Fix bug of CAE new request disposing (#17214)

msJinLei · VeryEarly · web-flow · commit e4fd7ab1c358 · 2022-02-23T15:17:28.000+08:00
* Fix bug of CAE new request disposing

Request are used after disposed in AuthenticationHelper and so the
previous request cannot be disposed.
The new request should be disposed finally.

* Address review comments

* Comment out the cmdlet thats cause authentication error

Co-authored-by: Yabo Hu &lt;yabhu@microsoft.com&gt;
diff --git a/src/Accounts/Accounts/CommonModule/ContextAdapter.cs b/src/Accounts/Accounts/CommonModule/ContextAdapter.cs
@@ -195,30 +195,35 @@ public object GetParameterValue(string resourceId, string moduleName, Invocation
         internal async Task<HttpResponseMessage> AuthenticationHelper(IAzureContext context, string endpointResourceIdKey, string endpointSuffixKey, HttpRequestMessage request, CancellationToken cancelToken, Action cancelAction, SignalDelegate signal, NextDelegate next, TokenAudienceConverterDelegate tokenAudienceConverter = null)
         {
             IAccessToken accessToken = await AuthorizeRequest(context, request, cancelToken, endpointResourceIdKey, endpointSuffixKey, tokenAudienceConverter);
-            var newRequest = await request.CloneWithContentAndDispose(request.RequestUri, request.Method);
-            var response = await next(request, cancelToken, cancelAction, signal);
-
-            if (response.MatchClaimsChallengePattern())
+            using (var newRequest = await request.CloneWithContent(request.RequestUri, request.Method))
             {
-                //get token again with claims challenge
-                if (accessToken is IClaimsChallengeProcessor processor)
+                var response = await next(request, cancelToken, cancelAction, signal);
+
+                if (response.MatchClaimsChallengePattern())
                 {
-                    try
+                    //get token again with claims challenge
+                    if (accessToken is IClaimsChallengeProcessor processor)
                     {
-                        var claimsChallenge = ClaimsChallengeUtilities.GetClaimsChallenge(response);
-                        if (!string.IsNullOrEmpty(claimsChallenge))
+                        try
                         {
-                            await processor.OnClaimsChallenageAsync(newRequest, claimsChallenge, cancelToken).ConfigureAwait(false);
-                            response = await next(newRequest, cancelToken, cancelAction, signal);
+                            var claimsChallenge = ClaimsChallengeUtilities.GetClaimsChallenge(response);
+                            if (!string.IsNullOrEmpty(claimsChallenge))
+                            {
+                                await processor.OnClaimsChallenageAsync(newRequest, claimsChallenge, cancelToken).ConfigureAwait(false);
+                                using (var previousReponse = response)
+                                {
+                                    response = await next(newRequest, cancelToken, cancelAction, signal);
+                                }
+                            }
+                        }
+                        catch (AuthenticationFailedException e)
+                        {
+                            throw e.WithAdditionalMessage(response?.GetWwwAuthenticateMessage());
                         }
-                    }
-                    catch (AuthenticationFailedException e)
-                    {
-                        throw e.WithAdditionalMessage(response?.GetWwwAuthenticateMessage());
                     }
                 }
+                return response;
             }
-            return response;
         }
 
         /// <summary>
diff --git a/tools/Test/SmokeTest/RmCoreSmokeTests.ps1 b/tools/Test/SmokeTest/RmCoreSmokeTests.ps1
@@ -155,7 +155,7 @@ $resourceTestCommands = @(
     @{Name = "Az.StorageSync";                Command = {Get-AzStorageSyncService -ErrorAction Stop}},
     @{Name = "Az.Support";                    Command = {Get-AzSupportTicket -ErrorAction Stop}},
     @{Name = "Az.Resources [Tags]";           Command = {Get-AzTag -ErrorAction Stop}},
-    @{Name = "Az.Resources [MSGraph]";        Command = {Get-AzAdGroup -First 1 -ErrorAction Stop}},
+    #@{Name = "Az.Resources [MSGraph]";        Command = {Get-AzAdGroup -First 1 -ErrorAction Stop}},
     @{Name = "Az.TrafficManager";             Command = {Get-AzTrafficManagerProfile -ErrorAction Stop}},
     @{Name = "Az.Billing [UsageAggregates]";  Command = {Get-UsageAggregates -ReportedStartTime '1/1/2018' -ReportedEndTime '1/2/2018' -ErrorAction Stop}},
     @{Name = "Az.Websites";                   Command = {Get-AzWebApp -ErrorAction Stop}}

