Azure · chlowell · Jan 15, 2020 · Jan 14, 2020 · Jan 14, 2020 · Jan 15, 2020
diff --git a/sdk/core/azure-core/HISTORY.md b/sdk/core/azure-core/HISTORY.md
@@ -1,6 +1,14 @@
 
 # Release History
 
+## 1.2.1 (2020-01-14)
+
+### Bug fixes
+
+- Fixed a regression in 1.2.0 that was incompatible with azure-keyvault-* 4.0.0
+[#9462](https://github.com/Azure/azure-sdk-for-python/issues/9462)
+
+
 ## 1.2.0 (2020-01-14)
 
 ### Features

diff --git a/sdk/core/azure-core/azure/core/_version.py b/sdk/core/azure-core/azure/core/_version.py
@@ -9,4 +9,4 @@
 # regenerated.
 # --------------------------------------------------------------------------
 
-VERSION = "1.2.0"
+VERSION = "1.2.1"
diff --git a/sdk/core/azure-core/azure/core/pipeline/policies/_authentication.py b/sdk/core/azure-core/azure/core/pipeline/policies/_authentication.py
@@ -29,10 +29,11 @@ class _BearerTokenCredentialPolicyBase(object):
     :param str scopes: Lets you specify the type of access needed.
     """
 
-    def __init__(self, *scopes, **kwargs):  # pylint:disable=unused-argument
-        # type: (*str, **Any) -> None
+    def __init__(self, credential, *scopes, **kwargs):  # pylint:disable=unused-argument
+        # type: (TokenCredential, *str, Mapping[str, Any]) -> None
         super(_BearerTokenCredentialPolicyBase, self).__init__()
         self._scopes = scopes
+        self._credential = credential
         self._token = None  # type: Optional[AccessToken]
 
     @staticmethod
@@ -68,11 +69,6 @@ class BearerTokenCredentialPolicy(_BearerTokenCredentialPolicyBase, SansIOHTTPPo
     :raises: :class:`~azure.core.exceptions.ServiceRequestError`
     """
 
-    def __init__(self, credential, *scopes, **kwargs):
-        # type: (TokenCredential, *str, **Any) -> None
-        self._credential = credential
-        super(BearerTokenCredentialPolicy, self).__init__(*scopes, **kwargs)
-
     def on_request(self, request):
         # type: (PipelineRequest) -> None
         """Adds a bearer token Authorization header to request and sends request to next policy.

diff --git a/sdk/core/azure-core/azure/core/pipeline/policies/_authentication_async.py b/sdk/core/azure-core/azure/core/pipeline/policies/_authentication_async.py
@@ -4,33 +4,26 @@
 # license information.
 # -------------------------------------------------------------------------
 import threading
-from typing import TYPE_CHECKING
 
+from azure.core.pipeline import PipelineRequest
 from azure.core.pipeline.policies import SansIOHTTPPolicy
 from azure.core.pipeline.policies._authentication import _BearerTokenCredentialPolicyBase
 
-if TYPE_CHECKING:
-    # pylint:disable=unused-import
-    from typing import Any
-    from azure.core.credentials_async import AsyncTokenCredential
-    from azure.core.pipeline import PipelineRequest
-
 
 class AsyncBearerTokenCredentialPolicy(_BearerTokenCredentialPolicyBase, SansIOHTTPPolicy):
     # pylint:disable=too-few-public-methods
     """Adds a bearer token Authorization header to requests.
 
     :param credential: The credential.
-    :type credential: ~azure.core.credentials_async.AsyncTokenCredential
+    :type credential: ~azure.core.credentials.TokenCredential
     :param str scopes: Lets you specify the type of access needed.
     """
 
-    def __init__(self, credential: "AsyncTokenCredential", *scopes: str, **kwargs: "Any") -> None:
-        self._credential = credential
+    def __init__(self, credential, *scopes, **kwargs):
+        super().__init__(credential, *scopes, **kwargs)
         self._lock = threading.Lock()
-        super().__init__(*scopes, **kwargs)
 
-    async def on_request(self, request: "PipelineRequest"):
+    async def on_request(self, request: PipelineRequest):
         """Adds a bearer token Authorization header to request and sends request to next policy.
 
