Reset changes to the patch version.

sdk/identity/azure-identity/CHANGELOG.md

@@ -1,23 +1,5 @@
 # Release History
 
-## 1.13.0-beta.2 (Unreleased)
-
-### Features Added
-
-### Breaking Changes
-
-### Bugs Fixed
-
-### Other Changes
-
-## 1.13.0-beta.1 (2024-05-23)
-
-### Features Added
-- Added `AzurePipelinesCredential` to support [Microsoft Entra Workload ID](https://learn.microsoft.com/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml) in Azure Pipelines service connections.
-
-### Other Changes
-- Migrated Managed Identity authentication flow to utilize Msal4j MI implementation. 
-
 ## 1.12.1 (2024-05-02)
 
 ### Other Changes

sdk/identity/azure-identity/README.md

@@ -46,7 +46,7 @@ To take dependency on a particular version of the library that isn't present in
 <dependency>
     <groupId>com.azure</groupId>
     <artifactId>azure-identity</artifactId>
-    <version>1.12.1</version>
+    <version>1.12.0</version>
 </dependency>
 ```
 [//]: # ({x-version-update-end})
@@ -329,12 +329,6 @@ Not all credentials require this configuration. Credentials that authenticate th
     </tr>
   </thead>
   <tbody>
-    <tr>
-      <td><code><a href="https://learn.microsoft.com/java/api/com.azure.identity.azurepipelinescredential?view=azure-java-stable">AzurePipelinesCredential</a></td>
-      <td>Authenticates with a <a href="https://learn.microsoft.com/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml">service connection in Azure Pipelines.</a></td>
-      <td></td>
-      <td></td>
-    </tr>
     <tr>
       <td><code><a href="https://learn.microsoft.com/java/api/com.azure.identity.clientassertioncredential?view=azure-java-stable">ClientAssertionCredential</a></td>
       <td>authenticates a service principal using a signed client assertion</td>

sdk/identity/azure-identity/TROUBLESHOOTING.md

@@ -23,7 +23,6 @@ This troubleshooting guide covers failure investigation techniques, common error
 - [Troubleshoot AzurePowerShellCredential authentication issues](#troubleshoot-azurepowershellcredential-authentication-issues)
 - [Troubleshoot WorkloadIdentityCredential authentication issues](#troubleshoot-workloadidentitycredential-authentication-issues)
 - [Troubleshoot IntelliJCredential authentication issues](#troubleshoot-intellijcredential-authentication-issues)
-- [Troubleshoot AzurePipelinesCredential authentication issues](#troubleshoot-azurepipelinescredential-authentication-issues)
 - [Troubleshoot authentication timeout issues](#troubleshoot-authentication-timeout-issues)
 - [Get additional help](#get-additional-help)
 
@@ -284,8 +283,6 @@ Get-AzAccessToken -ResourceUrl "https://management.core.windows.net"
 |---|---|---|
 |`CredentialUnavailableException` raised with message. "IntelliJ Authentication not available. Please log in with Azure Tools for IntelliJ plugin in the IDE."| The Credential was not able to locate the cached token to use for authentication. | Ensure that you login on the  Azure Tools for IntelliJ plugin, that will populate the cache for the credential to pick up.
 
-## Troubleshoot `AzurePipelinesCredential` authentication issues
-
 ## Troubleshoot multi-tenant authentication issues
 `ClientAuthenticationException`
 

sdk/identity/azure-identity/pom.xml

@@ -6,7 +6,7 @@
 
   <groupId>com.azure</groupId>
   <artifactId>azure-identity</artifactId>
-  <version>1.13.0-beta.2</version><!-- {x-version-update;com.azure:azure-identity;current} -->
+  <version>1.12.1</version><!-- {x-version-update;com.azure:azure-identity;current} -->
 
   <name>Microsoft Azure client library for Identity</name>
   <description>This module contains client library for Microsoft Azure Identity.</description>
@@ -31,12 +31,12 @@
     <dependency>
       <groupId>com.azure</groupId>
       <artifactId>azure-core</artifactId>
-      <version>1.49.1</version> <!-- {x-version-update;com.azure:azure-core;dependency} -->
+      <version>1.49.0</version> <!-- {x-version-update;com.azure:azure-core;dependency} -->
     </dependency>
     <dependency>
       <groupId>com.azure</groupId>
       <artifactId>azure-core-http-netty</artifactId>
-      <version>1.15.1</version> <!-- {x-version-update;com.azure:azure-core-http-netty;dependency} -->
+      <version>1.15.0</version> <!-- {x-version-update;com.azure:azure-core-http-netty;dependency} -->
     </dependency>
     <dependency>
       <groupId>com.azure</groupId>
@@ -56,7 +56,7 @@
     <dependency>
       <groupId>com.azure</groupId>
       <artifactId>azure-core-test</artifactId>
-      <version>1.26.0</version> <!-- {x-version-update;com.azure:azure-core-test;dependency} -->
+      <version>1.25.0</version> <!-- {x-version-update;com.azure:azure-core-test;dependency} -->
       <scope>test</scope>
     </dependency>
     <dependency>
@@ -85,7 +85,7 @@
     <dependency>
       <groupId>io.projectreactor</groupId>
