azure-devops-cli-extension
azure-devops-cli-extension copied to clipboard
Support for service principal for `get_access_token_for_resource`
The old implementation of get_access_token_for_resource
doesn't work for service principal and managed identity, and that's why it is not recommended and removed in the MSAL migration:
https://github.com/Azure/azure-cli/blob/14cc787d0f58bc649d402b486fdecc5625eee9ac/src/azure-cli-core/azure/cli/core/_profile.py#L531-L535
def get_access_token_for_resource(self, username, tenant, resource):
tenant = tenant or 'common'
_, access_token, _ = self._creds_cache.retrieve_token_for_user(
username, tenant, resource)
return access_token
Originally posted by @jiasli in https://github.com/Azure/azure-devops-cli-extension/pull/1226#discussion_r745319137