From aa6b77ca39987b7afe0b795eb709f01186cf55e8 Mon Sep 17 00:00:00 2001
From: Ian Clanton-Thuon <iclanton@users.noreply.github.com>
Date: Thu, 12 Sep 2024 16:26:48 -0700
Subject: [PATCH 1/2] Pass the credentials cache into
 _getCredentialFromTokenAsync.

---
 .../pass-credential-cache_2024-09-12-23-22.json  | 10 ++++++++++
 .../src/AzureAuthenticationBase.ts               | 16 +++++++++++-----
 2 files changed, 21 insertions(+), 5 deletions(-)
 create mode 100644 common/changes/@microsoft/rush/pass-credential-cache_2024-09-12-23-22.json

diff --git a/common/changes/@microsoft/rush/pass-credential-cache_2024-09-12-23-22.json b/common/changes/@microsoft/rush/pass-credential-cache_2024-09-12-23-22.json
new file mode 100644
index 00000000000..5c666134305
--- /dev/null
+++ b/common/changes/@microsoft/rush/pass-credential-cache_2024-09-12-23-22.json
@@ -0,0 +1,10 @@
+{
+  "changes": [
+    {
+      "packageName": "@microsoft/rush",
+      "comment": "Pass the initialized credentials cache to `AzureAuthenticationBase._getCredentialFromTokenAsync` in `@rushstack/rush-azure-storage-build-cache-plugin`.",
+      "type": "none"
+    }
+  ],
+  "packageName": "@microsoft/rush"
+}
\ No newline at end of file
diff --git a/rush-plugins/rush-azure-storage-build-cache-plugin/src/AzureAuthenticationBase.ts b/rush-plugins/rush-azure-storage-build-cache-plugin/src/AzureAuthenticationBase.ts
index 99c39ae58a6..1fe236c91aa 100644
--- a/rush-plugins/rush-azure-storage-build-cache-plugin/src/AzureAuthenticationBase.ts
+++ b/rush-plugins/rush-azure-storage-build-cache-plugin/src/AzureAuthenticationBase.ts
@@ -198,7 +198,11 @@ export abstract class AzureAuthenticationBase {
           }
         }
 
-        const credential: ICredentialResult = await this._getCredentialAsync(terminal, this._loginFlow);
+        const credential: ICredentialResult = await this._getCredentialAsync(
+          terminal,
+          this._loginFlow,
+          credentialsCache
+        );
         credentialsCache.setCacheEntry(this._credentialCacheId, {
           credential: credential.credentialString,
           expires: credential.expiresOn,
@@ -272,12 +276,14 @@ export abstract class AzureAuthenticationBase {
 
   protected abstract _getCredentialFromTokenAsync(
     terminal: ITerminal,
-    tokenCredential: TokenCredential
+    tokenCredential: TokenCredential,
+    credentialsCache: CredentialCache
   ): Promise<ICredentialResult>;
 
   private async _getCredentialAsync(
     terminal: ITerminal,
-    loginFlow: LoginFlowType
+    loginFlow: LoginFlowType,
+    credentialsCache: CredentialCache
   ): Promise<ICredentialResult> {
     const authorityHost: string | undefined = AzureAuthorityHosts[this._azureEnvironment];
     if (!authorityHost) {
@@ -319,13 +325,13 @@ export abstract class AzureAuthenticationBase {
     }
 
     try {
-      return await this._getCredentialFromTokenAsync(terminal, tokenCredential);
+      return await this._getCredentialFromTokenAsync(terminal, tokenCredential, credentialsCache);
     } catch (error) {
       terminal.writeVerbose(`Failed to get credentials with ${loginFlow}: ${error}`);
       const fallbackFlow: LoginFlowType | undefined = this._failoverOrder[loginFlow];
       if (fallbackFlow) {
         terminal.writeVerbose(`Falling back to ${fallbackFlow} login flow`);
-        return this._getCredentialAsync(terminal, fallbackFlow);
+        return this._getCredentialAsync(terminal, fallbackFlow, credentialsCache);
       } else {
         throw error;
       }

From 9905e2e7d66c6a4ac43cb4dc19173d00a1192794 Mon Sep 17 00:00:00 2001
From: Ian Clanton-Thuon <iclanton@users.noreply.github.com>
Date: Thu, 12 Sep 2024 16:43:09 -0700
Subject: [PATCH 2/2] fixup! Pass the credentials cache into
 _getCredentialFromTokenAsync.

---
 .../reviews/api/rush-azure-storage-build-cache-plugin.api.md   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/common/reviews/api/rush-azure-storage-build-cache-plugin.api.md b/common/reviews/api/rush-azure-storage-build-cache-plugin.api.md
index 4e56fc2bb0b..5b39e0eee40 100644
--- a/common/reviews/api/rush-azure-storage-build-cache-plugin.api.md
+++ b/common/reviews/api/rush-azure-storage-build-cache-plugin.api.md
@@ -5,6 +5,7 @@
 ```ts
 
 import { AzureAuthorityHosts } from '@azure/identity';
+import { CredentialCache } from '@rushstack/rush-sdk';
 import { DeviceCodeCredentialOptions } from '@azure/identity';
 import type { ICredentialCacheEntry } from '@rushstack/rush-sdk';
 import { InteractiveBrowserCredentialNodeOptions } from '@azure/identity';
@@ -37,7 +38,7 @@ export abstract class AzureAuthenticationBase {
     protected readonly _failoverOrder: Record<LoginFlowType, LoginFlowType | undefined>;
     protected abstract _getCacheIdParts(): string[];
     // (undocumented)
-    protected abstract _getCredentialFromTokenAsync(terminal: ITerminal, tokenCredential: TokenCredential): Promise<ICredentialResult>;
+    protected abstract _getCredentialFromTokenAsync(terminal: ITerminal, tokenCredential: TokenCredential, credentialsCache: CredentialCache): Promise<ICredentialResult>;
     // (undocumented)
     protected readonly _loginFlow: LoginFlowType;
     // (undocumented)