Revert "Fix that RemoveUser doesn't work when create Public Client with broker" (Azure#27713)

msJinLei · web-flow · commit fd9d02bade7d · 2025-05-08T21:32:50.000+08:00
diff --git a/src/Accounts/Accounts/Account/DisconnectAzureRmAccount.cs b/src/Accounts/Accounts/Account/DisconnectAzureRmAccount.cs
@@ -124,20 +124,21 @@ public override void ExecuteCmdlet()
 
                 if (ShouldProcess(string.Format("Log out principal '{0}'", azureAccount.Id), "log out"))
                 {
+                    if (GetContextModificationScope() == ContextModificationScope.CurrentUser)
+                    {
+                        AzureSession.Instance.AuthenticationFactory.RemoveUser(azureAccount, null);
+                    }
+
                     if (AzureRmProfileProvider.Instance.Profile != null)
                     {
                         ModifyContext((localProfile, profileClient) =>
-                        {
-                            var matchingContexts = localProfile.Contexts?.Values?.Where((c) => c != null && c.Account != null && string.Equals(c.Account.Id, azureAccount.Id, StringComparison.CurrentCultureIgnoreCase));
-                            foreach (var context in matchingContexts)
-                            {
-                                if (GetContextModificationScope() == ContextModificationScope.CurrentUser)
-                                {
-                                    AzureSession.Instance.AuthenticationFactory.RemoveUser(azureAccount, context.Environment);
-                                }
-                                profileClient.TryRemoveContext(context);
-                            }
-                        });
+                       {
+                           var matchingContexts = localProfile.Contexts?.Values?.Where((c) => c != null && c.Account != null && string.Equals(c.Account.Id, azureAccount.Id, StringComparison.CurrentCultureIgnoreCase));
+                           foreach (var context in matchingContexts)
+                           {
+                               profileClient.TryRemoveContext(context);
+                           }
+                       });
                     }
 
                     WriteObject(new PSAzureRmAccount(azureAccount));
diff --git a/src/Accounts/Accounts/ChangeLog.md b/src/Accounts/Accounts/ChangeLog.md
@@ -19,7 +19,6 @@
 -->
 
 ## Upcoming Release
-* Fixed that removeUser didn't work when create Public Client with broker.
 
 ## Version 4.2.0
 * Updated warning message about MFA. For more details, see https://go.microsoft.com/fwlink/?linkid=2276314
diff --git a/src/Accounts/Accounts/Context/ClearAzureRmContext.cs b/src/Accounts/Accounts/Context/ClearAzureRmContext.cs
@@ -65,29 +65,29 @@ void ClearContext(AzureRmProfile profile, RMProfileClient client)
             bool result = false;
             if (profile != null)
             {
-                PowerShellTokenCacheProvider tokenCacheProvider = null;
-                if (!AzureSession.Instance.TryGetComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, out tokenCacheProvider))
-                {
-                    WriteWarning(Resources.ClientFactoryNotRegisteredClear);
-                }
-
                 var contexts = profile.Contexts.Values;
                 foreach (var context in contexts)
                 {
-                    tokenCacheProvider?.ClearCache(context.Environment.ActiveDirectoryAuthority);
                     client.TryRemoveContext(context);
                 }
 
-                if (tokenCacheProvider != null)
+                PowerShellTokenCacheProvider tokenCacheProvider;
+                if (!AzureSession.Instance.TryGetComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, out tokenCacheProvider))
                 {
-                    profile.TrySetDefaultContext(new AzureContext());
+                    WriteWarning(Resources.ClientFactoryNotRegisteredClear);
+                }
+                else
+                {
+                    tokenCacheProvider.ClearCache();
+                    var defaultContext = new AzureContext();
+                    profile.TrySetDefaultContext(defaultContext);
                     result = true;
                 }
-
                 if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keyStore))
                 {
                     keyStore?.Clear();
                 }
+
             }
 
