From 0c3429c76e281b0bbb2fe7b59ea8494c3e75d42f Mon Sep 17 00:00:00 2001
From: "Yunchi.Wang" <yunwang@microsoft.com>
Date: Thu, 7 Nov 2024 17:14:29 +0800
Subject: [PATCH 1/2] User ChainedTokenCredential and fallback to interactive
 browser to login

---
 shell/agents/Microsoft.Azure.Agent/Schema.cs | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/shell/agents/Microsoft.Azure.Agent/Schema.cs b/shell/agents/Microsoft.Azure.Agent/Schema.cs
index 2575e815..ade21cfb 100644
--- a/shell/agents/Microsoft.Azure.Agent/Schema.cs
+++ b/shell/agents/Microsoft.Azure.Agent/Schema.cs
@@ -357,6 +357,7 @@ internal class UserAccessToken
 {
     private readonly TokenRequestContext _tokenContext;
     private AccessToken? _accessToken;
+    private const string AiShellAppId = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"; // Use Azure Cli's Application Id for now
 
     /// <summary>
     /// The access token.
@@ -386,7 +387,8 @@ internal async Task CreateOrRenewTokenAsync(CancellationToken cancellationToken)
 
             if (needRefresh)
             {
-                _accessToken = await new AzureCliCredential()
+                _accessToken = await new ChainedTokenCredential(new AzureCliCredential(),
+                    new InteractiveBrowserCredential(AiShellAppId))
                     .GetTokenAsync(_tokenContext, cancellationToken);
             }
         }

From 61f29ac7a043b9e4c8ed332400d241f700afe138 Mon Sep 17 00:00:00 2001
From: "Yunchi.Wang" <yunwang@microsoft.com>
Date: Thu, 7 Nov 2024 21:05:17 +0800
Subject: [PATCH 2/2] Rename the const var of AppId

---
 shell/agents/Microsoft.Azure.Agent/Schema.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/shell/agents/Microsoft.Azure.Agent/Schema.cs b/shell/agents/Microsoft.Azure.Agent/Schema.cs
index ade21cfb..6726044d 100644
--- a/shell/agents/Microsoft.Azure.Agent/Schema.cs
+++ b/shell/agents/Microsoft.Azure.Agent/Schema.cs
@@ -357,7 +357,7 @@ internal class UserAccessToken
 {
     private readonly TokenRequestContext _tokenContext;
     private AccessToken? _accessToken;
-    private const string AiShellAppId = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"; // Use Azure Cli's Application Id for now
+    private const string ApplicationId = "04b07795-8ddb-461a-bbee-02f9e1bf7b46"; // AppId that need to be configurated in orchestrator side. Use Azure Cli's Application Id for now
 
     /// <summary>
     /// The access token.
@@ -388,7 +388,7 @@ internal async Task CreateOrRenewTokenAsync(CancellationToken cancellationToken)
             if (needRefresh)
             {
                 _accessToken = await new ChainedTokenCredential(new AzureCliCredential(),
-                    new InteractiveBrowserCredential(AiShellAppId))
+                    new InteractiveBrowserCredential(ApplicationId))
                     .GetTokenAsync(_tokenContext, cancellationToken);
             }
         }