       <artifactId>reactor-test</artifactId>
-      <version>3.4.38</version> <!-- {x-version-update;io.projectreactor:reactor-test;external_dependency} -->
+      <version>3.4.36</version> <!-- {x-version-update;io.projectreactor:reactor-test;external_dependency} -->
       <scope>test</scope>
     </dependency>
     <!-- for file lock tests, ideally should be removed in the future -->

sdk/identity/azure-identity/src/main/java/com/azure/identity/AppServiceMsiCredential.java

@@ -51,6 +51,6 @@ class AppServiceMsiCredential extends ManagedIdentityServiceCredential {
      * @return A publisher that emits an {@link AccessToken}.
      */
     public Mono<AccessToken> authenticate(TokenRequestContext request) {
-        return identityClient.authenticateWithManagedIdentityMsalClient(request);
+        return identityClient.authenticateWithManagedIdentityConfidentialClient(request);
     }
 }

sdk/identity/azure-identity/src/main/java/com/azure/identity/ArcIdentityCredential.java

@@ -49,6 +49,6 @@ public Mono<AccessToken> authenticate(TokenRequestContext request) {
                     + "with the system assigned identity omit the client id when constructing the"
                     + " ManagedIdentityCredential.", null)));
         }
-        return identityClient.authenticateWithManagedIdentityMsalClient(request);
+        return identityClient.authenticateWithManagedIdentityConfidentialClient(request);
     }
 }

sdk/identity/azure-identity/src/main/java/com/azure/identity/ClientAssertionCredential.java

@@ -8,8 +8,11 @@
 import com.azure.core.credential.TokenCredential;
 import com.azure.core.credential.TokenRequestContext;
 import com.azure.core.util.logging.ClientLogger;
-import com.azure.identity.implementation.ClientAssertionCredentialHelper;
+import com.azure.identity.implementation.IdentityClient;
+import com.azure.identity.implementation.IdentityClientBuilder;
 import com.azure.identity.implementation.IdentityClientOptions;
+import com.azure.identity.implementation.IdentitySyncClient;
+import com.azure.identity.implementation.util.LoggingUtil;
 import reactor.core.publisher.Mono;
 
 import java.util.function.Supplier;
@@ -80,8 +83,8 @@
 @Immutable
 public class ClientAssertionCredential implements TokenCredential {
     private static final ClientLogger LOGGER = new ClientLogger(ClientAssertionCredential.class);
-    private final ClientAssertionCredentialHelper clientAssertionCredentialHelper;
-
+    private final IdentityClient identityClient;
+    private final IdentitySyncClient identitySyncClient;
     /**
      * Creates an instance of ClientAssertionCredential.
      *
@@ -92,16 +95,43 @@ public class ClientAssertionCredential implements TokenCredential {
      */
     ClientAssertionCredential(String clientId, String tenantId, Supplier<String> clientAssertion,
                               IdentityClientOptions identityClientOptions) {
-        clientAssertionCredentialHelper = new ClientAssertionCredentialHelper(clientId, tenantId, identityClientOptions, clientAssertion);
+        IdentityClientBuilder builder = new IdentityClientBuilder()
+            .tenantId(tenantId)
+            .clientId(clientId)
+            .clientAssertionSupplier(clientAssertion)
+            .identityClientOptions(identityClientOptions);
+
+        identityClient = builder.build();
+        identitySyncClient = builder.buildSyncClient();
     }
 
     @Override
     public Mono<AccessToken> getToken(TokenRequestContext request) {
-        return clientAssertionCredentialHelper.getToken(request);
+        return identityClient.authenticateWithConfidentialClientCache(request)
+            .onErrorResume(t -> Mono.empty())
+            .switchIfEmpty(Mono.defer(() -> identityClient.authenticateWithConfidentialClient(request)))
+            .doOnNext(token -> LoggingUtil.logTokenSuccess(LOGGER, request))
+            .doOnError(error -> LoggingUtil.logTokenError(LOGGER, identityClient.getIdentityClientOptions(), request,
+                error));
     }
 
     @Override
     public AccessToken getTokenSync(TokenRequestContext request) {
-        return clientAssertionCredentialHelper.getTokenSync(request);
+        try {
+            AccessToken token = identitySyncClient.authenticateWithConfidentialClientCache(request);
+            if (token != null) {
+                LoggingUtil.logTokenSuccess(LOGGER, request);
+                return token;
+            }
+        } catch (Exception e) { }
+
+        try {
+            AccessToken token = identitySyncClient.authenticateWithConfidentialClient(request);
+            LoggingUtil.logTokenSuccess(LOGGER, request);
+            return token;
+        } catch (Exception e) {
+            LoggingUtil.logTokenError(LOGGER, identityClient.getIdentityClientOptions(), request, e);
+            throw e;
+        }
     }
 }