Performance update (#241)

Author: Isaiah Williams

ChangeLog.md

@@ -23,7 +23,11 @@
 ## Upcoming Release
 
 * Authentication
+  * Added the [Register-PartnerTokenCache](https://docs.microsoft.com/powershell/module/partnercenter/Register-PartnerTokenCache) to create, and delete, the control file that determines if a in-memory token cache should be used instead of the default persistent token cache
+  * Addressed an issue where an InvalidOperationException exception was being encountering with the [Connect-PartnerCenter](https://docs.microsoft.com/powershell/module/partnercenter/New-PartnerAccessToken) and [New-PartnerAccessToken](https://docs.microsoft.com/powershell/module/partnercenter/New-PartnerAccessToken) commands when specifying an environment
   * Addressed issue [#234](https://github.com/microsoft/Partner-Center-PowerShell/issues/234) that was preventing the [New-PartnerAccessToken](https://docs.microsoft.com/powershell/module/partnercenter/New-PartnerAccessToken) command from executing successfully when being invoked through an Azure Function app
+* Product Upgrades
+  * Addressed an issue with starting the upgrade process for an Azure Plan
 * Subscription
   * Added the `PartnerId` parameter to the [Set-PartnerCustomerSubscription](https://docs.microsoft.com/powershell/module/partnercenter/Set-PartnerCustomerSubscription) command
   * Addressed issue [#228](https://github.com/microsoft/Partner-Center-PowerShell/issues/228) that was causing issues with enabling and suspend an Azure subscription that is part of an Azure Plan

docs/help/PartnerCenter.md

@@ -296,6 +296,9 @@ Creates a product upgrade request for the specified customer.
 ### [New-PartnerServiceRequest](New-PartnerServiceRequest.md)
 Creates a service request at the partner level.
 
+### [Register-PartnerTokenCache](Register-PartnerTokenCache.md)
+Registers the specified token cache for the module.
+
 ### [Remove-PartnerCustomerConfigurationPolicy](Remove-PartnerCustomerConfigurationPolicy.md)
 Removes the specified configuration policy.
 
@@ -376,3 +379,4 @@ Tests if the specified domain name is available for creating a new tenant.
 
 ### [Test-PartnerSecurityRequirement](Test-PartnerSecurityRequirement.md)
 Tests the account, used during authentication, if multi-factor authentication was enforced.
+

docs/help/Register-PartnerTokenCache.md

@@ -0,0 +1,90 @@
+---
+content_git_url: https://github.com/Microsoft/Partner-Center-PowerShell/blob/master/docs/help/Register-PartnerTokenCache.md
+external help file: Microsoft.Store.PartnerCenter.PowerShell.dll-Help.xml
+Module Name: PartnerCenter
+online version: https://docs.microsoft.com/powershell/module/partnercenter/Register-PartnerTokenCache
+original_content_git_url: https://github.com/Microsoft/Partner-Center-PowerShell/blob/master/docs/help/Register-PartnerTokenCache.md
+schema: 2.0.0
+---
+
+# Register-PartnerTokenCache
+
+## SYNOPSIS
+Registers the specified token cache for the module.
+
+## SYNTAX
+
+### ByPersistent (Default)
+```powershell
+Register-PartnerTokenCache [-Persistent] [<CommonParameters>]
+```
+
+### ByInMemory
+```powershell
+Register-PartnerTokenCache [-InMemory] [<CommonParameters>]
+```
+
+## DESCRIPTION
+Registers the specified token cache for the module.
+
+## EXAMPLES
+
+### Example 1
+```powershell
+PS C:\> Register-PartnerTokenCache -InMemory
+```
+
+Registers the in-memory token cache for the module.
+
+### Example 2
+```powershell
+PS C:\> Register-PartnerTokenCache -Persistent
+```
+
+Registers the persistent token cache for the module.
+
+## PARAMETERS
+
+### -InMemory
+A flag indicating that the in-memory token cache should be registered.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: ByInMemory
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Persistent
+A flag indicating that the persistent token cache should be registered.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: ByPersistent
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216).
+
+## INPUTS
+
+### None
+
+## OUTPUTS
+
+### System.Object
+## NOTES
+
+## RELATED LINKS