             AzureSession.Instance.RaiseContextClearedEvent();
diff --git a/src/Accounts/Accounts/Context/GetAzureRMContext.cs b/src/Accounts/Accounts/Context/GetAzureRMContext.cs
@@ -84,7 +84,6 @@ public override void ExecuteCmdlet()
                     var defaultProfile = DefaultProfile as AzureRmProfile;
                     if (defaultProfile != null && string.Equals(AzureSession.Instance?.ARMContextSaveMode, "CurrentUser"))
                     {
-                        AzureSession.Instance.SetProperty(AzureSession.Property.Environment, DefaultContext.Environment.Name);
                         defaultProfile.RefreshContextsFromCache(_cmdletContext);
                     }
                 }
diff --git a/src/Accounts/Accounts/Context/RemoveAzureRmContext.cs b/src/Accounts/Accounts/Context/RemoveAzureRmContext.cs
@@ -12,16 +12,17 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using System;
+using System.Linq;
+using System.Management.Automation;
+
 using Microsoft.Azure.Commands.Common.Authentication;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Azure.Commands.Common.Authentication.Models;
 using Microsoft.Azure.Commands.Profile.Common;
 using Microsoft.Azure.Commands.Profile.Models.Core;
 using Microsoft.Azure.Commands.Profile.Properties;
-
-using System;
-using System.Linq;
-using System.Management.Automation;
+using Microsoft.WindowsAzure.Commands.Utilities.Common;
 
 namespace Microsoft.Azure.Commands.Profile.Context
 {
@@ -90,7 +91,7 @@ public override void ExecuteCmdlet()
                                         }
                                         else
                                         {
-                                            if (!tokenCacheProvider.TryRemoveAccount(removedContext.Account.Id, removedContext.Environment.ActiveDirectoryAuthority))
+                                            if (!tokenCacheProvider.TryRemoveAccount(removedContext.Account.Id))
                                             {
                                                 WriteWarning(string.Format(Resources.NoContextsRemain, removedContext.Account.Id));
                                             }
diff --git a/src/Accounts/Authentication.ResourceManager/AzureRmProfile.cs b/src/Accounts/Authentication.ResourceManager/AzureRmProfile.cs
@@ -819,12 +819,9 @@ public void RefreshContextsFromCache(ICmdletContext cmdletContext)
                 out PowerShellTokenCacheProvider tokenCacheProvider);
 
             string authority = null;
-            //If the function is called from "public virtual IAzureContext DefaultContext", authroity is empty and then ListAccounts will return empty.
-            //But as "ShouldRefreshContextsFromCache" is always false, the only call path is from GetAzureRMContext for now.
             if (TryGetEnvironment(AzureSession.Instance.GetProperty(AzureSession.Property.Environment), out IAzureEnvironment sessionEnvironment))
             {
-                authority = new Uri(new Uri(sessionEnvironment.ActiveDirectoryAuthority), "organizations").AbsoluteUri;
-
+                authority = $"{sessionEnvironment.ActiveDirectoryAuthority}organizations";
             }
             var accounts = tokenCacheProvider.ListAccounts(authority);
             if (!accounts.Any())
diff --git a/src/Accounts/Authentication/Authentication/TokenCache/InMemoryTokenCacheProvider.cs b/src/Accounts/Authentication/Authentication/TokenCache/InMemoryTokenCacheProvider.cs
@@ -14,7 +14,6 @@
 
 using Azure.Identity;
 
-using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Identity.Client;
 
 namespace Microsoft.Azure.Commands.Common.Authentication
@@ -47,7 +46,7 @@ public override void FlushTokenData()
             }
         }
 
-        public override void ClearCache(string authority)
+        public override void ClearCache()
         {
             InMemoryTokenCacheOptions = new InMemoryTokenCacheOptions();
         }
diff --git a/src/Accounts/Authentication/Authentication/TokenCache/PowerShellTokenCacheProvider.cs b/src/Accounts/Authentication/Authentication/TokenCache/PowerShellTokenCacheProvider.cs
@@ -12,6 +12,10 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using System;
+using System.Collections.Generic;
+using System.Linq;
+
 using Azure.Identity;
 
 using Hyak.Common;
@@ -20,15 +24,13 @@
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions.Extensions;
 using Microsoft.Azure.Commands.Common.Authentication.Abstractions.Interfaces;
 using Microsoft.Azure.Commands.Common.Authentication.Utilities;
+using Microsoft.Azure.Commands.Shared.Config;
 using Microsoft.Azure.Internal.Subscriptions;
 using Microsoft.Azure.Internal.Subscriptions.Models;
+using Microsoft.Azure.PowerShell.Common.Config;
 using Microsoft.Identity.Client;
 using Microsoft.Identity.Client.Broker;
 
