corehttp 1.0.0b4__tar.gz → 1.0.0b6__tar.gz

corehttp-1.0.0b6/CHANGELOG.md

@@ -0,0 +1,63 @@
+# Release History
+
+## 1.0.0b6 (2025-03-27)
+
+### Features Added
+
+- The `TokenCredential` and `AsyncTokenCredential` protocols have been updated to include a new `get_token_info` method. This method should be used to acquire tokens and return an `AccessTokenInfo` object. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- Added a new `TokenRequestOptions` class, which is a `TypedDict` with optional parameters, that can be used to define options for token requests through the `get_token_info` method. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- Added a new `AccessTokenInfo` class, which is returned by `get_token_info` implementations. This class contains the token, its expiration time, and optional additional information like when a token should be refreshed. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- `BearerTokenCredentialPolicy` and `AsyncBearerTokenCredentialPolicy` now check if a credential has the `get_token_info` method defined. If so, the `get_token_info` method is used to acquire a token. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+  - These policies now also check the `refresh_on` attribute when determining if a new token request should be made.
+- Added `model` attribute to `HttpResponseError` to allow accessing error attributes based on a known model. [#39636](https://github.com/Azure/azure-sdk-for-python/pull/39636)
+- Added `auth_flows` support in `BearerTokenCredentialPolicy`. [#40084](https://github.com/Azure/azure-sdk-for-python/pull/40084)
+
+### Breaking Changes
+
+- The `get_token` method has been removed from the `TokenCredential` and `AsyncTokenCredential` protocols. Implementations should now use the new `get_token_info` method to acquire tokens. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- The `AccessToken` class has been removed and replaced with a new `AccessTokenInfo` class. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- `BearerTokenCredentialPolicy` and `AsyncBearerTokenCredentialPolicy` now rely on credentials having the `get_token_info` method defined. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+
+## 1.0.0b5 (2024-02-29)
+
+### Other Changes
+
+- Accept float for `retry_after` header.
+
+## 1.0.0b4 (2024-02-23)
+
+### Other Changes
+
+- Relax type checking in `Pipeline` constructors to only check that each user-supplied policy object has either a `send` method or both an `on_request` and `on_response` method. This allows for more flexible policy implementations. [#34296](https://github.com/Azure/azure-sdk-for-python/pull/34296)
+
+## 1.0.0b3 (2024-02-01)
+
+### Features Added
+
+- Support tuple input for `files` values to `corehttp.rest.HttpRequest` #34082
+- Support simultaneous `files` and `data` field entry into `corehttp.rest.HttpRequest` #34082
+
+## 1.0.0b2 (2023-11-14)
+
+### Features Added
+
+- Added the initial implementation of the HTTPX transport. [#32813](https://github.com/Azure/azure-sdk-for-python/pull/32813)
+
+### Breaking Changes
+
+- Removed `requests` as a default dependency of `corehttp`. This is now an "extras" dependency and can be installed via `corehttp[requests]`. [#32813](https://github.com/Azure/azure-sdk-for-python/pull/32813)
+- Renamed the `aio` extra to `aiohttp`. [#32813](https://github.com/Azure/azure-sdk-for-python/pull/32813)
+
+### Bugs Fixed
+
+- Fixed an issue with `multipart/form-data` in the async transport where `data` was not getting encoded into the request body. [#32473](https://github.com/Azure/azure-sdk-for-python/pull/32473)
+- Fixed an issue with `connection_verify`, `connection_cert`, and `connection_timeout` not being propagated to underlying transports.  [#33057](https://github.com/Azure/azure-sdk-for-python/pull/33057)
+- Fixed an issue with the `aiohttp` transport not using SSL by default. [#33057](https://github.com/Azure/azure-sdk-for-python/pull/33057)
+
+### Other Changes
+
+- Added extras for `httpx`. [#32813](https://github.com/Azure/azure-sdk-for-python/pull/32813)
+
+## 1.0.0b1 (2023-10-18)
+
+* Initial Release

{corehttp-1.0.0b4/corehttp.egg-info → corehttp-1.0.0b6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: corehttp
-Version: 1.0.0b4
+Version: 1.0.0b6
 Summary: CoreHTTP Library for Python
 Home-page: https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/core/corehttp
 Author: Microsoft Corporation
@@ -87,6 +87,30 @@ additional questions or comments.
 