src/PowerShell/Attributes/BreakingChangeBaseAttribute.cs

@@ -115,6 +115,8 @@ protected virtual string GetAttributeSpecificMessage()
         /// <returns>The name of the command from the type.</returns>
         public static string GetNameFromCmdletType(Type type)
         {
+            type.AssertNotNull(nameof(type));
+
             string cmdletName = null;
             CmdletAttribute cmdletAttrib = (CmdletAttribute)type.GetCustomAttributes(typeof(CmdletAttribute), false).FirstOrDefault();
 

src/PowerShell/Authenticators/AccessTokenAuthenticator.cs

@@ -52,7 +52,7 @@ public override async Task<AuthenticationResult> AuthenticateAsync(Authenticatio
                 throw new PartnerException("The access token has expired. Generate a new one and try again.");
             }
 
-            await Task.CompletedTask;
+            await Task.CompletedTask.ConfigureAwait(false);
 
             ServiceClientTracing.Information("[AccessTokenAuthenticator] Constructing the authentication result based on the specified access token");
 

src/PowerShell/Authenticators/DefaultAuthenticatorBuilder.cs

@@ -34,6 +34,8 @@ public DefaultAuthenticatorBuilder()
         /// <param name="constructor">Delegate to initialize the authenticator.</param>
         public void AppendAuthenticator(Func<IAuthenticator> constructor)
         {
+            constructor.AssertNotNull(nameof(constructor));
+
             if (null == Authenticator)
             {
                 Authenticator = constructor();

src/PowerShell/Authenticators/DelegatingAuthenticator.cs

@@ -52,7 +52,7 @@ public IClientApplicationBase GetClient(PartnerAccount account, PartnerEnvironme
             if (account.IsPropertySet(PartnerAccountPropertyType.CertificateThumbprint) || account.IsPropertySet(PartnerAccountPropertyType.ServicePrincipalSecret))
             {
                 app = CreateConfidentialClient(
-                    $"{environment.ActiveDirectoryAuthority}{account.Tenant}",
+                    GetAzureCloudInstance(environment),
                     account.GetProperty(PartnerAccountPropertyType.ApplicationId),
                     account.GetProperty(PartnerAccountPropertyType.ServicePrincipalSecret),
                     GetCertificate(account.GetProperty(PartnerAccountPropertyType.CertificateThumbprint)),
@@ -62,7 +62,7 @@ public IClientApplicationBase GetClient(PartnerAccount account, PartnerEnvironme
             else
             {
                 app = CreatePublicClient(
-                    $"{environment.ActiveDirectoryAuthority}{account.Tenant}",
+                    GetAzureCloudInstance(environment),
                     account.GetProperty(PartnerAccountPropertyType.ApplicationId),
                     redirectUri,
                     account.Tenant);
@@ -95,15 +95,15 @@ public async Task<AuthenticationResult> TryAuthenticateAsync(AuthenticationParam
         /// <summary>
         /// Creates a confidential client used for generating tokens.
         /// </summary>
-        /// <param name="authority">Address of the authority to issue the token</param>
+        /// <param name="cloudInstance">The cloud instance used for authentication.</param>
         /// <param name="clientId">Identifier of the client requesting the token.</param>
         /// <param name="certificate">Certificate used by the client requesting the token.</param>
         /// <param name="clientSecret">Secret of the client requesting the token.</param>
         /// <param name="redirectUri">The redirect URI for the client.</param>
         /// <param name="tenantId">Identifier of the tenant requesting the token.</param>
         /// <returns>An aptly configured confidential client.</returns>
         private static IConfidentialClientApplication CreateConfidentialClient(
-            string authority = null,
+            AzureCloudInstance cloudInstance,
             string clientId = null,
             string clientSecret = null,
             X509Certificate2 certificate = null,
@@ -112,10 +112,7 @@ private static IConfidentialClientApplication CreateConfidentialClient(
         {
             ConfidentialClientApplicationBuilder builder = ConfidentialClientApplicationBuilder.Create(clientId);
 
