@microsoft/vscode-azext-azureauth 3.0.1 → 4.0.0

package/CHANGELOG.md

@@ -1,5 +1,22 @@
 # Change Log
 
+## 4.0.0 - 2024-12-06
+
+### What's new
+Pass in a `vscode.LogOutputChannel` to the `VSCodeAzureSubscriptionProvider` constructor to enable logging. [#1851](https://github.com/microsoft/vscode-azuretools/pull/1851)
+
+`AzureSubscriptionProvider.getTenants()` now returns `AzureTenant[]` instead of `TenantIdDescription[]`. This is a breaking change for implementors of `AzureSubscriptionProvider`. [#1849](https://github.com/microsoft/vscode-azuretools/pull/1849)
+
+### All Changes
+* [#1849](https://github.com/microsoft/vscode-azuretools/pull/1849) Create `AzureTenant` interface which includes account property
+* [#1850](https://github.com/microsoft/vscode-azuretools/pull/1850) Clean up `isSignedIn` implementation
+* [#1851](https://github.com/microsoft/vscode-azuretools/pull/1851) Add logging to `VSCodeAzureSubscriptionProvider`
+
+## 3.1.0 - 2024-11-26
+
+* [#1827](https://github.com/microsoft/vscode-azuretools/pull/1827) Add more comprehensive support for multi-account scenarios 
+* [#1815](https://github.com/microsoft/vscode-azuretools/issues/1815) Fix `VSCodeAzureSubscriptionProvider.getSubscriptions()` returning empty 
+
 ## 3.0.1 - 2024-11-19
 * [#1819](https://github.com/microsoft/vscode-azuretools/pull/1819) Add account parameter to `AzureSubscriptionProvider.isSignedIn()` function to fix a multi-account issue [#1809](https://github.com/microsoft/vscode-azuretools/issues/1809)
 * [#1822](https://github.com/microsoft/vscode-azuretools/pull/1822) Add check in `VSCodeAzureSubscriptionProvider.getTenants()` to fix a multi-account issue [#1809](https://github.com/microsoft/vscode-azuretools/issues/1809)

package/out/src/AzureDevOpsSubscriptionProvider.d.ts

@@ -1,7 +1,7 @@
-import type { TenantIdDescription } from '@azure/arm-resources-subscriptions';
 import { Event } from 'vscode';
 import { AzureSubscription } from './AzureSubscription';
 import { AzureSubscriptionProvider } from './AzureSubscriptionProvider';
+import { AzureTenant } from './AzureTenant';
 export interface AzureDevOpsSubscriptionProviderInitializer {
     /**
     * The resource ID of the Azure DevOps federated service connection,
@@ -46,7 +46,7 @@ export declare class AzureDevOpsSubscriptionProvider implements AzureSubscriptio
     isSignedIn(): Promise<boolean>;
     signIn(): Promise<boolean>;
     signOut(): Promise<void>;
-    getTenants(): Promise<TenantIdDescription[]>;
+    getTenants(): Promise<AzureTenant[]>;
     /**
      * Gets the subscriptions for a given tenant.
      *

package/out/src/AzureDevOpsSubscriptionProvider.js

@@ -87,6 +87,10 @@ class AzureDevOpsSubscriptionProvider {
         return __awaiter(this, void 0, void 0, function* () {
             return [{
                     tenantId: (_a = this._tokenCredential) === null || _a === void 0 ? void 0 : _a.tenantId,
+                    account: {
+                        id: "test-account-id",
+                        label: "test-account",
+                    }
                 }];
         });
     }

package/out/src/AzureSubscriptionProvider.d.ts

@@ -1,6 +1,6 @@
-import type { TenantIdDescription } from '@azure/arm-resources-subscriptions';
 import type * as vscode from 'vscode';
 import type { AzureSubscription } from './AzureSubscription';
+import type { AzureTenant } from './AzureTenant';
 /**
  * An interface for obtaining Azure subscription information
  */
@@ -13,7 +13,7 @@ export interface AzureSubscriptionProvider {
      *
      * @returns A list of tenants.
      */
-    getTenants(account?: vscode.AuthenticationSessionAccountInformation): Promise<TenantIdDescription[]>;
+    getTenants(account?: vscode.AuthenticationSessionAccountInformation): Promise<AzureTenant[]>;
     /**
      * Gets a list of Azure subscriptions available to the user.
      *
@@ -39,10 +39,11 @@ export interface AzureSubscriptionProvider {
      * Asks the user to sign in or pick an account to use.
      *
      * @param tenantId (Optional) Provide to sign in to a specific tenant.
+     * @param account (Optional) Provide to sign in to a specific account.
      *
      * @returns True if the user is signed in, false otherwise.
      */
-    signIn(tenantId?: string): Promise<boolean>;
+    signIn(tenantId?: string, account?: vscode.AuthenticationSessionAccountInformation): Promise<boolean>;
     /**
      * An event that is fired when the user signs in. Debounced to fire at most once every 5 seconds.
      */

