[Identity] Add support for Bridge to Kubernetes to ManagedIdentityCre…

…dential

sdk/identity/identity/CHANGELOG.md

@@ -21,6 +21,7 @@
 - `AuthenticationRequiredError` (introduced in 2.0.0-beta.1) now has the same impact on `ChainedTokenCredential` as the `CredentialUnavailableError` which is to allow the next credential in the chain to be tried.
 - `ManagedIdentityCredential` now retries with exponential back-off when a request for a token fails with a 404 status code on environments with available IMDS endpoints.
 - Added an `AzurePowerShellCredential` which will use the authenticated user session from the `Az.Account` PowerShell module. This credential will attempt to use PowerShell Core by calling `pwsh`, and on Windows it will fall back to Windows PowerShell (`powershell`) if PowerShell Core is not available.
+- Added support to `ManagedIdentityCredential` for Bridge to Kubernetes local development authentication.
 
 ### Breaking changes from 2.0.0-beta.1
 

sdk/identity/identity/src/credentials/managedIdentityCredential/imdsMsi.ts

@@ -44,7 +44,7 @@ function prepareRequestOptions(resource?: string, clientId?: string): RequestPre
   }
 
   return {
-    url: imdsEndpoint,
+    url: process.env.AZURE_POD_IDENTITY_TOKEN_URL ?? imdsEndpoint,
     method: "GET",
     queryParameters,
     headers: {
@@ -73,6 +73,11 @@ export const imdsMsi: MSI = {
       getTokenOptions
     );
 
+    // if the PodIdenityEndpoint environment variable was set no need to probe the endpoint, it can be assumed to exist
+    if (process.env.AZURE_POD_IDENTITY_TOKEN_URL) {
+      return true;
+    }
+
     const request = prepareRequestOptions(resource, clientId);
 
     // This will always be populated, but let's make TypeScript happy