Diff tracker PR rebased on feature/track2 fork

.devcontainer/Dockerfile

@@ -0,0 +1,11 @@
+FROM mcr.microsoft.com/devcontainers/rust:1-1-bullseye
+
+USER vscode
+
+# Install nightly toolchain to give access to nightly features for docs-site build.
+RUN rustup toolchain install nightly
+
+# Install pre-requisite tools
+RUN cargo install \
+    cargo-watch \
+    http-server

.devcontainer/devcontainer.json

@@ -2,7 +2,9 @@
 // README at: https://github.com/devcontainers/templates/tree/main/src/rust
 {
   "name": "Azure SDK for Rust",
-  "image": "mcr.microsoft.com/devcontainers/rust:1-1-bullseye",
+  "build": {
+    "dockerfile": "Dockerfile"
+  },
   "onCreateCommand": ".devcontainer/oncreate",
   "features": {
     "ghcr.io/devcontainers/features/azure-cli:1": {},
@@ -20,4 +22,4 @@
       ]
     }
   }
-}
+}

.github/CODEOWNERS

@@ -35,9 +35,10 @@
 # ServiceOwner: @Pilchie
 # ServiceLabel: %Cosmos
 # PRLabel: %Cosmos
-/sdk/cosmos/          @analogrelay @Pilchie
+/sdk/cosmos/          @analogrelay @Pilchie @kirankumarkolli @tvaron3 @FabianMeiswinkel @kundadebdatta
 
 ###########
 # Eng Sys
 ###########
 /eng/                   @weshaggard @heaths @RickWinter
+/.github/CODEOWNERS      @RickWinter @ronniegeraghty @Azure/azure-sdk-eng

.vscode/cspell.json

@@ -6,11 +6,13 @@
     "**/test-resources.bicep",
     "**/test-resources.json",
     ".devcontainer/devcontainer.json",
+    ".devcontainer/Dockerfile",
     ".devcontainer/oncreate",
     ".github/CODEOWNERS",
     ".github/dependabot.yml",
     ".vscode/cspell.json",
     ".vscode/extensions.json",
+    ".vscode/tasks.json",
     "NOTICE.txt",
     "eng/",
     "*.dict.txt",
@@ -21,6 +23,7 @@
     "asyncoperation",
     "azsdk",
     "azurecli",
+    "Contoso",
     "cplusplus",
     "datalake",
     "datetime",
@@ -29,13 +32,15 @@
     "downcasted",
     "downcasting",
     "entra",
+    "endregion",
     "etag",
     "eventhub",
     "eventhubs",
     "hmac",
     "iothub",
     "keyvault",
     "msrc",
+    "openai",
     "pageable",
     "pkce",
     "pkcs",
@@ -63,6 +68,11 @@
       "name": "cosmos",
       "path": "../sdk/cosmos/.dict.txt",
       "noSuggest": true
+    },
+    {
+      "name": "identity",
+      "path": "../sdk/identity/.dict.txt",
+      "noSuggest": true
     }
   ],
   "overrides": [
@@ -92,11 +102,10 @@
     },
     {
       "filename": "sdk/identity/**",
-      "words": [
-        "adfs",
-        "azureauth",
-        "msal",
-        "imds"
+      "dictionaries": [
+        "crates",
+        "rust-custom",
+        "identity"
       ]
     },
     {

.vscode/tasks.json

@@ -0,0 +1,22 @@
+{
+  "tasks": [
+    {
+      "label": "Start docs site (requires nightly)",
+      "options": {
+        "cwd": "${workspaceFolder}"
+      },
+      "command": "cargo",
+      "args": [
+        "watch",
+        "-s",
+        "RUSTDOCFLAGS=\"--cfg=docsrs --enable-index-page -Z unstable-options\" cargo +nightly doc --all-features --workspace --no-deps",
+        "-s",
+        "http-server --index --port 8080 ./target/doc"
+      ],
+      "isBackground": true,
+      "problemMatcher": [
+        "$rustc"
+      ]
+    }
+  ]
+}

Cargo.toml

@@ -12,6 +12,7 @@ members = [
   "eng/test/mock_transport",
   "sdk/storage",
   "sdk/storage/azure_storage_blob",
+  "sdk/openai/inference",
 ]
 
 [workspace.package]

eng/dict/rust-custom.txt

@@ -3,3 +3,4 @@ newtype
 repr
 rustc
 rustls
+turbofish

eng/scripts/Analyze-Code.ps1

@@ -18,13 +18,13 @@ Write-Host "Analyzing code with
 $env:RUSTDOCFLAGS = "-D warnings"
 $env:RUSTFLAGS = "-Dwarnings"
 
-Invoke-LoggedCommand "cargo +$Toolchain check -p azure_core --no-default-features"
+Invoke-LoggedCommand "cargo +$Toolchain check -p azure_core --no-default-features --keep-going"
 
 Invoke-LoggedCommand "cargo +$Toolchain fmt --all -- --check"
 
-Invoke-LoggedCommand "cargo +$Toolchain clippy --all"
+Invoke-LoggedCommand "cargo +$Toolchain clippy --workspace --keep-going --no-deps"
 
-Invoke-LoggedCommand "cargo +$Toolchain doc --all --no-deps"
+Invoke-LoggedCommand "cargo +$Toolchain doc --workspace --no-deps"
 
