Collect Authentication Telemetry (#27560)

Co-authored-by: Copilot <[email protected]>
Co-authored-by: NoriZC <[email protected]>

Author: 3 people

src/Accounts/Accounts.Test/AccessTokenCmdletTest.cs

@@ -14,6 +14,7 @@
 
 using Microsoft.Azure.Commands.Common.Authentication;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
+using Microsoft.Azure.Commands.Common.Authentication.Abstractions.Interfaces;
 using Microsoft.Azure.Commands.Common.Authentication.Models;
 using Microsoft.Azure.Commands.Profile;
 using Microsoft.Azure.Commands.Profile.Models;
@@ -28,6 +29,7 @@
 using Moq;
 
 using System;
+using System.Collections.Generic;
 using System.Linq;
 using System.Security;
 
@@ -49,7 +51,7 @@ public AccessTokenCmdletTests(ITestOutputHelper output)
         {
             TestExecutionHelpers.SetUpSessionAndProfile();
             XunitTracingInterceptor.AddToContext(new XunitTracingInterceptor(output));
-
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
             var defaultContext = new AzureContext(
                 new AzureSubscription()
                 {
@@ -97,8 +99,7 @@ public void TestGetAccessTokenAsPlainText()
                 It.IsAny<SecureString>(),
                 It.IsAny<string>(),
                 It.IsAny<Action<string>>(),
-                It.IsAny<IAzureTokenCache>(),
-                It.IsAny<string>())).Returns(new MockAccessToken
+                It.IsAny<IDictionary<string, object>>())).Returns(new MockAccessToken
                 {
                     UserId = expected.UserId,
                     LoginType = LoginType.OrgId,
@@ -146,8 +147,7 @@ public void TestGetAccessTokenAsSecureString()
                 It.IsAny<SecureString>(),
                 It.IsAny<string>(),
                 It.IsAny<Action<string>>(),
-                It.IsAny<IAzureTokenCache>(),
-                It.IsAny<string>())).Returns(new MockAccessToken
+                It.IsAny<IDictionary<string, object>>())).Returns(new MockAccessToken
                 {
                     UserId = expected.UserId,
                     LoginType = LoginType.OrgId,

src/Accounts/Accounts.Test/AutosaveTests.cs

@@ -22,7 +22,6 @@
 using Xunit.Abstractions;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using System;
-using System.Security;
 using Microsoft.Azure.Commands.Profile.Context;
 using Microsoft.Azure.Commands.ScenarioTest;
 using Microsoft.Azure.Commands.ResourceManager.Common;
@@ -57,7 +56,6 @@ private AzKeyStore SetMockedAzKeyStore()
 
         void ResetState()
         {
-
             TestExecutionHelpers.SetUpSessionAndProfile();
             ResourceManagerProfileProvider.InitializeResourceManagerProfile(true);
             // prevent token acquisition
@@ -69,6 +67,7 @@ void ResetState()
             PowerShellTokenCacheProvider tokenProvider = new InMemoryTokenCacheProvider();
             AzureSession.Instance.RegisterComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, () => tokenProvider, true);
             AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => keyStore, true);
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
         }
 
         [Fact]

src/Accounts/Accounts.Test/AzureRMProfileTests.cs

@@ -41,7 +41,6 @@
 using System.Management.Automation;
 using System.Net.Http;
 using System.Runtime.InteropServices;
-using System.Runtime.Serialization.Formatters.Binary;
 using System.Text.Json;
 using System.Threading;
 using System.Threading.Tasks;
@@ -176,6 +175,7 @@ public AzureRMProfileTests(ITestOutputHelper output)
         {
             TestExecutionHelpers.SetUpSessionAndProfile();
             XunitTracingInterceptor.AddToContext(new XunitTracingInterceptor(output));
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
         }
 