-using System;
-using System.Collections.Generic;
-using System.Linq;
-
 namespace Microsoft.Azure.Commands.Common.Authentication
 {
     public abstract class PowerShellTokenCacheProvider
@@ -53,14 +55,14 @@ public virtual void FlushTokenData()
             _tokenCacheDataToFlush = null;
         }
 
-        public virtual void ClearCache(string authority = null)
+        public virtual void ClearCache()
         {
         }
 
-        public bool TryRemoveAccount(string accountId, string authority = null)
+        public bool TryRemoveAccount(string accountId)
         {
             TracingAdapter.Information(string.Format("[AuthenticationClientFactory] Calling GetAccountsAsync"));
-            var client = CreatePublicClient(authority);
+            var client = CreatePublicClient();
             var account = client.GetAccountsAsync()
                             .ConfigureAwait(false).GetAwaiter().GetResult()
                             .FirstOrDefault(a => string.Equals(a.Username, accountId, StringComparison.OrdinalIgnoreCase));
@@ -87,7 +89,7 @@ public IEnumerable<IAccount> ListAccounts(string authority = null)
         {
             TracingAdapter.Information(string.Format("[PowerShellTokenCacheProvider] Calling GetAccountsAsync on {0}", authority ?? "AzureCloud"));
 
-            return CreatePublicClient(authority)
+            return CreatePublicClient(authority: authority)
                     .GetAccountsAsync()
                     .ConfigureAwait(false).GetAwaiter().GetResult();
         }
@@ -193,7 +195,18 @@ public virtual IPublicClientApplication CreatePublicClient(string authority, str
         /// </summary>
         public virtual IPublicClientApplication CreatePublicClient(string authority = null)
         {
-            return CreatePublicClient(authority, organizationTenant);
+            var builder = PublicClientApplicationBuilder.Create(Constants.PowerShellClientId);
+            if (AzConfigReader.IsWamEnabled(authority))
+            {
+                builder = builder.WithBroker(new BrokerOptions(BrokerOptions.OperatingSystems.Windows));
+            }
+            if (!string.IsNullOrEmpty(authority))
+            {
+                builder.WithAuthority(authority);
+            }
+            var client = builder.Build();
+            RegisterCache(client);
+            return client;
         }
 
         public abstract TokenCachePersistenceOptions GetTokenCachePersistenceOptions();
diff --git a/src/Accounts/Authentication/Authentication/TokenCache/SharedTokenCacheProvider.cs b/src/Accounts/Authentication/Authentication/TokenCache/SharedTokenCacheProvider.cs
@@ -12,14 +12,13 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
+using System;
+
 using Azure.Identity;
 
-using Microsoft.Azure.Commands.Common.Authentication.Abstractions;
 using Microsoft.Identity.Client;
 using Microsoft.Identity.Client.Extensions.Msal;
 
-using System;
-
 namespace Microsoft.Azure.Commands.Common.Authentication
 {
     public class SharedTokenCacheProvider : PowerShellTokenCacheProvider
@@ -104,9 +103,9 @@ protected override void RegisterCache(IPublicClientApplication client)
             }
         }
 
-        public override void ClearCache(string authority)
+        public override void ClearCache()
         {
-            var client = CreatePublicClient(authority);
+            var client = CreatePublicClient();
             var accounts = client.GetAccountsAsync().GetAwaiter().GetResult();
             foreach (var account in accounts)
             {
diff --git a/src/Accounts/Authentication/Factories/AuthenticationFactory.cs b/src/Accounts/Authentication/Factories/AuthenticationFactory.cs
@@ -487,16 +487,6 @@ public ServiceClientCredentials GetServiceClientCredentials(string accessToken,
         /// <param name="account"></param>
         /// <param name="tokenCache">This parameter is no longer used. However to keep the API unchanged it's not removed.</param>
         public void RemoveUser(IAzureAccount account, IAzureTokenCache tokenCache)
-        {
-            RemoveUser(account, environment: null);
-        }
-
-        /// <summary>
-        /// Remove any stored credentials for the given user and the Azure environment used.
-        /// </summary>
-        /// <param name="account">The account to remove credentials for</param>
-        /// <param name="environment">The environment which account belongs to</param>
-        public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)
         {
             if (account != null && !string.IsNullOrEmpty(account.Id) && !string.IsNullOrWhiteSpace(account.Type))
             {
@@ -523,10 +513,10 @@ public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)
                             // make best effort to remove credentials
                         }
 
