Azure
diff --git a/‎src/Accounts/Accounts.Test/AutosaveTests.cs‎
Lines changed: 1 addition & 2 deletions b/‎src/Accounts/Accounts.Test/AutosaveTests.cs‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎src/Accounts/Accounts.Test/ContextCmdletTests.cs‎
Lines changed: 1 addition & 1 deletion b/‎src/Accounts/Accounts.Test/ContextCmdletTests.cs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Accounts/Accounts.Test/ProfileCmdletTests.cs‎
Lines changed: 1 addition & 1 deletion b/‎src/Accounts/Accounts.Test/ProfileCmdletTests.cs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs‎
Lines changed: 3 additions & 3 deletions b/‎src/Accounts/Accounts/Account/ConnectAzureRmAccount.cs‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/Accounts/Accounts/AutoSave/DisableAzureRmContextAutosave.cs‎
Lines changed: 5 additions & 0 deletions b/‎src/Accounts/Accounts/AutoSave/DisableAzureRmContextAutosave.cs‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Accounts/Accounts/AutoSave/EnableAzureRmContextAutosave.cs‎
Lines changed: 5 additions & 0 deletions b/‎src/Accounts/Accounts/AutoSave/EnableAzureRmContextAutosave.cs‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Accounts/Accounts/ChangeLog.md‎
Lines changed: 0 additions & 2 deletions b/‎src/Accounts/Accounts/ChangeLog.md‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎src/Accounts/Accounts/Context/ImportAzureRMContext.cs‎
Lines changed: 2 additions & 2 deletions b/‎src/Accounts/Accounts/Context/ImportAzureRMContext.cs‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Accounts/Accounts/Context/SetAzureRMContext.cs‎
Lines changed: 2 additions & 2 deletions b/‎src/Accounts/Accounts/Context/SetAzureRMContext.cs‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Accounts/Authentication.ResourceManager/AzureRmProfile.cs‎
Lines changed: 2 additions & 2 deletions b/‎src/Accounts/Authentication.ResourceManager/AzureRmProfile.cs‎
Lines changed: 2 additions & 2 deletions
@@ -41,7 +41,6 @@ public AutosaveTests(ITestOutputHelper output)
             XunitTracingInterceptor.AddToContext(new XunitTracingInterceptor(output));
             commandRuntimeMock = new MockCommandRuntime();
             dataStore = new MemoryDataStore();
-            ResetState();
             keyStore = SetMockedAzKeyStore();
         }
 
@@ -51,7 +50,7 @@ private AzKeyStore SetMockedAzKeyStore()
             storageMocker.Setup(f => f.Create()).Returns(storageMocker.Object);
             storageMocker.Setup(f => f.ReadData()).Returns(new byte[0]);
             storageMocker.Setup(f => f.WriteData(It.IsAny<byte[]>())).Callback((byte[] s) => {});
-            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", storageMocker.Object);
+            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", true, storageMocker.Object);
             return keyStore;
         }
 
 
@@ -64,7 +64,7 @@ public ContextCmdletTests(ITestOutputHelper output)
             Mock<IStorage> storageMocker = new Mock<IStorage>();
             AzKeyStore azKeyStore = null;
             string profilePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), Resources.AzureDirectoryName);
-        azKeyStore = new AzKeyStore(profilePath, AzureSession.Instance.KeyStoreFile, storageMocker.Object);
+            azKeyStore = new AzKeyStore(profilePath, AzureSession.Instance.KeyStoreFile, true, storageMocker.Object);
             AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => azKeyStore, true);
         }
 
 
@@ -55,7 +55,7 @@ private AzKeyStore SetMockedAzKeyStore()
             storageMocker.Setup(f => f.Create()).Returns(storageMocker.Object);
             storageMocker.Setup(f => f.ReadData()).Returns(new byte[0]);
             storageMocker.Setup(f => f.WriteData(It.IsAny<byte[]>())).Callback((byte[] s) => { });
-            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", storageMocker.Object);
+            var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", false, storageMocker.Object);
             return keyStore;
         }
 
 
@@ -425,7 +425,7 @@ public override void ExecuteCmdlet()
                 azureAccount.SetProperty(AzureAccount.Property.CertificatePath, resolvedPath);
                 if (CertificatePassword != null)
                 {
-                    keyStore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, azureAccount.Id, Tenant), CertificatePassword);
+                    keyStore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, azureAccount.Id, Tenant), CertificatePassword);
                     if (GetContextModificationScope() == ContextModificationScope.CurrentUser && !keyStore.IsProtected)
                     {
                         WriteWarning(string.Format(Resources.ServicePrincipalWarning, AzureSession.Instance.KeyStoreFile, AzureSession.Instance.ARMProfileDirectory));
@@ -451,7 +451,7 @@ public override void ExecuteCmdlet()
 
             if (azureAccount.Type == AzureAccount.AccountType.ServicePrincipal && password != null)
             {
-                keyStore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret
+                keyStore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret
                     ,azureAccount.Id, Tenant), password);
                 if (GetContextModificationScope() == ContextModificationScope.CurrentUser && !keyStore.IsProtected)
                 {
@@ -713,7 +713,7 @@ public void OnImport()
                 }
 
