Make PowershellCredential token parsing locale agnostic (Azure#38191)

christothes · web-flow · commit b81b2676ff17 · 2023-08-14T15:10:23.000-05:00
diff --git a/sdk/identity/Azure.Identity/CHANGELOG.md b/sdk/identity/Azure.Identity/CHANGELOG.md
@@ -10,6 +10,7 @@
 ### Bugs Fixed
 
 - ManagedIdentityCredential will no longer attempt to parse invalid json payloads on responses from the managed identity endpoint.
+- Fixed an issue where AzurePowerShellCredential fails to parse the token response from Azure PowerShell. [#22638](https://github.com/Azure/azure-sdk-for-net/issues/22638)
 
 ### Other Changes
 
diff --git a/sdk/identity/Azure.Identity/src/Credentials/AzurePowerShellCredential.cs b/sdk/identity/Azure.Identity/src/Credentials/AzurePowerShellCredential.cs
@@ -202,7 +202,7 @@ private static void CheckForErrors(string output)
 
         private static void ValidateResult(string output)
         {
-            if (output.IndexOf("Microsoft.Azure.Commands.Profile.Models.PSAccessToken", StringComparison.OrdinalIgnoreCase) < 0)
+            if (output.IndexOf(@"<Property Name=""Token"" Type=""System.String"">", StringComparison.OrdinalIgnoreCase) < 0)
             {
                 throw new CredentialUnavailableException("PowerShell did not return a valid response.");
             }
@@ -246,8 +246,11 @@ private void GetFileNameAndArguments(string resource, string tenantId, out strin
 }}
 
 $token = Get-AzAccessToken -ResourceUrl '{resource}'{tenantIdArg}
+$customToken = New-Object -TypeName psobject
+$customToken | Add-Member -MemberType NoteProperty -Name Token -Value $token.Token
+$customToken | Add-Member -MemberType NoteProperty -Name ExpiresOn -Value $token.ExpiresOn.ToUnixTimeSeconds()
 
-$x = $token | ConvertTo-Xml
+$x = $customToken | ConvertTo-Xml
 return $x.Objects.FirstChild.OuterXml
 ";
 
@@ -285,7 +288,7 @@ private static AccessToken DeserializeOutput(string output)
                         break;
 
                     case "ExpiresOn":
-                        expiresOn = DateTimeOffset.Parse(e.Value, CultureInfo.CurrentCulture).ToUniversalTime();
+                        expiresOn = DateTimeOffset.FromUnixTimeSeconds(long.Parse(e.Value));
                         break;
                 }
 
diff --git a/sdk/identity/Azure.Identity/tests/AzurePowerShellCredentialsTests.cs b/sdk/identity/Azure.Identity/tests/AzurePowerShellCredentialsTests.cs
@@ -18,7 +18,7 @@ namespace Azure.Identity.Tests
     public class AzurePowerShellCredentialsTests : CredentialTestBase<AzurePowerShellCredentialOptions>
     {
         private string tokenXML =
-            "<Object Type=\"Microsoft.Azure.Commands.Profile.Models.PSAccessToken\"><Property Name=\"Token\" Type=\"System.String\">Kg==</Property><Property Name=\"ExpiresOn\" Type=\"System.DateTimeOffset\">5/11/2021 8:20:03 PM +00:00</Property><Property Name=\"TenantId\" Type=\"System.String\">72f988bf-86f1-41af-91ab-2d7cd011db47</Property><Property Name=\"UserId\" Type=\"System.String\">chriss@microsoft.com</Property><Property Name=\"Type\" Type=\"System.String\">Bearer</Property></Object>";
+            @"<Object Type=""System.Management.Automation.PSCustomObject""><Property Name=""Token"" Type=""System.String"">Kg==</Property><Property Name=""ExpiresOn"" Type=""System.Int64"">1692035272</Property></Object>";
 
         public AzurePowerShellCredentialsTests(bool isAsync) : base(isAsync)
         { }
diff --git a/sdk/identity/Azure.Identity/tests/CredentialTestHelpers.cs b/sdk/identity/Azure.Identity/tests/CredentialTestHelpers.cs
@@ -69,10 +69,9 @@ public static (string Token, DateTimeOffset ExpiresOn, string Json) CreateTokenF
 
         public static (string Token, DateTimeOffset ExpiresOn, string Json) CreateTokenForAzurePowerShell(TimeSpan expiresOffset)
         {
-            var expiresOnString = DateTimeOffset.Now.Add(expiresOffset).ToString();
-            var expiresOn = DateTimeOffset.Parse(expiresOnString, CultureInfo.CurrentCulture, DateTimeStyles.AdjustToUniversal | DateTimeStyles.AssumeLocal);
+            var expiresOn = DateTimeOffset.FromUnixTimeSeconds(DateTimeOffset.UtcNow.Add(expiresOffset).ToUnixTimeSeconds());
             var token = TokenGenerator.GenerateToken(Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), expiresOn.UtcDateTime);
-            var xml = @$"<Object Type=""Microsoft.Azure.Commands.Profile.Models.PSAccessToken""><Property Name=""Token"" Type=""System.String"">{token}</Property><Property Name=""ExpiresOn"" Type=""System.DateTimeOffset"">{expiresOnString}</Property><Property Name=""TenantId"" Type=""System.String"">{Guid.NewGuid().ToString()}</Property><Property Name=""UserId"" Type=""System.String"">foo@contoso.com</Property><Property Name=""Type"" Type=""System.String"">Bearer</Property></Object>";
+            var xml = @$"<Object Type=""System.Management.Automation.PSCustomObject""><Property Name=""Token"" Type=""System.String"">{token}</Property><Property Name=""ExpiresOn"" Type=""System.Int64"">{expiresOn.ToUnixTimeSeconds()}</Property></Object>";
             return (token, expiresOn, xml);
         }
 