-                        RemoveFromTokenCache(account, environment.ActiveDirectoryAuthority);
+                        RemoveFromTokenCache(account);
                         break;
                     case AzureAccount.AccountType.User:
-                        RemoveFromTokenCache(account, environment.ActiveDirectoryAuthority);
+                        RemoveFromTokenCache(account);
                         break;
                 }
             }
@@ -568,20 +558,20 @@ private string GetEndpointToken(IAzureAccount account, string targetEndpoint)
             return account.GetProperty(tokenKey);
         }
 
-        private void RemoveFromTokenCache(IAzureAccount account, string authority = null)
+        private void RemoveFromTokenCache(IAzureAccount account)
         {
             PowerShellTokenCacheProvider tokenCacheProvider;
             if (!AzureSession.Instance.TryGetComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, out tokenCacheProvider))
             {
                 throw new NullReferenceException(Resources.AuthenticationClientFactoryNotRegistered);
             }
 
-            var publicClient = tokenCacheProvider.CreatePublicClient(authority);
+            var publicClient = tokenCacheProvider.CreatePublicClient();
             var accounts = publicClient.GetAccountsAsync()
                             .ConfigureAwait(false).GetAwaiter().GetResult();
             var tokenAccounts = accounts.Where(a => MatchCacheItem(account, a));
             foreach (var tokenAccount in tokenAccounts)
-            {
+                {
                 publicClient.RemoveAsync(tokenAccount)
                                 .ConfigureAwait(false).GetAwaiter().GetResult();
             }
diff --git a/tools/Common.Netcore.Dependencies.targets b/tools/Common.Netcore.Dependencies.targets
@@ -3,22 +3,22 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.Rest.ClientRuntime" Version="2.3.24"/>
     <PackageReference Include="Microsoft.Rest.ClientRuntime.Azure" Version="3.3.19"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Aks" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Authentication.Abstractions" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Authorization" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Common" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Compute" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Graph.Rbac" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.KeyVault" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Monitor" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Network" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.PolicyInsights" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.ResourceManager" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Storage" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Storage.Management" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Strategies" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Websites" Version="1.3.107-preview"/>
-    <PackageReference Include="Microsoft.Azure.PowerShell.Common.Share" Version="1.3.107-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Aks" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Authentication.Abstractions" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Authorization" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Common" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Compute" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Graph.Rbac" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.KeyVault" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Monitor" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Network" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.PolicyInsights" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.ResourceManager" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Storage" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Storage.Management" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Strategies" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Clients.Websites" Version="1.3.106-preview"/>