 # Verify package dependencies
 

sdk/core/azure_core/Cargo.toml

@@ -16,6 +16,7 @@ rust-version.workspace = true
 [dependencies]
 typespec = { workspace = true, features = ["http", "json"] }
 typespec_client_core = { workspace = true, features = ["http", "json"] }
+async-lock = { workspace = true }
 async-trait.workspace = true
 bytes.workspace = true
 futures.workspace = true

sdk/core/azure_core/src/hmac.rs

@@ -1,7 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-use crate::auth::Secret;
+use crate::credentials::Secret;
 #[cfg(any(feature = "hmac_rust", feature = "hmac_openssl"))]
 use crate::{
     base64,

sdk/core/azure_core/src/lib.rs

@@ -25,7 +25,7 @@ mod options;
 mod pipeline;
 mod policies;
 
-pub mod auth;
+pub mod credentials;
 pub mod headers;
 pub mod lro;
 pub mod request_options;

sdk/core/azure_core/src/policies/bearer_token_policy.rs

@@ -2,20 +2,27 @@
 // Licensed under the MIT License.
 
 use crate::{
-    auth::TokenCredential,
+    credentials::{AccessToken, TokenCredential},
+    error::{Error, ErrorKind},
     headers::AUTHORIZATION,
     policies::{Policy, PolicyResult},
     Context, Request,
 };
+use async_lock::RwLock;
 use async_trait::async_trait;
 use std::sync::Arc;
+use std::time::Duration;
 
 #[derive(Debug, Clone)]
 pub struct BearerTokenCredentialPolicy {
     credential: Arc<dyn TokenCredential>,
     scopes: Vec<String>,
+    access_token: Arc<RwLock<Option<AccessToken>>>,
 }
 
+/// Default timeout in seconds before refreshing a new token.
+const DEFAULT_REFRESH_TIME: Duration = Duration::from_secs(120);
+
 impl BearerTokenCredentialPolicy {
     pub fn new<A, B>(credential: Arc<dyn TokenCredential>, scopes: A) -> Self
     where
@@ -25,8 +32,21 @@ impl BearerTokenCredentialPolicy {
         Self {
             credential,
             scopes: scopes.into_iter().map(|s| s.into()).collect(),
+            access_token: Arc::new(RwLock::new(None)),
         }
     }
+
+    fn scopes(&self) -> Vec<&str> {
+        self.scopes
+            .iter()
+            .map(String::as_str)
+            .collect::<Vec<&str>>()
+    }
+
+    async fn access_token(&self) -> Option<String> {
+        let access_token = self.access_token.read().await;
+        access_token.as_ref().map(|s| s.token.secret().to_string())
+    }
 }
 
 #[cfg_attr(target_arch = "wasm32", async_trait(?Send))]
@@ -38,15 +58,27 @@ impl Policy for BearerTokenCredentialPolicy {
         request: &mut Request,
         next: &[Arc<dyn Policy>],
     ) -> PolicyResult {
-        let scopes = self
-            .scopes
-            .iter()
-            .map(|s| s.as_str())
-            .collect::<Vec<&str>>();
-        let access_token = self.credential.get_token(&scopes).await?;
-        let token = access_token.token.secret();
+        let access_token = self.access_token.read().await;
+
+        if let Some(token) = &(*access_token) {
+            if token.is_expired(Some(DEFAULT_REFRESH_TIME)) {
+                drop(access_token);
+                let mut access_token = self.access_token.write().await;
+                *access_token = Some(self.credential.get_token(&self.scopes()).await?);
+            }
+        } else {
+            drop(access_token);
+            let mut access_token = self.access_token.write().await;
+            *access_token = Some(self.credential.get_token(&self.scopes()).await?);
+        }
 
-        request.insert_header(AUTHORIZATION, format!("Bearer {token}"));
+        let access_token = self.access_token().await.ok_or_else(|| {
+            Error::message(
+                ErrorKind::Credential,
+                "The request failed due to an error while fetching the access token.",
+            )
+        })?;
+        request.insert_header(AUTHORIZATION, format!("Bearer {}", access_token));
 
         next[0].send(ctx, request, &next[1..]).await
     }

sdk/core/azure_core_amqp/Cargo.toml

@@ -29,6 +29,7 @@ fe2o3-amqp-cbs = { workspace = true, optional = true }
 fe2o3-amqp-types = { workspace = true, optional = true }
 serde_amqp = { workspace = true, optional = true }
 serde_bytes = { workspace = true, optional = true }
+uuid = { workspace = true }
 
 [dev-dependencies]
 tracing-subscriber = { workspace = true, features = ["env-filter"] }

sdk/core/azure_core_amqp/src/cbs.rs

@@ -74,9 +74,9 @@ impl AmqpClaimsBasedSecurityApis for AmqpClaimsBasedSecurity {
 }
 
 impl AmqpClaimsBasedSecurity {
-    pub fn new(session: AmqpSession) -> Self {
-        Self {
-            implementation: CbsImplementation::new(session),
-        }
+    pub fn new(session: AmqpSession) -> Result<Self> {
+        Ok(Self {
+            implementation: CbsImplementation::new(session)?,
+        })
     }
 }