Merge branch 'master' into copilot/fix-unconditional-dll-copying

Author: kirankumarkolli

.github/copilot-instructions.md

@@ -41,6 +41,12 @@ Purpose: quick, actionable context so an AI coding assistant can be immediately
 
 - **How AI should produce code/changes here**:
   - **🚫 HARD RULE: NEVER push directly to `master` — NO EXCEPTIONS.** Always create a feature branch and submit a pull request. This rule cannot be overridden.
+  - **Branch naming**: Always use the format `users/<user-name>/feature-name` (e.g. `users/ntripician/fix-retry-logic`). Do not use other conventions like `feature/`, `fix/`, or `dev/`.
+  - **PR title format**: All pull request titles **must** match the CI lint regex: `(\[Internal\]|\[v4\] )?.{3}.+: (Adds|Fixes|Refactors|Removes) .{3}.+`. The format is `[Optional Prefix] Category: Verb Description` where the verb is one of `Adds`, `Fixes`, `Refactors`, or `Removes`. Optional prefixes are `[Internal]` (for PRs with no customer impact) or `[v4]` (for v4-specific changes). Examples:
+    - `Diagnostics: Adds GetElapsedClientLatency to CosmosDiagnostics`
+    - `PartitionKey: Fixes null reference when using default(PartitionKey)`
+    - `[v4] Client Encryption: Refactors code to external project`
+    - `[Internal] Query: Adds code generator for CosmosNumbers for easy additions in the future`
   - Keep changes minimal and focused; prefer small, targeted edits and follow existing code style.
   - When suggesting build/test changes, reference the relevant MSBuild property or pipeline YAML (point to `Directory.Build.props` or `templates/*`).
   - Do not change version numbers or packaging settings without explicit instruction — these are centrally managed.

Microsoft.Azure.Cosmos/FaultInjection/tests/FaultInjectionBuilderValidationTests.cs

@@ -379,7 +379,7 @@ public void EndpointBuilder_ValidParams_Succeeds()
             Assert.IsNotNull(endpoint);
             Assert.AreEqual(3, endpoint.GetReplicaCount());
             Assert.IsFalse(endpoint.IsIncludePrimary());
-            Assert.AreEqual("dbs/db/colls/col", endpoint.GetResoureName());
+            Assert.AreEqual("dbs/db/colls/col", endpoint.GetResourceName());
         }
 
         #endregion

Microsoft.Azure.Cosmos/src/Authorization/AuthorizationTokenProvider.cs

@@ -52,12 +52,6 @@ public abstract ValueTask<string> GetUserAuthorizationTokenAsync(
             AuthorizationTokenType tokenType,
             ITrace trace);
 
-        public abstract ValueTask AddInferenceAuthorizationHeaderAsync(
-            INameValueCollection headersCollection,
-            Uri requestAddress,
-            string verb,
-            AuthorizationTokenType tokenType);
-
         public abstract void TraceUnauthorized(
             DocumentClientException dce,
             string authorizationToken,

Microsoft.Azure.Cosmos/src/Authorization/AuthorizationTokenProviderMasterKey.cs

@@ -214,11 +214,6 @@ private void Dispose(bool disposing)
             this.authKeyHashFunction = null;
         }
 
-        public override ValueTask AddInferenceAuthorizationHeaderAsync(INameValueCollection headersCollection, Uri requestAddress, string verb, AuthorizationTokenType tokenType)
-        {
-            throw new NotImplementedException("AddInferenceAuthorizationHeaderAsync is only valid for AAD");
-        }
-
         // Use C# finalizer syntax for finalization code.
         // This finalizer will run only if the Dispose method does not get called.
         // It gives your base class the opportunity to finalize.

Microsoft.Azure.Cosmos/src/Authorization/AuthorizationTokenProviderResourceToken.cs

@@ -92,11 +92,6 @@ private void Dispose(bool disposing)
             // Do nothing
         }
 
-        public override ValueTask AddInferenceAuthorizationHeaderAsync(INameValueCollection headersCollection, Uri requestAddress, string verb, AuthorizationTokenType tokenType)
-        {
-            throw new NotImplementedException("AddInferenceAuthorizationHeaderAsync is only valid for AAD");
-        }
-
         // Use C# finalizer syntax for finalization code.
         // This finalizer will run only if the Dispose method does not get called.
         // It gives your base class the opportunity to finalize.