         [Fact]

src/Accounts/Accounts.Test/AzureSessionTestInitializer.cs

@@ -33,6 +33,7 @@ public static void Initialize()
             AzureSession.Instance.RegisterComponent(AuthenticatorBuilder.AuthenticatorBuilderKey, () => builder);
             AzureSession.Instance.RegisterComponent(nameof(AzureCredentialFactory), () => new AzureCredentialFactory());
             AzureSession.Instance.RegisterComponent(nameof(MsalAccessTokenAcquirerFactory), () => new MsalAccessTokenAcquirerFactory());
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
         }
 
     }

src/Accounts/Accounts.Test/ContextCmdletTests.cs

@@ -66,6 +66,7 @@ public ContextCmdletTests(ITestOutputHelper output)
             string profilePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), Resources.AzureDirectoryName);
             azKeyStore = new AzKeyStore(profilePath, AzureSession.Instance.KeyStoreFile, true, storageMocker.Object);
             AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => azKeyStore, true);
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
         }
 
         [Fact]

src/Accounts/Accounts.Test/EnvironmentCmdletTests.cs

@@ -50,6 +50,10 @@ public EnvironmentCmdletTests(ITestOutputHelper output)
             XunitTracingInterceptor.AddToContext(new XunitTracingInterceptor(output));
             dataStore = new MemoryDataStore();
             AzureSession.Instance.DataStore = dataStore;
+            if (!AzureSession.Instance.TryGetComponent(nameof(AuthenticationTelemetry), out AuthenticationTelemetry authenticationTelemetry))
+            {
+                AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(nameof(AuthenticationTelemetry), () => new AuthenticationTelemetry());
+            }
         }
 
         private void Cleanup()

src/Accounts/Accounts.Test/ErrorResolutionTests.cs

@@ -13,6 +13,9 @@
 // ----------------------------------------------------------------------------------
 
 using Hyak.Common;
+
+using Microsoft.Azure.Commands.Common.Authentication;
+using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Azure.Commands.Profile.Errors;
 using Microsoft.Azure.Commands.ScenarioTest;
 using Microsoft.WindowsAzure.Commands.Common.Test.Mocks;
@@ -43,6 +46,7 @@ public TestHyakException(string message, CloudHttpRequestErrorInfo request, Clou
         public void DoesNotThrowWithNullError()
         {
             TestExecutionHelpers.SetUpSessionAndProfile();
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
             var cmdlet = new ResolveError();
             var output = cmdlet.ExecuteCmdletInPipeline<AzureErrorRecord>("Resolve-Error");
             Assert.True(output == null || output.Count == 0);
@@ -168,6 +172,7 @@ public void HandlesNullValuesInArmExceptions()
         public void LastParameterFindsLastError()
         {
             TestExecutionHelpers.SetUpSessionAndProfile();
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
             var mock = new MockCommandRuntime();
             var cmdlet = new ResolveError { CommandRuntime = mock };
             var message = "RuntimeErrorMessage";

src/Accounts/Accounts.Test/ProfileCmdletTests.cs

@@ -55,6 +55,7 @@ public ProfileCmdletTests(ITestOutputHelper output)
             AzureSession.Instance.DataStore = dataStore;
             commandRuntimeMock = new MockCommandRuntime();
             AzureSession.Instance.AuthenticationFactory = new MockTokenAuthenticationFactory();
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
             keyStore = SetMockedAzKeyStore();
         }
 

src/Accounts/Accounts.Test/SilentReAuthByTenantCmdletTest.cs

@@ -36,8 +36,6 @@
 using System.Threading.Tasks;
 using Xunit;
 using Xunit.Abstractions;
-using Microsoft.CodeAnalysis.CSharp.Syntax;
-using Microsoft.Azure.Commands.Common.Authentication.Factories;
 
 namespace Microsoft.Azure.Commands.ResourceManager.Common.Test
 {
@@ -326,6 +324,8 @@ private void InitializeSession()
                 DefaultContext = defaultContext
             };
             cmdlet.profileClient = new RMProfileClient(profile);
+
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
         }
 
