Merge branch 'trial-testing:main' into main

trail-testing2 · web-flow · commit 553795fcd9f0 · 2025-06-18T16:35:57.000+05:30
diff --git a/.github/workflows/auth_try.yml b/.github/workflows/auth_try.yml
@@ -57,6 +57,24 @@ jobs:
           echo "$json_array" > files_payload.json
           echo "JSON_PAYLOAD_PATH=files_payload.json" >> $GITHUB_ENV
 
+      - name: 🔐 Authenticate via OIDC and get access token
+        id: get_token
+        run: |
+          echo "Requesting OIDC token..."
+          export ID_TOKEN=$(curl -s -X POST -H "Authorization: bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" \
+            -H "Content-Type: application/json" \
+            "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=${{ env.CLIENT_ID }}" | jq -r '.value')
+
+          echo "Exchanging OIDC token for access token..."
+          access_token=$(curl -s -X POST https://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/v2.0/token \
+            -d "client_id=${{ env.CLIENT_ID }}" \
+            -d "grant_type=client_credentials" \
+            -d "scope=api://${{ env.CLIENT_ID }}/.default" \
+            -d "client_assertion=$ID_TOKEN" \
+            -d "client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer" \
+            | jq -r '.access_token')
+
+          echo "TOKEN=$access_token" >> $GITHUB_ENV
 
 
       # 3. Send a simple GET request to "/"