 # Release History
 
+## 1.0.0b6 (2025-03-27)
+
+### Features Added
+
+- The `TokenCredential` and `AsyncTokenCredential` protocols have been updated to include a new `get_token_info` method. This method should be used to acquire tokens and return an `AccessTokenInfo` object. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- Added a new `TokenRequestOptions` class, which is a `TypedDict` with optional parameters, that can be used to define options for token requests through the `get_token_info` method. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- Added a new `AccessTokenInfo` class, which is returned by `get_token_info` implementations. This class contains the token, its expiration time, and optional additional information like when a token should be refreshed. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- `BearerTokenCredentialPolicy` and `AsyncBearerTokenCredentialPolicy` now check if a credential has the `get_token_info` method defined. If so, the `get_token_info` method is used to acquire a token. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+  - These policies now also check the `refresh_on` attribute when determining if a new token request should be made.
+- Added `model` attribute to `HttpResponseError` to allow accessing error attributes based on a known model. [#39636](https://github.com/Azure/azure-sdk-for-python/pull/39636)
+- Added `auth_flows` support in `BearerTokenCredentialPolicy`. [#40084](https://github.com/Azure/azure-sdk-for-python/pull/40084)
+
+### Breaking Changes
+
+- The `get_token` method has been removed from the `TokenCredential` and `AsyncTokenCredential` protocols. Implementations should now use the new `get_token_info` method to acquire tokens. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- The `AccessToken` class has been removed and replaced with a new `AccessTokenInfo` class. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+- `BearerTokenCredentialPolicy` and `AsyncBearerTokenCredentialPolicy` now rely on credentials having the `get_token_info` method defined. [#38346](https://github.com/Azure/azure-sdk-for-python/pull/38346)
+
+## 1.0.0b5 (2024-02-29)
+
+### Other Changes
+
+- Accept float for `retry_after` header.
+
 ## 1.0.0b4 (2024-02-23)
 
 ### Other Changes

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/_version.py

@@ -9,4 +9,4 @@
 # regenerated.
 # --------------------------------------------------------------------------
 
-VERSION = "1.0.0b4"
+VERSION = "1.0.0b6"

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/credentials.py

@@ -5,39 +5,71 @@
 # -------------------------------------------------------------------------
 from __future__ import annotations
 from types import TracebackType
-from typing import Any, NamedTuple, Optional, AsyncContextManager, Type
+from typing import NamedTuple, Optional, AsyncContextManager, Type, TypedDict, ContextManager
 from typing_extensions import Protocol, runtime_checkable
 
 
-class AccessToken(NamedTuple):
-    """Represents an OAuth access token."""
+class AccessTokenInfo:
+    """Information about an OAuth access token.
+
+    :param str token: The token string.
+    :param int expires_on: The token's expiration time in Unix time.
+    :keyword str token_type: The type of access token. Defaults to 'Bearer'.
+    :keyword int refresh_on: Specifies the time, in Unix time, when the cached token should be proactively
+        refreshed. Optional.
+    """
 
     token: str
+    """The token string."""
     expires_on: int
+    """The token's expiration time in Unix time."""
+    token_type: str
+    """The type of access token."""
+    refresh_on: Optional[int]
+    """Specifies the time, in Unix time, when the cached token should be proactively refreshed. Optional."""
+
+    def __init__(
+        self, token: str, expires_on: int, *, token_type: str = "Bearer", refresh_on: Optional[int] = None
+    ) -> None:
+        self.token = token
+        self.expires_on = expires_on
+        self.token_type = token_type
+        self.refresh_on = refresh_on
 
+    def __repr__(self) -> str:
+        return "AccessTokenInfo(token='{}', expires_on={}, token_type='{}', refresh_on={})".format(
+            self.token, self.expires_on, self.token_type, self.refresh_on
+        )
 
-AccessToken.token.__doc__ = """The token string."""
-AccessToken.expires_on.__doc__ = """The token's expiration time in Unix time."""
 