         ~SilentReAuthByTenantCmdletTest()

src/Accounts/Accounts.Test/TenantCmdletMockTests.cs

@@ -20,7 +20,6 @@
 using Microsoft.Azure.Commands.ScenarioTest;
 using Microsoft.Azure.Commands.TestFx.Mocks;
 using Microsoft.Azure.ServiceManagement.Common.Models;
-using Microsoft.WindowsAzure.Commands.Common.Test.Mocks;
 using Microsoft.WindowsAzure.Commands.ScenarioTest;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 using Moq;
@@ -55,7 +54,7 @@ public TenantCmdletMockTests(ITestOutputHelper output)
         {
             TestExecutionHelpers.SetUpSessionAndProfile();
             XunitTracingInterceptor.AddToContext(new XunitTracingInterceptor(output));
-
+            AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
             AzureSession.Instance.AuthenticationFactory = new MockTokenAuthenticationFactory();
             ((MockTokenAuthenticationFactory)AzureSession.Instance.AuthenticationFactory).TokenProvider = (account, environment, tenant) =>
             new MockAccessToken

src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs

@@ -860,6 +860,7 @@ public void OnImport()
                 AzureSession.Instance.RegisterComponent(nameof(MsalAccessTokenAcquirerFactory), () => new MsalAccessTokenAcquirerFactory());
                 AzureSession.Instance.RegisterComponent<ISshCredentialFactory>(nameof(ISshCredentialFactory), () => new SshCredentialFactory());
                 AzureSession.Instance.RegisterComponent<IOutputSanitizer>(nameof(IOutputSanitizer), () => new OutputSanitizer());
+                AzureSession.Instance.RegisterComponent<AuthenticationTelemetry>(AuthenticationTelemetry.Name, () => new AuthenticationTelemetry());
 #if DEBUG || TESTCOVERAGE
                 AzureSession.Instance.RegisterComponent<ITestCoverage>(nameof(ITestCoverage), () => new TestCoverage());
 #endif

src/Accounts/Accounts/ChangeLog.md

@@ -19,6 +19,8 @@
 -->
 
 ## Upcoming Release
+* Fixed token in auxiliary authentication header.
+* Collected authentication method for telemetry in end process of cmdlet.
 
 ## Version 4.1.0
 * Added AppConfiguration ResourceId and Suffix endpoints for Mooncake and USGov clouds to fix issue [#24219]

src/Accounts/Accounts/Common/AzureContextModificationCmdlet.cs

@@ -47,7 +47,8 @@ protected virtual void ModifyContext(Action<AzureRmProfile, RMProfileClient> con
             {
                 var client = new RMProfileClient(profile)
                 {
-                    WarningLog = (s) => WriteWarning(s)
+                    WarningLog = (s) => WriteWarning(s),
+                    CmdletContext = _cmdletContext
                 };
                 contextAction(profile.ToProfile(), client);
             }

src/Accounts/Accounts/Context/GetAzureRMContext.cs

@@ -84,7 +84,7 @@ public override void ExecuteCmdlet()
                     var defaultProfile = DefaultProfile as AzureRmProfile;
                     if (defaultProfile != null && string.Equals(AzureSession.Instance?.ARMContextSaveMode, "CurrentUser"))
                     {
-                        defaultProfile.RefreshContextsFromCache();
+                        defaultProfile.RefreshContextsFromCache(_cmdletContext);
                     }
                 }
                 catch (Exception e)

src/Accounts/Accounts/Default/GetAzureRmDefault.cs

@@ -40,7 +40,7 @@ public override void ExecuteCmdlet()
             IAzureContext context = DefaultContext;
             IResourceManagementClient client = AzureSession.Instance.ClientFactory.CreateCustomArmClient<ResourceManagementClient>(
                                     context.Environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ResourceManager),
-                                    AzureSession.Instance.AuthenticationFactory.GetServiceClientCredentials(context, AzureEnvironment.Endpoint.ResourceManager),
+                                    AzureSession.Instance.AuthenticationFactory.GetServiceClientCredentials(context, AzureEnvironment.Endpoint.ResourceManager, _cmdletContext),
                                     AzureSession.Instance.ClientFactory.GetCustomHandlers());
             client.SubscriptionId = context.Subscription.Id;
 