package/out/src/AzureTenant.d.ts

@@ -0,0 +1,5 @@
+import { TenantIdDescription } from "@azure/arm-resources-subscriptions";
+import * as vscode from 'vscode';
+export interface AzureTenant extends TenantIdDescription {
+    account: vscode.AuthenticationSessionAccountInformation;
+}

package/out/src/AzureTenant.js

@@ -0,0 +1,7 @@
+"use strict";
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=AzureTenant.js.map

package/out/src/VSCodeAzureSubscriptionProvider.d.ts

@@ -1,18 +1,19 @@
-import type { TenantIdDescription } from '@azure/arm-resources-subscriptions';
 import * as vscode from 'vscode';
 import { AzureSubscription, SubscriptionId, TenantId } from './AzureSubscription';
 import { AzureSubscriptionProvider } from './AzureSubscriptionProvider';
+import { AzureTenant } from './AzureTenant';
 /**
  * A class for obtaining Azure subscription information using VSCode's built-in authentication
  * provider.
  */
 export declare class VSCodeAzureSubscriptionProvider extends vscode.Disposable implements AzureSubscriptionProvider {
+    private readonly logger?;
     private readonly onDidSignInEmitter;
     private lastSignInEventFired;
     private suppressSignInEvents;
     private readonly onDidSignOutEmitter;
     private lastSignOutEventFired;
-    constructor();
+    constructor(logger?: vscode.LogOutputChannel | undefined);
     /**
      * Gets a list of tenants available to the user.
      * Use {@link isSignedIn} to check if the user is signed in to a particular tenant.
@@ -21,14 +22,15 @@ export declare class VSCodeAzureSubscriptionProvider extends vscode.Disposable i
      *
      * @returns A list of tenants.
      */
-    getTenants(account?: vscode.AuthenticationSessionAccountInformation): Promise<TenantIdDescription[]>;
+    getTenants(account?: vscode.AuthenticationSessionAccountInformation): Promise<AzureTenant[]>;
     /**
      * Gets a list of Azure subscriptions available to the user.
      *
      * @param filter - Whether to filter the list returned, according to the list returned
      * by `getTenantFilters()` and `getSubscriptionFilters()`. Optional, default true.
      *
-     * @returns A list of Azure subscriptions.
+     * @returns A list of Azure subscriptions. The list is sorted by subscription name.
+     * The list can contain duplicate subscriptions if they come from different accounts.
      *
      * @throws A {@link NotSignedInError} If the user is not signed in to Azure.
      * Use {@link isSignedIn} and/or {@link signIn} before this method to ensure
@@ -39,18 +41,23 @@ export declare class VSCodeAzureSubscriptionProvider extends vscode.Disposable i
      * Checks to see if a user is signed in.
      *
      * @param tenantId (Optional) Provide to check if a user is signed in to a specific tenant.
+     * @param account (Optional) Provide to check if a user is signed in to a specific account.
      *
      * @returns True if the user is signed in, false otherwise.
+     *
+     * If no tenant or account is provided, then
+     * checks all accounts for a session.
      */
     isSignedIn(tenantId?: string, account?: vscode.AuthenticationSessionAccountInformation): Promise<boolean>;
     /**
      * Asks the user to sign in or pick an account to use.
      *
      * @param tenantId (Optional) Provide to sign in to a specific tenant.
+     * @param account (Optional) Provide to sign in to a specific account.
      *
      * @returns True if the user is signed in, false otherwise.
      */
-    signIn(tenantId?: string): Promise<boolean>;
+    signIn(tenantId?: string, account?: vscode.AuthenticationSessionAccountInformation): Promise<boolean>;
     /**
      * An event that is fired when the user signs in. Debounced to fire at most once every 5 seconds.
      */