+class TokenRequestOptions(TypedDict, total=False):
+    """Options to use for access token requests. All parameters are optional."""
 
-@runtime_checkable
-class TokenCredential(Protocol):
-    """Protocol for classes able to provide OAuth tokens."""
+    claims: str
+    """Additional claims required in the token, such as those returned in a resource provider's claims
+    challenge following an authorization failure."""
+    tenant_id: str
+    """The tenant ID to include in the token request."""
 
-    def get_token(self, *scopes: str, claims: Optional[str] = None, **kwargs: Any) -> AccessToken:
-        """Request an access token for `scopes`.
 
-        :param str scopes: The type of access needed.
+class TokenCredential(Protocol, ContextManager["TokenCredential"]):
+    """Protocol for classes able to provide OAuth access tokens."""
 
-        :keyword str claims: Additional claims required in the token, such as those returned in a resource
-            provider's claims challenge following an authorization failure.
+    def get_token_info(self, *scopes: str, options: Optional[TokenRequestOptions] = None) -> AccessTokenInfo:
+        """Request an access token for `scopes`.
 
+        :param str scopes: The type of access needed.
+        :keyword options: A dictionary of options for the token request. Unknown options will be ignored. Optional.
+        :paramtype options: TokenRequestOptions
 
-        :rtype: AccessToken
-        :return: An AccessToken instance containing the token string and its expiration time in Unix time.
+        :rtype: AccessTokenInfo
+        :return: An AccessTokenInfo instance containing information about the token.
         """
         ...
 
+    def close(self) -> None:
+        pass
+
 
 class ServiceNamedKey(NamedTuple):
     """Represents a name and key pair."""
@@ -47,10 +79,11 @@ class ServiceNamedKey(NamedTuple):
 
 
 __all__ = [
-    "AccessToken",
+    "AccessTokenInfo",
     "ServiceKeyCredential",
     "ServiceNamedKeyCredential",
     "TokenCredential",
+    "TokenRequestOptions",
     "AsyncTokenCredential",
 ]
 
@@ -134,16 +167,15 @@ class ServiceNamedKeyCredential:
 class AsyncTokenCredential(Protocol, AsyncContextManager["AsyncTokenCredential"]):
     """Protocol for classes able to provide OAuth tokens."""
 
-    async def get_token(self, *scopes: str, claims: Optional[str] = None, **kwargs: Any) -> AccessToken:
+    async def get_token_info(self, *scopes: str, options: Optional[TokenRequestOptions] = None) -> AccessTokenInfo:
         """Request an access token for `scopes`.
 
         :param str scopes: The type of access needed.
+        :keyword options: A dictionary of options for the token request. Unknown options will be ignored. Optional.
+        :paramtype options: TokenRequestOptions
 
-        :keyword str claims: Additional claims required in the token, such as those returned in a resource
-            provider's claims challenge following an authorization failure.
-
-        :rtype: AccessToken
-        :return: An AccessToken instance containing the token string and its expiration time in Unix time.
+        :rtype: AccessTokenInfo
+        :return: An AccessTokenInfo instance containing the token string and its expiration time in Unix time.
         """
         ...
 

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/exceptions.py

@@ -72,15 +72,12 @@ class _HttpResponseCommonAPI(Protocol):
     """
 
     @property
-    def reason(self) -> Optional[str]:
-        ...
+    def reason(self) -> Optional[str]: ...
 
     @property
-    def status_code(self) -> Optional[int]:
-        ...
+    def status_code(self) -> Optional[int]: ...
 
-    def text(self) -> str:
-        ...
+    def text(self) -> str: ...
 