         :param request: The pipeline request object to be modified.

diff --git a/...-keyvault-certificates/azure/keyvault/certificates/_shared/async_challenge_auth_policy.py b/...-keyvault-certificates/azure/keyvault/certificates/_shared/async_challenge_auth_policy.py
@@ -13,28 +13,18 @@
 requirements can change. For example, a vault may move to a new tenant. In such a case the policy will attempt the
 protocol again.
 """
-from typing import TYPE_CHECKING
 
+from azure.core.pipeline import PipelineRequest
 from azure.core.pipeline.policies import AsyncHTTPPolicy
+from azure.core.pipeline.transport import HttpResponse
 
-from . import ChallengeAuthPolicyBase, HttpChallengeCache
-
-if TYPE_CHECKING:
-    from typing import Any
-    from azure.core.credentials_async import AsyncTokenCredential
-    from azure.core.pipeline import PipelineRequest
-    from azure.core.pipeline.transport import HttpResponse
-    from . import HttpChallenge
+from . import ChallengeAuthPolicyBase, HttpChallenge, HttpChallengeCache
 
 
 class AsyncChallengeAuthPolicy(ChallengeAuthPolicyBase, AsyncHTTPPolicy):
     """policy for handling HTTP authentication challenges"""
 
-    def __init__(self, credential: "AsyncTokenCredential", **kwargs: "Any") -> None:
-        self._credential = credential
-        super().__init__(**kwargs)
-
-    async def send(self, request: "PipelineRequest") -> "HttpResponse":
+    async def send(self, request: PipelineRequest) -> HttpResponse:
         self._enforce_tls(request)
 
         challenge = HttpChallengeCache.get_challenge_for_url(request.http_request.url)
@@ -66,7 +56,7 @@ async def send(self, request: "PipelineRequest") -> "HttpResponse":
 
         return response
 
-    async def _handle_challenge(self, request: "PipelineRequest", challenge: "HttpChallenge") -> None:
+    async def _handle_challenge(self, request: PipelineRequest, challenge: HttpChallenge) -> None:
         """authenticate according to challenge, add Authorization header to request"""
 
         if self._need_new_token:

diff --git a/.../azure-keyvault-certificates/azure/keyvault/certificates/_shared/challenge_auth_policy.py b/.../azure-keyvault-certificates/azure/keyvault/certificates/_shared/challenge_auth_policy.py
@@ -31,14 +31,16 @@
 
 if TYPE_CHECKING:
     # pylint:disable=unused-import
-    from typing import Any
-    from azure.core.credentials import TokenCredential
     from azure.core.pipeline.transport import HttpResponse
 
 
 class ChallengeAuthPolicyBase(_BearerTokenCredentialPolicyBase):
     """Sans I/O base for challenge authentication policies"""
 
+    # pylint:disable=useless-super-delegation
+    def __init__(self, credential, **kwargs):
+        super(ChallengeAuthPolicyBase, self).__init__(credential, **kwargs)
+
     @staticmethod
     def _update_challenge(request, challenger):
         # type: (HttpRequest, HttpResponse) -> HttpChallenge
@@ -72,11 +74,6 @@ def _get_challenge_request(request):
 class ChallengeAuthPolicy(ChallengeAuthPolicyBase, HTTPPolicy):
     """policy for handling HTTP authentication challenges"""
 
-    def __init__(self, credential, **kwargs):
-        # type: (TokenCredential, **Any) -> None
-        self._credential = credential
-        super(ChallengeAuthPolicy, self).__init__(**kwargs)
-
     def send(self, request):
         # type: (PipelineRequest) -> HttpResponse
         self._enforce_tls(request)

diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/async_challenge_auth_policy.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/async_challenge_auth_policy.py
@@ -13,28 +13,18 @@
 requirements can change. For example, a vault may move to a new tenant. In such a case the policy will attempt the
 protocol again.
 """
-from typing import TYPE_CHECKING
 
+from azure.core.pipeline import PipelineRequest
 from azure.core.pipeline.policies import AsyncHTTPPolicy
+from azure.core.pipeline.transport import HttpResponse
 
-from . import ChallengeAuthPolicyBase, HttpChallengeCache
-
-if TYPE_CHECKING:
-    from typing import Any
-    from azure.core.credentials_async import AsyncTokenCredential
-    from azure.core.pipeline import PipelineRequest
-    from azure.core.pipeline.transport import HttpResponse
-    from . import HttpChallenge
+from . import ChallengeAuthPolicyBase, HttpChallenge, HttpChallengeCache
 
 
 class AsyncChallengeAuthPolicy(ChallengeAuthPolicyBase, AsyncHTTPPolicy):
     """policy for handling HTTP authentication challenges"""
 
-    def __init__(self, credential: "AsyncTokenCredential", **kwargs: "Any") -> None:
-        self._credential = credential
-        super().__init__(**kwargs)
-
-    async def send(self, request: "PipelineRequest") -> "HttpResponse":
+    async def send(self, request: PipelineRequest) -> HttpResponse:
         self._enforce_tls(request)
 
         challenge = HttpChallengeCache.get_challenge_for_url(request.http_request.url)
@@ -66,7 +56,7 @@ async def send(self, request: "PipelineRequest") -> "HttpResponse":
 
         return response
 
-    async def _handle_challenge(self, request: "PipelineRequest", challenge: "HttpChallenge") -> None:
+    async def _handle_challenge(self, request: PipelineRequest, challenge: HttpChallenge) -> None:
         """authenticate according to challenge, add Authorization header to request"""
 
         if self._need_new_token:

diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/challenge_auth_policy.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/challenge_auth_policy.py
@@ -31,14 +31,16 @@
 
 if TYPE_CHECKING:
     # pylint:disable=unused-import
-    from typing import Any
-    from azure.core.credentials import TokenCredential
     from azure.core.pipeline.transport import HttpResponse
 
 
 class ChallengeAuthPolicyBase(_BearerTokenCredentialPolicyBase):
     """Sans I/O base for challenge authentication policies"""
 