+    <PackageReference Include="Microsoft.Azure.PowerShell.Common.Share" Version="1.3.106-preview"/>
     <PackageReference Include="Microsoft.CSharp" Version="4.7.0" />
   </ItemGroup>
   <ItemGroup>
@@ -37,7 +37,7 @@
     <PackageReference Include="PowerShellStandard.Library" Version="5.1.0" PrivateAssets="All" />
   </ItemGroup>
   <PropertyGroup>
-    <StorageToolsPath>$(NugetPackageRoot)\microsoft.azure.powershell.storage\1.3.107-preview\tools\</StorageToolsPath>
+    <StorageToolsPath>$(NugetPackageRoot)\microsoft.azure.powershell.storage\1.3.106-preview\tools\</StorageToolsPath>
   </PropertyGroup>
   <ItemGroup Condition="'$(OmitJsonPackage)' != 'true'">
     <PackageReference Include="Newtonsoft.Json" Version="13.0.2"/>
diff --git a/tools/TestFx/Mocks/MockCertificateAuthenticationFactory.cs b/tools/TestFx/Mocks/MockCertificateAuthenticationFactory.cs
@@ -124,10 +124,5 @@ public IAccessToken Authenticate(IAzureAccount account, IAzureEnvironment enviro
         {
             throw new NotImplementedException();
         }
-
-        public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)
-        {
-            throw new NotImplementedException();
-        }
     }
 }
diff --git a/tools/TestFx/Mocks/MockTokenAuthenticationFactory.cs b/tools/TestFx/Mocks/MockTokenAuthenticationFactory.cs
@@ -148,10 +148,5 @@ public ServiceClientCredentials GetServiceClientCredentials(IAzureContext contex
         {
             return GetServiceClientCredentials(context, targetEndpoint, AzureCmdletContext.CmdletNone);
         }
-
-        public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)
-        {
-            throw new NotImplementedException();
-        }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -65,29 +65,29 @@ void ClearContext(AzureRmProfile profile, RMProfileClient client)`
`65`	`65`	`bool result = false;`
`66`	`66`	`if (profile != null)`
`67`	`67`	`{`
`68`		`- PowerShellTokenCacheProvider tokenCacheProvider = null;`
`69`		`- if (!AzureSession.Instance.TryGetComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, out tokenCacheProvider))`
`70`		`- {`
`71`		`- WriteWarning(Resources.ClientFactoryNotRegisteredClear);`
`72`		`- }`
`73`		`-`
`74`	`68`	`var contexts = profile.Contexts.Values;`
`75`	`69`	`foreach (var context in contexts)`
`76`	`70`	`{`
`77`		`- tokenCacheProvider?.ClearCache(context.Environment.ActiveDirectoryAuthority);`
`78`	`71`	`client.TryRemoveContext(context);`
`79`	`72`	`}`
`80`	`73`
`81`		`- if (tokenCacheProvider != null)`
	`74`	`+ PowerShellTokenCacheProvider tokenCacheProvider;`
	`75`	`+ if (!AzureSession.Instance.TryGetComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, out tokenCacheProvider))`
`82`	`76`	`{`
`83`		`- profile.TrySetDefaultContext(new AzureContext());`
	`77`	`+ WriteWarning(Resources.ClientFactoryNotRegisteredClear);`
	`78`	`+ }`
	`79`	`+ else`
	`80`	`+ {`
	`81`	`+ tokenCacheProvider.ClearCache();`
	`82`	`+ var defaultContext = new AzureContext();`
	`83`	`+ profile.TrySetDefaultContext(defaultContext);`
`84`	`84`	`result = true;`
`85`	`85`	`}`
`86`		`-`
`87`	`86`	`if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keyStore))`
`88`	`87`	`{`
`89`	`88`	`keyStore?.Clear();`
`90`	`89`	`}`
	`90`	`+`
`91`	`91`	`}`
`92`	`92`
`93`	`93`	`AzureSession.Instance.RaiseContextClearedEvent();`
Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,6 @@ public override void ExecuteCmdlet()`
`84`	`84`	`var defaultProfile = DefaultProfile as AzureRmProfile;`
`85`	`85`	`if (defaultProfile != null && string.Equals(AzureSession.Instance?.ARMContextSaveMode, "CurrentUser"))`
`86`	`86`	`{`
`87`		`- AzureSession.Instance.SetProperty(AzureSession.Property.Environment, DefaultContext.Environment.Name);`
`88`	`87`	`defaultProfile.RefreshContextsFromCache(_cmdletContext);`
`89`	`88`	`}`
`90`	`89`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,16 +12,17 @@`
