Fix credential export and indentation in export, ReverseDSC improvements

CHANGELOG.md

@@ -10,6 +10,9 @@
     values.
 * M365DSCUtil
   * Add M365DSC prefix to `Remove-EmptyValue`.
+  * Fixes an issue with `Credential` property being escaped and indentation.
+  * Adds the possibility to allow variables in strings and no authentication
+    results update during conversion to final export.
     FIXES [#3861](https://github.com/microsoft/Microsoft365DSC/issues/3861)
 * SCSensitivityLabel
   * Fixes invalid accepted content type values.

Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1

@@ -370,7 +370,6 @@ function Get-M365DSCDRGComplexTypeToString
                 {
                     $hashPropertyType = ([Array]($ComplexTypeMapping | Where-Object -FilterScript { $_.Name -eq $key }).CimInstanceName)[0]
                     $hashProperty = $itemValue
-                    #$currentProperty += "`r`n"
                 }
                 else
                 {
@@ -418,6 +417,10 @@ function Get-M365DSCDRGComplexTypeToString
                             $nestedPropertyString = $nestedPropertyString.Substring(2)
                         }
                         $currentProperty += $nestedPropertyString
+                        if (-not $currentProperty.EndsWith("`r`n"))
+                        {
+                            $currentProperty += "`r`n"
+                        }
                     }
                     $IndentLevel--
                 }
@@ -483,28 +486,12 @@ function Get-M365DSCDRGComplexTypeToString
     $indent = ''
     $indent = '    ' * ($IndentLevel -1)
 
-    if ($key -in $ComplexTypeMapping.Name)
+    if ($key -in $ComplexTypeMapping.Name -and -not $currentProperty.EndsWith("`r`n"))
     {
         $currentProperty += "`r`n"
     }
 
     $currentProperty += "$indent}"
-    <#
-    if ($IsArray -or $IndentLevel -gt 4)
-    {
-        $currentProperty += "`r`n"
-    }
-    #>
-
-    #Indenting last parenthesis when the cim instance is an array
-    <#
-    if ($IndentLevel -eq 5)
-    {
-        $indent = '    ' * ($IndentLevel -2)
-        $currentProperty += $indent
-    }
-    #>
-
     $emptyCIM = $currentProperty.Replace(' ', '').Replace("`r`n", '')
     if ($emptyCIM -eq "MSFT_$CIMInstanceName{}")
     {

Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1

@@ -3603,6 +3603,7 @@ function Update-M365DSCExportAuthenticationResults
     if ($ConnectionMode -eq 'Credentials')
     {
         $Results.Credential = Resolve-Credentials -UserName 'credential'
+        $noEscape += 'Credential'
         if ($Results.ContainsKey('ApplicationId'))
         {
             $Results.Remove('ApplicationId') | Out-Null
@@ -3631,6 +3632,7 @@ function Update-M365DSCExportAuthenticationResults
     elseif ($ConnectionMode -eq 'CredentialsWithTenantId')
     {
         $Results.Credential = Resolve-Credentials -UserName 'credential'
+        $noEscape += 'Credential'
         if ($Results.ContainsKey('ApplicationId'))
         {
             $Results.Remove('ApplicationId') | Out-Null
@@ -3661,6 +3663,7 @@ function Update-M365DSCExportAuthenticationResults
         elseif ($Results.ContainsKey('Credential') -and $ConnectionMode -eq 'CredentialsWithApplicationId')
         {
             $Results.Credential = Resolve-Credentials -UserName 'credential'
+            $noEscape += 'Credential'
         }
         if (-not [System.String]::IsNullOrEmpty($Results.ApplicationId))
         {
@@ -3807,13 +3810,24 @@ function Get-M365DSCExportContentForResource
 
         [Parameter()]
         [System.String[]]
-        $NoEscape
+        $NoEscape,
+
+        [Parameter()]
+        [switch]
+        $SkipAuthenticationUpdate,
+
+        [Parameter()]
+        [switch]
+        $AllowVariablesInStrings
     )
 
-    $withoutAuthentication = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode `
-        -Results $Results
-    $Results = $withoutAuthentication.Results
-    $NoEscape += $withoutAuthentication.NoEscape
+    if (-not $SkipAuthenticationUpdate)
+    {
+        $withoutAuthentication = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode `
+            -Results $Results
+        $Results = $withoutAuthentication.Results
+        $NoEscape += $withoutAuthentication.NoEscape
+    }
     $NoEscape = $NoEscape | Select-Object -Unique
 
     $OrganizationName = ''
@@ -3949,57 +3963,7 @@ function Get-M365DSCExportContentForResource
     $content = [System.Text.StringBuilder]::New()
     [void]$content.Append("        $ResourceName `"$instanceName`"`r`n")
     [void]$content.Append("        {`r`n")
-    $partialContent = Get-DSCBlock -Params $Results -ModulePath $ModulePath -NoEscape $NoEscape
-    # Test for both Credentials and CredentialsWithApplicationId
-    if ($ConnectionMode -match 'Credentials')
-    {
-        $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-            -ParameterName 'Credential'
-        if (![System.String]::IsNullOrEmpty($Results.ApplicationId))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'ApplicationId'
-        }
-        $partialContent = $partialContent.Replace('`$Credscredential;', '$Credscredential;')
-    }
-    else
-    {
-        if (![System.String]::IsNullOrEmpty($Results.ApplicationId))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'ApplicationId'
-        }
-        if (![System.String]::IsNullOrEmpty($Results.TenantId))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'TenantId'
-        }
-        if (![System.String]::IsNullOrEmpty($Results.ApplicationSecret))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'ApplicationSecret'
-        }
-        if (![System.String]::IsNullOrEmpty($Results.CertificatePath))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'CertificatePath'
-        }
-        if (![System.String]::IsNullOrEmpty($Results.CertificateThumbprint))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'CertificateThumbprint'
-        }
-        if (![System.String]::IsNullOrEmpty($Results.CertificatePassword))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'CertificatePassword'
-        }
-        if (![System.String]::IsNullOrEmpty($Results.AccessTokens))
-        {
-            $partialContent = Convert-DSCStringParamToVariable -DSCBlock $partialContent `
-                -ParameterName 'AccessTokens'
-        }
-    }
+    $partialContent = Get-DSCBlock -Params $Results -ModulePath $ModulePath -NoEscape $NoEscape -AllowVariablesInStrings:$AllowVariablesInStrings
 
     if ($partialContent.ToLower().IndexOf($OrganizationName.ToLower()) -gt 0)
     {