package/out/src/VSCodeAzureSubscriptionProvider.js

@@ -31,7 +31,8 @@ const EventDebounce = 5 * 1000; // 5 seconds
  * provider.
  */
 class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
-    constructor() {
+    // So that customers can easily share logs, try to only log PII using trace level
+    constructor(logger) {
         const disposable = vscode.authentication.onDidChangeSessions((e) => __awaiter(this, void 0, void 0, function* () {
             // Ignore any sign in that isn't for the configured auth provider
             if (e.provider.id !== (0, configuredAzureEnv_1.getConfiguredAuthProviderId)()) {
@@ -53,6 +54,7 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
             this.onDidSignOutEmitter.dispose();
             disposable.dispose();
         });
+        this.logger = logger;
         this.onDidSignInEmitter = new vscode.EventEmitter();
         this.lastSignInEventFired = 0;
         this.suppressSignInEvents = false;
@@ -77,51 +79,55 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      */
     getTenants(account) {
         var _a, e_1, _b, _c, _d, e_2, _e, _f;
+        var _g;
         return __awaiter(this, void 0, void 0, function* () {
+            const startTimeMs = Date.now();
             const results = [];
             try {
-                for (var _g = true, _h = __asyncValues(account ? [account] : yield vscode.authentication.getAccounts((0, configuredAzureEnv_1.getConfiguredAuthProviderId)())), _j; _j = yield _h.next(), _a = _j.done, !_a;) {
-                    _c = _j.value;
-                    _g = false;
+                for (var _h = true, _j = __asyncValues(account ? [account] : yield vscode.authentication.getAccounts((0, configuredAzureEnv_1.getConfiguredAuthProviderId)())), _k; _k = yield _j.next(), _a = _k.done, !_a;) {
+                    _c = _k.value;
+                    _h = false;
                     try {
                         account = _c;
                         // Added check. Without this the getSubscriptionClient function throws the NotSignedInError
                         if (yield this.isSignedIn(undefined, account)) {
                             const { client } = yield this.getSubscriptionClient(account, undefined, undefined);
                             try {
-                                for (var _k = true, _l = (e_2 = void 0, __asyncValues(client.tenants.list())), _m; _m = yield _l.next(), _d = _m.done, !_d;) {
-                                    _f = _m.value;
-                                    _k = false;
+                                for (var _l = true, _m = (e_2 = void 0, __asyncValues(client.tenants.list())), _o; _o = yield _m.next(), _d = _o.done, !_d;) {
+                                    _f = _o.value;
+                                    _l = false;
                                     try {
                                         const tenant = _f;
-                                        results.push(tenant);
+                                        results.push(Object.assign(Object.assign({}, tenant), { account }));
                                     }
                                     finally {
-                                        _k = true;
+                                        _l = true;
                                     }
                                 }
                             }
                             catch (e_2_1) { e_2 = { error: e_2_1 }; }
                             finally {
                                 try {
-                                    if (!_k && !_d && (_e = _l.return)) yield _e.call(_l);
+                                    if (!_l && !_d && (_e = _m.return)) yield _e.call(_m);
                                 }
                                 finally { if (e_2) throw e_2.error; }
                             }
                         }
                     }
                     finally {
-                        _g = true;
+                        _h = true;
                     }
                 }
             }
             catch (e_1_1) { e_1 = { error: e_1_1 }; }
             finally {
                 try {
-                    if (!_g && !_a && (_b = _h.return)) yield _b.call(_h);
+                    if (!_h && !_a && (_b = _j.return)) yield _b.call(_j);
                 }
                 finally { if (e_1) throw e_1.error; }
             }
+            const endTimeMs = Date.now();
+            (_g = this.logger) === null || _g === void 0 ? void 0 : _g.debug(`auth: Got ${results.length} tenants for account "${account === null || account === void 0 ? void 0 : account.label}" in ${endTimeMs - startTimeMs}ms`);
             return results;
         });
     }
@@ -131,21 +137,27 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      * @param filter - Whether to filter the list returned, according to the list returned
      * by `getTenantFilters()` and `getSubscriptionFilters()`. Optional, default true.
      *
-     * @returns A list of Azure subscriptions.
+     * @returns A list of Azure subscriptions. The list is sorted by subscription name.
