Add auth-cache clear command#434
Conversation
Add a top-level auth-cache clear command that removes the Agent 365 CLI auth-token cache without touching the MSAL/WAM broker cache or triggering authenticated startup work before clearing. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds a new auth-cache clear CLI command to manage cached authentication tokens, along with related wiring, constants, and documentation updates.
Changes:
- New
AuthCacheCommandwith aclearsubcommand that deletes the CLI auth token cache file. - Program.cs registers the command and excludes it from pre-execution auth flow.
- Documentation comments updated to reflect new cache paths; tests added for clear behavior.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/Microsoft.Agents.A365.DevTools.Cli/Commands/AuthCacheCommand.cs | New command implementing auth-cache clear. |
| src/Microsoft.Agents.A365.DevTools.Cli/Constants/CommandNames.cs | Adds AuthCache constant. |
| src/Microsoft.Agents.A365.DevTools.Cli/Program.cs | Registers command and skips auth pre-step for it. |
| src/Microsoft.Agents.A365.DevTools.Cli/Services/AuthenticationService.cs | Updates cache location comment. |
| src/Microsoft.Agents.A365.DevTools.Cli/Services/MsalBrowserCredential.cs | Updates cache location comment. |
| src/Tests/.../AuthCacheCommandTests.cs | Adds unit tests for the new command. |
| var isAuthCacheCommand = args.FirstOrDefault(arg => !arg.StartsWith("-")) == CommandNames.AuthCache; | ||
| if (!isHelpOrVersion && !isShowSecret && !isAuthCacheCommand) |
| catch (Exception ex) when (ex is IOException or UnauthorizedAccessException or System.Security.SecurityException) | ||
| { | ||
| logger.LogError("Failed to delete {Path}: {Message}", path, ex.Message); | ||
| context.ExitCode = 1; | ||
| } |
|
|
||
| public void Dispose() | ||
| { | ||
| try { Directory.Delete(_cacheDirectory, recursive: true); } catch { } |
| [Fact] | ||
| public async Task Clear_WhenCacheFilesDoNotExist_Succeeds() | ||
| { | ||
| var command = AuthCacheCommand.CreateCommand(_logger, _cacheDirectory); | ||
|
|
||
| var result = await command.InvokeAsync(["clear"]); | ||
|
|
||
| result.Should().Be(0); | ||
| } |
|
@beyondszine , thanks for putting this together. The motivation is real (stale tokens breaking subsequent commands), but I'd like us to fix the root cause rather than add a user-facing command that papers over it. The real bugIn string cacheKey = string.IsNullOrWhiteSpace(tenantId)
? resourceUrl
: $"{resourceUrl}:tenant:{tenantId}";
if (!string.IsNullOrWhiteSpace(userId))
cacheKey = $"{cacheKey}:user:{userId}";Many call sites don't thread Why a manual command isn't the right answer
Asking users to also learn What I'd like to see instead
After (1)–(3), the failure mode that motivated this PR doesn't reach the user in the first place, and there's no manual command to invoke. Suggested next stepClose this PR and open a new one against |
sellakumaran
left a comment
sellakumaran
left a comment
There was a problem hiding this comment.
See my comment in the PR.
Add a top-level auth-cache clear command that removes the Agent 365 CLI auth-token cache without touching the MSAL/WAM broker cache or triggering authenticated startup work before clearing.
why?
a365 cli stores token in cache & if it gets stale due to any reasons - the next runs just fails. Thus, auth-cache clear command can help users.