Use AzureCliCredential instead of DefaultAzureCredential

.. and use ManagedIdentityCredential when clientId is provided.

Prompted by dotnet/dnceng#5450

Author: radical

src/Microsoft.SourceIndexer.Tasks/DownloadStage1Index.cs

@@ -3,6 +3,7 @@
 using System.Linq;
 using System.Text;
 using Azure;
+using Azure.Core;
 using Azure.Core.Diagnostics;
 using Azure.Identity;
 using Azure.Storage.Blobs;
@@ -57,8 +58,7 @@ private void ExecuteCore()
 
             using AzureEventSourceListener listener = AzureEventSourceListener.CreateConsoleLogger();
 
-            DefaultAzureCredential credential;
-            DefaultAzureCredentialOptions credentialoptions;
+            TokenCredential credential;
 
             if (string.IsNullOrEmpty(ClientId) && !string.IsNullOrEmpty(Environment.GetEnvironmentVariable("ARM_CLIENT_ID")))
             {
@@ -68,17 +68,14 @@ private void ExecuteCore()
 
             if (string.IsNullOrEmpty(ClientId))
             {
-                credentialoptions = new DefaultAzureCredentialOptions {};
+                credential = new AzureCliCredential();
                 Log.LogMessage($"Trying to use managed identity without default identity");
             }
             else
             {
-                credentialoptions = new DefaultAzureCredentialOptions { ManagedIdentityClientId = ClientId };
-                Log.LogMessage($"Trying to use managed identity with client id: {ClientId}");
+                credential = new ManagedIdentityCredential(ClientId);
             }
 
-            credential = new DefaultAzureCredential(credentialoptions);
-
             BlobServiceClient blobServiceClient = new(
                 new Uri(StorageAccount),
                 credential);
@@ -104,7 +101,7 @@ private void ExecuteCore()
             BlobClient blobClient = containerClient.GetBlobClient(newest.Name);
             var loggableUrl = new UriBuilder(blobClient.Uri) {Fragment = "", Query = ""};
             Log.LogMessage($"Extracting {loggableUrl} to {OutputDirectory}");
-            try 
+            try
             {
                 using Stream fileStream = blobClient.OpenRead();
                 using var input = new GZipInputStream(fileStream);

src/SourceBrowser/src/SourceIndexServer/Models/AzureBlobFileSystem.cs

@@ -1,4 +1,5 @@
-using Azure.Identity;
+using Azure.Core;
+using Azure.Identity;
 using Azure.Storage.Blobs;
 using Azure.Storage.Blobs.Models;
 using System;
@@ -11,7 +12,7 @@ namespace Microsoft.SourceBrowser.SourceIndexServer.Models
     public class AzureBlobFileSystem : IFileSystem
     {
         private readonly BlobContainerClient container;
-        private DefaultAzureCredential credential;
+        private TokenCredential credential;
         private string clientId;
 
         public AzureBlobFileSystem(string uri)
@@ -20,9 +21,9 @@ public AzureBlobFileSystem(string uri)
                 clientId = Environment.GetEnvironmentVariable("ARM_CLIENT_ID");
 
             if (string.IsNullOrEmpty(clientId))
-                credential = new DefaultAzureCredential();
+                credential = new AzureCliCredential();
             else
-                credential = new DefaultAzureCredential(new DefaultAzureCredentialOptions { ManagedIdentityClientId = clientId });
+                credential = new ManagedIdentityCredential(clientId);
 
             container = new BlobContainerClient(new Uri(uri),
                                                 credential);
@@ -86,4 +87,4 @@ public IEnumerable<string> ReadLines(string name)
             }
         }
     }
-}
+}

src/UploadIndexStage1/Program.cs

@@ -68,8 +68,7 @@ static async Task Main(string[] args)
 
             using AzureEventSourceListener listener = AzureEventSourceListener.CreateConsoleLogger();
 
-            DefaultAzureCredential credential;
-            DefaultAzureCredentialOptions credentialoptions;
+            TokenCredential credential;
 
             if (string.IsNullOrEmpty(clientId) && !string.IsNullOrEmpty(Environment.GetEnvironmentVariable("ARM_CLIENT_ID")))
             {
@@ -79,17 +78,16 @@ static async Task Main(string[] args)
 
             if (string.IsNullOrEmpty(clientId))
             {
-                credentialoptions = new DefaultAzureCredentialOptions {};
+                // credentialoptions = new AzureCliCredentialOptions {};
+                credential = new AzureCliCredential();
                 System.Console.WriteLine("Trying to use managed identity without default identity");
             }
             else
             {
-                credentialoptions = new DefaultAzureCredentialOptions { ManagedIdentityClientId = clientId };
-                System.Console.WriteLine("Trying to use managed identity with client id: " + clientId);
+                System.Console.WriteLine("Trying to use ManagedIdentityCredential with ClientID");
+                credential = new ManagedIdentityCredential(clientId);
             }
 
-            credential = new DefaultAzureCredential(credentialoptions);
-
             BlobServiceClient blobServiceClient = new(
                 new Uri(storageAccount),
                 credential);