                 AzKeyStore keyStore = null;
-                keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, AzureSession.Instance.KeyStoreFile);
+                keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, AzureSession.Instance.KeyStoreFile, autoSaveEnabled);
                 AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => keyStore);
 
                 if (!InitializeProfileProvider(autoSaveEnabled))
 
@@ -92,6 +92,11 @@ void DisableAutosave(IAzureSession session, bool writeAutoSaveFile, out ContextA
                 builder.Reset();
             }
 
+            if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keystore))
+            {
+                keystore.DisableSyncToStorage();
+            }
+
             if (writeAutoSaveFile)
             {
                 FileUtilities.EnsureDirectoryExists(session.ProfileDirectory);
 
@@ -102,6 +102,11 @@ void EnableAutosave(IAzureSession session, bool writeAutoSaveFile, out ContextAu
                 AzureSession.Instance.RegisterComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, () => newCacheProvider, true);
             }
 
+            if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keystore))
+            {
+                keystore.EnableSyncToStorage();
+            }
+
             if (writeAutoSaveFile)
             {
                 try
 
@@ -22,8 +22,6 @@
 * Supported Web Account Manager on ARM64-based Windows systems. Fixed an issue where `Connect-AzAccount` failed with error "Unable to load DLL 'msalruntime_arm64'". [#20700]
 * Enabled credential to be found only by applicationId while tenant was not matched when accquire token. [#20484]
 * When Az.Accounts ran in parallel, the waiters were allowed to wait infinitely to avoid throw exception in automation enviroment. [#20455]
-* Used Lazy load for AzKeyStore.
-* Used update on change mechanism for AzKeyStore and remove `Flush` interface.
 
 ## Version 2.11.1
 * Fixed an issue where Az.Accounts cannot be imported correctly. [#20615]
 
@@ -78,13 +78,13 @@ void CopyProfile(AzureRmProfile source, IProfileOperations target)
                         var secret = account.GetProperty(AzureAccount.Property.ServicePrincipalSecret);
                         if (!string.IsNullOrEmpty(secret))
                         {
-                            keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, context.Value.Tenant?.Id)
+                            keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, context.Value.Tenant?.Id)
                                 , secret.ConvertToSecureString());
                         }
                         var password = account.GetProperty(AzureAccount.Property.CertificatePassword);
                         if (!string.IsNullOrEmpty(password))
                         {
-                            keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, context.Value.Tenant?.Id)
+                            keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, context.Value.Tenant?.Id)
                                 ,password.ConvertToSecureString());
                         }
                     }
 
@@ -97,13 +97,13 @@ public override void ExecuteCmdlet()
                                     var secret = account.GetProperty(AzureAccount.Property.ServicePrincipalSecret);
                                     if (!string.IsNullOrEmpty(secret))
                                     {
-                                        keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, Context.Tenant?.Id)
+                                        keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, Context.Tenant?.Id)
                                             , secret.ConvertToSecureString());
                                     }
                                     var password = account.GetProperty(AzureAccount.Property.CertificatePassword);
                                     if (!string.IsNullOrEmpty(password))
                                     {
-                                        keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, Context.Tenant?.Id)
+                                        keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, Context.Tenant?.Id)
                                             , password.ConvertToSecureString());
                                     }
                                 }
 