     @property
     def request(self) -> object:  # object as type, since all we need is str() on it
@@ -190,6 +187,8 @@ class HttpResponseError(BaseError):
     :vartype status_code: int
     :ivar response: The response that triggered the exception.
     :vartype response: ~corehttp.rest.HttpResponse or ~corehttp.rest.AsyncHttpResponse
+    :ivar model: The response body model
+    :vartype model: Any
     """
 
     def __init__(
@@ -203,6 +202,8 @@ class HttpResponseError(BaseError):
             self.reason = response.reason
             self.status_code = response.status_code
 
+        self.model: Optional[Any] = kwargs.pop("model", None)
+
         # By priority, message is:
         # - parameter "message", OR
         # - generic message using "reason"

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/rest/_aiohttp.py

@@ -30,7 +30,7 @@ import logging
 from itertools import groupby
 from typing import Iterator, cast, TYPE_CHECKING
 from multidict import CIMultiDict
-import aiohttp.client_exceptions  # pylint: disable=all
+import aiohttp.client_exceptions  # pylint: disable=networking-import-outside-azure-core-transport
 
 from ._http_response_impl_async import AsyncHttpResponseImpl
 from ..exceptions import (
@@ -263,7 +263,7 @@ class AioHttpStreamDownloadGenerator(collections.abc.AsyncIterator):
         self.response = response
 
         # TODO: determine if block size should be public on RestAioHttpTransportResponse.
-        self.block_size = response._block_size  # pylint: disable=protected-access
+        self.block_size = response._block_size
         self._decompress = decompress
         self.content_length = int(response.headers.get("Content-Length", 0))
         self._decompressor = None
@@ -272,11 +272,11 @@ class AioHttpStreamDownloadGenerator(collections.abc.AsyncIterator):
         return self.content_length
 
     async def __anext__(self):
-        internal_response = self.response._internal_response  # pylint: disable=protected-access
+        internal_response = self.response._internal_response
         try:
             # TODO: Determine how chunks should be read.
             # chunk = await self.response.internal_response.content.read(self.block_size)
-            chunk = await internal_response.content.read(self.block_size)  # pylint: disable=protected-access
+            chunk = await internal_response.content.read(self.block_size)
             if not chunk:
                 raise _ResponseStopIteration()
             if not self._decompress:

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/rest/_http_response_impl.py

@@ -292,12 +292,7 @@ class HttpResponseImpl(_HttpResponseBaseImpl, _HttpResponse):
                 yield self.content[i : i + chunk_size]
         else:
             self._stream_download_check()
-            for part in self._stream_download_generator(
-                response=self,
-                pipeline=None,
-                decompress=True,
-            ):
-                yield part
+            yield from self._stream_download_generator(response=self, pipeline=None, decompress=True)
         self.close()
 
     def iter_raw(self, **kwargs) -> Iterator[bytes]:
@@ -307,6 +302,5 @@ class HttpResponseImpl(_HttpResponseBaseImpl, _HttpResponse):
         :rtype: Iterator[str]
         """
         self._stream_download_check()
-        for part in self._stream_download_generator(response=self, pipeline=None, decompress=False):
-            yield part
+        yield from self._stream_download_generator(response=self, pipeline=None, decompress=False)
         self.close()

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/rest/_httpx.py

@@ -177,7 +177,7 @@ class AsyncHttpXStreamDownloadGenerator(AsyncIterator):
         return self
 
     async def __anext__(self):
-        internal_response = self.response._internal_response  # pylint: disable=protected-access
+        internal_response = self.response._internal_response
         try:
             return await self.iter_content_func.__anext__()
         except StopAsyncIteration:

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/rest/_requests_basic.py

@@ -27,8 +27,8 @@ from __future__ import annotations
 import logging
 import collections.abc as collections
 from typing import TYPE_CHECKING, Any
-import requests  # pylint: disable=all
-from requests.structures import CaseInsensitiveDict  # pylint: disable=all
+import requests  # pylint: disable=networking-import-outside-azure-core-transport
+from requests.structures import CaseInsensitiveDict  # pylint: disable=networking-import-outside-azure-core-transport
 from urllib3.exceptions import (
     DecodeError as CoreDecodeError,
     ReadTimeoutError,
@@ -122,7 +122,7 @@ class StreamDownloadGenerator:
         self.response = response
 
