Azure · soninaren · Apr 24, 2023 · Apr 24, 2023
diff --git a/src/Microsoft.NET.Sdk.Functions.MSBuild/Tasks/Http/HttpClientHelpers.cs b/src/Microsoft.NET.Sdk.Functions.MSBuild/Tasks/Http/HttpClientHelpers.cs
@@ -11,9 +11,13 @@ namespace Microsoft.NET.Sdk.Functions.Http
 {
     internal static class HttpClientHelpers
     {
-        public static async Task<IHttpResponse> PostWithBasicAuthAsync(this IHttpClient client, Uri uri, string username, string password, string contentType, string userAgent, Encoding encoding, Stream messageBody)
+        internal static readonly string AzureADUserName = Guid.Empty.ToString();
+        internal static readonly string BearerAuthenticationScheme = "Bearer";
+        internal static readonly string BasicAuthenticationScheme = "Basic";
+
+        public static async Task<IHttpResponse> PostRequestAsync(this IHttpClient client, Uri uri, string username, string password, string contentType, string userAgent, Encoding encoding, Stream messageBody)
         {
-            AddBasicAuthToClient(username, password, client);
+            AddAuthenticationHeader(username, password, client);
             client.DefaultRequestHeaders.Add("User-Agent", userAgent);
 
             StreamContent content = new StreamContent(messageBody ?? new MemoryStream())
@@ -42,9 +46,9 @@ public static async Task<IHttpResponse> PostWithBasicAuthAsync(this IHttpClient
             }
         }
 
-        public static async Task<IHttpResponse> GetWithBasicAuthAsync(this IHttpClient client, Uri uri, string username, string password, string userAgent, CancellationToken cancellationToken)
+        public static async Task<IHttpResponse> GetRequestAsync(this IHttpClient client, Uri uri, string username, string password, string userAgent, CancellationToken cancellationToken)
         {
-            AddBasicAuthToClient(username, password, client);
+            AddAuthenticationHeader(username, password, client);
             client.DefaultRequestHeaders.Add("User-Agent", userAgent);
 
             try
@@ -58,14 +62,21 @@ public static async Task<IHttpResponse> GetWithBasicAuthAsync(this IHttpClient c
             }
         }
 
-        private static void AddBasicAuthToClient(string username, string password, IHttpClient client)
+        private static void AddAuthenticationHeader(string username, string password, IHttpClient client)
         {
             client.DefaultRequestHeaders.Remove("Connection");
 
-            string plainAuth = string.Format("{0}:{1}", username, password);
-            byte[] plainAuthBytes = Encoding.ASCII.GetBytes(plainAuth);
-            string base64 = Convert.ToBase64String(plainAuthBytes);
-            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", base64);
+            if (!string.Equals(username, AzureADUserName, StringComparison.Ordinal))
+            {
+                string plainAuth = string.Format("{0}:{1}", username, password);
+                byte[] plainAuthBytes = Encoding.ASCII.GetBytes(plainAuth);
+                string base64 = Convert.ToBase64String(plainAuthBytes);
+                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(BasicAuthenticationScheme, base64);
+            }
+            else
+            {
+                client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(BearerAuthenticationScheme, password);
+            }
         }
     }
 }
diff --git a/src/Microsoft.NET.Sdk.Functions.MSBuild/Tasks/ZipDeployTask.cs b/src/Microsoft.NET.Sdk.Functions.MSBuild/Tasks/ZipDeployTask.cs
@@ -87,7 +87,7 @@ internal async System.Threading.Tasks.Task<bool> ZipDeployAsync(string zipToPubl
             Uri uri = new Uri($"{zipDeployPublishUrl}?isAsync=true", UriKind.Absolute);
             string userAgent = $"{UserAgentName}/{userAgentVersion}";
             FileStream stream = File.OpenRead(zipToPublishPath);
-            IHttpResponse response = await client.PostWithBasicAuthAsync(uri, userName, password, "application/zip", userAgent, Encoding.UTF8, stream);
+            IHttpResponse response = await client.PostRequestAsync(uri, userName, password, "application/zip", userAgent, Encoding.UTF8, stream);
             if (response.StatusCode != HttpStatusCode.OK && response.StatusCode != HttpStatusCode.Accepted)
             {
                 if (logMessages)

diff --git a/src/Microsoft.NET.Sdk.Functions.MSBuild/Tasks/ZipDeploymentStatus.cs b/src/Microsoft.NET.Sdk.Functions.MSBuild/Tasks/ZipDeploymentStatus.cs
@@ -82,7 +82,7 @@ private async Task<T> InvokeGetRequestWithRetryAsync<T>(string url, string userN
             IHttpResponse response = null;
             await RetryAsync(async () =>
             {
-                response = await _client.GetWithBasicAuthAsync(new Uri(url, UriKind.RelativeOrAbsolute), userName, password, _userAgent, cts.Token);
+                response = await _client.GetRequestAsync(new Uri(url, UriKind.RelativeOrAbsolute), userName, password, _userAgent, cts.Token);
             }, retryCount, retryDelay);
 
             if (response.StatusCode != HttpStatusCode.OK && response.StatusCode != HttpStatusCode.Accepted)