Feat/Management API#18
Merged
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds initial support for SCEPman 3.1 “manage API” operations to the PowerShell module, including searching certificates and revoking issued certificates, plus accompanying documentation and tests.
Changes:
- Introduces
Find-SCEPmanCertificate(manage search API) andRevoke-SCEPmanCertificate(manage revocation API). - Exposes new cmdlets via the module manifest and adds supporting enums/constants.
- Adds Pester tests and extends the README with usage examples.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| Tests/Revoke-SCEPmanCertificate.Tests.ps1 | Adds Pester coverage for revocation request formatting and multi-serial behavior. |
| Tests/Find-SCEPmanCertificate.Tests.ps1 | Adds Pester coverage for query building, auth header usage, and optional parameters. |
| SCEPmanClient/SCEPmanClient.psd1 | Exports the new public cmdlets from the module manifest. |
| SCEPmanClient/Public/Revoke-SCEPmanCertificate.ps1 | Implements certificate revocation against the manage API. |
| SCEPmanClient/Public/Find-SCEPmanCertificate.ps1 | Implements certificate search against the manage API with filtering/pagination. |
| SCEPmanClient/Private/x509/constants.ps1 | Adds enums used by the new cmdlets (revocation reasons, validity/type filters). |
| README.md | Documents new search and revoke commands with examples. |
Comments suppressed due to low confidence (4)
SCEPmanClient/Public/Find-SCEPmanCertificate.ps1:160
Write-Erroris emitted and then the code immediately throws a terminating error. This tends to produce duplicate error records for callers. Prefer either throwing a single terminating error (optionally with-ErrorAction Stopsemantics) or returning a structured error result without also callingWrite-Error.
Write-Error "$($MyInvocation.MyCommand): Failed to search certificates. Status code: $StatusCode. ApiErrorCode: $ApiErrorCode. ApiErrorMessage: $ApiErrorMessage"
SCEPmanClient/Public/Revoke-SCEPmanCertificate.ps1:135
- In the catch block,
$_.Exception.Responsecan be$nullfor non-HTTP failures (DNS/TLS/connection), so accessing.StatusCodecan throw and mask the real error. Consider null-checking the Response (and/or falling back to$_.Exception.Status/$_.Exception.Message) before readingStatusCode.
} catch {
$statusCode = [int]$_.Exception.Response.StatusCode
$errorBody = $_.ErrorDetails.Message
SCEPmanClient/Public/Revoke-SCEPmanCertificate.ps1:163
- On success the cmdlet writes a formatted string via
Write-Output, which makes the pipeline output non-object and inconsistent with the other cmdlets in this module (which return objects and useWrite-Verbosefor status). Consider returning the API response or a structured result object, and reserve human-readable messages for verbose/information streams.
If ($Result.Success) {
Write-Output "$($MyInvocation.MyCommand): Certificate $Serial revoked successfully."
} Else {
throw "$($MyInvocation.MyCommand): Failed to revoke certificate $Serial. StatusCode: $($Result.StatusCode), ErrorCode: $($Result.ErrorCode), Message: $($Result.ErrorMessage)"
}
SCEPmanClient/Public/Find-SCEPmanCertificate.ps1:170
- The expression
$ApiErrorMessage ? $ApiErrorMessage : '...'uses the PowerShell ternary operator, which is not supported in Windows PowerShell 5.1. Since the module appears to support PS 5.x (e.g., other code checks$PSVersionTable.PSVersion.Major -lt 7), this should be rewritten using anif/elseexpression to keep compatibility.
404 { throw "$($MyInvocation.MyCommand): Endpoint not found. Verify the URL and that the manage API endpoint exists." }
409 { throw "$($MyInvocation.MyCommand): Conflict. $($ApiErrorMessage ? $ApiErrorMessage : 'Request could not be completed.')" }
500 { throw "$($MyInvocation.MyCommand): Server error while searching certificates. $ApiErrorMessage" }
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
…anclient into feat/RevocationAPI
Agent-Logs-Url: https://github.com/scepman/scepmanclient/sessions/08693e2f-f1f5-4922-bc32-f2500efc3257 Co-authored-by: cheinzler-gk <191097678+cheinzler-gk@users.noreply.github.com>
Contributor
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add functionality of SCEPman 3.1 manage API