-            if (!string.IsNullOrEmpty(authority))
-            {
-                builder = builder.WithAuthority(authority);
-            }
+            builder = builder.WithAuthority(cloudInstance, tenantId);
 
             if (!string.IsNullOrEmpty(clientSecret))
             {
@@ -153,23 +150,20 @@ private static IConfidentialClientApplication CreateConfidentialClient(
         /// <summary>
         /// Creates a public client used for generating tokens.
         /// </summary>
-        /// <param name="authority">Address of the authority to issue the token</param>
+        /// <param name="cloudInstance">The cloud instance used for authentication.</param>
         /// <param name="clientId">Identifier of the client requesting the token.</param>
         /// <param name="redirectUri">The redirect URI for the client.</param>
         /// <param name="tenantId">Identifier of the tenant requesting the token.</param>
         /// <returns>An aptly configured public client.</returns>
         private static IPublicClientApplication CreatePublicClient(
-            string authority = null,
+            AzureCloudInstance cloudInstance,
             string clientId = null,
             string redirectUri = null,
             string tenantId = null)
         {
             PublicClientApplicationBuilder builder = PublicClientApplicationBuilder.Create(clientId);
 
-            if (!string.IsNullOrEmpty(authority))
-            {
-                builder = builder.WithAuthority(authority);
-            }
+            builder = builder.WithAuthority(cloudInstance, tenantId);
 
             if (!string.IsNullOrEmpty(redirectUri))
             {
@@ -195,12 +189,41 @@ private static IPublicClientApplication CreatePublicClient(
             return client;
         }
 
+        /// <summary>
+        /// Gets the Azure cloud instance based an instance of the <see cref="PartnerEnvironment" /> class.
+        /// </summary>
+        /// <param name="environment">The environment information used to be generate the Azure Cloud instance.</param>
+        /// <returns>The Azure cloud instance based an instance of the <see cref="PartnerEnvironment" /> class.</returns>
+        private static AzureCloudInstance GetAzureCloudInstance(PartnerEnvironment environment)
+        {
+            environment.AssertNotNull(nameof(environment));
+
+            if (environment.EnvironmentName == EnvironmentName.AzureChinaCloud)
+            {
+                return AzureCloudInstance.AzureChina;
+            }
+            else if (environment.EnvironmentName == EnvironmentName.AzureGermanCloud)
+            {
+                return AzureCloudInstance.AzureGermany;
+            }
+            else if (environment.EnvironmentName == EnvironmentName.AzureCloud)
+            {
+                return AzureCloudInstance.AzurePublic;
+            }
+            else if (environment.EnvironmentName == EnvironmentName.AzureUSGovernment)
+            {
+                return AzureCloudInstance.AzureUsGovernment;
+            }
+
+            return AzureCloudInstance.None;
+        }
+
         /// <summary>
         /// Gets the specified certificate.
         /// </summary>
         /// <param name="thumbprint">Thumbprint of the certificate to be located.</param>
         /// <returns>An instance of the <see cref="X509Certificate2"/> class that represents the certificate.</returns>
-        private X509Certificate2 GetCertificate(string thumbprint)
+        private static X509Certificate2 GetCertificate(string thumbprint)
         {
             if (string.IsNullOrEmpty(thumbprint))
             {
@@ -222,7 +245,7 @@ private X509Certificate2 GetCertificate(string thumbprint)
         /// <param name="thumbprint">Thumbprint of the certificate to be located.</param>
         /// <param name="storeLocation">The location of the X.509 certifcate store.</param>
         /// <returns><c>true</c> if the certificate was found; otherwise <c>false</c>.</returns>
-        private bool FindCertificateByThumbprint(string thumbprint, StoreLocation storeLocation, out X509Certificate2 certificate)
+        private static bool FindCertificateByThumbprint(string thumbprint, StoreLocation storeLocation, out X509Certificate2 certificate)
         {
             X509Store store = null;
             X509Certificate2Collection col;

src/PowerShell/Authenticators/DeviceCodeAuthenticator.cs

@@ -30,7 +30,7 @@ public override async Task<AuthenticationResult> AuthenticateAsync(Authenticatio
             IClientApplicationBase app = GetClient(parameters.Account, parameters.Environment);
 
