[ContainerRegistry] move to use bearerTokenChallengeAuthenticationPolicy from Core (Azure#14805)

- move to depend on core CAE support
- remove private copy.

Fixes Azure#14760

Author: jeremymeng

common/config/rush/common-versions.json

@@ -64,6 +64,8 @@
     // @azure/test-utils-perfstress should depend on lowest version of @azure/core-http for maximum compatibility, allowing test
     // projects to choose a higher version if desired.
     "@azure/core-http": ["^1.0.0"],
+    // @azure/container-registry is using the beta.1 version for CAE support
+    "@azure/core-rest-pipeline": ["1.1.0-beta.1"],
     // @azure/event-processor-host is on a much lower major version
     "@azure/ms-rest-nodeauth": ["^0.9.2"],
     // Idenity is moving from v1 to v2. Moving all packages to v2 is going to take a bit of time, in the mean time we could use v2 on the perf-identity tests.

sdk/containerregistry/container-registry/package.json

@@ -76,15 +76,15 @@
   "dependencies": {
     "@azure/core-auth": "^1.3.0",
     "@azure/core-client": "^1.0.0",
-    "@azure/core-rest-pipeline": "^1.0.0",
+    "@azure/core-rest-pipeline": "1.1.0-beta.1",
     "@azure/core-paging": "^1.1.1",
     "@azure/core-tracing": "1.0.0-preview.11",
+    "@azure/core-util": "^1.0.0-beta.1",
     "@azure/logger": "^1.0.0",
     "tslib": "^2.0.0"
   },
   "devDependencies": {
     "@azure/dev-tool": "^1.0.0",
-    "@azure/core-util": "^1.0.0-beta.1",
     "@azure/eslint-plugin-azure-sdk": "^3.0.0",
     "@azure/identity": "^1.1.0",
     "@azure/ms-rest-nodeauth": "^3.0.8",

sdk/containerregistry/container-registry/src/bearerTokenChallengeAuthenticationPolicy.ts

@@ -2,13 +2,13 @@
 // Licensed under the MIT license.
 
 import { createSerializer, OperationOptions, OperationSpec } from "@azure/core-client";
-import { PipelineRequest } from "@azure/core-rest-pipeline";
 import { GetTokenOptions } from "@azure/core-auth";
 import {
-  ChallengeCallbackOptions,
-  ChallengeCallbacks,
-  parseWWWAuthenticate
-} from "./bearerTokenChallengeAuthenticationPolicy";
+  PipelineRequest,
+  AuthorizeRequestOnChallengeOptions,
+  ChallengeCallbacks
+} from "@azure/core-rest-pipeline";
+import { parseWWWAuthenticate } from "./wwwAuthenticateParser";
 import { AcrAccessToken, AcrRefreshToken, GeneratedClient } from "./generated";
 import * as Mappers from "./generated/models/mappers";
 import * as Parameters from "./generated/models/parameters";
@@ -40,12 +40,12 @@ export class ChallengeHandler implements ChallengeCallbacks {
   /**
    * Updates  the authentication context based on the challenge.
    */
-  async authenticateRequestOnChallenge(
-    challenge: string,
-    options: ChallengeCallbackOptions
-  ): Promise<boolean> {
+  async authorizeRequestOnChallenge(options: AuthorizeRequestOnChallengeOptions): Promise<boolean> {
     // Once we're here, we've completed Step 1.
-
+    const challenge = options.response?.headers.get("WWW-Authenticate");
+    if (!challenge) {
+      throw new Error("Failed to retrieve challenge from response headers");
+    }
     // Step 2: Parse challenge string to retrieve serviceName and scope, where scope is the ACR Scope
     const { service, scope } = parseWWWAuthenticate(challenge);
 
@@ -79,7 +79,7 @@ export class ChallengeHandler implements ChallengeCallbacks {
     );
 
     // Step 5 - Authorize Request.  At this point we're done with AAD and using an ACR access token.
-    options.setAuthorizationHeader(acrAccessToken);
+    options.request.headers.set("Authorization", `Bearer ${acrAccessToken}`);
 
     return true;
   }

sdk/containerregistry/container-registry/src/containerRegistryChallengeHandler.ts

@@ -4,7 +4,10 @@
 /// <reference lib="esnext.asynciterable" />
 
 import { TokenCredential } from "@azure/core-auth";
-import { InternalPipelineOptions } from "@azure/core-rest-pipeline";
+import {
+  InternalPipelineOptions,
+  bearerTokenChallengeAuthenticationPolicy
+} from "@azure/core-rest-pipeline";
 import { OperationOptions } from "@azure/core-client";
 
 import { SpanStatusCode } from "@azure/core-tracing";
@@ -17,7 +20,6 @@ import { GeneratedClient } from "./generated";
 import { createSpan } from "./tracing";
 import { ContainerRegistryClientOptions, DeleteRepositoryResult } from "./model";
 import { extractNextLink } from "./utils";
-import { bearerTokenChallengeAuthenticationPolicy } from "./bearerTokenChallengeAuthenticationPolicy";
 import { ChallengeHandler } from "./containerRegistryChallengeHandler";
 import { ContainerRepositoryClient, DeleteRepositoryOptions } from "./containerRepositoryClient";
 
@@ -91,7 +93,7 @@ export class ContainerRegistryClient {
     this.client.pipeline.addPolicy(
       bearerTokenChallengeAuthenticationPolicy({
         credential,
-        scopes: `https://management.core.windows.net/.default`,
+        scopes: [`https://management.core.windows.net/.default`],
         challengeCallbacks: new ChallengeHandler(this.authClient)
       })
     );