Update Azure.Identity (#19547)

* Update Azure.Identity

* Update ChangeLog.md

* Update after review

Co-authored-by: Yunchi Wang <[email protected]>

Author: dingmeng-xue

src/Accounts/Accounts/ChangeLog.md

@@ -20,6 +20,7 @@
 
 ## Upcoming Release
 * Supported tenant domain as input while using `Connect-AzAccount` with parameter `Tenant`. [#19471]
+* Upgraded Azure.Identity to 1.6.1
 * Changed target framework of AuthenticationAssemblyLoadContext to netcoreapp3.1.
 
 ## Version 2.10.1

src/Accounts/Authentication/Authentication.csproj

@@ -12,7 +12,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Azure.Identity" Version="1.6.0" />
+    <PackageReference Include="Azure.Identity" Version="1.6.1" />
   </ItemGroup>
 
   <ItemGroup>

src/Accounts/Authentication/Utilities/CustomAssemblyResolver.cs

@@ -25,6 +25,7 @@ public static class CustomAssemblyResolver
             new Dictionary<string, Version>(StringComparer.InvariantCultureIgnoreCase)
             {
                 {"Azure.Core", new Version("1.25.0.0")},
+                {"Azure.Identity", new Version("1.6.1.0")},
                 {"Microsoft.Bcl.AsyncInterfaces", new Version("1.1.1.0")},
                 {"Microsoft.Identity.Client", new Version("4.39.0.0") },
                 {"Microsoft.Identity.Client.Extensions.Msal", new Version("2.19.3.0") },

src/Accounts/AuthenticationAssemblyLoadContext/AzAssemblyLoadContextInitializer.cs

@@ -32,7 +32,7 @@ static AzAssemblyLoadContextInitializer()
             var azSharedAssemblies = new Dictionary<string, Version>()
             {
                 {"Azure.Core", new Version("1.25.0.0")},
-                {"Azure.Identity", new Version("1.6.0.0")},
+                {"Azure.Identity", new Version("1.6.1.0")},
                 {"Microsoft.Bcl.AsyncInterfaces", new Version("1.1.1.0")},
                 {"Microsoft.Identity.Client", new Version("4.39.0.0") },
                 {"Microsoft.Identity.Client.Extensions.Msal", new Version("2.19.3.0") },

src/Accounts/Authenticators/Authenticators.csproj

@@ -22,10 +22,6 @@
     <DefineConstants>TRACE;RELEASE;NETSTANDARD;SIGN</DefineConstants>
   </PropertyGroup>
 
-  <ItemGroup>
-    <PackageReference Include="Azure.Identity" Version="1.6.0" />
-  </ItemGroup>
-
   <ItemGroup>
     <ProjectReference Include="..\Authentication\Authentication.csproj" />
   </ItemGroup>

src/Accounts/Authenticators/ClientAssertionAuthenticator.cs

@@ -12,20 +12,15 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
-using System;
-using System.Security.Cryptography.X509Certificates;
-using System.Threading;
-using System.Threading.Tasks;
-
 using Azure.Core;
 using Azure.Identity;
 using Microsoft.Azure.Commands.Common.Authentication;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Azure.PowerShell.Authenticators.Factories;
 using Microsoft.WindowsAzure.Commands.Common;
-using Microsoft.Identity.Client;
-using Microsoft.Azure.PowerShell.Authenticators.Identity;
-using ClientAssertionCredential = Microsoft.Azure.PowerShell.Authenticators.Identity.ClientAssertionCredential;
+using System;
+using System.Threading;
+using System.Threading.Tasks;
 
 namespace Microsoft.Azure.PowerShell.Authenticators
 {
@@ -45,7 +40,7 @@ public override Task<IAccessToken> Authenticate(AuthenticationParameters paramet
             var requestContext = new TokenRequestContext(scopes);
             AzureSession.Instance.TryGetComponent(nameof(AzureCredentialFactory), out AzureCredentialFactory azureCredentialFactory);
 
-            TokenCredential tokenCredential = new ClientAssertionCredential(tenantId, spParameters.ClientId, spParameters.ClientAssertion.ConvertToString());
+            TokenCredential tokenCredential = new ClientAssertionCredential(tenantId, spParameters.ClientId, () => GetClientAssertion(spParameters));
             string parametersLog = $"- ClientId:'{spParameters.ClientId}', TenantId:'{tenantId}', ClientAssertion:'***' Scopes:'{string.Join(",", scopes)}'";
             return MsalAccessToken.GetAccessTokenAsync(
                 nameof(ClientAssertionAuthenticator),
@@ -61,5 +56,11 @@ public override bool CanAuthenticate(AuthenticationParameters parameters)
         {
             return (parameters as ClientAssertionParameters) != null;
         }
+
+        private string GetClientAssertion(ClientAssertionParameters parameters)
+        {
+            return parameters.ClientAssertion.ConvertToString();
+        }
+
     }
 }