Microsoft.Azure.Cosmos/src/Authorization/AuthorizationTokenProviderTokenCredential.cs

@@ -15,7 +15,6 @@ namespace Microsoft.Azure.Cosmos
 
     internal sealed class AuthorizationTokenProviderTokenCredential : AuthorizationTokenProvider
     {
-        private const string InferenceTokenPrefix = "Bearer ";
         internal readonly TokenCredentialCache tokenCredentialCache;
         private bool isDisposed = false;
 
@@ -24,13 +23,15 @@ internal sealed class AuthorizationTokenProviderTokenCredential : AuthorizationT
         public AuthorizationTokenProviderTokenCredential(
             TokenCredential tokenCredential,
             Uri accountEndpoint,
-            TimeSpan? backgroundTokenCredentialRefreshInterval)
+            TimeSpan? backgroundTokenCredentialRefreshInterval,
+            Func<string, string> tokenToAuthorizationHeader)
         {
             this.tokenCredential = tokenCredential ?? throw new ArgumentNullException(nameof(tokenCredential));
             this.tokenCredentialCache = new TokenCredentialCache(
                 tokenCredential: tokenCredential,
                 accountEndpoint: accountEndpoint,
-                backgroundTokenCredentialRefreshInterval: backgroundTokenCredentialRefreshInterval);
+                backgroundTokenCredentialRefreshInterval: backgroundTokenCredentialRefreshInterval,
+                tokenToAuthorizationHeader: tokenToAuthorizationHeader ?? throw new ArgumentNullException(nameof(tokenToAuthorizationHeader)));
         }
 
         public override async ValueTask<(string token, string payload)> GetUserAuthorizationAsync(
@@ -42,8 +43,7 @@ public AuthorizationTokenProviderTokenCredential(
         {
             using (Trace trace = Trace.GetRootTrace(nameof(GetUserAuthorizationTokenAsync), TraceComponent.Authorization, TraceLevel.Info))
             {
-                string token = AuthorizationTokenProviderTokenCredential.GenerateAadAuthorizationSignature(
-                    await this.tokenCredentialCache.GetTokenAsync(trace));
+                string token = await this.tokenCredentialCache.GetTokenAuthorizationHeaderAsync(trace);
                 return (token, default);
             }
         }
@@ -56,8 +56,7 @@ public override async ValueTask<string> GetUserAuthorizationTokenAsync(
             AuthorizationTokenType tokenType,
             ITrace trace)
         {
-            return AuthorizationTokenProviderTokenCredential.GenerateAadAuthorizationSignature(
-                    await this.tokenCredentialCache.GetTokenAsync(trace));
+            return await this.tokenCredentialCache.GetTokenAuthorizationHeaderAsync(trace);
         }
 
         public override async ValueTask AddAuthorizationHeaderAsync(
@@ -68,28 +67,12 @@ public override async ValueTask AddAuthorizationHeaderAsync(
         {
             using (Trace trace = Trace.GetRootTrace(nameof(GetUserAuthorizationTokenAsync), TraceComponent.Authorization, TraceLevel.Info))
             {
-                string token = AuthorizationTokenProviderTokenCredential.GenerateAadAuthorizationSignature(
-                    await this.tokenCredentialCache.GetTokenAsync(trace));
+                string token = await this.tokenCredentialCache.GetTokenAuthorizationHeaderAsync(trace);
 
                 headersCollection.Add(HttpConstants.HttpHeaders.Authorization, token);
             }
         }
 
-        public override async ValueTask AddInferenceAuthorizationHeaderAsync(
-            INameValueCollection headersCollection,
-            Uri requestAddress,
-            string verb,
-            AuthorizationTokenType tokenType)
-        {
-            using (Trace trace = Trace.GetRootTrace(nameof(GetUserAuthorizationTokenAsync), TraceComponent.Authorization, TraceLevel.Info))
-            {
-                string token = await this.tokenCredentialCache.GetTokenAsync(trace);
-
-                string inferenceToken = $"{InferenceTokenPrefix}{token}";
-                headersCollection.Add(HttpConstants.HttpHeaders.Authorization, inferenceToken);
-            }
-        }
-
         public override void TraceUnauthorized(
             DocumentClientException dce,
             string authorizationToken,

Microsoft.Azure.Cosmos/src/Authorization/AzureKeyCredentialAuthorizationTokenProvider.cs

@@ -125,10 +125,5 @@ private void CheckAndRefreshTokenProvider()
                 }
             }
         }
-
-        public override ValueTask AddInferenceAuthorizationHeaderAsync(INameValueCollection headersCollection, Uri requestAddress, string verb, AuthorizationTokenType tokenType)
-        {
-            throw new NotImplementedException("AddInferenceAuthorizationHeaderAsync is only valid for AAD");
-        }
     }
 }