src/Accounts/Accounts/Default/SetAzureRMDefault.cs

@@ -53,7 +53,7 @@ public override void ExecuteCmdlet()
             IAzureContext context = DefaultContext;
             IResourceManagementClient resourceManagementclient = AzureSession.Instance.ClientFactory.CreateCustomArmClient<ResourceManagementClient>(
                                 context.Environment.GetEndpointAsUri(AzureEnvironment.Endpoint.ResourceManager),
-                                AzureSession.Instance.AuthenticationFactory.GetServiceClientCredentials(context, AzureEnvironment.Endpoint.ResourceManager),
+                                AzureSession.Instance.AuthenticationFactory.GetServiceClientCredentials(context, AzureEnvironment.Endpoint.ResourceManager, _cmdletContext),
                                 AzureSession.Instance.ClientFactory.GetCustomHandlers());
             resourceManagementclient.SubscriptionId = context.Subscription.Id;
 

src/Accounts/Accounts/Environment/GetAzureRMEnvironment.cs

@@ -40,7 +40,11 @@ protected override bool RequireDefaultContext()
 
         public override void ExecuteCmdlet()
         {
-            var profileClient = new RMProfileClient(AzureRmProfileProvider.Instance.GetProfile<AzureRmProfile>());
+            var profileClient = new RMProfileClient(AzureRmProfileProvider.Instance.GetProfile<AzureRmProfile>())
+            {
+                WarningLog = (s) => WriteWarning(s),
+                CmdletContext = _cmdletContext
+            };
             var result = profileClient.ListEnvironments(Name).Select(s => new PSAzureEnvironment(s)).ToList();
             WriteObject(result, enumerateCollection: true);
         }

src/Accounts/Accounts/Models/RMProfileClient.cs

@@ -13,6 +13,8 @@
 // ----------------------------------------------------------------------------------
 using Microsoft.Azure.Commands.Common.Authentication;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
+using Microsoft.Azure.Commands.Common.Authentication.Abstractions.Interfaces;
+using Microsoft.Azure.Commands.Common.Authentication.Factories;
 using Microsoft.Azure.Commands.Common.Authentication.Models;
 using Microsoft.Azure.Commands.Common.Authentication.ResourceManager;
 using Microsoft.Azure.Commands.Profile.Models;
@@ -42,6 +44,8 @@ public class RMProfileClient
         public Action<string> InteractiveInformationLog;
         internal Func<string, string> PromptAndReadLine;
 
+        public ICmdletContext CmdletContext;
+
         private List<AzureTenant> _queriedTenants = new List<AzureTenant>();
 
         private IAzureContext DefaultContext
@@ -683,15 +687,21 @@ private IAccessToken AcquireAccessToken(
                 return new SimpleAccessToken(account, tenantId);
             }
 
+            var optionalParameters = new Dictionary<string, object>()
+            {
+                {AuthenticationFactory.TokenCacheParameterName,  _cache},
+                {AuthenticationFactory.ResourceIdParameterName, resourceId },
+                {AuthenticationFactory.CmdletContextParameterName, CmdletContext }
+            };
+
             return AzureSession.Instance.AuthenticationFactory.Authenticate(
                 account,
                 environment,
                 tenantId,
                 password,
                 promptBehavior,
                 promptAction,
-                _cache,
-                resourceId);
+                optionalParameters);
         }
 
         private bool TryGetTenantSubscription(IAccessToken accessToken,

src/Accounts/Accounts/Rest/InvokeAzRestMethodCommand.cs

@@ -432,7 +432,7 @@ private IAzureRestClient InitializeServiceClient()
 
