Get-Secret Cannot Return an OrderedHashtable

[marshallwp]

Prerequisites

• [X] Write a descriptive title.
• [X] Make sure you are able to repro it on the latest released version
• [X] Search the existing issues.

Steps to reproduce

Starting in PowerShell 7.3, the command ConvertFrom-Json -AsHashtable was changed to return an OrderedHashtable instead of a regular Hashtable. While this change was considered to be non-breaking at the time, the new output is incompatible with the Get-Secret command, which it rejects as a PSCustomObject. Any vault extensions that expect the behavior present in previous versions will break in 7.3+.

Notably, Get-SecretInfo handles them just fine, so this would seem to be a bug in the implementation of Get-Secret. I believe the most straightforward solution would be to let Get-Secret return OrderedHashtables. Though implementing a cast to a regular Hashtable would also work.

Expected behavior

PS C:\> Get-Secret 7ff57fcd-dbf7-4ee9-4891-5d53b28c63a1

Name                           Value
----                           -----
username
passwordRevisionDate
fido2Credentials               {}
totp
uris                           {System.Collections.Hashtable}
password                       System.Security.SecureString

Actual behavior

PS C:\> Get-Secret 7ff57fcd-dbf7-4ee9-4891-5d53b28c63a1
Get-Secret: Secret object returned for '7ff57fcd-dbf7-4ee9-4891-5d53b28c63a1' from vault 'warden' is of invalid type 'System.Management.Automation.PSCustomObject'
Get-Secret: The secret 7ff57fcd-dbf7-4ee9-4891-5d53b28c63a1 was not found.

Error details

Exception             :
    Type        : System.Management.Automation.PSInvalidOperationException
    ErrorRecord :
        Exception             :
            Type    : System.Management.Automation.ParentContainsErrorRecordException
            Message : Secret object returned for '7ff57fcd-dcf7-4ee9-8506-5d53b28c63a1' from vault 'warden' is of
invalid type 'System.Management.Automation.PSCustomObject'
            HResult : -2146233087
        CategoryInfo          : InvalidOperation: (:) [], ParentContainsErrorRecordException
        FullyQualifiedErrorId : InvalidOperation
    Message     : Secret object returned for '7ff57fcd-dcf7-4ee9-8506-5d53b28c63a1' from vault 'warden' is of invalid
type 'System.Management.Automation.PSCustomObject'
    HResult     : -2146233079
TargetObject          : Microsoft.PowerShell.SecretManagement.ExtensionVaultModule
CategoryInfo          : InvalidOperation: (Microsoft.PowerShel…xtensionVaultModule:ExtensionVaultModule) [Get-Secret],
PSInvalidOperationException
FullyQualifiedErrorId : GetSecretInvalidOperation,Microsoft.PowerShell.SecretManagement.GetSecretCommand
InvocationInfo        :
    MyCommand        : Get-Secret
    ScriptLineNumber : 1
    OffsetInLine     : 1
    HistoryId        : 2
    Line             : Get-Secret 7ff57fcd-dcf7-4ee9-8506-5d53b28c63a1
    Statement        : Get-Secret 7ff57fcd-dcf7-4ee9-8506-5d53b28c63a1
    PositionMessage  : At line:1 char:1
                       + Get-Secret 7ff57fcd-dcf7-4ee9-8506-5d53b28c63a1
                       + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    InvocationName   : Get-Secret
    CommandOrigin    : Internal
ScriptStackTrace      : at <ScriptBlock>, <No file>: line 1
PipelineIterationInfo :
      0
      1

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.5
PSEdition                      Core
GitCommitId                    7.4.5
OS                             Microsoft Windows 10.0.22621
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Version

1.1.2

Visuals

No response

[marshallwp]

Okay a bit embarrassed here, I'm not sure how I managed to confirm this three times before posting only to immediately find it was an unrelated issue, but I did. Perhaps I was simply too trusting of code comments.

In any case, this issue is not.