Mask Secret in artifacts common too (#332)

* Mask Secret in artifacts common too

* add loc to module json

Author: tintse-thxsky-MSFT

common-npm-packages/artifacts-common/module.json

@@ -17,6 +17,7 @@
         "MSILoginFailed": "Azure login failed using Managed Service Identity",
         "ServiceConnections_Error_FailedToParseServiceEndpoint_MissingParameter": "Failed to parse the service endpoint '%s' because it was missing the parameter '%s'",
         "ServiceConnections_Error_FailedToParseServiceEndpoint_BadScheme": "Failed to parse the service endpoint '%s' because the auth scheme '%s' was invalid",
-        "SettingAzureCloud": "Setting active cloud to: %s"
+        "SettingAzureCloud": "Setting active cloud to: %s",
+        "Info_GotAndMaskAuth":"Got auth token, setting it as secret so it does not print in console log"
     }
 }

common-npm-packages/artifacts-common/package-lock.json

@@ -1,6 +1,6 @@
 {
     "name": "azure-pipelines-tasks-artifacts-common",
-    "version": "2.241.0",
+    "version": "2.241.1",
     "description": "Azure Artifacts common code (for new authentication tasks)",
     "scripts": {
         "build": "cd ../build-scripts && npm install && cd ../artifacts-common && node make.js"

common-npm-packages/artifacts-common/package.json

@@ -20,11 +20,13 @@ export function getWebApiWithProxy(serviceUri: string, accessToken: string, opti
     return new api.WebApi(serviceUri, credentialHandler, {...defaultOptions, ...options});
 }
 
+/** Return a masked SystemAccessToken */
 export function getSystemAccessToken(): string {
     tl.debug('Getting credentials for local feeds');
     const auth = tl.getEndpointAuthorization('SYSTEMVSSCONNECTION', false);
     if (auth.scheme === 'OAuth') {
-        tl.debug('Got auth token');
+        tl.debug(tl.loc("Info_GotAndMaskAuth"));
+        tl.setSecret(auth.parameters['AccessToken']);
         return auth.parameters['AccessToken'];
     } else {
         tl.warning('Could not determine credentials to use');