Original file line number	Diff line number	Diff line change
`@@ -202,7 +202,7 @@ private static void CheckForErrors(string output)`
`202`	`202`
`203`	`203`	`private static void ValidateResult(string output)`
`204`	`204`	`{`
`205`		`- if (output.IndexOf("Microsoft.Azure.Commands.Profile.Models.PSAccessToken", StringComparison.OrdinalIgnoreCase) < 0)`
	`205`	`+ if (output.IndexOf(@"<Property Name=""Token"" Type=""System.String"">", StringComparison.OrdinalIgnoreCase) < 0)`
`206`	`206`	`{`
`207`	`207`	`throw new CredentialUnavailableException("PowerShell did not return a valid response.");`
`208`	`208`	`}`
`@@ -246,8 +246,11 @@ private void GetFileNameAndArguments(string resource, string tenantId, out strin`
`246`	`246`	`}}`
`247`	`247`
`248`	`248`	`$token = Get-AzAccessToken -ResourceUrl '{resource}'{tenantIdArg}`
	`249`	`+$customToken = New-Object -TypeName psobject`
	`250`	`+$customToken \| Add-Member -MemberType NoteProperty -Name Token -Value $token.Token`
	`251`	`+$customToken \| Add-Member -MemberType NoteProperty -Name ExpiresOn -Value $token.ExpiresOn.ToUnixTimeSeconds()`
`249`	`252`
`250`		`-$x = $token \| ConvertTo-Xml`
	`253`	`+$x = $customToken \| ConvertTo-Xml`
`251`	`254`	`return $x.Objects.FirstChild.OuterXml`
`252`	`255`	`";`
`253`	`256`
`@@ -285,7 +288,7 @@ private static AccessToken DeserializeOutput(string output)`
`285`	`288`	`break;`
`286`	`289`
`287`	`290`	`case "ExpiresOn":`
`288`		`- expiresOn = DateTimeOffset.Parse(e.Value, CultureInfo.CurrentCulture).ToUniversalTime();`
	`291`	`+ expiresOn = DateTimeOffset.FromUnixTimeSeconds(long.Parse(e.Value));`
`289`	`292`	`break;`
`290`	`293`	`}`
`291`	`294`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ namespace Azure.Identity.Tests`
`18`	`18`	`public class AzurePowerShellCredentialsTests : CredentialTestBase<AzurePowerShellCredentialOptions>`
`19`	`19`	`{`
`20`	`20`	`private string tokenXML =`
`21`		`- "<Object Type=\"Microsoft.Azure.Commands.Profile.Models.PSAccessToken\"><Property Name=\"Token\" Type=\"System.String\">Kg==</Property><Property Name=\"ExpiresOn\" Type=\"System.DateTimeOffset\">5/11/2021 8:20:03 PM +00:00</Property><Property Name=\"TenantId\" Type=\"System.String\">72f988bf-86f1-41af-91ab-2d7cd011db47</Property><Property Name=\"UserId\" Type=\"System.String\">chriss@microsoft.com</Property><Property Name=\"Type\" Type=\"System.String\">Bearer</Property></Object>";`
	`21`	`+ @"<Object Type=""System.Management.Automation.PSCustomObject""><Property Name=""Token"" Type=""System.String"">Kg==</Property><Property Name=""ExpiresOn"" Type=""System.Int64"">1692035272</Property></Object>";`
`22`	`22`
`23`	`23`	`public AzurePowerShellCredentialsTests(bool isAsync) : base(isAsync)`
`24`	`24`	`{ }`
Original file line number	Diff line number	Diff line change
`@@ -69,10 +69,9 @@ public static (string Token, DateTimeOffset ExpiresOn, string Json) CreateTokenF`
`69`	`69`
`70`	`70`	`public static (string Token, DateTimeOffset ExpiresOn, string Json) CreateTokenForAzurePowerShell(TimeSpan expiresOffset)`
`71`	`71`	`{`
`72`		`- var expiresOnString = DateTimeOffset.Now.Add(expiresOffset).ToString();`
`73`		`- var expiresOn = DateTimeOffset.Parse(expiresOnString, CultureInfo.CurrentCulture, DateTimeStyles.AdjustToUniversal \| DateTimeStyles.AssumeLocal);`
	`72`	`+ var expiresOn = DateTimeOffset.FromUnixTimeSeconds(DateTimeOffset.UtcNow.Add(expiresOffset).ToUnixTimeSeconds());`
`74`	`73`	`var token = TokenGenerator.GenerateToken(Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), Guid.NewGuid().ToString(), expiresOn.UtcDateTime);`
`75`		`- var xml = @$"<Object Type=""Microsoft.Azure.Commands.Profile.Models.PSAccessToken""><Property Name=""Token"" Type=""System.String"">{token}</Property><Property Name=""ExpiresOn"" Type=""System.DateTimeOffset"">{expiresOnString}</Property><Property Name=""TenantId"" Type=""System.String"">{Guid.NewGuid().ToString()}</Property><Property Name=""UserId"" Type=""System.String"">foo@contoso.com</Property><Property Name=""Type"" Type=""System.String"">Bearer</Property></Object>";`
	`74`	`+ var xml = @$"<Object Type=""System.Management.Automation.PSCustomObject""><Property Name=""Token"" Type=""System.String"">{token}</Property><Property Name=""ExpiresOn"" Type=""System.Int64"">{expiresOn.ToUnixTimeSeconds()}</Property></Object>";`
`76`	`75`	`return (token, expiresOn, xml);`
`77`	`76`	`}`
`78`	`77`