             if (ByPath.Equals(this.ParameterSetName) || ByParameters.Equals(this.ParameterSetName))
             {
-                serviceClient = AzureSession.Instance.ClientFactory.CreateArmClient<AzureRestClient>(context, AzureEnvironment.Endpoint.ResourceManager);
+                serviceClient = AzureSession.Instance.ClientFactory.CreateArmClient<AzureRestClient>(context, AzureEnvironment.Endpoint.ResourceManager, _cmdletContext);
             }
             else if (ByURI.Equals(this.ParameterSetName))
             {
@@ -454,11 +454,11 @@ private IAzureRestClient InitializeServiceClient()
                 ServiceClientCredentials creds = null;
                 if (AzureSession.Instance.AuthenticationFactory is Commands.Common.Authentication.Factories.AuthenticationFactory factory)
                 {
-                    creds = factory.GetServiceClientCredentials(context, targetResourceIdKey, targetResourceId);
+                    creds = factory.GetServiceClientCredentials(context, targetResourceIdKey, targetResourceId, _cmdletContext);
                 }
                 else
                 {
-                    creds = AzureSession.Instance.AuthenticationFactory.GetServiceClientCredentials(context, targetResourceId);
+                    creds = AzureSession.Instance.AuthenticationFactory.GetServiceClientCredentials(context, targetResourceId, _cmdletContext);
                 }
                 Uri baseUri = new Uri($"{Uri.Scheme}://{Uri.Authority}");
                 serviceClient = AzureSession.Instance.ClientFactory.CreateCustomArmClient<AzureRestClient>(baseUri, creds);

src/Accounts/Accounts/Subscription/GetAzureRMSubscription.cs

@@ -59,7 +59,11 @@ protected override void BeginProcessing()
                 throw new InvalidOperationException(Resources.ContextCannotBeNull);
             }
 
-            _client = new RMProfileClient(profile);
+            _client = new RMProfileClient(profile)
+            {
+                WarningLog = (s) => WriteWarning(s),
+                CmdletContext = _cmdletContext
+            };
             _client.WarningLog = (s) => WriteWarning(s);
         }
 

src/Accounts/Accounts/Tenant/GetAzureRMTenant.cs

@@ -40,7 +40,11 @@ public class GetAzureRMTenantCommand : AzureRMCmdlet
 
         public override void ExecuteCmdlet()
         {
-            var profileClient = new RMProfileClient(AzureRmProfileProvider.Instance.GetProfile<AzureRmProfile>());
+            var profileClient = new RMProfileClient(AzureRmProfileProvider.Instance.GetProfile<AzureRmProfile>())
+            {
+                WarningLog = (s) => WriteWarning(s),
+                CmdletContext = _cmdletContext
+            };
             profileClient.WarningLog = (message) => _tasks.Enqueue(new Task(() => this.WriteWarning(message)));
 
             var tenants = profileClient.ListTenants(TenantId).Select((t) => new PSAzureTenant(t));

src/Accounts/Accounts/Token/GetAzureRmAccessToken.cs

@@ -14,13 +14,15 @@
 
 using Microsoft.Azure.Commands.Common.Authentication;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
+using Microsoft.Azure.Commands.Common.Authentication.Factories;
 using Microsoft.Azure.Commands.Profile.Models;
 using Microsoft.Azure.Commands.ResourceManager.Common;
 using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
 using Microsoft.Azure.PowerShell.Authenticators;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 
 using System;
+using System.Collections.Generic;
 using System.Linq;
 using System.Management.Automation;
 using System.Text.Json;
@@ -102,15 +104,20 @@ public override void ExecuteCmdlet()
                 TenantId = context.Tenant?.Id;
             }
 
+            var optionalParameters = new Dictionary<string, object>()
+            {
+                {AuthenticationFactory.ResourceIdParameterName, resourceUrlOrId },
+                {AuthenticationFactory.CmdletContextParameterName, _cmdletContext }
+            };
+
             IAccessToken accessToken = AzureSession.Instance.AuthenticationFactory.Authenticate(
                                 context.Account,
                                 context.Environment,
                                 TenantId,
                                 null,
                                 ShowDialog.Never,
                                 null,
-                                null,
-                                resourceUrlOrId);
+                                optionalParameters);
 
             var result = new PSAccessToken()
             {