deletions src/IdLE/Public/New-IdleAuthSession.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ function New-IdleAuthSession {

.EXAMPLE
# Simple broker with single credential
$broker = New-IdleAuthSession -DefaultAuthSession $credential -AuthSessionType 'Credential'
$authSessionBroker = New-IdleAuthSession -DefaultAuthSession $credential -AuthSessionType 'Credential'

.EXAMPLE
# Mixed-type broker for AD + EXO
$broker = New-IdleAuthSession -SessionMap @{
$authSessionBroker = New-IdleAuthSession -SessionMap @{
@{ AuthSessionName = 'AD' } = @{ AuthSessionType = 'Credential'; Credential = $adCred }
@{ AuthSessionName = 'EXO' } = @{ AuthSessionType = 'OAuth'; Credential = $token }
}
Expand Down
Loading