         # TODO: determine if block size should be public on RestTransportResponse.
-        self.block_size = response._block_size  # pylint: disable=protected-access
+        self.block_size = response._block_size
         decompress = kwargs.pop("decompress", True)
         if len(kwargs) > 0:
             raise TypeError("Got an unexpected keyword argument: {}".format(list(kwargs.keys())[0]))
@@ -172,8 +172,7 @@ def _read_raw_stream(response, chunk_size=1):
     # Special case for urllib3.
     if hasattr(response.raw, "stream"):
         try:
-            for chunk in response.raw.stream(chunk_size, decode_content=False):
-                yield chunk
+            yield from response.raw.stream(chunk_size, decode_content=False)
         except ProtocolError as e:
             raise ServiceResponseError(e, error=e) from e
         except CoreDecodeError as e:

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/rest/_rest_py3.py

@@ -329,16 +329,13 @@ class HttpResponse(_HttpResponseBase):
     """
 
     @abc.abstractmethod
-    def __enter__(self) -> "HttpResponse":
-        ...
+    def __enter__(self) -> "HttpResponse": ...
 
     @abc.abstractmethod
-    def __exit__(self, *args: Any) -> None:
-        ...
+    def __exit__(self, *args: Any) -> None: ...
 
     @abc.abstractmethod
-    def close(self) -> None:
-        ...
+    def close(self) -> None: ...
 
     @abc.abstractmethod
     def read(self) -> bytes:
@@ -415,5 +412,4 @@ class AsyncHttpResponse(_HttpResponseBase, AsyncContextManager["AsyncHttpRespons
         yield  # pylint: disable=unreachable
 
     @abc.abstractmethod
-    async def close(self) -> None:
-        ...
+    async def close(self) -> None: ...

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/runtime/pipeline/__init__.py

@@ -51,9 +51,7 @@ class PipelineContext(Dict[str, Any]):
 
     _PICKLE_CONTEXT = {"deserialized_data"}
 
-    def __init__(
-        self, transport: Optional["TransportType"], **kwargs: Any
-    ) -> None:  # pylint: disable=super-init-not-called
+    def __init__(self, transport: Optional["TransportType"], **kwargs: Any) -> None:
         self.transport: Optional["TransportType"] = transport
         self.options = kwargs
         self._protected = ["transport", "options"]
@@ -113,12 +111,10 @@ class PipelineContext(Dict[str, Any]):
         raise TypeError("Context objects cannot be updated.")
 
     @overload
-    def pop(self, __key: str) -> Any:
-        ...
+    def pop(self, __key: str) -> Any: ...
 
     @overload
-    def pop(self, __key: str, __default: Optional[Any]) -> Any:
-        ...
+    def pop(self, __key: str, __default: Optional[Any]) -> Any: ...
 
     def pop(self, *args: Any) -> Any:
         """Removes specified key and returns the value.

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/runtime/pipeline/_base.py

@@ -153,7 +153,7 @@ class Pipeline(ContextManager["Pipeline"], Generic[HTTPRequestType, HTTPResponse
         self._transport.__enter__()
         return self
 
-    def __exit__(self, *exc_details: Any) -> None:  # pylint: disable=arguments-differ
+    def __exit__(self, *exc_details: Any) -> None:
         self._transport.__exit__(*exc_details)
 
     def run(self, request: HTTPRequestType, **kwargs: Any) -> PipelineResponse[HTTPRequestType, HTTPResponseType]:

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/runtime/pipeline/_base_async.py

@@ -26,8 +26,8 @@
 from __future__ import annotations
 import inspect
 from types import TracebackType
-from typing import Any, Union, Generic, TypeVar, List, Optional, Iterable, Type
-from typing_extensions import AsyncContextManager, TypeGuard
+from typing import Any, Union, Generic, TypeVar, List, Optional, Iterable, Type, AsyncContextManager
+from typing_extensions import TypeGuard
 
 from . import PipelineRequest, PipelineResponse, PipelineContext
 from ..policies import AsyncHTTPPolicy, SansIOHTTPPolicy
@@ -45,9 +45,7 @@ def is_async_http_policy(policy: object) -> TypeGuard[AsyncHTTPPolicy]:
     return False
 
 
-class _SansIOAsyncHTTPPolicyRunner(
-    AsyncHTTPPolicy[HTTPRequestType, AsyncHTTPResponseType]
-):  # pylint: disable=unsubscriptable-object
+class _SansIOAsyncHTTPPolicyRunner(AsyncHTTPPolicy[HTTPRequestType, AsyncHTTPResponseType]):
     """Async implementation of the SansIO policy.
 
