Azure CLI upgrade notification prevents token generation on MacOS shells due to TTY validation

[josh-uk]

Describe the bug

When trying to generate an access token with AzureCliCredential it will always fail due to the CLI prompt returned by az account get-access-token --output json --resource (IdentityClient.java) will always return the following which requires a user response when Azure CLI is on an unupgraded version:

New Azure CLI version available. Running 'az upgrade' to update automatically.
This command is in preview and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Your current Azure CLI version is 2.44.1. Latest version available is 2.51.0.
Please check the release notes first: https://docs.microsoft.com/cli/azure/release-notes-azure-cli
Do you want to continue? (Y/n):

Note: This is also an issue in 2.50.0 which is the latest available on brew.

Exception or Stack Trace

Exception in thread "main" java.lang.IllegalStateException: com.fasterxml.jackson.core.JsonParseException: Unrecognized token 'WARNING': was expecting (JSON String, Number, Array, Object or token 'null', 'true' or 'false')
 at [Source: (String)"WARNING: New Azure CLI version available. Running 'az upgrade' to update automatically.WARNING: Unable to prompt for auto upgrade as no tty available. Run 'az config set auto-upgrade.prompt=no' to allow auto upgrade with no prompt.{  "accessToken": "REDACTED_ACCESS_TOKEN"[truncated 5149 chars]; line: 1, column: 8]
        at com.azure.identity.implementation.IdentityClientBase.getTokenFromAzureCLIAuthentication(IdentityClientBase.java:562)
        at com.azure.identity.implementation.IdentitySyncClient.authenticateWithAzureCli(IdentitySyncClient.java:343)
        at com.azure.identity.AzureCliCredential.getTokenSync(AzureCliCredential.java:92)
        at com.azure.core.implementation.AccessTokenCache.lambda$new$2(AccessTokenCache.java:62)
        at com.azure.core.implementation.AccessTokenCache.lambda$retrieveTokenSync$9(AccessTokenCache.java:224)
        at com.azure.core.implementation.AccessTokenCache.getTokenSync(AccessTokenCache.java:88)
        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderHelperSync(BearerTokenAuthenticationPolicy.java:183)
        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.setAuthorizationHeaderSync(BearerTokenAuthenticationPolicy.java:169)
        at com.azure.security.keyvault.secrets.implementation.KeyVaultCredentialPolicy.authorizeRequestSync(KeyVaultCredentialPolicy.java:227)
        at com.azure.core.http.policy.BearerTokenAuthenticationPolicy.processSync(BearerTokenAuthenticationPolicy.java:131)
        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:41)
        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:164)
        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:176)
        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:176)
        at com.azure.core.http.policy.RetryPolicy.attemptSync(RetryPolicy.java:176)
        at com.azure.core.http.policy.RetryPolicy.processSync(RetryPolicy.java:114)
        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:41)
        at com.azure.core.http.policy.HttpPipelineSyncPolicy.processSync(HttpPipelineSyncPolicy.java:42)
        at com.azure.core.http.policy.UserAgentPolicy.processSync(UserAgentPolicy.java:153)
        at com.azure.core.http.HttpPipelineNextSyncPolicy.processSync(HttpPipelineNextSyncPolicy.java:41)
        at com.azure.core.http.HttpPipeline.sendSync(HttpPipeline.java:131)
        at com.azure.core.implementation.http.rest.SyncRestProxy.send(SyncRestProxy.java:54)
        at com.azure.core.implementation.http.rest.SyncRestProxy.invoke(SyncRestProxy.java:75)
        at com.azure.core.implementation.http.rest.RestProxyBase.invoke(RestProxyBase.java:109)
        at com.azure.core.http.rest.RestProxy.invoke(RestProxy.java:91)
        at jdk.proxy2/jdk.proxy2.$Proxy3.getSecret(Unknown Source)
        at com.azure.security.keyvault.secrets.implementation.SecretClientImpl.getSecretWithResponse(SecretClientImpl.java:538)
        at com.azure.security.keyvault.secrets.SecretClient.getSecretWithResponse(SecretClient.java:229)
        at com.azure.security.keyvault.secrets.SecretClient.getSecret(SecretClient.java:171)
        at org.example.AzureCliAuthExample.main(AzureCliAuthExample.java:22)

To Reproduce

1. Replace the url of the vault and the secret name within AzureCliAuthExample.java
   with legitimate values.
2. Use ./gradlew run to start the app
3. Error should be output about having an unupgraded version Azure CLI which causes the app to crash.

Code Snippet

See https://github.com/joshblackmoor/azure-sdk-cli-bug

Expected behaviour
Standard auth flow to work in the usual way.

Setup (please complete the following information):

• OS: MacOS
• IDE: IntelliJ
• Library/Libraries: com.azure:azure-identity:1.9.2
• Java version: 17
• App Server/Environment: Run using the gradle wrapper e.g. ./gradlew run

Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

• Bug Description Added
• Repro Steps Added
• Setup information Added

[joshfree]

@g2vinay could you please investigate?

[furnivall]

If it helps, an analogous issue was also found on the Python SDK earlier this week. @joshblackmoor and myself worked on both. To save you duplicating effort:
Initial issue:
Azure/azure-sdk-for-python#31493
PR
Azure/azure-sdk-for-python#31534