use mutex to prevent cross process writing

to token cache file

Author: isra-fel

src/Accounts/Authentication/Authentication/ProtectedFileTokenCache.cs

@@ -12,12 +12,14 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using Hyak.Common;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Azure.Commands.Common.Authentication.Properties;
 using Microsoft.IdentityModel.Clients.ActiveDirectory;
 using System;
 using System.IO;
 using System.Security.Cryptography;
+using System.Threading;
 
 #if NETSTANDARD
 namespace Microsoft.Azure.Commands.Common.Authentication.Core
@@ -41,7 +43,10 @@ public class ProtectedFileTokenCache : TokenCache, IAzureTokenCache
 #endif
                  "TokenCache.dat");
 
-        private static readonly object fileLock = new object();
+        /// <summary>
+        /// A mutex to prevent IO to token cache file across threads / processes.
+        /// </summary>
+        private static readonly Mutex fileLock = new Mutex(false, @"Global\AzurePowerShellAdalTokenCacheFile");
 
         private static readonly Lazy<ProtectedFileTokenCache> instance = new Lazy<ProtectedFileTokenCache>(() => new ProtectedFileTokenCache());
 
@@ -123,38 +128,37 @@ void EnsureStateSaved()
 
         private void ReadFileIntoCache(string cacheFileName = null)
         {
-            if(cacheFileName == null)
+            if (cacheFileName == null)
             {
                 cacheFileName = ProtectedFileTokenCache.CacheFileName;
             }
 
-            lock (fileLock)
+            fileLock.WaitOne();
+            if (_store.FileExists(cacheFileName))
             {
-                if (_store.FileExists(cacheFileName))
+                var existingData = _store.ReadFileAsBytes(cacheFileName);
+                if (existingData != null)
                 {
-                    var existingData = _store.ReadFileAsBytes(cacheFileName);
-                    if (existingData != null)
-                    {
 #if !NETSTANDARD
-                        try
-                        {
-                            Deserialize(ProtectedData.Unprotect(existingData, null, DataProtectionScope.CurrentUser));
-                        }
-                        catch (CryptographicException)
-                        {
-                            _store.DeleteFile(cacheFileName);
-                        }
+                    try
+                    {
+                        Deserialize(ProtectedData.Unprotect(existingData, null, DataProtectionScope.CurrentUser));
+                    }
+                    catch (CryptographicException)
+                    {
+                        _store.DeleteFile(cacheFileName);
+                    }
 #else
-                        Deserialize(existingData);
+                    Deserialize(existingData);
 #endif
-                    }
                 }
             }
+            fileLock.ReleaseMutex();
         }
 
         private void WriteCacheIntoFile(string cacheFileName = null)
         {
-            if(cacheFileName == null)
+            if (cacheFileName == null)
             {
                 cacheFileName = ProtectedFileTokenCache.CacheFileName;
             }
@@ -165,25 +169,23 @@ private void WriteCacheIntoFile(string cacheFileName = null)
             var dataToWrite = Serialize();
 #endif
 
-            lock(fileLock)
+            fileLock.WaitOne();
+            if (HasStateChanged)
             {
-                if (HasStateChanged)
-                {
-                    _store.WriteFile(cacheFileName, dataToWrite);
-                    HasStateChanged =  false;
-                }
+                _store.WriteFile(cacheFileName, dataToWrite);
+                HasStateChanged = false;
             }
+            fileLock.ReleaseMutex();
         }
 
         private void EnsureCacheFile(string cacheFileName = null)
         {
-            lock (fileLock)
+            fileLock.WaitOne();
+            if (_store.FileExists(cacheFileName))
             {
-                if (_store.FileExists(cacheFileName))
+                var existingData = _store.ReadFileAsBytes(cacheFileName);
+                if (existingData != null)
                 {
-                    var existingData = _store.ReadFileAsBytes(cacheFileName);
-                    if (existingData != null)
-                    {
 #if !NETSTANDARD
                         try
                         {
@@ -194,19 +196,19 @@ private void EnsureCacheFile(string cacheFileName = null)
                             _store.DeleteFile(cacheFileName);
                         }
 #else
-                        Deserialize(existingData);
+                    Deserialize(existingData);
 #endif
-                    }
                 }
+            }
 
-                // Eagerly create cache file.
+            // Eagerly create cache file.
 #if !NETSTANDARD
                 var dataToWrite = ProtectedData.Protect(Serialize(), null, DataProtectionScope.CurrentUser);
 #else
-                var dataToWrite = Serialize();
+            var dataToWrite = Serialize();
 #endif
-                _store.WriteFile(cacheFileName, dataToWrite);
-            }
+            _store.WriteFile(cacheFileName, dataToWrite);
+            fileLock.ReleaseMutex();
         }
     }
 }

src/Accounts/Authentication/AzureSessionInitializer.cs

@@ -26,6 +26,7 @@
 #if NETSTANDARD
 using Microsoft.Azure.Commands.Common.Authentication.Core;
 #endif
+using Hyak.Common;
 
 namespace Microsoft.Azure.Commands.Common.Authentication
 {
@@ -73,8 +74,10 @@ static IAzureTokenCache InitializeTokenCache(IDataStore store, string cacheDirec
                     var cachePath = Path.Combine(cacheDirectory, cacheFile);
                     result = new ProtectedFileTokenCache(cachePath, store);
                 }
-                catch
+                catch (Exception ex)
                 {
+                    TracingAdapter.Information("[AzureSessionInitializer]: Cannot initialize token cache in 'CurrentUser' mode. Falling back to 'Process' mode.");
+                    TracingAdapter.Information($"[AzureSessionInitializer]: Message: {ex.Message}; Stacktrace: {ex.StackTrace}");
                 }
             }
 
@@ -159,10 +162,12 @@ static ContextAutosaveSettings InitializeSessionSettings(IDataStore store, strin
                     store.WriteFile(autoSavePath, JsonConvert.SerializeObject(result));
                 }
             }
-            catch
+            catch (Exception ex)
             {
                 // ignore exceptions in reading settings from disk
                 result.Mode = ContextSaveMode.Process;
+                TracingAdapter.Information("[AzureSessionInitializer]: Cannot read settings from disk. Falling back to 'Process' mode.");
+                TracingAdapter.Information($"[AzureSessionInitializer]: Message: {ex.Message}; Stacktrace: {ex.StackTrace}");
             }
 
             return result;