AppAuth 1.6.2 release (Azure#23794)

* overriding IMDS proxy settings

* Update README.md

Add Azure Identity library information

* update nuget packages

* encrypted token tenant fix

* 1.6.2 release

* add additional scenarios

* test fix

* Update sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj

Co-authored-by: Jesse Squire <jesse.squire@gmail.com>

* Update sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs

Co-authored-by: Jesse Squire <jesse.squire@gmail.com>

* Update sdk/mgmtcommon/AppAuthentication/README.md

Co-authored-by: Jesse Squire <jesse.squire@gmail.com>

* Update sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/AccessToken.cs

Co-authored-by: Jesse Squire <jesse.squire@gmail.com>

* Update sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/ClientCertificateAccessTokenProvider.cs

Co-authored-by: Jesse Squire <jesse.squire@gmail.com>

Co-authored-by: Jesse Squire <jesse.squire@gmail.com>

Author: anaismiller

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication.IntegrationTests/Helpers/GraphHelper.cs

@@ -41,8 +41,8 @@ public async Task<Application> CreateApplicationAsync(string secret)
             Application newApp = new Application
             {
                 DisplayName = $"Microsoft.Azure.Services.AppAuthentication.Test{guid}",
-                IdentifierUris = new List<string> { $"https://Microsoft.Azure.Services.AppAuthentication/{guid}" },
-                ReplyUrls = new List<string> { "https://Microsoft.Azure.Services.AppAuthentication/" },
+                IdentifierUris = new List<string> { $"https://microsoft.com/{guid}" },
+                ReplyUrls = new List<string> { "https://microsoft.com/" },
                 OdataType = "Microsoft.DirectoryServices.Application",
                 AppRolesODataType = "Collection(Microsoft.DirectoryServices.AppRole)",
                 IdentifierUrisODataType = "Collection(Edm.String)",
@@ -75,8 +75,8 @@ public async Task<Application> CreateApplicationAsync(X509Certificate2 cert)
             Application newApp = new Application
             {
                 DisplayName = $"Microsoft.Azure.Services.AppAuthentication.Test{guid}",
-                IdentifierUris = new List<string> { $"https://localhost/demo/{guid}" },
-                ReplyUrls = new List<string> { "https://localhost/demo" },
+                IdentifierUris = new List<string> { $"https://microsoft.com/demo/{guid}" },
+                ReplyUrls = new List<string> { "https://microsoft.com/demo" },
                 OdataType = "Microsoft.DirectoryServices.Application",
                 AppRolesODataType = "Collection(Microsoft.DirectoryServices.AppRole)",
                 IdentifierUrisODataType = "Collection(Edm.String)",

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication.IntegrationTests/Microsoft.Azure.Services.AppAuthentication.IntegrationTests.csproj

@@ -8,15 +8,18 @@
         <DocumentationFile>bin\$(Configuration)\$(TargetFramework)\$(AssemblyName).xml</DocumentationFile>
 	</PropertyGroup>
     <PropertyGroup>
-        <ExcludeFromBuild/>
+        <ExcludeFromBuild />
         <ExcludeFromTest>true</ExcludeFromTest>
     </PropertyGroup>
     <ItemGroup>
-        <PackageReference Include="Microsoft.Azure.KeyVault" Version="2.3.2" />
-        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.7.0" />
-        <PackageReference Include="xUnit" Version="2.3.1" />
-        <PackageReference Include="xUnit.Runner.VisualStudio" Version="2.3.1" />
-       	<PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
+        <PackageReference Include="Microsoft.Azure.KeyVault" Version="3.0.5" />
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.9.2" />
+        <PackageReference Include="xUnit" Version="2.4.1" />
+        <PackageReference Include="xUnit.Runner.VisualStudio" Version="2.4.1">
+          <PrivateAssets>all</PrivateAssets>
+          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+        </PackageReference>
+       	<PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.2" PrivateAssets="All" />
     </ItemGroup>
     <ItemGroup>
         <ProjectReference Include="..\Azure.Services.AppAuthentication.TestCommon\Microsoft.Azure.Services.AppAuthentication.TestCommon.csproj" />

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication.TestCommon/Microsoft.Azure.Services.AppAuthentication.TestCommon.csproj

@@ -10,10 +10,13 @@
       <ExcludeFromTest>true</ExcludeFromTest>
   </PropertyGroup>
     <ItemGroup>
-        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.7.0" />
-        <PackageReference Include="xUnit" Version="2.3.1" />
-        <PackageReference Include="xUnit.Runner.VisualStudio" Version="2.3.1" />
-        <PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.9.2" />
+        <PackageReference Include="xUnit" Version="2.4.1" />
+        <PackageReference Include="xUnit.Runner.VisualStudio" Version="2.4.1">
+          <PrivateAssets>all</PrivateAssets>
+          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+        </PackageReference>
+        <PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.2" PrivateAssets="All" />
     </ItemGroup>
     <ItemGroup>
         <Service Include="{82a7f48d-3b50-4b1e-b82e-3ada8210c358}" />

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication.Unit.Tests/Microsoft.Azure.Services.AppAuthentication.Unit.Tests.csproj

@@ -16,10 +16,13 @@
         <ProjectReference Include="..\Azure.Services.AppAuthentication\Microsoft.Azure.Services.AppAuthentication.csproj" />
     </ItemGroup>
     <ItemGroup>
-        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.7.0" />
-        <PackageReference Include="xUnit" Version="2.3.1" />
-        <PackageReference Include="xUnit.Runner.VisualStudio" Version="2.3.1" />
-        	<PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="15.9.2" />
+        <PackageReference Include="xUnit" Version="2.4.1" />
+        <PackageReference Include="xUnit.Runner.VisualStudio" Version="2.4.1">
+          <PrivateAssets>all</PrivateAssets>
+          <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+        </PackageReference>
+        	<PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.2" PrivateAssets="All" />
     </ItemGroup>
     <ItemGroup>
         <Reference Include="System.Net.Http" />