             ServiceClientTracing.Information($"[DeviceCodeAuthenticator] Calling AcquireTokenWithDeviceCode - Scopes: '{string.Join(", ", parameters.Scopes)}'");
-            
+
             return await app.AsPublicClient().AcquireTokenWithDeviceCode(parameters.Scopes, deviceCodeResult =>
             {
                 WriteWarning(deviceCodeResult.Message);

src/PowerShell/Authenticators/InteractiveUserAuthenticator.cs

@@ -5,6 +5,7 @@ namespace Microsoft.Store.PartnerCenter.PowerShell.Authenticators
 {
     using System;
     using System.Collections.Specialized;
+    using System.Globalization;
     using System.Net;
     using System.Net.Sockets;
     using System.Threading;
@@ -46,7 +47,7 @@ public override async Task<AuthenticationResult> AuthenticateAsync(Authenticatio
                 {
                     listener = new TcpListener(IPAddress.Loopback, port);
                     listener.Start();
-                    redirectUri = string.Format("http://localhost:{0}/", port);
+                    redirectUri = $"http://localhost:{port}/";
                     listener.Stop();
                     break;
                 }
@@ -80,7 +81,7 @@ await app.AsConfidentialClient().GetAuthorizationRequestUrl(parameters.Scopes).E
             }
             else
             {
-                ServiceClientTracing.Information(string.Format("[InteractiveUserAuthenticator] Calling AcquireTokenInteractive - Scopes: '{0}'", string.Join(",", parameters.Scopes)));
+                ServiceClientTracing.Information(string.Format(CultureInfo.InvariantCulture, "[InteractiveUserAuthenticator] Calling AcquireTokenInteractive - Scopes: '{0}'", string.Join(",", parameters.Scopes)));
 
                 authResult = await app.AsPublicClient().AcquireTokenInteractive(parameters.Scopes)
                     .WithCustomWebUi(new DefaultOsBrowserWebUi(interactiveParameters.Message))

src/PowerShell/Authenticators/SilentAuthenticator.cs

@@ -3,6 +3,7 @@
 
 namespace Microsoft.Store.PartnerCenter.PowerShell.Authenticators
 {
+    using System;
     using System.Collections.Generic;
     using System.Linq;
     using System.Threading;
@@ -28,13 +29,13 @@ public override async Task<AuthenticationResult> AuthenticateAsync(Authenticatio
         {
             IClientApplicationBase app = GetClient(parameters.Account, parameters.Environment);
 
-            ServiceClientTracing.Information(string.Format("[SilentAuthenticator] Calling GetAccountsAsync"));
+            ServiceClientTracing.Information("[SilentAuthenticator] Calling GetAccountsAsync");
             IEnumerable<IAccount> accounts = await app.AsPublicClient().GetAccountsAsync().ConfigureAwait(false);
 
             ServiceClientTracing.Information($"[SilentAuthenticator] Calling AcquireTokenSilent - Scopes: '{string.Join(",", parameters.Scopes)}', UserId: '{((SilentParameters)parameters).UserId}', Number of accounts: '{accounts.Count()}'");
             AuthenticationResult authResult = await app.AsPublicClient().AcquireTokenSilent(
                 parameters.Scopes,
-                accounts.FirstOrDefault(a => a.HomeAccountId.ObjectId.Equals(((SilentParameters)parameters).UserId)))
+                accounts.FirstOrDefault(a => a.HomeAccountId.ObjectId.Equals(((SilentParameters)parameters).UserId, StringComparison.InvariantCultureIgnoreCase)))
                 .ExecuteAsync(cancellationToken).ConfigureAwait(false);
 
             return authResult;