From 4047242c3b61e20553b73123d5496c7fc9063e8c Mon Sep 17 00:00:00 2001
From: Sergey Kolupaev <skolupaev@keepersecurity.com>
Date: Mon, 11 Nov 2024 16:28:10 -0800
Subject: [PATCH] PowerCommander: non-interactive environment

---
 PowerCommander/AuthCommands.ps1    | 32 ++++++++++++++++++++++--------
 PowerCommander/Enterprise.ps1      | 11 +++++++---
 PowerCommander/PowerCommander.psd1 |  4 ++--
 3 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/PowerCommander/AuthCommands.ps1 b/PowerCommander/AuthCommands.ps1
index 4db6b01..03fed1f 100644
--- a/PowerCommander/AuthCommands.ps1
+++ b/PowerCommander/AuthCommands.ps1
@@ -5,6 +5,10 @@ $expires = @(
     [KeeperSecurity.Authentication.TwoFactorDuration]::Every30Days,
     [KeeperSecurity.Authentication.TwoFactorDuration]::Forever)
 
+function Test-InteractiveSession {
+    return $Host.Name -eq 'ConsoleHost' -and $Host.UI.SupportsVirtualTerminal
+}
+
 function twoFactorChannelToText ([KeeperSecurity.Authentication.TwoFactorChannel] $channel) {
     if ($channel -eq [KeeperSecurity.Authentication.TwoFactorChannel]::Authenticator) {
         return 'authenticator'
@@ -356,6 +360,7 @@ function Connect-Keeper {
     } else {
         $storage = New-Object KeeperSecurity.Configuration.JsonConfigurationStorage
     }
+
     if (-not $Server) {
         $Server = $storage.LastServer
         if ($Server) {
@@ -389,11 +394,14 @@ function Connect-Keeper {
     if ($Username) {
         Write-Output "$(($namePrompt + ': ').PadLeft(21, ' ')) $Username"
     }
-    else {
+    elseif (Test-InteractiveSession) {
         while (-not $Username) {
             $Username = Read-Host -Prompt $namePrompt.PadLeft(20, ' ')
         }
+    } else {
+        Write-Error "Non-interactive session detected" -ErrorAction Stop 
     }
+
     if ($SsoProvider.IsPresent) {
         $authFlow.LoginSso($Username).GetAwaiter().GetResult() | Out-Null
     }
@@ -419,16 +427,24 @@ function Connect-Keeper {
         $prompt = getStepPrompt $authFlow
 
         if ($authFlow.Step -is [KeeperSecurity.Authentication.Sync.PasswordStep]) {
-            $securedPassword = Read-Host -Prompt $prompt -AsSecureString
-            if ($securedPassword.Length -gt 0) {
-                $action = [Net.NetworkCredential]::new('', $securedPassword).Password
-            }
-            else {
-                $action = ''
+            if (Test-InteractiveSession) {
+                $securedPassword = Read-Host -Prompt $prompt -AsSecureString
+                if ($securedPassword.Length -gt 0) {
+                    $action = [Net.NetworkCredential]::new('', $securedPassword).Password
+                }
+                else {
+                    $action = ''
+                }
+            } else {
+                Write-Error "Non-interactive session detected" -ErrorAction Stop 
             }
         }
         else {
-            $action = Read-Host -Prompt $prompt
+            if (Test-InteractiveSession) {
+                $action = Read-Host -Prompt $prompt
+            } else {
+                Write-Error "Non-interactive session detected" -ErrorAction Stop 
+            }
         }
 
         if ($action) {
diff --git a/PowerCommander/Enterprise.ps1 b/PowerCommander/Enterprise.ps1
index d71cd7f..1affdc4 100644
--- a/PowerCommander/Enterprise.ps1
+++ b/PowerCommander/Enterprise.ps1
@@ -419,12 +419,17 @@ function Move-KeeperEnterpriseUser {
         return
     }
     if (-not $Force.IsPresent) {
-        Write-Output "This action cannot be undone.`n"
-        $answer = Read-Host -Prompt "Do you want to proceed with transferring $($fromUserObject.Email) account (Yes/No)? > "
+        if (Test-InteractiveSession) {
+            Write-Output "This action cannot be undone.`n"
+            $answer = Read-Host -Prompt "Do you want to proceed with transferring $($fromUserObject.Email) account (Yes/No)? > "
+        } else {
+            Write-Output('Non-interactive session. Use -Force parameter')
+            $answer = 'no'
+        }
         if ($answer -ne 'yes' -and $answer -ne 'y') {
             return
         }
-    }
+}
     $transferResult = $enterprise.enterpriseData.TransferUserAccount($enterprise.roleData, $fromUserObject, $targetUserObject).GetAwaiter().GetResult()
     if ($transferResult) {
         Write-Information "Successfully Transfered:"
diff --git a/PowerCommander/PowerCommander.psd1 b/PowerCommander/PowerCommander.psd1
index d1b7859..f22aed8 100644
--- a/PowerCommander/PowerCommander.psd1
+++ b/PowerCommander/PowerCommander.psd1
@@ -11,7 +11,7 @@
     RootModule         = 'PowerCommander.psm1'
 
     # Version number of this module.
-    ModuleVersion      = '0.9.18'
+    ModuleVersion      = '0.9.19'
 
     # Supported PSEditions
     CompatiblePSEditions = @('Desktop')
@@ -117,7 +117,7 @@
             LicenseUri = 'https://github.com/Keeper-Security/keeper-sdk-dotnet/blob/master/LICENSE'
             ProjectUri = 'https://github.com/Keeper-Security/keeper-sdk-dotnet'
             IconUri  = 'https://keeper-email-images.s3.amazonaws.com/common/powershell.png'
-            ReleaseNotes = 'Update Keeper SDL to v1.0.6'
+            ReleaseNotes = 'Handle non-interactive Powershell environments'
         }
     }