     Modifies the request and sends to the next policy in the chain.
@@ -76,9 +74,7 @@ class _SansIOAsyncHTTPPolicyRunner(
         return response
 
 
-class _AsyncTransportRunner(
-    AsyncHTTPPolicy[HTTPRequestType, AsyncHTTPResponseType]
-):  # pylint: disable=unsubscriptable-object
+class _AsyncTransportRunner(AsyncHTTPPolicy[HTTPRequestType, AsyncHTTPResponseType]):
     """Async Transport runner.
 
     Uses specified HTTP transport type to send request and returns response.

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/runtime/pipeline/_tools_async.py

@@ -31,13 +31,11 @@ T = TypeVar("T")
 
 
 @overload
-async def await_result(func: Callable[P, Awaitable[T]], *args: P.args, **kwargs: P.kwargs) -> T:
-    ...
+async def await_result(func: Callable[P, Awaitable[T]], *args: P.args, **kwargs: P.kwargs) -> T: ...
 
 
 @overload
-async def await_result(func: Callable[P, T], *args: P.args, **kwargs: P.kwargs) -> T:
-    ...
+async def await_result(func: Callable[P, T], *args: P.args, **kwargs: P.kwargs) -> T: ...
 
 
 async def await_result(func: Callable[P, Union[T, Awaitable[T]]], *args: P.args, **kwargs: P.kwargs) -> T:

{corehttp-1.0.0b4 → corehttp-1.0.0b6}/corehttp/runtime/policies/_authentication.py

@@ -5,16 +5,17 @@
 # -------------------------------------------------------------------------
 from __future__ import annotations
 import time
-from typing import TYPE_CHECKING, Optional, TypeVar, MutableMapping, Any
+from typing import TYPE_CHECKING, Optional, TypeVar, MutableMapping, Any, Union
 
+from ...credentials import TokenRequestOptions
 from ...rest import HttpResponse, HttpRequest
 from . import HTTPPolicy, SansIOHTTPPolicy
 from ...exceptions import ServiceRequestError
 
 if TYPE_CHECKING:
-    # pylint:disable=unused-import
+
     from ...credentials import (
-        AccessToken,
+        AccessTokenInfo,
         TokenCredential,
         ServiceKeyCredential,
     )
@@ -31,15 +32,23 @@ class _BearerTokenCredentialPolicyBase:
     :param credential: The credential.
     :type credential: ~corehttp.credentials.TokenCredential
     :param str scopes: Lets you specify the type of access needed.
+    :keyword auth_flows: A list of authentication flows to use for the credential.
+    :paramtype auth_flows: list[dict[str, Union[str, list[dict[str, str]]]]]
     """
 
+    # pylint: disable=unused-argument
     def __init__(
-        self, credential: "TokenCredential", *scopes: str, **kwargs: Any  # pylint: disable=unused-argument
+        self,
+        credential: "TokenCredential",
+        *scopes: str,
+        auth_flows: Optional[list[dict[str, Union[str, list[dict[str, str]]]]]] = None,
+        **kwargs: Any,
     ) -> None:
         super(_BearerTokenCredentialPolicyBase, self).__init__()
         self._scopes = scopes
         self._credential = credential
-        self._token: Optional["AccessToken"] = None
+        self._token: Optional["AccessTokenInfo"] = None
+        self._auth_flows = auth_flows
 
     @staticmethod
     def _enforce_https(request: PipelineRequest[HTTPRequestType]) -> None:
@@ -68,7 +77,12 @@ class _BearerTokenCredentialPolicyBase:
 
