How to support both user-flow and application-flow when calling Downstream API?

[IlSocio]

I'm wondering how we're supposed to implement the scenario below.

Scenario: A WebAPI can be consumed by both: users and deamon application and it calls a Downstream API. I'd like to use a Typed-HttpClient to call the Downstram API.

By registering the Typed-HttpClient and thanks to the .AddMicrosoftIdentityAppAuthenticationHandler we're able to support the deamon application flow (client-credentials) (basically it injects the AppAuthenticationMessageHandler in the HttpClient pipeline to manage the tokens and the Authorization header)

While registering the Typed-HttpClient and thanks to the .AddMicrosoftIdentityUserAuthenticationHandler we're able to support the user flow (on-behalf-of) (it injects the UserAuthenticationMessageHandler in the HttpClient pipeline to manage the tokens and the Authorization header)

But, it seems we can support one, or the other on a Typed-HttpClient. How can we support both flows on the same Typed-HttpClient?

Option1 (maybe?): Maybe, one option is to create a kind of Composite Delegating handler which will compose both the AppAuthenticationMessageHandler and the UserAuthenticationMessageHandler and will delegate the execution to one or the other, accordigly to the current claims, by checking the condition taken from here

string oid = ClaimsPrincipal.Current.FindFirst("oid")?.Value;
string sub = ClaimsPrincipal.Current.FindFirst("sub")?.Value;
bool isAppOnly = oid != null && sub != null && oid == sub;

Does it already exists a better way to support both the flows?