Refactor Azure credential handling and remove Cosmos memory kernel

Moved Azure credential logic from common.auth.azure_credential_utils.py into AppConfig, removing the utility module and updating all references to use AppConfig's methods. Deleted the CosmosMemoryContext implementation in context/cosmos_memory_kernel.py. Cleaned up unused imports and updated credential usage in affected modules for consistency.

Author: Fr4nc3

src/backend/common/auth/__init__.py

@@ -4,8 +4,7 @@
 from typing import Optional
 
 from azure.ai.projects.aio import AIProjectClient
-from azure.cosmos.aio import CosmosClient
-from common.auth.azure_credential_utils import get_azure_credential
+from azure.identity import ManagedIdentityCredential, DefaultAzureCredential
 from dotenv import load_dotenv
 
 # Load environment variables from .env file
@@ -74,6 +73,26 @@ def __init__(self):
         self._cosmos_database = None
         self._ai_project_client = None
 
+    def get_azure_credential(cself, client_id=None):
+        """
+        Returns an Azure credential based on the application environment.
+
+        If the environment is 'dev', it uses DefaultAzureCredential.
+        Otherwise, it uses ManagedIdentityCredential.
+
+        Args:
+            client_id (str, optional): The client ID for the Managed Identity Credential.
+
+        Returns:
+            Credential object: Either DefaultAzureCredential or ManagedIdentityCredential.
+        """
+        if self.APP_ENV == "dev":
+            return (
+                DefaultAzureCredential()
+            )  # CodeQL [SM05139] Okay use of DefaultAzureCredential as it is only used in development
+        else:
+            return ManagedIdentityCredential(client_id=client_id)
+
     def get_azure_credentials(self):
         """Retrieve Azure credentials, either from environment variables or managed identity."""
         if self._azure_credentials is None:
@@ -83,7 +102,7 @@ def get_azure_credentials(self):
     async def get_access_token(self) -> str:
         """Get Azure access token for API calls."""
         try:
-            credential = get_azure_credential()
+            credential = self.get_azure_credentials()
             token = credential.get_token(self.AZURE_COGNITIVE_SERVICES)
             return token.token
         except Exception as e:

src/backend/common/auth/azure_credential_utils.py

@@ -21,7 +21,7 @@
     StartingTask,
 )
 
-from common.auth.azure_credential_utils import get_azure_credential
+
 from common.config.app_config import config
 from common.database.database_base import DatabaseBase
 
@@ -37,7 +37,7 @@ def __init__(self, memory_context: Optional[DatabaseBase] = None):
         # Search validation configuration
         self.search_endpoint = config.AZURE_SEARCH_ENDPOINT
 
-        self.search_credential = get_azure_credential()
+        self.search_credential = config.get_azure_credentials()
 
         # Model validation configuration
         self.subscription_id = config.AZURE_AI_SUBSCRIPTION_ID

src/backend/common/config/app_config.py

@@ -10,7 +10,6 @@
 import semantic_kernel as sk
 
 # Import the credential utility
-from common.auth.azure_credential_utils import get_azure_credential
 from common.config.app_config import config
 
 # Import agent factory and the new AppConfig