+    # pylint:disable=useless-super-delegation
+    def __init__(self, credential, **kwargs):
+        super(ChallengeAuthPolicyBase, self).__init__(credential, **kwargs)
+
     @staticmethod
     def _update_challenge(request, challenger):
         # type: (HttpRequest, HttpResponse) -> HttpChallenge
@@ -72,11 +74,6 @@ def _get_challenge_request(request):
 class ChallengeAuthPolicy(ChallengeAuthPolicyBase, HTTPPolicy):
     """policy for handling HTTP authentication challenges"""
 
-    def __init__(self, credential, **kwargs):
-        # type: (TokenCredential, **Any) -> None
-        self._credential = credential
-        super(ChallengeAuthPolicy, self).__init__(**kwargs)
-
     def send(self, request):
         # type: (PipelineRequest) -> HttpResponse
         self._enforce_tls(request)

diff --git a/...ault/azure-keyvault-secrets/azure/keyvault/secrets/_shared/async_challenge_auth_policy.py b/...ault/azure-keyvault-secrets/azure/keyvault/secrets/_shared/async_challenge_auth_policy.py
@@ -13,28 +13,18 @@
 requirements can change. For example, a vault may move to a new tenant. In such a case the policy will attempt the
 protocol again.
 """
-from typing import TYPE_CHECKING
 
+from azure.core.pipeline import PipelineRequest
 from azure.core.pipeline.policies import AsyncHTTPPolicy
+from azure.core.pipeline.transport import HttpResponse
 
-from . import ChallengeAuthPolicyBase, HttpChallengeCache
-
-if TYPE_CHECKING:
-    from typing import Any
-    from azure.core.credentials_async import AsyncTokenCredential
-    from azure.core.pipeline import PipelineRequest
-    from azure.core.pipeline.transport import HttpResponse
-    from . import HttpChallenge
+from . import ChallengeAuthPolicyBase, HttpChallenge, HttpChallengeCache
 
 
 class AsyncChallengeAuthPolicy(ChallengeAuthPolicyBase, AsyncHTTPPolicy):
     """policy for handling HTTP authentication challenges"""
 
-    def __init__(self, credential: "AsyncTokenCredential", **kwargs: "Any") -> None:
-        self._credential = credential
-        super().__init__(**kwargs)
-
-    async def send(self, request: "PipelineRequest") -> "HttpResponse":
+    async def send(self, request: PipelineRequest) -> HttpResponse:
         self._enforce_tls(request)
 
         challenge = HttpChallengeCache.get_challenge_for_url(request.http_request.url)
@@ -66,7 +56,7 @@ async def send(self, request: "PipelineRequest") -> "HttpResponse":
 
         return response
 
-    async def _handle_challenge(self, request: "PipelineRequest", challenge: "HttpChallenge") -> None:
+    async def _handle_challenge(self, request: PipelineRequest, challenge: HttpChallenge) -> None:
         """authenticate according to challenge, add Authorization header to request"""
 
         if self._need_new_token:

diff --git a/sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_shared/challenge_auth_policy.py b/sdk/keyvault/azure-keyvault-secrets/azure/keyvault/secrets/_shared/challenge_auth_policy.py
@@ -31,14 +31,16 @@
 
 if TYPE_CHECKING:
     # pylint:disable=unused-import
-    from typing import Any
-    from azure.core.credentials import TokenCredential
     from azure.core.pipeline.transport import HttpResponse
 
 
 class ChallengeAuthPolicyBase(_BearerTokenCredentialPolicyBase):
     """Sans I/O base for challenge authentication policies"""
 
+    # pylint:disable=useless-super-delegation
+    def __init__(self, credential, **kwargs):
+        super(ChallengeAuthPolicyBase, self).__init__(credential, **kwargs)
+
     @staticmethod
     def _update_challenge(request, challenger):
         # type: (HttpRequest, HttpResponse) -> HttpChallenge
@@ -72,11 +74,6 @@ def _get_challenge_request(request):
 class ChallengeAuthPolicy(ChallengeAuthPolicyBase, HTTPPolicy):
     """policy for handling HTTP authentication challenges"""
 
-    def __init__(self, credential, **kwargs):
-        # type: (TokenCredential, **Any) -> None
-        self._credential = credential
-        super(ChallengeAuthPolicy, self).__init__(**kwargs)
-
     def send(self, request):
         # type: (PipelineRequest) -> HttpResponse
         self._enforce_tls(request)