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/AccessToken.cs

@@ -99,6 +99,24 @@ public override string ToString()
             return _accessToken;
         }
 
+        /// <summary>
+        /// Return the deserialized tenantId if accessible
+        /// </summary>
+        /// <param name="accessToken">AccessToken to deserialize.</param>
+        /// <returns></returns>
+        public static string TenantIdInfo(string accessToken)
+        {
+            // From some scenarios, cannot access the tenantId, but valid token ie. encrypted tokens
+            try
+            {
+                return AccessToken.Parse(accessToken).TenantId;
+            }
+            catch (FormatException)
+            {
+                return "Hidden";
+            }
+        }
+
         /// <summary>
         /// Check if the token is about to expire
         /// </summary>

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/Microsoft.Azure.Services.AppAuthentication.csproj

@@ -1,8 +1,10 @@
 <Project Sdk="Microsoft.NET.Sdk">
     <PropertyGroup>
         <PackageId>Microsoft.Azure.Services.AppAuthentication</PackageId>
-        <Description>Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure.</Description>
-        <Version>1.6.1</Version>
+        <Description>There is a newer version of this library available here: https://www.nuget.org/packages/Azure.Identity/
+          Migration guide: https://docs.microsoft.com/dotnet/api/overview/azure/app-auth-migration
+          AppAuth no longer receives new feature improvements. Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure.</Description>
+        <Version>1.6.2</Version>
         <AssemblyName>Microsoft.Azure.Services.AppAuthentication</AssemblyName>
         <PackageTags>Azure Authentication AppAuthentication</PackageTags>
 	    <PackageReleaseNotes>
@@ -21,8 +23,8 @@
     </PropertyGroup>
 
     <ItemGroup>
-        <PackageReference Include="Microsoft.IdentityModel.Clients.ActiveDirectory" Version="5.2.0" />
-       	<PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.0" PrivateAssets="All" />
+        <PackageReference Include="Microsoft.IdentityModel.Clients.ActiveDirectory" Version="5.2.9" />
+       	<PackageReference Include="Microsoft.NETFramework.ReferenceAssemblies" Version="1.0.2" PrivateAssets="All" />
     </ItemGroup>
 
     <ItemGroup Condition="'$(TargetFramework)' == 'net472'">

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/Properties/AssemblyInfo.cs

@@ -2,10 +2,13 @@
 using System.Runtime.CompilerServices;
 
 [assembly: AssemblyTitle("Microsoft.Azure.Services.AppAuthentication")]
-[assembly: AssemblyDescription("Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure.")]
+[assembly: AssemblyDescription("There is a newer version of this library available here: https://www.nuget.org/packages/Azure.Identity/ " +
+    "Migration guide: https://docs.microsoft.com/dotnet/api/overview/azure/app-auth-migration " +
+    "AppAuth no longer receives new feature improvements." +
+    "Enables a service to authenticate to Azure services using the developer's Azure Active Directory/ Microsoft account during development, and authenticate as itself (using OAuth 2.0 Client Credentials flow) when deployed to Azure.")]
 
-[assembly: AssemblyVersion("1.6.1.0")]
-[assembly: AssemblyFileVersion("1.6.1.0")]
+[assembly: AssemblyVersion("1.6.2.0")]
+[assembly: AssemblyFileVersion("1.6.2.0")]
 [assembly: AssemblyCompany("Microsoft Corporation")]
 [assembly: AssemblyProduct("Microsoft Azure")]
 [assembly: AssemblyCopyright("Copyright (c) Microsoft Corporation. All rights reserved.")]

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/ClientCertificateAccessTokenProvider.cs

@@ -194,8 +194,7 @@ await _authenticationContext.AcquireTokenAsync(authority, resource, certCred)
                             {
                                 PrincipalUsed.CertificateThumbprint = cert.Thumbprint;
                                 PrincipalUsed.IsAuthenticated = true;
-                                PrincipalUsed.TenantId = AccessToken.Parse(accessToken).TenantId;
-
+                                PrincipalUsed.TenantId = AccessToken.TenantIdInfo(accessToken);
                                 return authResult;
                             }
                         }

sdk/mgmtcommon/AppAuthentication/Azure.Services.AppAuthentication/TokenProviders/ClientSecretAccessTokenProvider.cs

@@ -67,7 +67,7 @@ public override async Task<AppAuthenticationResult> GetAuthResultAsync(string re
                 if (accessToken != null)
                 {
                     PrincipalUsed.IsAuthenticated = true;
-                    PrincipalUsed.TenantId = AccessToken.Parse(accessToken).TenantId;
+                    PrincipalUsed.TenantId = AccessToken.TenantIdInfo(accessToken);
 
                     return authResult;
                 }

sdk/mgmtcommon/AppAuthentication/README.md

@@ -1,5 +1,9 @@
 ## Microsoft.Azure.Services.AppAuthentication Library
 
+### Note
+This library is no longer recommended to use with the new Azure SDK. It is replaced with the new **Azure Identity client library** available for .NET, Java, TypeScript and Python and should be used for all new development. Information about how to migrate to `Azure.Identity` can be found here: [AppAuthentication to Azure.Identity Migration Guidance](https://docs.microsoft.com/dotnet/api/overview/azure/app-auth-migration).
+***
+
 ### Purpose
 Make it easy to authenticate to Azure Services (that support Azure AD Authentication), and help avoid credentials in source code and configuration files.