microsoft
diff --git a/‎docs/help/Connect-PartnerCenter.md‎
Lines changed: 3 additions & 18 deletions b/‎docs/help/Connect-PartnerCenter.md‎
Lines changed: 3 additions & 18 deletions
diff --git a/‎docs/help/New-PartnerAccessToken.md‎
Lines changed: 45 additions & 14 deletions b/‎docs/help/New-PartnerAccessToken.md‎
Lines changed: 45 additions & 14 deletions
diff --git a/‎docs/help/Set-PartnerCustomerSubscription.md‎
Lines changed: 2 additions & 1 deletion b/‎docs/help/Set-PartnerCustomerSubscription.md‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/PowerShell/Commands/ConnectPartnerCenter.cs‎
Lines changed: 1 addition & 10 deletions b/‎src/PowerShell/Commands/ConnectPartnerCenter.cs‎
Lines changed: 1 addition & 10 deletions
diff --git a/‎src/PowerShell/Commands/NewPartnerAccessToken.cs‎
Lines changed: 79 additions & 23 deletions b/‎src/PowerShell/Commands/NewPartnerAccessToken.cs‎
Lines changed: 79 additions & 23 deletions
@@ -17,19 +17,19 @@ Connect to Partner Center with an authenticated account for use with cmdlet requ
 ### UserCredential (Default)
 ```
 Connect-PartnerCenter -ApplicationId <String> [-Credential <PSCredential>] [-Environment <EnvironmentName>]
- [-TokenCache <TokenCache>] [<CommonParameters>]
+ [<CommonParameters>]
 ```
 
 ### AccessToken
 ```
 Connect-PartnerCenter -AccessToken <String> -AccessTokenExpiresOn <DateTimeOffset> -ApplicationId <String>
- [-Environment <EnvironmentName>] -TenantId <String> [-TokenCache <TokenCache>] [<CommonParameters>]
+ [-Environment <EnvironmentName>] -TenantId <String> [<CommonParameters>]
 ```
 
 ### ServicePrincipal
 ```
 Connect-PartnerCenter -Credential <PSCredential> [-Environment <EnvironmentName>] [-ServicePrincipal]
- -TenantId <String> [-TokenCache <TokenCache>] [<CommonParameters>]
+ -TenantId <String> [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -183,21 +183,6 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -TokenCache
-The cache used to lookup cached tokens.
-
-```yaml
-Type: TokenCache
-Parameter Sets: (All)
-Aliases:
-
-Required: False
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
-
 ### CommonParameters
 This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
 
 
@@ -16,14 +16,15 @@ Generate a new access token that can be used to access Partner Center.
 
 ### UserCredential (Default)
 ```
-New-PartnerAccessToken -ApplicationId <String> [-Credential <PSCredential>] [-Environment <EnvironmentName>]
- [-TokenCache <TokenCache>] [<CommonParameters>]
+New-PartnerAccessToken -ApplicationId <String> [-Consent] [-Credential <PSCredential>]
+ [-Environment <EnvironmentName>] [-RefreshToken <String>] -Resource <String> [-TenantId <String>]
+ [<CommonParameters>]
 ```
 
 ### ServicePrincipal
 ```
-New-PartnerAccessToken -Credential <PSCredential> [-Environment <EnvironmentName>] [-ServicePrincipal]
- -TenantId <String> [-TokenCache <TokenCache>] [<CommonParameters>]
+New-PartnerAccessToken [-Consent] -Credential <PSCredential> [-Environment <EnvironmentName>]
+ [-RefreshToken <String>] -Resource <String> [-ServicePrincipal] [-TenantId <String>] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -66,6 +67,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Consent
+A flag that indicates that the intention is to perform the partner consent process.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Credential
 Credentials that represents the service principal.
 
@@ -109,26 +125,41 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -ServicePrincipal
-A flag indicating that a service principal will be used to authenticate.
+### -RefreshToken
+The refresh token to use in the refresh flow.
 
 ```yaml
-Type: SwitchParameter
-Parameter Sets: ServicePrincipal
+Type: String
+Parameter Sets: (All)
 Aliases:
 
-Required: True
+Required: False
 Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -TenantId
-The Azure AD domain or tenant identifier.
+### -Resource
+The identifier of the target resource that is the recipient of the requested token.
 
