Auth updates

Modules/BenchPress.Azure/Private/Connect-Account.ps1

@@ -43,65 +43,75 @@ function Connect-Account {
   Begin { }
   Process {
     $useManagedIdentity = Get-EnvironmentVariable AZ_USE_MANAGED_IDENTITY -DontThrowIfMissing
-    $subscriptionId = Get-EnvironmentVariable AZ_SUBSCRIPTION_ID
+    $subscriptionId = Get-EnvironmentVariable AZ_SUBSCRIPTION_ID -DontThrowIfMissing
+    $applicationId = Get-EnvironmentVariable AZ_APPLICATION_ID -DontThrowIfMissing
+    $tenantId = Get-EnvironmentVariable AZ_TENANT_ID -DontThrowIfMissing
+
     $currentConnection = Get-AzContext
     $results = [AuthenticationResult]::new()
 
-    # Login Using Managed Identity
-    if ($useManagedIdentity) {
-      $connection = Connect-AzAccount -Identity
-      $subscriptionName = (Get-AzSubscription -SubscriptionId  $subscriptionId).Name
-      Set-AzContext -Subscription $subscriptionName
-
+    if (IsCurrentAccountLoggedIn($currentConnection)) {
       $results.Success = $true
-      $results.AuthenticationData = [AuthenticationData]::new($connection.Context.Subscription.Id)
+      $results.AuthenticationData = [AuthenticationData]::new(($currentConnection).Subscription.Id)
     }
     else {
-      # If the current context matches the subscription, tenant, and service principal, then we're already properly logged in.
-      $applicationId = Get-EnvironmentVariable AZ_APPLICATION_ID
-      $tenantId = Get-EnvironmentVariable AZ_TENANT_ID
+      # Login Using Managed Identity
+      if ($useManagedIdentity) {
+        $connection = Connect-AzAccount -Identity
+        if ($subscriptionId -ne $null) {
+          $subscriptionName = (Get-AzSubscription -SubscriptionId  $subscriptionId).Name
+          Set-AzContext -Subscription $subscriptionName
+        }
 
-      if (IsCurrentAccountLoggedIn($currentConnection)) {
         $results.Success = $true
-        $results.AuthenticationData = [AuthenticationData]::new(($currentConnection).Subscription.Id)
+        $results.AuthenticationData = [AuthenticationData]::new($connection.Context.Subscription.Id)
       }
       else {
-        # The current context is not correct
-        # Create the credentials and login to the correct account
-
-        $clientSecret = Get-EnvironmentVariable AZ_ENCRYPTED_PASSWORD | ConvertTo-SecureString
-        $clientSecret = New-Object System.Management.Automation.PSCredential -ArgumentList $applicationId, $clientSecret
+          # The current context is not correct
+          # Create the credentials and login to the correct account
+          $clientSecret = Get-EnvironmentVariable AZ_ENCRYPTED_PASSWORD | ConvertTo-SecureString
+          $clientSecret = New-Object System.Management.Automation.PSCredential -ArgumentList $applicationId, $clientSecret
 
-        try {
-          $connectionParams = @{
-            Credential   = $clientSecret
-            TenantId     = $tenantId
-            Subscription = $subscriptionId
+          if ($currentConnection -ne $null){
+            Write-Warning "Logging out of current Az.Powershell context and connecting to Subscription: $subscriptionId"
           }
-          $connection = Connect-AzAccount -ServicePrincipal @connectionParams
 
-          $results.Success = $true
-          $results.AuthenticationData = [AuthenticationData]::new($connection.Context.Subscription.Id)
-        }
-        catch {
-          $thrownError = $_
-          $results.Success = $false
-          Write-Error $thrownError
-        }
-      }
+          try {
+            $connectionParams = @{
+              Credential   = $clientSecret
+              TenantId     = $tenantId
+              Subscription = $subscriptionId
+            }
+            $connection = Connect-AzAccount -ServicePrincipal @connectionParams
 
+            $results.Success = $true
+            $results.AuthenticationData = [AuthenticationData]::new($connection.Context.Subscription.Id)
+          }
+          catch {
+            $thrownError = $_
+            $results.Success = $false
+            Write-Error $thrownError
+          }
+      }
     }
+
     $results
   }
   End { }
 }
 
 function IsCurrentAccountLoggedIn($currentConnection) {
-  if ($null -ne $currentConnection `
-      -and ($currentConnection).Account.Type -eq 'ServicePrincipal' `
-      -and ($currentConnection).Account.Id -eq $applicationId `
-      -and ($currentConnection).Tenant.Id -eq $tenantId `
-      -and ($currentConnection).Subscription.Id -eq $subscriptionId) {
+  if ($null -eq $currentConnection) {
+    return $False
+  }
+
+  if ($subscriptionId -eq $null -or $applicationId -eq $null -or $tenantId -eq $null) {
+    return $True
+  }
+
+  if ($currentConnection.Account.Id -eq $applicationId `
+      -and $currentConnection.Tenant.Id -eq $tenantId `
+      -and $currentConnection.Subscription.Id -eq $subscriptionId) {
     return $True
   }
 

examples/ResourceGroup/ResourceGroup.Tests.ps1

@@ -1,5 +1,4 @@
 BeforeAll {
-  Import-Module BenchPress.Azure
 
   $Script:rgName = 'rg-test'
   $Script:noRgName = 'notestrg'
@@ -48,6 +47,4 @@ Describe 'Verify Resource Group Exists' {
   }
 }
 
-AfterAll {
-  Get-Module BenchPress.Azure | Remove-Module
-}
+