Update Dev CLI Cred in DAC Chain + Update IntelliJ Cache Read (#35194)

Azure · Jun 5, 2023 · d7fcb0e · d7fcb0e
1 parent f85f067
commit d7fcb0e
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 4 deletions.
diff --git a/...entity/azure-identity/src/main/java/com/azure/identity/DefaultAzureCredentialBuilder.java b/...entity/azure-identity/src/main/java/com/azure/identity/DefaultAzureCredentialBuilder.java
@@ -275,12 +275,12 @@ private ArrayList<TokenCredential> getCredentialsChain() {
         output.add(new EnvironmentCredential(identityClientOptions.clone()));
         output.add(getWorkloadIdentityCredential());
         output.add(new ManagedIdentityCredential(managedIdentityClientId, managedIdentityResourceId, identityClientOptions.clone()));
-        output.add(new AzureDeveloperCliCredential(tenantId, identityClientOptions.clone()));
         output.add(new SharedTokenCacheCredential(null, IdentityConstants.DEVELOPER_SINGLE_SIGN_ON_ID,
             tenantId, identityClientOptions.clone()));
         output.add(new IntelliJCredential(tenantId, identityClientOptions.clone()));
         output.add(new AzureCliCredential(tenantId, identityClientOptions.clone()));
         output.add(new AzurePowerShellCredential(tenantId, identityClientOptions.clone()));
+        output.add(new AzureDeveloperCliCredential(tenantId, identityClientOptions.clone()));
         return output;
     }
 

diff --git a/...azure-identity/src/main/java/com/azure/identity/implementation/IntelliJCacheAccessor.java b/...azure-identity/src/main/java/com/azure/identity/implementation/IntelliJCacheAccessor.java
@@ -12,6 +12,7 @@
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.microsoft.aad.msal4jextensions.persistence.CacheFileAccessor;
 import com.microsoft.aad.msal4jextensions.persistence.mac.KeyChainAccessor;
 import com.sun.jna.Platform;
 import com.sun.jna.platform.win32.Crypt32Util;
@@ -45,6 +46,7 @@
  */
 public class IntelliJCacheAccessor {
     private static final ClientLogger LOGGER = new ClientLogger(IntelliJCacheAccessor.class);
+    public static final String INTELLIJ_TOOLKIT_CACHE = "azure-toolkit.cache";
     private final String keePassDatabasePath;
     private static final byte[] CRYPTO_KEY = new byte[] {0x50, 0x72, 0x6f, 0x78, 0x79, 0x20, 0x43, 0x6f, 0x6e, 0x66,
         0x69, 0x67, 0x20, 0x53, 0x65, 0x63};
@@ -94,8 +96,9 @@ public String getIntelliJCredentialsFromIdentityMsalCache() {
         } else if (Platform.isWindows()) {
 
             try {
-                String jsonCred = new WindowsCredentialAccessor("Microsoft.Developer.IdentityService", "azure-toolkit.cache").read();
-                return parseRefreshTokenFromJson(jsonCred);
+                CacheFileAccessor cacheFileAccessor = new CacheFileAccessor(PersistentTokenCacheImpl.DEFAULT_CACHE_FILE_PATH + File.separator + INTELLIJ_TOOLKIT_CACHE);
+                String data = new String(cacheFileAccessor.read(), StandardCharsets.UTF_8);
+                return parseRefreshTokenFromJson(data);
             } catch (Exception | Error e) {
                 LOGGER.verbose("IntelliJCredential => Refresh Token Cache Unavailable: " + e.getMessage());
             }

diff --git a/...re-identity/src/main/java/com/azure/identity/implementation/PersistentTokenCacheImpl.java b/...re-identity/src/main/java/com/azure/identity/implementation/PersistentTokenCacheImpl.java
@@ -18,7 +18,7 @@
 public class PersistentTokenCacheImpl implements ITokenCacheAccessAspect {
     private static final String DEFAULT_CACHE_FILE_NAME = "msal.cache";
     private static final String DEFAULT_CONFIDENTIAL_CACHE_FILE_NAME = "msal.confidential.cache";
-    private static final Path DEFAULT_CACHE_FILE_PATH = Platform.isWindows()
+    static final Path DEFAULT_CACHE_FILE_PATH = Platform.isWindows()
         ? Paths.get(System.getProperty("user.home"), "AppData", "Local", ".IdentityService")
         : Paths.get(System.getProperty("user.home"), ".IdentityService");
     private static final String DEFAULT_KEYCHAIN_SERVICE = "Microsoft.Developer.IdentityService";

diff --git a/sdk/identity/azure-identity/src/test/java/com/azure/identity/DefaultAzureCredentialTest.java b/sdk/identity/azure-identity/src/test/java/com/azure/identity/DefaultAzureCredentialTest.java
@@ -226,6 +226,7 @@ public void testUseAzureDeveloperCliCredential() {
         try (MockedConstruction<IdentityClient> mocked = mockConstruction(IdentityClient.class, (identityClient, context) -> {
             when(identityClient.authenticateWithAzureDeveloperCli(request)).thenReturn(TestUtils.getMockAccessToken(token1, expiresAt));
             when(identityClient.authenticateWithAzureCli(request)).thenReturn(Mono.empty());
+            when(identityClient.authenticateWithAzurePowerShell(request)).thenReturn(Mono.empty());
             when(identityClient.authenticateWithManagedIdentityConfidentialClient(request)).thenReturn(Mono.empty());
             when(identityClient.authenticateWithSharedTokenCache(request, null)).thenReturn(Mono.empty());
             when(identityClient.authenticateWithIntelliJ(request)).thenReturn(Mono.empty());