     @property
     def _need_new_token(self) -> bool:
-        return not self._token or self._token.expires_on - time.time() < 300
+        now = time.time()
+        return (
+            not self._token
+            or (self._token.refresh_on is not None and self._token.refresh_on <= now)
+            or (self._token.expires_on - now < 300)
+        )
 
 
 class BearerTokenCredentialPolicy(_BearerTokenCredentialPolicyBase, HTTPPolicy[HTTPRequestType, HTTPResponseType]):
@@ -77,20 +91,30 @@ class BearerTokenCredentialPolicy(_BearerTokenCredentialPolicyBase, HTTPPolicy[H
     :param credential: The credential.
     :type credential: ~corehttp.TokenCredential
     :param str scopes: Lets you specify the type of access needed.
+    :keyword auth_flows: A list of authentication flows to use for the credential.
+    :paramtype auth_flows: list[dict[str, Union[str, list[dict[str, str]]]]]
     :raises: :class:`~corehttp.exceptions.ServiceRequestError`
     """
 
-    def on_request(self, request: PipelineRequest[HTTPRequestType]) -> None:
+    def on_request(
+        self,
+        request: PipelineRequest[HTTPRequestType],
+        *,
+        auth_flows: Optional[list[dict[str, Union[str, list[dict[str, str]]]]]] = None,
+    ) -> None:
         """Called before the policy sends a request.
 
         The base implementation authorizes the request with a bearer token.
 
         :param ~corehttp.runtime.pipeline.PipelineRequest request: the request
+        :keyword auth_flows: A list of authentication flows to use for the credential.
+        :paramtype auth_flows: list[dict[str, Union[str, list[dict[str, str]]]]]
         """
         self._enforce_https(request)
 
         if self._token is None or self._need_new_token:
-            self._token = self._credential.get_token(*self._scopes)
+            options: TokenRequestOptions = {"auth_flows": auth_flows} if auth_flows else {}  # type: ignore
+            self._token = self._credential.get_token_info(*self._scopes, options=options)
         self._update_headers(request.http_request.headers, self._token.token)
 
     def authorize_request(self, request: PipelineRequest[HTTPRequestType], *scopes: str, **kwargs: Any) -> None:
@@ -102,7 +126,12 @@ class BearerTokenCredentialPolicy(_BearerTokenCredentialPolicyBase, HTTPPolicy[H
         :param ~corehttp.runtime.pipeline.PipelineRequest request: the request
         :param str scopes: required scopes of authentication
         """
-        self._token = self._credential.get_token(*scopes, **kwargs)
+        options: TokenRequestOptions = {}
+        # Loop through all the keyword arguments and check if they are part of the TokenRequestOptions.
+        for key in list(kwargs.keys()):
+            if key in TokenRequestOptions.__annotations__:  # pylint:disable=no-member
+                options[key] = kwargs.pop(key)  # type: ignore[literal-required]
+        self._token = self._credential.get_token_info(*scopes, options=options)
         self._update_headers(request.http_request.headers, self._token.token)
 
     def send(self, request: PipelineRequest[HTTPRequestType]) -> PipelineResponse[HTTPRequestType, HTTPResponseType]:
@@ -113,25 +142,25 @@ class BearerTokenCredentialPolicy(_BearerTokenCredentialPolicyBase, HTTPPolicy[H
         :return: The pipeline response object
         :rtype: ~corehttp.runtime.pipeline.PipelineResponse
         """
-        self.on_request(request)
+        self.on_request(request, auth_flows=self._auth_flows)
         try:
             response = self.next.send(request)
-            self.on_response(request, response)
-        except Exception:  # pylint:disable=broad-except
+        except Exception:
             self.on_exception(request)
             raise
-        else:
-            if response.http_response.status_code == 401:
-                self._token = None  # any cached token is invalid
-                if "WWW-Authenticate" in response.http_response.headers:
-                    request_authorized = self.on_challenge(request, response)
-                    if request_authorized:
-                        try:
-                            response = self.next.send(request)
-                            self.on_response(request, response)
-                        except Exception:  # pylint:disable=broad-except
-                            self.on_exception(request)
-                            raise
+
+        self.on_response(request, response)
+        if response.http_response.status_code == 401:
+            self._token = None  # any cached token is invalid
+            if "WWW-Authenticate" in response.http_response.headers:
+                request_authorized = self.on_challenge(request, response)
+                if request_authorized:
+                    try:
+                        response = self.next.send(request)
+                        self.on_response(request, response)
+                    except Exception:
+                        self.on_exception(request)
+                        raise
 
         return response