+     * The list can contain duplicate subscriptions if they come from different accounts.
      *
      * @throws A {@link NotSignedInError} If the user is not signed in to Azure.
      * Use {@link isSignedIn} and/or {@link signIn} before this method to ensure
      * the user is signed in.
      */
     getSubscriptions(filter = true) {
+        var _a, _b;
         return __awaiter(this, void 0, void 0, function* () {
+            (_a = this.logger) === null || _a === void 0 ? void 0 : _a.debug('auth: Loading subscriptions...');
+            const startTime = Date.now();
             const tenantIds = yield this.getTenantFilters();
             const shouldFilterTenants = filter && !!tenantIds.length; // If the list is empty it is treated as "no filter"
-            const results = [];
+            const allSubscriptions = [];
+            let accountCount; // only used for logging
             try {
                 this.suppressSignInEvents = true;
                 // Get the list of tenants from each account
                 const accounts = yield vscode.authentication.getAccounts((0, configuredAzureEnv_1.getConfiguredAuthProviderId)());
+                accountCount = accounts.length;
                 for (const account of accounts) {
                     for (const tenant of yield this.getTenants(account)) {
                         // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
@@ -154,49 +166,89 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
                         if (shouldFilterTenants && !tenantIds.includes(tenantId)) {
                             continue;
                         }
-                        // If the user is not signed in to this tenant, then skip it
-                        if (!(yield this.isSignedIn(tenantId, account))) {
-                            continue;
-                        }
                         // For each tenant, get the list of subscriptions
-                        results.push(...yield this.getSubscriptionsForTenant(tenantId, account));
+                        allSubscriptions.push(...yield this.getSubscriptionsForTenant(account, tenantId));
                     }
+                    // list subscriptions for the home tenant
+                    allSubscriptions.push(...yield this.getSubscriptionsForTenant(account));
                 }
             }
             finally {
                 this.suppressSignInEvents = false;
             }
+            // It's possible that by listing subscriptions in all tenants and the "home" tenant there could be duplicate subscriptions
+            // Thus, we remove duplicate subscriptions. However, if multiple accounts have the same subscription, we keep them.
+            const subscriptionMap = new Map();
+            allSubscriptions.forEach(sub => subscriptionMap.set(`${sub.account.id}/${sub.subscriptionId}`, sub));
+            const uniqueSubscriptions = Array.from(subscriptionMap.values());
+            const endTime = Date.now();
+            (_b = this.logger) === null || _b === void 0 ? void 0 : _b.debug(`auth: Got ${uniqueSubscriptions.length} subscriptions from ${accountCount} accounts in ${endTime - startTime}ms`);
             const sortSubscriptions = (subscriptions) => subscriptions.sort((a, b) => a.name.localeCompare(b.name));
             const subscriptionIds = yield this.getSubscriptionFilters();
             if (filter && !!subscriptionIds.length) { // If the list is empty it is treated as "no filter"
-                return sortSubscriptions(results.filter(sub => subscriptionIds.includes(sub.subscriptionId)));
+                return sortSubscriptions(uniqueSubscriptions.filter(sub => subscriptionIds.includes(sub.subscriptionId)));
             }
-            return sortSubscriptions(results);
+            return sortSubscriptions(uniqueSubscriptions);
         });
     }
     /**
      * Checks to see if a user is signed in.
      *
      * @param tenantId (Optional) Provide to check if a user is signed in to a specific tenant.
+     * @param account (Optional) Provide to check if a user is signed in to a specific account.
      *
      * @returns True if the user is signed in, false otherwise.
+     *
+     * If no tenant or account is provided, then
+     * checks all accounts for a session.
      */
     isSignedIn(tenantId, account) {
+        var _a, _b;
         return __awaiter(this, void 0, void 0, function* () {
-            const session = yield (0, getSessionFromVSCode_1.getSessionFromVSCode)([], tenantId, { createIfNone: false, silent: true, account });
-            return !!session;
+            function silentlyCheckForSession(tenantId, account) {
+                return __awaiter(this, void 0, void 0, function* () {
+                    return !!(yield (0, getSessionFromVSCode_1.getSessionFromVSCode)([], tenantId, { createIfNone: false, silent: true, account }));
+                });
+            }
+            const innerIsSignedIn = () => __awaiter(this, void 0, void 0, function* () {