@@ -225,13 +225,13 @@ private IAzureContext MigrateSecretToKeyStore(IAzureContext context, AzKeyStore
                 var account = context.Account;
                 if (account.IsPropertySet(AzureAccount.Property.ServicePrincipalSecret))
                 {
-                    keystore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, account.GetTenants().First())
+                    keystore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, account.GetTenants().First())
                         , account.ExtendedProperties.GetProperty(AzureAccount.Property.ServicePrincipalSecret).ConvertToSecureString());
                     account.ExtendedProperties.Remove(AzureAccount.Property.ServicePrincipalSecret);
                 }
                 if (account.IsPropertySet(AzureAccount.Property.CertificatePassword))
                 {
-                    keystore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, account.GetTenants().First())
+                    keystore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, account.GetTenants().First())
     , account.ExtendedProperties.GetProperty(AzureAccount.Property.CertificatePassword).ConvertToSecureString());
                     account.ExtendedProperties.Remove(AzureAccount.Property.CertificatePassword);
                 }
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,6 @@ public AutosaveTests(ITestOutputHelper output)`
`41`	`41`	`XunitTracingInterceptor.AddToContext(new XunitTracingInterceptor(output));`
`42`	`42`	`commandRuntimeMock = new MockCommandRuntime();`
`43`	`43`	`dataStore = new MemoryDataStore();`
`44`		`- ResetState();`
`45`	`44`	`keyStore = SetMockedAzKeyStore();`
`46`	`45`	`}`
`47`	`46`
`@@ -51,7 +50,7 @@ private AzKeyStore SetMockedAzKeyStore()`
`51`	`50`	`storageMocker.Setup(f => f.Create()).Returns(storageMocker.Object);`
`52`	`51`	`storageMocker.Setup(f => f.ReadData()).Returns(new byte[0]);`
`53`	`52`	`storageMocker.Setup(f => f.WriteData(It.IsAny<byte[]>())).Callback((byte[] s) => {});`
`54`		`- var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", storageMocker.Object);`
	`53`	`+ var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", true, storageMocker.Object);`
`55`	`54`	`return keyStore;`
`56`	`55`	`}`
`57`	`56`
Original file line number	Diff line number	Diff line change
`@@ -64,7 +64,7 @@ public ContextCmdletTests(ITestOutputHelper output)`
`64`	`64`	`Mock<IStorage> storageMocker = new Mock<IStorage>();`
`65`	`65`	`AzKeyStore azKeyStore = null;`
`66`	`66`	`string profilePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), Resources.AzureDirectoryName);`
`67`		`- azKeyStore = new AzKeyStore(profilePath, AzureSession.Instance.KeyStoreFile, storageMocker.Object);`
	`67`	`+ azKeyStore = new AzKeyStore(profilePath, AzureSession.Instance.KeyStoreFile, true, storageMocker.Object);`
`68`	`68`	`AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => azKeyStore, true);`
`69`	`69`	`}`
`70`	`70`
Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ private AzKeyStore SetMockedAzKeyStore()`
`55`	`55`	`storageMocker.Setup(f => f.Create()).Returns(storageMocker.Object);`
`56`	`56`	`storageMocker.Setup(f => f.ReadData()).Returns(new byte[0]);`
`57`	`57`	`storageMocker.Setup(f => f.WriteData(It.IsAny<byte[]>())).Callback((byte[] s) => { });`
`58`		`- var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", storageMocker.Object);`
	`58`	`+ var keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, "azkeystore", false, storageMocker.Object);`
`59`	`59`	`return keyStore;`
`60`	`60`	`}`
`61`	`61`
Original file line number	Diff line number	Diff line change
`@@ -425,7 +425,7 @@ public override void ExecuteCmdlet()`
`425`	`425`	`azureAccount.SetProperty(AzureAccount.Property.CertificatePath, resolvedPath);`
`426`	`426`	`if (CertificatePassword != null)`
`427`	`427`	`{`
`428`		`- keyStore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, azureAccount.Id, Tenant), CertificatePassword);`
	`428`	`+ keyStore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, azureAccount.Id, Tenant), CertificatePassword);`
`429`	`429`	`if (GetContextModificationScope() == ContextModificationScope.CurrentUser && !keyStore.IsProtected)`
`430`	`430`	`{`
`431`	`431`	`WriteWarning(string.Format(Resources.ServicePrincipalWarning, AzureSession.Instance.KeyStoreFile, AzureSession.Instance.ARMProfileDirectory));`
`@@ -451,7 +451,7 @@ public override void ExecuteCmdlet()`
`451`	`451`
`452`	`452`	`if (azureAccount.Type == AzureAccount.AccountType.ServicePrincipal && password != null)`
`453`	`453`	`{`
`454`		`- keyStore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret`
	`454`	`+ keyStore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret`
`455`	`455`	`,azureAccount.Id, Tenant), password);`
`456`	`456`	`if (GetContextModificationScope() == ContextModificationScope.CurrentUser && !keyStore.IsProtected)`
`457`	`457`	`{`
