Azure · christothes · May 4, 2021 · Apr 26, 2021 · Apr 26, 2021 · Apr 26, 2021
diff --git a/sdk/core/Azure.Core/CHANGELOG.md b/sdk/core/Azure.Core/CHANGELOG.md
@@ -2,6 +2,9 @@
 
 ## 1.14.0-beta.1 (Unreleased)
 
+### Added
+
+- Added `BearerTokenChallengeAuthenticationPolicy`, which enables creation of authentication policies that can handle challenges.
 
 ## 1.13.0 (2021-04-07)
 

diff --git a/sdk/core/Azure.Core/api/Azure.Core.net461.cs b/sdk/core/Azure.Core/api/Azure.Core.net461.cs
@@ -516,6 +516,17 @@ public BearerTokenAuthenticationPolicy(Azure.Core.TokenCredential credential, st
         public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
         public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
     }
+    public partial class BearerTokenChallengeAuthenticationPolicy : Azure.Core.Pipeline.HttpPipelinePolicy
+    {
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, System.Collections.Generic.IEnumerable<string> scopes) { }
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, string scope) { }
+        protected string[] Scopes { get { throw null; } }
+        protected virtual System.Threading.Tasks.Task AuthorizeRequestAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        protected virtual System.Threading.Tasks.ValueTask<bool> AuthorizeRequestOnChallengeAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
+        public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
+        protected System.Threading.Tasks.Task SetAuthorizationHeader(Azure.Core.HttpMessage message, Azure.Core.TokenRequestContext context, bool async) { throw null; }
+    }
     public partial class HttpClientTransport : Azure.Core.Pipeline.HttpPipelineTransport
     {
         public static readonly Azure.Core.Pipeline.HttpClientTransport Shared;

diff --git a/sdk/core/Azure.Core/api/Azure.Core.net5.0.cs b/sdk/core/Azure.Core/api/Azure.Core.net5.0.cs
@@ -516,6 +516,17 @@ public BearerTokenAuthenticationPolicy(Azure.Core.TokenCredential credential, st
         public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
         public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
     }
+    public partial class BearerTokenChallengeAuthenticationPolicy : Azure.Core.Pipeline.HttpPipelinePolicy
+    {
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, System.Collections.Generic.IEnumerable<string> scopes) { }
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, string scope) { }
+        protected string[] Scopes { get { throw null; } }
+        protected virtual System.Threading.Tasks.Task AuthorizeRequestAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        protected virtual System.Threading.Tasks.ValueTask<bool> AuthorizeRequestOnChallengeAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
+        public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
+        protected System.Threading.Tasks.Task SetAuthorizationHeader(Azure.Core.HttpMessage message, Azure.Core.TokenRequestContext context, bool async) { throw null; }
+    }
     public partial class HttpClientTransport : Azure.Core.Pipeline.HttpPipelineTransport
     {
         public static readonly Azure.Core.Pipeline.HttpClientTransport Shared;

diff --git a/sdk/core/Azure.Core/api/Azure.Core.netcoreapp2.1.cs b/sdk/core/Azure.Core/api/Azure.Core.netcoreapp2.1.cs
@@ -516,6 +516,17 @@ public BearerTokenAuthenticationPolicy(Azure.Core.TokenCredential credential, st
         public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
         public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
     }
+    public partial class BearerTokenChallengeAuthenticationPolicy : Azure.Core.Pipeline.HttpPipelinePolicy
+    {
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, System.Collections.Generic.IEnumerable<string> scopes) { }
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, string scope) { }
+        protected string[] Scopes { get { throw null; } }
+        protected virtual System.Threading.Tasks.Task AuthorizeRequestAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        protected virtual System.Threading.Tasks.ValueTask<bool> AuthorizeRequestOnChallengeAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
+        public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
+        protected System.Threading.Tasks.Task SetAuthorizationHeader(Azure.Core.HttpMessage message, Azure.Core.TokenRequestContext context, bool async) { throw null; }
+    }
     public partial class HttpClientTransport : Azure.Core.Pipeline.HttpPipelineTransport
     {
         public static readonly Azure.Core.Pipeline.HttpClientTransport Shared;

diff --git a/sdk/core/Azure.Core/api/Azure.Core.netstandard2.0.cs b/sdk/core/Azure.Core/api/Azure.Core.netstandard2.0.cs
@@ -516,6 +516,17 @@ public BearerTokenAuthenticationPolicy(Azure.Core.TokenCredential credential, st
         public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
         public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
     }
+    public partial class BearerTokenChallengeAuthenticationPolicy : Azure.Core.Pipeline.HttpPipelinePolicy
+    {
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, System.Collections.Generic.IEnumerable<string> scopes) { }
+        public BearerTokenChallengeAuthenticationPolicy(Azure.Core.TokenCredential credential, string scope) { }
+        protected string[] Scopes { get { throw null; } }
+        protected virtual System.Threading.Tasks.Task AuthorizeRequestAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        protected virtual System.Threading.Tasks.ValueTask<bool> AuthorizeRequestOnChallengeAsync(Azure.Core.HttpMessage message, bool async) { throw null; }
+        public override void Process(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { }
+        public override System.Threading.Tasks.ValueTask ProcessAsync(Azure.Core.HttpMessage message, System.ReadOnlyMemory<Azure.Core.Pipeline.HttpPipelinePolicy> pipeline) { throw null; }
+        protected System.Threading.Tasks.Task SetAuthorizationHeader(Azure.Core.HttpMessage message, Azure.Core.TokenRequestContext context, bool async) { throw null; }
+    }
     public partial class HttpClientTransport : Azure.Core.Pipeline.HttpPipelineTransport
     {
         public static readonly Azure.Core.Pipeline.HttpClientTransport Shared;