Original file line number	Diff line number	Diff line change
`@@ -195,30 +195,35 @@ public object GetParameterValue(string resourceId, string moduleName, Invocation`
`195`	`195`	`internal async Task<HttpResponseMessage> AuthenticationHelper(IAzureContext context, string endpointResourceIdKey, string endpointSuffixKey, HttpRequestMessage request, CancellationToken cancelToken, Action cancelAction, SignalDelegate signal, NextDelegate next, TokenAudienceConverterDelegate tokenAudienceConverter = null)`
`196`	`196`	`{`
`197`	`197`	`IAccessToken accessToken = await AuthorizeRequest(context, request, cancelToken, endpointResourceIdKey, endpointSuffixKey, tokenAudienceConverter);`
`198`		`- var newRequest = await request.CloneWithContentAndDispose(request.RequestUri, request.Method);`
`199`		`- var response = await next(request, cancelToken, cancelAction, signal);`
`200`		`-`
`201`		`- if (response.MatchClaimsChallengePattern())`
	`198`	`+ using (var newRequest = await request.CloneWithContent(request.RequestUri, request.Method))`
`202`	`199`	`{`
`203`		`- //get token again with claims challenge`
`204`		`- if (accessToken is IClaimsChallengeProcessor processor)`
	`200`	`+ var response = await next(request, cancelToken, cancelAction, signal);`
	`201`	`+`
	`202`	`+ if (response.MatchClaimsChallengePattern())`
`205`	`203`	`{`
`206`		`- try`
	`204`	`+ //get token again with claims challenge`
	`205`	`+ if (accessToken is IClaimsChallengeProcessor processor)`
`207`	`206`	`{`
`208`		`- var claimsChallenge = ClaimsChallengeUtilities.GetClaimsChallenge(response);`
`209`		`- if (!string.IsNullOrEmpty(claimsChallenge))`
	`207`	`+ try`
`210`	`208`	`{`
`211`		`- await processor.OnClaimsChallenageAsync(newRequest, claimsChallenge, cancelToken).ConfigureAwait(false);`
`212`		`- response = await next(newRequest, cancelToken, cancelAction, signal);`
	`209`	`+ var claimsChallenge = ClaimsChallengeUtilities.GetClaimsChallenge(response);`
	`210`	`+ if (!string.IsNullOrEmpty(claimsChallenge))`
	`211`	`+ {`
	`212`	`+ await processor.OnClaimsChallenageAsync(newRequest, claimsChallenge, cancelToken).ConfigureAwait(false);`
	`213`	`+ using (var previousReponse = response)`
	`214`	`+ {`
	`215`	`+ response = await next(newRequest, cancelToken, cancelAction, signal);`
	`216`	`+ }`
	`217`	`+ }`
	`218`	`+ }`
	`219`	`+ catch (AuthenticationFailedException e)`
	`220`	`+ {`
	`221`	`+ throw e.WithAdditionalMessage(response?.GetWwwAuthenticateMessage());`
`213`	`222`	`}`
`214`		`- }`
`215`		`- catch (AuthenticationFailedException e)`
`216`		`- {`
`217`		`- throw e.WithAdditionalMessage(response?.GetWwwAuthenticateMessage());`
`218`	`223`	`}`
`219`	`224`	`}`
	`225`	`+ return response;`
`220`	`226`	`}`
`221`		`- return response;`
`222`	`227`	`}`
`223`	`228`
`224`	`229`	`/// <summary>`