+                // If no tenant or account is provided, then check all accounts for a session
+                if (!account && !tenantId) {
+                    const accounts = yield vscode.authentication.getAccounts((0, configuredAzureEnv_1.getConfiguredAuthProviderId)());
+                    if (accounts.length === 0) {
+                        return false;
+                    }
+                    for (const account of accounts) {
+                        if (yield silentlyCheckForSession(tenantId, account)) {
+                            // If any account has a session, then return true because the user is signed in
+                            return true;
+                        }
+                    }
+                }
+                return silentlyCheckForSession(tenantId, account);
+            });
+            const result = yield innerIsSignedIn();
+            (_a = this.logger) === null || _a === void 0 ? void 0 : _a.trace(`auth: isSignedIn returned ${result} (account="${(_b = account === null || account === void 0 ? void 0 : account.label) !== null && _b !== void 0 ? _b : 'none'}") (tenantId="${tenantId !== null && tenantId !== void 0 ? tenantId : 'none'}")`);
+            return result;
         });
     }
     /**
      * Asks the user to sign in or pick an account to use.
      *
      * @param tenantId (Optional) Provide to sign in to a specific tenant.
+     * @param account (Optional) Provide to sign in to a specific account.
      *
      * @returns True if the user is signed in, false otherwise.
      */
-    signIn(tenantId) {
+    signIn(tenantId, account) {
+        var _a, _b;
         return __awaiter(this, void 0, void 0, function* () {
-            const session = yield (0, getSessionFromVSCode_1.getSessionFromVSCode)([], tenantId, { createIfNone: true, clearSessionPreference: true });
+            (_a = this.logger) === null || _a === void 0 ? void 0 : _a.debug(`auth: Signing in (account="${(_b = account === null || account === void 0 ? void 0 : account.label) !== null && _b !== void 0 ? _b : 'none'}") (tenantId="${tenantId !== null && tenantId !== void 0 ? tenantId : 'none'}")`);
+            const session = yield (0, getSessionFromVSCode_1.getSessionFromVSCode)([], tenantId, {
+                createIfNone: true,
+                // If no account is provided, then clear the session preference which tells VS Code to show the account picker
+                clearSessionPreference: !account,
+                account,
+            });
             return !!session;
         });
     }
@@ -248,9 +300,14 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      *
      * @returns The list of subscriptions for the tenant.
      */
-    getSubscriptionsForTenant(tenantId, account) {
+    getSubscriptionsForTenant(account, tenantId) {
         var _a, e_3, _b, _c;
         return __awaiter(this, void 0, void 0, function* () {
+            // If the user is not signed in to this tenant or account, then return an empty list
+            // This is to prevent the NotSignedInError from being thrown in getSubscriptionClient
+            if (!(yield this.isSignedIn(tenantId, account))) {
+                return [];
+            }
             const { client, credential, authentication } = yield this.getSubscriptionClient(account, tenantId, undefined);
             const environment = (0, configuredAzureEnv_1.getConfiguredAzureEnv)();
             const subscriptions = [];
@@ -268,8 +325,8 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
                             /* eslint-disable @typescript-eslint/no-non-null-assertion */
                             name: subscription.displayName,
                             subscriptionId: subscription.subscriptionId,
+                            tenantId: tenantId !== null && tenantId !== void 0 ? tenantId : subscription.tenantId,
                             /* eslint-enable @typescript-eslint/no-non-null-assertion */
-                            tenantId: tenantId,
                             account: account
                         });
                     }

package/out/src/index.d.ts

@@ -1,5 +1,6 @@
 export * from './AzureAuthentication';
 export * from './AzureDevOpsSubscriptionProvider';
+export * from './AzureTenant';
 export * from './AzureSubscription';
 export * from './AzureSubscriptionProvider';
 export * from './NotSignedInError';

package/out/src/index.js

@@ -20,6 +20,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./AzureAuthentication"), exports);
 __exportStar(require("./AzureDevOpsSubscriptionProvider"), exports);
+__exportStar(require("./AzureTenant"), exports);
 __exportStar(require("./AzureSubscription"), exports);
 __exportStar(require("./AzureSubscriptionProvider"), exports);
 __exportStar(require("./NotSignedInError"), exports);

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@microsoft/vscode-azext-azureauth",
     "author": "Microsoft Corporation",
-    "version": "3.0.1",
+    "version": "4.0.0",
     "description": "Azure authentication helpers for Visual Studio Code",
     "tags": [
         "azure",