From 55e17cb7022c658bda2eda1f325c2904a9d10c4c Mon Sep 17 00:00:00 2001
From: Yeming Liu <11371776+isra-fel@users.noreply.github.com>
Date: Wed, 25 Dec 2024 10:50:55 +0800
Subject: [PATCH] Made the breaking change warnings about `Get-AzAccessToken`
 not appear when `-AsSecureString` is used. (#26929)

---
 src/Accounts/Accounts/ChangeLog.md            |  1 +
 .../Accounts/Token/GetAzureRmAccessToken.cs   |  4 +--
 .../SecureStringBreakingChangeAttribute.cs    | 35 +++++++++++++++++++
 3 files changed, 37 insertions(+), 3 deletions(-)
 create mode 100644 src/Accounts/Accounts/Utilities/SecureStringBreakingChangeAttribute.cs

diff --git a/src/Accounts/Accounts/ChangeLog.md b/src/Accounts/Accounts/ChangeLog.md
index 071924db8ebb..9a035da753fb 100644
--- a/src/Accounts/Accounts/ChangeLog.md
+++ b/src/Accounts/Accounts/ChangeLog.md
@@ -19,6 +19,7 @@
 -->
 
 ## Upcoming Release
+* Made the breaking change warnings about `Get-AzAccessToken` not appear when `-AsSecureString` is used.
 * Fixed an issue that cmdlets may report warnings of "KeyNotFoundException". #26624
 * Fixed an issue that the `-AppliesTo` parameter of `Update-AzConfig` does not work as expected.
 * Upgraded Azure.Core to 1.44.1 and Azure.Identity to 1.13.0.
diff --git a/src/Accounts/Accounts/Token/GetAzureRmAccessToken.cs b/src/Accounts/Accounts/Token/GetAzureRmAccessToken.cs
index 194ccea36cdc..77f77261f5c1 100644
--- a/src/Accounts/Accounts/Token/GetAzureRmAccessToken.cs
+++ b/src/Accounts/Accounts/Token/GetAzureRmAccessToken.cs
@@ -18,18 +18,16 @@
 using Microsoft.Azure.Commands.ResourceManager.Common;
 using Microsoft.Azure.Commands.ResourceManager.Common.ArgumentCompleters;
 using Microsoft.Azure.PowerShell.Authenticators;
-using Microsoft.WindowsAzure.Commands.Common.CustomAttributes;
 using Microsoft.WindowsAzure.Commands.Utilities.Common;
 
 using System;
 using System.Linq;
 using System.Management.Automation;
-using System.Security;
 using System.Text.Json;
 
 namespace Microsoft.Azure.Commands.Profile
 {
-    [GenericBreakingChangeWithVersion("The Token property of the output type will be changed from String to SecureString. Add the [-AsSecureString] switch to avoid the impact of this upcoming breaking change.", "14.0.0", "4.0.0")]
+    [SecureStringBreakingChange("The Token property of the output type will be changed from String to SecureString. Add the [-AsSecureString] switch to avoid the impact of this upcoming breaking change.", "14.0.0", "5.0.0")]
     [Cmdlet(VerbsCommon.Get, AzureRMConstants.AzureRMPrefix + "AccessToken", DefaultParameterSetName = KnownResourceNameParameterSet)]
     [OutputType(typeof(PSAccessToken), typeof(PSSecureAccessToken))]
     public class GetAzureRmAccessTokenCommand : AzureRMCmdlet
diff --git a/src/Accounts/Accounts/Utilities/SecureStringBreakingChangeAttribute.cs b/src/Accounts/Accounts/Utilities/SecureStringBreakingChangeAttribute.cs
new file mode 100644
index 000000000000..624162340343
--- /dev/null
+++ b/src/Accounts/Accounts/Utilities/SecureStringBreakingChangeAttribute.cs
@@ -0,0 +1,35 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.WindowsAzure.Commands.Common.CustomAttributes;
+using System.Management.Automation;
+
+namespace Microsoft.Azure.Commands.Profile
+{
+    /// <summary>
+    /// Attribute to mark a breaking change that is specific for SecureString.
+    /// Only applies to cmdlets that do not already have the -AsSecureString parameter.
+    /// </summary>
+    internal class SecureStringBreakingChangeAttribute : GenericBreakingChangeWithVersionAttribute
+    {
+        public SecureStringBreakingChangeAttribute(string changeDescription, string changeVersion, string breakingChangeVersion) : base(changeDescription, changeVersion, breakingChangeVersion)
+        {
+        }
+
+        public override bool IsApplicableToInvocation(InvocationInfo invocation)
+        {
+            return !invocation.BoundParameters.ContainsKey(nameof(GetAzureRmAccessTokenCommand.AsSecureString));
+        }
+    }
+}