diff --git a/...arerTokenChallengeAuthenticationPolicy.cs → ...arerTokenChallengeAuthenticationPolicy.cs b/...arerTokenChallengeAuthenticationPolicy.cs → ...arerTokenChallengeAuthenticationPolicy.cs
@@ -7,6 +7,7 @@
 using System.Net;
 using System.Threading;
 using System.Threading.Tasks;
+using Azure.Core.Diagnostics;
 
 #nullable enable
 
@@ -16,10 +17,14 @@ namespace Azure.Core.Pipeline
     /// A policy that sends an <see cref="AccessToken"/> provided by a <see cref="TokenCredential"/> as an Authentication header.
     /// Note: This class is currently in preview and is therefore subject to possible future breaking changes.
     /// </summary>
-    internal class BearerTokenChallengeAuthenticationPolicy : HttpPipelinePolicy
+    public class BearerTokenChallengeAuthenticationPolicy : HttpPipelinePolicy
     {
-        private readonly AccessTokenCache _accessTokenCache;
+        /// <summary>
+        /// The scopes currently configured for token requests to the credential
+        /// </summary>
         protected string[] Scopes { get; private set; }
+
+        private readonly AccessTokenCache _accessTokenCache;
         private readonly ValueTask<bool> _falseValueTask = new ValueTask<bool>(Task.FromResult(false));
 
         /// <summary>
@@ -35,7 +40,8 @@ public BearerTokenChallengeAuthenticationPolicy(TokenCredential credential, stri
         /// <param name="credential">The token credential to use for authentication.</param>
         /// <param name="scopes">Scopes to authenticate for.</param>
         public BearerTokenChallengeAuthenticationPolicy(TokenCredential credential, IEnumerable<string> scopes)
-            : this(credential, scopes, TimeSpan.FromMinutes(5), TimeSpan.FromSeconds(30)) { }
+            : this(credential, scopes, TimeSpan.FromMinutes(5), TimeSpan.FromSeconds(30))
+        { }
 
         internal BearerTokenChallengeAuthenticationPolicy(TokenCredential credential, IEnumerable<string> scopes, TimeSpan tokenRefreshOffset, TimeSpan tokenRefreshRetryDelay)
         {
@@ -152,6 +158,7 @@ private class AccessTokenCache
             private TokenRequestContext? _currentContext;
             private TaskCompletionSource<HeaderValueInfo>? _infoTcs;
             private TaskCompletionSource<HeaderValueInfo>? _backgroundUpdateTcs;
+
             public AccessTokenCache(TokenCredential credential, TimeSpan tokenRefreshOffset, TimeSpan tokenRefreshRetryDelay, string[] initialScopes)
             {
                 _credential = credential;
@@ -322,12 +329,12 @@ private async ValueTask GetHeaderValueFromCredentialInBackgroundAsync(TaskComple
                     // https://github.com/Azure/azure-sdk-for-net/issues/18539
                     //AzureCoreEventSource.Singleton.BackgroundRefreshFailed(context.ParentRequestId ?? string.Empty, oce.ToString());
                 }
-                catch (Exception)
+                catch (Exception e)
                 {
                     backgroundUpdateTcs.SetResult(new HeaderValueInfo(info.HeaderValue, info.ExpiresOn, DateTimeOffset.UtcNow + _tokenRefreshRetryDelay));
 
                     // https://github.com/Azure/azure-sdk-for-net/issues/18539
-                    //AzureCoreEventSource.Singleton.BackgroundRefreshFailed(context.ParentRequestId ?? string.Empty, e.ToString());
+                    AzureCoreEventSource.Singleton.BackgroundRefreshFailed(context.ParentRequestId ?? string.Empty, e.ToString());
                 }
                 finally
                 {

diff --git a/sdk/core/Azure.Core/tests/Azure.Core.Tests.csproj b/sdk/core/Azure.Core/tests/Azure.Core.Tests.csproj
@@ -25,7 +25,6 @@
     <Compile Include="..\src\Shared\ArrayBufferWriter.cs" LinkBase="Shared" />
     <Compile Include="..\src\Shared\ARMChallengeAuthenticationPolicy.cs" LinkBase="Shared" />
     <Compile Include="..\src\Shared\AzureResourceProviderNamespaceAttribute.cs" LinkBase="Shared" />
-    <Compile Include="..\src\Shared\BearerTokenChallengeAuthenticationPolicy.cs" LinkBase="Shared" />
     <Compile Include="..\src\Shared\ConnectionString.cs" LinkBase="Shared" />
     <Compile Include="..\src\Shared\ForwardsClientCallsAttribute.cs" LinkBase="Shared" />
     <Compile Include="..\src\Shared\HttpPipelineMessageHandler.cs" LinkBase="Shared" />