`12`	`12`	`// limitations under the License.`
`13`	`13`	`// ----------------------------------------------------------------------------------`
`14`	`14`
	`15`	`+using System;`
	`16`	`+using System.Linq;`
	`17`	`+using System.Management.Automation;`
	`18`	`+`
`15`	`19`	`using Microsoft.Azure.Commands.Common.Authentication;`
`16`	`20`	`using Microsoft.Azure.Commands.Common.Authentication.Abstractions;`
`17`	`21`	`using Microsoft.Azure.Commands.Common.Authentication.Models;`
`18`	`22`	`using Microsoft.Azure.Commands.Profile.Common;`
`19`	`23`	`using Microsoft.Azure.Commands.Profile.Models.Core;`
`20`	`24`	`using Microsoft.Azure.Commands.Profile.Properties;`
`21`		`-`
`22`		`-using System;`
`23`		`-using System.Linq;`
`24`		`-using System.Management.Automation;`
	`25`	`+using Microsoft.WindowsAzure.Commands.Utilities.Common;`
`25`	`26`
`26`	`27`	`namespace Microsoft.Azure.Commands.Profile.Context`
`27`	`28`	`{`
`@@ -90,7 +91,7 @@ public override void ExecuteCmdlet()`
`90`	`91`	`}`
`91`	`92`	`else`
`92`	`93`	`{`
`93`		`- if (!tokenCacheProvider.TryRemoveAccount(removedContext.Account.Id, removedContext.Environment.ActiveDirectoryAuthority))`
	`94`	`+ if (!tokenCacheProvider.TryRemoveAccount(removedContext.Account.Id))`
`94`	`95`	`{`
`95`	`96`	`WriteWarning(string.Format(Resources.NoContextsRemain, removedContext.Account.Id));`
`96`	`97`	`}`
Original file line number	Diff line number	Diff line change
`@@ -819,12 +819,9 @@ public void RefreshContextsFromCache(ICmdletContext cmdletContext)`
`819`	`819`	`out PowerShellTokenCacheProvider tokenCacheProvider);`
`820`	`820`
`821`	`821`	`string authority = null;`
`822`		`- //If the function is called from "public virtual IAzureContext DefaultContext", authroity is empty and then ListAccounts will return empty.`
`823`		`- //But as "ShouldRefreshContextsFromCache" is always false, the only call path is from GetAzureRMContext for now.`
`824`	`822`	`if (TryGetEnvironment(AzureSession.Instance.GetProperty(AzureSession.Property.Environment), out IAzureEnvironment sessionEnvironment))`
`825`	`823`	`{`
`826`		`- authority = new Uri(new Uri(sessionEnvironment.ActiveDirectoryAuthority), "organizations").AbsoluteUri;`
`827`		`-`
	`824`	`+ authority = $"{sessionEnvironment.ActiveDirectoryAuthority}organizations";`
`828`	`825`	`}`
`829`	`826`	`var accounts = tokenCacheProvider.ListAccounts(authority);`
`830`	`827`	`if (!accounts.Any())`
Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,6 @@`
`14`	`14`
`15`	`15`	`using Azure.Identity;`
`16`	`16`
`17`		`-using Microsoft.Azure.Commands.Common.Authentication.Abstractions;`
`18`	`17`	`using Microsoft.Identity.Client;`
`19`	`18`
`20`	`19`	`namespace Microsoft.Azure.Commands.Common.Authentication`
`@@ -47,7 +46,7 @@ public override void FlushTokenData()`
`47`	`46`	`}`
`48`	`47`	`}`
`49`	`48`
`50`		`- public override void ClearCache(string authority)`
	`49`	`+ public override void ClearCache()`
`51`	`50`	`{`
`52`	`51`	`InMemoryTokenCacheOptions = new InMemoryTokenCacheOptions();`
`53`	`52`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,14 +12,13 @@`
`12`	`12`	`// limitations under the License.`
`13`	`13`	`// ----------------------------------------------------------------------------------`
`14`	`14`
	`15`	`+using System;`
	`16`	`+`
`15`	`17`	`using Azure.Identity;`
`16`	`18`
`17`		`-using Microsoft.Azure.Commands.Common.Authentication.Abstractions;`
`18`	`19`	`using Microsoft.Identity.Client;`
`19`	`20`	`using Microsoft.Identity.Client.Extensions.Msal;`
`20`	`21`
`21`		`-using System;`
`22`		`-`
`23`	`22`	`namespace Microsoft.Azure.Commands.Common.Authentication`
`24`	`23`	`{`
`25`	`24`	`public class SharedTokenCacheProvider : PowerShellTokenCacheProvider`
`@@ -104,9 +103,9 @@ protected override void RegisterCache(IPublicClientApplication client)`
`104`	`103`	`}`
`105`	`104`	`}`
`106`	`105`
`107`		`- public override void ClearCache(string authority)`
	`106`	`+ public override void ClearCache()`
`108`	`107`	`{`
`109`		`- var client = CreatePublicClient(authority);`
