[Identity] Evaluate expires_on field in AzureCliCredential

[scottaddie]

As of Azure CLI v2.54.0, the az account get-access-token command returns a new expires_on field containing a POSIX timestamp. This behavior is a departure from previous versions, in which the local datetime was returned in an expiresOn field. Update AzureCliCredential to also consider the new expires_on field.

Related links:

• https://github.com/Azure/azure-sdk-for-cpp/pull/5076#issuecomment-1784680918
• https://github.com/Azure/azure-cli/pull/27476

[scottaddie]

Marking as blocked until the az cli release ships.

[antkmsft]

Marking as blocked until the az cli release ships.

Az CLI v.2.54.0 has shipped, I was able to obtain it via Winget.

[ahsonkhan]

Office hour discussion conclusion across languages: https://github.com/Azure/azure-sdk-for-cpp/issues/5116#issuecomment-1832731537

[ahsonkhan]

This change is addressed in C++, and similar changes can be made in other languages.

The gist is:

• We want to parse and use the new expires_on field if it exists, as is, as a Posix time (seconds since UTC). In this case, we don't use the existing field at all.
• If that new field doesn't exist, use the existing expiresOn field as a fallback, parsed as local time.
  • The existing expiresOn field deviates a bit from RFC 3339 and doesn't have the timezone info in the string to indicate the local time offset (no Z or +XX:XX), so we assume it is considered local time.

Test example: https://github.com/Azure/azure-sdk-for-cpp/blob/cb73bbd62cb825171cd598bfc1936aea40ebbaa0/sdk/identity/azure-identity/test/ut/azure_cli_credential_test.cpp#L229-L277

PRs in C++ for inspiration, if relevant: https://github.com/Azure/azure-sdk-for-cpp/pull/5179 https://github.com/Azure/azure-sdk-for-cpp/pull/5180