From 2175dcc3e474d66caa488fbebb9a0a3296c30879 Mon Sep 17 00:00:00 2001
From: Sam Kreter <samkreter@gmail.com>
Date: Fri, 19 Oct 2018 12:24:15 -0700
Subject: [PATCH] Adding User assigned identity support for the MSIConfig
 authorizor (#332)

---
 autorest/azure/auth/auth.go | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/autorest/azure/auth/auth.go b/autorest/azure/auth/auth.go
index dcd232f6e..29b8da4da 100644
--- a/autorest/azure/auth/auth.go
+++ b/autorest/azure/auth/auth.go
@@ -483,9 +483,17 @@ func (mc MSIConfig) Authorizer() (autorest.Authorizer, error) {
 		return nil, err
 	}
 
-	spToken, err := adal.NewServicePrincipalTokenFromMSI(msiEndpoint, mc.Resource)
-	if err != nil {
-		return nil, fmt.Errorf("failed to get oauth token from MSI: %v", err)
+	var spToken *adal.ServicePrincipalToken
+	if mc.ClientID == "" {
+		spToken, err = adal.NewServicePrincipalTokenFromMSI(msiEndpoint, mc.Resource)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get oauth token from MSI: %v", err)
+		}
+	} else {
+		spToken, err = adal.NewServicePrincipalTokenFromMSIWithUserAssignedID(msiEndpoint, mc.Resource, mc.ClientID)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get oauth token from MSI for user assigned identity: %v", err)
+		}
 	}
 
 	return autorest.NewBearerAuthorizer(spToken), nil