`@@ -713,7 +713,7 @@ public void OnImport()`
`713`	`713`	`}`
`714`	`714`
`715`	`715`	`AzKeyStore keyStore = null;`
`716`		`- keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, AzureSession.Instance.KeyStoreFile);`
	`716`	`+ keyStore = new AzKeyStore(AzureSession.Instance.ARMProfileDirectory, AzureSession.Instance.KeyStoreFile, autoSaveEnabled);`
`717`	`717`	`AzureSession.Instance.RegisterComponent(AzKeyStore.Name, () => keyStore);`
`718`	`718`
`719`	`719`	`if (!InitializeProfileProvider(autoSaveEnabled))`
Original file line number	Diff line number	Diff line change
`@@ -92,6 +92,11 @@ void DisableAutosave(IAzureSession session, bool writeAutoSaveFile, out ContextA`
`92`	`92`	`builder.Reset();`
`93`	`93`	`}`
`94`	`94`
	`95`	`+ if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keystore))`
	`96`	`+ {`
	`97`	`+ keystore.DisableSyncToStorage();`
	`98`	`+ }`
	`99`	`+`
`95`	`100`	`if (writeAutoSaveFile)`
`96`	`101`	`{`
`97`	`102`	`FileUtilities.EnsureDirectoryExists(session.ProfileDirectory);`
Original file line number	Diff line number	Diff line change
`@@ -102,6 +102,11 @@ void EnableAutosave(IAzureSession session, bool writeAutoSaveFile, out ContextAu`
`102`	`102`	`AzureSession.Instance.RegisterComponent(PowerShellTokenCacheProvider.PowerShellTokenCacheProviderKey, () => newCacheProvider, true);`
`103`	`103`	`}`
`104`	`104`
	`105`	`+ if (AzureSession.Instance.TryGetComponent(AzKeyStore.Name, out AzKeyStore keystore))`
	`106`	`+ {`
	`107`	`+ keystore.EnableSyncToStorage();`
	`108`	`+ }`
	`109`	`+`
`105`	`110`	`if (writeAutoSaveFile)`
`106`	`111`	`{`
`107`	`112`	`try`
Original file line number	Diff line number	Diff line change
`@@ -78,13 +78,13 @@ void CopyProfile(AzureRmProfile source, IProfileOperations target)`
`78`	`78`	`var secret = account.GetProperty(AzureAccount.Property.ServicePrincipalSecret);`
`79`	`79`	`if (!string.IsNullOrEmpty(secret))`
`80`	`80`	`{`
`81`		`- keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, context.Value.Tenant?.Id)`
	`81`	`+ keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, context.Value.Tenant?.Id)`
`82`	`82`	`, secret.ConvertToSecureString());`
`83`	`83`	`}`
`84`	`84`	`var password = account.GetProperty(AzureAccount.Property.CertificatePassword);`
`85`	`85`	`if (!string.IsNullOrEmpty(password))`
`86`	`86`	`{`
`87`		`- keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, context.Value.Tenant?.Id)`
	`87`	`+ keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, context.Value.Tenant?.Id)`
`88`	`88`	`,password.ConvertToSecureString());`
`89`	`89`	`}`
`90`	`90`	`}`
Original file line number	Diff line number	Diff line change
`@@ -97,13 +97,13 @@ public override void ExecuteCmdlet()`
`97`	`97`	`var secret = account.GetProperty(AzureAccount.Property.ServicePrincipalSecret);`
`98`	`98`	`if (!string.IsNullOrEmpty(secret))`
`99`	`99`	`{`
`100`		`- keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, Context.Tenant?.Id)`
	`100`	`+ keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, Context.Tenant?.Id)`
`101`	`101`	`, secret.ConvertToSecureString());`
`102`	`102`	`}`
`103`	`103`	`var password = account.GetProperty(AzureAccount.Property.CertificatePassword);`
`104`	`104`	`if (!string.IsNullOrEmpty(password))`
`105`	`105`	`{`
`106`		`- keyStore.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, Context.Tenant?.Id)`
	`106`	`+ keyStore.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, Context.Tenant?.Id)`
`107`	`107`	`, password.ConvertToSecureString());`
`108`	`108`	`}`
`109`	`109`	`}`
Original file line number	Diff line number	Diff line change
`@@ -225,13 +225,13 @@ private IAzureContext MigrateSecretToKeyStore(IAzureContext context, AzKeyStore`
`225`	`225`	`var account = context.Account;`
`226`	`226`	`if (account.IsPropertySet(AzureAccount.Property.ServicePrincipalSecret))`
`227`	`227`	`{`
`228`		`- keystore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, account.GetTenants().First())`
	`228`	`+ keystore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.ServicePrincipalSecret, account.Id, account.GetTenants().First())`
`229`	`229`	`, account.ExtendedProperties.GetProperty(AzureAccount.Property.ServicePrincipalSecret).ConvertToSecureString());`
`230`	`230`	`account.ExtendedProperties.Remove(AzureAccount.Property.ServicePrincipalSecret);`
`231`	`231`	`}`
`232`	`232`	`if (account.IsPropertySet(AzureAccount.Property.CertificatePassword))`
`233`	`233`	`{`
`234`		`- keystore?.SaveCredential(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, account.GetTenants().First())`
	`234`	`+ keystore?.SaveSecureString(new ServicePrincipalKey(AzureAccount.Property.CertificatePassword, account.Id, account.GetTenants().First())`
`235`	`235`	`, account.ExtendedProperties.GetProperty(AzureAccount.Property.CertificatePassword).ConvertToSecureString());`
`236`	`236`	`account.ExtendedProperties.Remove(AzureAccount.Property.CertificatePassword);`
`237`	`237`	`}`