	`108`	`+ var client = CreatePublicClient();`
`110`	`109`	`var accounts = client.GetAccountsAsync().GetAwaiter().GetResult();`
`111`	`110`	`foreach (var account in accounts)`
`112`	`111`	`{`
Original file line number	Diff line number	Diff line change
`@@ -487,16 +487,6 @@ public ServiceClientCredentials GetServiceClientCredentials(string accessToken,`
`487`	`487`	`/// <param name="account"></param>`
`488`	`488`	`/// <param name="tokenCache">This parameter is no longer used. However to keep the API unchanged it's not removed.</param>`
`489`	`489`	`public void RemoveUser(IAzureAccount account, IAzureTokenCache tokenCache)`
`490`		`- {`
`491`		`- RemoveUser(account, environment: null);`
`492`		`- }`
`493`		`-`
`494`		`- /// <summary>`
`495`		`- /// Remove any stored credentials for the given user and the Azure environment used.`
`496`		`- /// </summary>`
`497`		`- /// <param name="account">The account to remove credentials for</param>`
`498`		`- /// <param name="environment">The environment which account belongs to</param>`
`499`		`- public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)`
`500`	`490`	`{`
`501`	`491`	`if (account != null && !string.IsNullOrEmpty(account.Id) && !string.IsNullOrWhiteSpace(account.Type))`
`502`	`492`	`{`
`@@ -523,10 +513,10 @@ public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)`
`523`	`513`	`// make best effort to remove credentials`
`524`	`514`	`}`
`525`	`515`
`526`		`- RemoveFromTokenCache(account, environment.ActiveDirectoryAuthority);`
	`516`	`+ RemoveFromTokenCache(account);`
`527`	`517`	`break;`
`528`	`518`	`case AzureAccount.AccountType.User:`
`529`		`- RemoveFromTokenCache(account, environment.ActiveDirectoryAuthority);`
	`519`	`+ RemoveFromTokenCache(account);`
`530`	`520`	`break;`
`531`	`521`	`}`
`532`	`522`	`}`
`@@ -568,20 +558,20 @@ private string GetEndpointToken(IAzureAccount account, string targetEndpoint)`
`568`	`558`	`return account.GetProperty(tokenKey);`
`569`	`559`	`}`
`570`	`560`
`571`		`- private void RemoveFromTokenCache(IAzureAccount account, string authority = null)`
	`561`	`+ private void RemoveFromTokenCache(IAzureAccount account)`
`572`	`562`	`{`
`573`	`563`	`PowerShellTokenCacheProvider tokenCacheProvider;`
`574`	`564`	`if (!AzureSession.Instance.TryGetComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, out tokenCacheProvider))`
`575`	`565`	`{`
`576`	`566`	`throw new NullReferenceException(Resources.AuthenticationClientFactoryNotRegistered);`
`577`	`567`	`}`
`578`	`568`
`579`		`- var publicClient = tokenCacheProvider.CreatePublicClient(authority);`
	`569`	`+ var publicClient = tokenCacheProvider.CreatePublicClient();`
`580`	`570`	`var accounts = publicClient.GetAccountsAsync()`
`581`	`571`	`.ConfigureAwait(false).GetAwaiter().GetResult();`
`582`	`572`	`var tokenAccounts = accounts.Where(a => MatchCacheItem(account, a));`
`583`	`573`	`foreach (var tokenAccount in tokenAccounts)`
`584`		`- {`
	`574`	`+ {`
`585`	`575`	`publicClient.RemoveAsync(tokenAccount)`
`586`	`576`	`.ConfigureAwait(false).GetAwaiter().GetResult();`
`587`	`577`	`}`
Original file line number	Diff line number	Diff line change
`@@ -124,10 +124,5 @@ public IAccessToken Authenticate(IAzureAccount account, IAzureEnvironment enviro`
`124`	`124`	`{`
`125`	`125`	`throw new NotImplementedException();`
`126`	`126`	`}`
`127`		`-`
`128`		`- public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)`
`129`		`- {`
`130`		`- throw new NotImplementedException();`
`131`		`- }`
`132`	`127`	`}`
`133`	`128`	`}`
Original file line number	Diff line number	Diff line change
`@@ -148,10 +148,5 @@ public ServiceClientCredentials GetServiceClientCredentials(IAzureContext contex`
`148`	`148`	`{`
`149`	`149`	`return GetServiceClientCredentials(context, targetEndpoint, AzureCmdletContext.CmdletNone);`
`150`	`150`	`}`
`151`		`-`
`152`		`- public void RemoveUser(IAzureAccount account, IAzureEnvironment environment)`
`153`		`- {`
`154`		`- throw new NotImplementedException();`
`155`		`- }`
`156`	`151`	`}`
`157`	`152`	`}`