Fix Machine Learning Source to Use "clientid" Instead of "client_id" (#5193)

Co-authored-by: Gladwin Johnson <[email protected]>

Author: gladjohn

src/client/Microsoft.Identity.Client/Internal/Constants.cs

@@ -42,6 +42,7 @@ internal static class Constants
         public const string SshCertAuthHeaderPrefix = "SshCert";
 
         public const string ManagedIdentityClientId = "client_id";
+        public const string ManagedIdentityClientId2017 = "clientid";
         public const string ManagedIdentityObjectId = "object_id";
         public const string ManagedIdentityResourceId = "mi_res_id";
         public const string ManagedIdentityDefaultClientId = "system_assigned_managed_identity";

src/client/Microsoft.Identity.Client/ManagedIdentity/MachineLearningManagedIdentitySource.cs

@@ -75,7 +75,8 @@ protected override ManagedIdentityRequest CreateRequest(string resource)
             {
                 case AppConfig.ManagedIdentityIdType.ClientId:
                     _requestContext.Logger.Info("[Managed Identity] Adding user assigned client id to the request.");
-                    request.QueryParameters[Constants.ManagedIdentityClientId] = _requestContext.ServiceBundle.Config.ManagedIdentityId.UserAssignedId;
+                    // Use the new 2017 constant for older ML-based environment
+                    request.QueryParameters[Constants.ManagedIdentityClientId2017] = _requestContext.ServiceBundle.Config.ManagedIdentityId.UserAssignedId;
                     break;
 
                 case AppConfig.ManagedIdentityIdType.ResourceId:

tests/Microsoft.Identity.Test.Common/Core/Mocks/MockHttpManagerExtensions.cs

@@ -378,7 +378,16 @@ public static void AddManagedIdentityMockHandler(
 
             if (userAssignedIdentityId == UserAssignedIdentityId.ClientId)
             {
-                httpMessageHandler.ExpectedQueryParams.Add(Constants.ManagedIdentityClientId, userAssignedId);
+                if (managedIdentitySourceType == ManagedIdentitySource.MachineLearning)
+                {
+                    // For Machine Learning (App Service 2017), the param is "clientid"
+                    httpMessageHandler.ExpectedQueryParams.Add(Constants.ManagedIdentityClientId2017, userAssignedId);
+                }
+                else
+                {
+                    // For App Service 2019, Azure Arc, IMDS, etc., the param is "client_id"
+                    httpMessageHandler.ExpectedQueryParams.Add(Constants.ManagedIdentityClientId, userAssignedId);
+                }
             }
 
             if (userAssignedIdentityId == UserAssignedIdentityId.ResourceId)

tests/Microsoft.Identity.Test.Unit/PublicApiTests/AuthenticationResultTests.cs

@@ -190,5 +190,31 @@ public async Task MsalTokenResponseParseTestAsync()
 
             }
         }
+
+        /// <summary>
+        /// Verifies that if no token type is specified, the default is 'Bearer',
+        /// and CreateAuthorizationHeader() uses it.
+        /// </summary>
+        [TestMethod]
+        public void DefaultTokenType_IsBearer_Test()
+        {
+            DateTime now = DateTime.UtcNow;
+
+            var ar = new AuthenticationResult(
+                accessToken: "some-access-token",
+                isExtendedLifeTimeToken: false,
+                uniqueId: "unique-id",
+                expiresOn: now.AddMinutes(15),
+                extendedExpiresOn: now.AddMinutes(30),
+                tenantId: "tid",
+                account: new Account("aid", "user", "env"),
+                idToken: "my-id-token",
+                scopes: new[] { "scope" },
+                correlationId: Guid.NewGuid()
+            );
+
+            Assert.AreEqual("Bearer", ar.TokenType, "Expected default token type to be 'Bearer'");
+            Assert.AreEqual("Bearer some-access-token", ar.CreateAuthorizationHeader());
+        }
     }
 }