Make secrets detection option enabled by default and improve the feature (#24874)

Author: vidai-msft

src/Accounts/Accounts/ChangeLog.md

@@ -19,6 +19,7 @@
 -->
 
 ## Upcoming Release
+* Enabled secrets detection option by default.
 * Fixed a null reference issue during the process of `Get-AzContext -ListAvailable` [#24854].
 * Supported interactive subscription selection for user login flow. See more details at [Announcing a new login experience with Azure PowerShell and Azure CLI
 ](https://techcommunity.microsoft.com/t5/azure-tools-blog/announcing-a-new-login-experience-with-azure-powershell-and/ba-p/4109357)

src/Accounts/Authentication/Config/ConfigInitializer.cs

@@ -235,7 +235,7 @@ private void RegisterConfigs(IConfigManager configManager)
             configManager.RegisterConfig(new SimpleTypedConfig<bool>(
                 ConfigKeys.DisplaySecretsWarning,
                 Resources.HelpMessageOfDisplaySecretsWarning,
-                false,
+                true,
                 "AZURE_CLIENTS_SHOW_SECRETS_WARNING",
                 new[] { AppliesTo.Az }));
             configManager.RegisterConfig(new DisableInstanceDiscoveryConfig());

src/Accounts/Authentication/Sanitizer/Providers/SanitizerCollectionProvider.cs

@@ -51,7 +51,7 @@ public override void SanitizeValue(object sanitizingObject, Stack<object> saniti
                         }
                         else
                         {
-                            if (!collItemType.IsValueType && !sanitizingStack.Contains(collItem) && !ExceedsMaxDepth(property, telemetry))
+                            if (!collItemType.IsValueType && !sanitizingStack.Contains(collItem))
                             {
                                 var provider = resolver.ResolveProvider(collItem.GetType());
                                 provider?.SanitizeValue(collItem, sanitizingStack, resolver, property, telemetry);

src/Accounts/Authentication/Sanitizer/Providers/SanitizerCustomObjectProvider.cs

@@ -47,7 +47,7 @@ public override void SanitizeValue(object sanitizingObject, Stack<object> saniti
                         }
                         else
                         {
-                            if (!propValueType.IsValueType && !sanitizingStack.Contains(propValue) && !ExceedsMaxDepth(prop, telemetry))
+                            if (!propValueType.IsValueType && !sanitizingStack.Contains(propValue) && ShouldProcessProperty(prop, telemetry))
                             {
                                 provider.SanitizeValue(propValue, sanitizingStack, resolver, prop, telemetry);
                             }

src/Accounts/Authentication/Sanitizer/Providers/SanitizerDictionaryProvider.cs

@@ -53,7 +53,7 @@ public override void SanitizeValue(object sanitizingObject, Stack<object> saniti
                         }
                         else
                         {
-                            if (!dicItemValueType.IsValueType && !sanitizingStack.Contains(dictItemValue) && !ExceedsMaxDepth(property, telemetry))
+                            if (!dicItemValueType.IsValueType && !sanitizingStack.Contains(dictItemValue))
                             {
                                 var provider = resolver.ResolveProvider(dicItemValueType);
                                 provider?.SanitizeValue(dictItemValue, sanitizingStack, resolver, property, telemetry);

src/Accounts/Authentication/Sanitizer/Providers/SanitizerProviderBase.cs

@@ -12,11 +12,10 @@
 // limitations under the License.
 // ----------------------------------------------------------------------------------
 
-using System;
-using System.Collections.Generic;
-using Microsoft.ApplicationInsights.Channel;
 using Microsoft.Azure.Commands.Common.Authentication.Sanitizer.Services;
 using Microsoft.WindowsAzure.Commands.Common.Sanitizer;
+using System;
+using System.Collections.Generic;
 
 namespace Microsoft.Azure.Commands.Common.Authentication.Sanitizer.Providers
 {
@@ -46,25 +45,30 @@ protected string ResolvePropertyPath(SanitizerProperty property)
             return propertyPath;
         }
 
-        protected bool ExceedsMaxDepth(SanitizerProperty property, SanitizerTelemetry telemetry)
+        protected bool ShouldProcessProperty(SanitizerProperty property, SanitizerTelemetry telemetry)
         {
             if (property == null)
                 return false;
 
             var currentProperty = property;
+            var parentProperty = currentProperty.ParentProperty;
 
             for (var i = 0; i < MaxDepth; i++)
             {
-                if (currentProperty.ParentProperty == null)
+                if (parentProperty == null)
+                    return true;
+
+                if (ReferenceEquals(property, parentProperty))
                     return false;
 
-                currentProperty = currentProperty.ParentProperty;
+                currentProperty = parentProperty;
+                parentProperty = currentProperty.ParentProperty;
             }
 
             telemetry.HasErrorInDetection = true;
-            telemetry.DetectionError = new Exception($"Potential stack overflow exception may occurr on property: {property.PropertyName}!");
+            telemetry.DetectionError = new Exception($"Potential stack overflow exception may occurr on property: '{property.PropertyName}' declared in the object '{property.ValueSupplier.DeclaringType.FullName}' with type '{property.PropertyType.FullName}'");
 
-            return true;
+            return false;
         }
 
         internal abstract SanitizerProviderType ProviderType { get; }

src/Accounts/Authentication/Sanitizer/Services/DefaultSanitizerService.cs

@@ -35,8 +35,11 @@ internal class DefaultSanitizerService : ISanitizerService
             { "Microsoft.WindowsAzure.Commands.Common.Storage.ResourceModel.AzureStorageFileShare", new[] { "ShareProperties" } },
             { "Microsoft.WindowsAzure.Commands.Common.Storage.ResourceModel.AzureStorageFileDirectory", new[] { "ShareDirectoryProperties" } },
 
-            // Skip infinite recursion properties
-            { "Microsoft.Azure.PowerShell.Cmdlets.DataProtection.Models.Api20231201.InnerError", new[] { "EmbeddedInnerError" } },
+            // Skip infinite recursion properties that cause performance concern
+
+            // Storage
+            { "Microsoft.Azure.Storage.Blob.CloudBlobDirectory", new[] { "Parent" } },
+            { "Microsoft.Azure.Storage.File.CloudFileDirectory", new[] { "Parent" } },
         };
 
         private static readonly IEnumerable<string> SensitiveDataPatterns = new List<string>()