 ```yaml
 Type: String
+Parameter Sets: (All)
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -ServicePrincipal
+A flag indicating that a service principal will be used to authenticate.
+
+```yaml
+Type: SwitchParameter
 Parameter Sets: ServicePrincipal
 Aliases:
 
@@ -139,11 +170,11 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -TokenCache
-The token cache to be used when requesting an access token.
+### -TenantId
+The Azure AD domain or tenant identifier.
 
 ```yaml
-Type: TokenCache
+Type: String
 Parameter Sets: (All)
 Aliases:
 
 
@@ -64,6 +64,7 @@ The billing cycle for the subscription.
 Type: BillingCycleType
 Parameter Sets: (All)
 Aliases:
+Accepted values: Annual, Monthly
 
 Required: False
 Position: Named
@@ -139,7 +140,7 @@ The status of the subscription.
 Type: SubscriptionStatus
 Parameter Sets: (All)
 Aliases:
-Accepted values: None, Active, Suspended, Deleted
+Accepted values: Active, Suspended
 
 Required: False
 Position: Named
 
@@ -14,7 +14,6 @@ namespace Microsoft.Store.PartnerCenter.PowerShell.Commands
     using System.Text.RegularExpressions;
     using Common;
     using Factories;
-    using IdentityModel.Clients.ActiveDirectory;
     using PartnerCenter.Models.Partners;
     using Profile;
     using Properties;
@@ -117,13 +116,6 @@ public class ConnectPartnerCenter : PSCmdlet, IModuleAssemblyInitializer
         [ValidateNotNullOrEmpty]
         public string TenantId { get; set; }
 
-        /// <summary>
-        /// Gets or sets the cache used to lookup cached tokens.
-        /// </summary>
-        [Parameter(HelpMessage = "The cache used to lookup cached tokens.", Mandatory = false)]
-        [ValidateNotNull]
-        public TokenCache TokenCache { get; set; }
-
         /// <summary>
         /// Operations that happen before the cmdlet is executed.
         /// </summary>
@@ -207,8 +199,7 @@ protected override void ProcessRecord()
             {
                 Account = account,
                 ApplicationId = ApplicationId,
-                Environment = Environment,
-                TokenCache = TokenCache ?? TokenCache.DefaultShared
+                Environment = Environment
             };
 
             PartnerSession.Instance.AuthenticationFactory.Authenticate(context, password);
 
@@ -8,10 +8,12 @@ namespace Microsoft.Store.PartnerCenter.PowerShell.Commands
 {
     using System;
     using System.Management.Automation;
-    using System.Security;
     using System.Text.RegularExpressions;
+    using System.Web;
     using Common;
-    using IdentityModel.Clients.ActiveDirectory;
+    using Models.Authentication;
+    using Network;
+    using Platform;
     using Profile;
 
     [Cmdlet(VerbsCommon.New, "PartnerAccessToken", DefaultParameterSetName = "UserCredential")]
@@ -23,13 +25,29 @@ public class NewPartnerAccessToken : PSCmdlet
         /// </summary>
         private const string CommonEndpoint = "common";
 
+        /// <summary>
+        /// The value for the redirect URI.
+        /// </summary>
+        private const string redirectUriValue = "urn:ietf:wg:oauth:2.0:oob";
+
+        /// <summary>
+        /// The redirect URI used when requesting an access token.
+        /// </summary>
+        private readonly Uri redirectUri = new Uri(redirectUriValue);
+
         /// <summary>
         /// Gets or sets the application identifier.
         /// </summary>
         [Parameter(HelpMessage = "The application identifier used to access Partner Center.", Mandatory = true, ParameterSetName = "UserCredential")]
         [ValidatePattern(@"^(\{){0,1}[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}(\}){0,1}$", Options = RegexOptions.Compiled | RegexOptions.IgnoreCase)]
         public string ApplicationId { get; set; }
 
+        /// <summary>
+        /// Gets or sets a flag indicating that the intention is to perform the partner consent process.
+        /// </summary>
+        [Parameter(HelpMessage = "A flag that indicates that the intention is to perform the partner consent process.", Mandatory = false)]
+        public SwitchParameter Consent { get; set; }
+
         /// <summary>
         /// Gets or sets the credentials.
         /// </summary>
@@ -45,6 +63,20 @@ public class NewPartnerAccessToken : PSCmdlet
         [ValidateNotNullOrEmpty]
         public EnvironmentName Environment { get; set; }
 
+        /// <summary>
+        /// Gets or sets the refresh token to use in the refresh flow.
+        /// </summary>
+        [Parameter(HelpMessage = "The refresh token to use in the refresh flow.", Mandatory = false)]
+        [ValidateNotNullOrEmpty]
+        public string RefreshToken { get; set; }
+
+        /// <summary>
+        /// Gets or sets the identifier of the target resource that is the recipient of the requested token.
