[Core] Prepare 1.36.0 release

Signed-off-by: Paul Van Eck <paulvaneck@microsoft.com>

Author: pvaneck

sdk/core/azure-core/CHANGELOG.md

@@ -1,20 +1,17 @@
 # Release History
 
-## 1.36.0 (Unreleased)
+## 1.36.0 (2025-10-14)
 
 ### Features Added
 
 - Added `TypeHandlerRegistry` to `azure.core.serialization` to allow developers to register custom serializers and deserializers for specific types or conditions.  #43051
 
-### Breaking Changes
-
 ### Bugs Fixed
 
 - Fixed repeated import attempts of cchardet and chardet when charset_normalizer is used #43092
 
 ### Other Changes
 
-- Updated `BearerTokenCredentialPolicy` and `AsyncBearerTokenCredentialPolicy` to set the `enable_cae` parameter to `True` by default. This change enables Continuous Access Evaluation (CAE) for all token requests made through these policies.  #42941
 - Removed `six` as a dependency since it was unused. #39962
 - Added caching to the tracing implementation detection function to prevent potential performance issues from repeated import attempts. #43338
 

sdk/core/azure-core/azure/core/pipeline/policies/_authentication.py

@@ -45,15 +45,15 @@ class _BearerTokenCredentialPolicyBase:
     :type credential: ~azure.core.credentials.TokenProvider
     :param str scopes: Lets you specify the type of access needed.
     :keyword bool enable_cae: Indicates whether to enable Continuous Access Evaluation (CAE) on all requested
-        tokens. Defaults to True.
+        tokens. Defaults to False.
     """
 
     def __init__(self, credential: TokenProvider, *scopes: str, **kwargs: Any) -> None:
         super(_BearerTokenCredentialPolicyBase, self).__init__()
         self._scopes = scopes
         self._credential = credential
         self._token: Optional[Union["AccessToken", "AccessTokenInfo"]] = None
-        self._enable_cae: bool = kwargs.get("enable_cae", True)
+        self._enable_cae: bool = kwargs.get("enable_cae", False)
 
     @staticmethod
     def _enforce_https(request: PipelineRequest[HTTPRequestType]) -> None:

sdk/core/azure-core/azure/core/pipeline/policies/_authentication_async.py

@@ -40,7 +40,7 @@ class AsyncBearerTokenCredentialPolicy(AsyncHTTPPolicy[HTTPRequestType, AsyncHTT
     :type credential: ~azure.core.credentials_async.AsyncTokenProvider
     :param str scopes: Lets you specify the type of access needed.
     :keyword bool enable_cae: Indicates whether to enable Continuous Access Evaluation (CAE) on all requested
-        tokens. Defaults to True.
+        tokens. Defaults to False.
     """
 
     def __init__(self, credential: AsyncTokenProvider, *scopes: str, **kwargs: Any) -> None:
@@ -49,7 +49,7 @@ def __init__(self, credential: AsyncTokenProvider, *scopes: str, **kwargs: Any)
         self._scopes = scopes
         self._lock_instance = None
         self._token: Optional[Union["AccessToken", "AccessTokenInfo"]] = None
-        self._enable_cae: bool = kwargs.get("enable_cae", True)
+        self._enable_cae: bool = kwargs.get("enable_cae", False)
 
     @property
     def _lock(self):

sdk/core/azure-core/tests/async_tests/test_authentication_async.py

@@ -74,7 +74,7 @@ async def test_bearer_policy_authorize_request(http_request):
     assert http_req.headers["Authorization"] == f"Bearer {expected_token.token}"
     assert fake_credential.get_token.call_count == 1
     assert fake_credential.get_token.call_args[0] == ("scope",)
-    assert fake_credential.get_token.call_args[1] == {"claims": "foo", "enable_cae": True}
+    assert fake_credential.get_token.call_args[1] == {"claims": "foo"}
 
 
 @pytest.mark.asyncio
@@ -132,7 +132,7 @@ async def test_bearer_policy_authorize_request_access_token_info(http_request):
     assert policy._token is expected_token
     assert http_req.headers["Authorization"] == f"Bearer {expected_token.token}"
     assert fake_credential.get_token_info.call_args[0] == ("scope",)
-    assert fake_credential.get_token_info.call_args[1] == {"options": {"claims": "foo", "enable_cae": True}}
+    assert fake_credential.get_token_info.call_args[1] == {"options": {"claims": "foo"}}
 
 
 @pytest.mark.asyncio

sdk/core/azure-core/tests/test_authentication.py

@@ -74,7 +74,7 @@ def test_bearer_policy_authorize_request(http_request):
     assert http_req.headers["Authorization"] == f"Bearer {expected_token.token}"
     assert fake_credential.get_token.call_count == 1
     assert fake_credential.get_token.call_args[0] == ("scope",)
-    assert fake_credential.get_token.call_args[1] == {"claims": "foo", "enable_cae": True}
+    assert fake_credential.get_token.call_args[1] == {"claims": "foo"}
 
 
 @pytest.mark.parametrize("http_request", HTTP_REQUESTS)
@@ -119,7 +119,7 @@ def test_bearer_policy_authorize_request_access_token_info(http_request):
     assert policy._token is expected_token
     assert http_req.headers["Authorization"] == f"Bearer {expected_token.token}"
     assert fake_credential.get_token_info.call_args[0] == ("scope",)
-    assert fake_credential.get_token_info.call_args[1] == {"options": {"claims": "foo", "enable_cae": True}}
+    assert fake_credential.get_token_info.call_args[1] == {"options": {"claims": "foo"}}
 
 
 @pytest.mark.parametrize("http_request", HTTP_REQUESTS)
@@ -263,7 +263,7 @@ def test_bearer_policy_default_context(http_request):
 
     pipeline.run(http_request("GET", "https://localhost"))
 
-    credential.get_token.assert_called_once_with(expected_scope, enable_cae=True)
+    credential.get_token.assert_called_once_with(expected_scope)
 
 
 @pytest.mark.parametrize("http_request", HTTP_REQUESTS)
@@ -333,7 +333,7 @@ def test_bearer_policy_cannot_complete_challenge(http_request):
 
     assert response.http_response is expected_response
     assert transport.send.call_count == 1
-    credential.get_token.assert_called_once_with(expected_scope, enable_cae=True)
+    credential.get_token.assert_called_once_with(expected_scope)
 
 
 @pytest.mark.parametrize("http_request", HTTP_REQUESTS)