+        /// </summary>
+        [Parameter(HelpMessage = "The identifier of the target resource that is the recipient of the requested token.", Mandatory = true)]
+        [ValidateNotNullOrEmpty]
+        public string Resource { get; set; }
+
         /// <summary>
         /// Gets or sets a flag indicating that a service principal will be used to authenticate.
         /// </summary
@@ -54,26 +86,22 @@ public class NewPartnerAccessToken : PSCmdlet
         /// <summary>
         /// Gets or sets the tenant identifier.
         /// </summary>
-        [Parameter(HelpMessage = "The Azure AD domain or tenant identifier.", Mandatory = true, ParameterSetName = "ServicePrincipal")]
+        [Parameter(HelpMessage = "The Azure AD domain or tenant identifier.", Mandatory = false)]
         [ValidateNotNullOrEmpty]
         public string TenantId { get; set; }
 
-        /// <summary>
-        /// Gets or sets the token cache.
-        /// </summary>
-        [Parameter(HelpMessage = "The token cache to be used when requesting an access token.", Mandatory = false)]
-        [ValidateNotNull]
-        public TokenCache TokenCache { get; set; }
-
         /// <summary>
         /// Performs the execution of the command.
         /// </summary>
         protected override void ProcessRecord()
         {
             AuthenticationResult authResult;
             AzureAccount account = new AzureAccount();
-            SecureString password = null;
-
+            IPartnerServiceClient client;
+            PartnerEnvironment environment;
+            AuthorizationResult authorizationResult;
+            string authority;
+            string clientId; 
 
             if (ParameterSetName.Equals("ServicePrincipal", StringComparison.InvariantCultureIgnoreCase))
             {
@@ -85,20 +113,48 @@ protected override void ProcessRecord()
                 account.Type = AccountType.User;
             }
 
-            if (Credential != null)
+            account.Properties[AzureAccountPropertyType.Tenant] = string.IsNullOrEmpty(TenantId) ? CommonEndpoint : TenantId;
+            environment = PartnerEnvironment.PublicEnvironments[Environment];
+
+            client = new PartnerServiceClient(new Uri(environment.PartnerCenterEndpoint));
+            authority = $"{environment.ActiveDirectoryAuthority}{account.Properties[AzureAccountPropertyType.Tenant]}/oauth2/token";
+
+            clientId = account.Type == AccountType.ServicePrincipal ? Credential.UserName : ApplicationId;
+
+            if (!string.IsNullOrEmpty(RefreshToken))
             {
-                account.Id = Credential.UserName;
-                password = Credential.Password;
+                authResult = client.RefreshAccessTokenAsync(
+                    authority,
+                    Resource,
+                    RefreshToken,
+                    clientId,
+                    Credential?.Password.ConvertToString()).GetAwaiter().GetResult();
             }
+            else if (account.Type == AccountType.ServicePrincipal && !Consent.IsPresent || Consent.ToBool() == false)
+            {
+                authResult = client.AcquireTokenAsync(
+                    authority,
+                    Resource,
+                    clientId,
+                    Credential.Password.ConvertToString()).GetAwaiter().GetResult();
+            }
+            else
+            {
+                using (WindowsFormsWebAuthenticationDialog dialog = new WindowsFormsWebAuthenticationDialog(null))
+                {
+                    authorizationResult = dialog.AuthenticateAAD(
+                        new Uri($"{environment.ActiveDirectoryAuthority}{account.Properties[AzureAccountPropertyType.Tenant]}/oauth2/authorize?resource={HttpUtility.UrlEncode(Resource)}&client_id={clientId}&response_type=code&haschrome=1&redirect_uri={HttpUtility.UrlEncode(redirectUriValue)}&response_mode=form_post&prompt=login"),
+                        redirectUri);
+                }
 
-            account.Properties[AzureAccountPropertyType.Tenant] = string.IsNullOrEmpty(TenantId) ? CommonEndpoint : TenantId;
-
-            authResult = PartnerSession.Instance.AuthenticationFactory.Authenticate(
-                ApplicationId,
-                account,
-                password,
-                Environment,
-                TokenCache ?? TokenCache.DefaultShared);
+                authResult = client.AcquireTokenByAuthorizationCodeAsync(
+                    authority,
+                    Resource,
+                    redirectUri,
+                    authorizationResult.Code,
+                    clientId,
+                    Credential?.Password.ConvertToString()).GetAwaiter().GetResult();
+            }
 
             WriteObject(authResult);
         }