Make WinHTTP transport adapter to NOT use SSL/TLS for unsecured HTTP connections (#2678)

* Make WinHTTP transport adapter to NOT use SSL/TLS for unsecured HTTP connections

* Update changelog for identity as well

* LocaleInvariantCaseInsensitiveEqual + micro-optimization to avoid creating&allocating std::string each time

* Update sdk/identity/azure-identity/CHANGELOG.md

Co-authored-by: Rick Winter <rick.winter@microsoft.com>

Co-authored-by: Anton Kolesnyk <antkmsft@users.noreply.github.com>
Co-authored-by: Rick Winter <rick.winter@microsoft.com>

sdk/core/azure-core/CHANGELOG.md

@@ -11,7 +11,8 @@
 ### Bugs Fixed
 
 - [2647](https://github.com/Azure/azure-sdk-for-cpp/issues/2647) Make the curl transport adapter to check the connection close header.
-- [2474](https://github.com/Azure/azure-sdk-for-cpp/issues/2474) Fix compiling with MSVC and /analyze.
+- [2474](https://github.com/Azure/azure-sdk-for-cpp/issues/2474) Fix compiling with MSVC and `/analyze`.
+- Make WinHTTP transport adapter to NOT use SSL/TLS for unsecured HTTP connections.
 
 ### Other Changes
 

sdk/core/azure-core/src/http/winhttp/win_http_transport.cpp

@@ -3,6 +3,8 @@
 
 #include "azure/core/http/http.hpp"
 
+#include "azure/core/internal/strings.hpp"
+
 #if defined(BUILD_TRANSPORT_WINHTTP_ADAPTER)
 #include "azure/core/http/win_http_transport.hpp"
 #endif
@@ -17,6 +19,8 @@ using namespace Azure::Core::Http;
 
 namespace {
 
+const std::string HttpScheme = "http";
+
 inline std::wstring HttpMethodToWideString(HttpMethod method)
 {
   // This string should be all uppercase.
@@ -289,7 +293,10 @@ void WinHttpTransport::CreateRequestHandle(std::unique_ptr<_detail::HandleManage
       NULL, // Use HTTP/1.1
       WINHTTP_NO_REFERER,
       WINHTTP_DEFAULT_ACCEPT_TYPES, // No media types are accepted by the client
-      WINHTTP_FLAG_SECURE); // Uses secure transaction semantics (SSL/TLS)
+      Azure::Core::_internal::StringExtensions::LocaleInvariantCaseInsensitiveEqual(
+          handleManager->m_request.GetUrl().GetScheme(), HttpScheme)
+          ? 0
+          : WINHTTP_FLAG_SECURE); // Uses secure transaction semantics (SSL/TLS)
 
   if (!handleManager->m_requestHandle)
   {

sdk/identity/azure-identity/CHANGELOG.md

@@ -7,6 +7,7 @@
 ### Breaking Changes
 
 ### Bugs Fixed
+- Fixed `ManagedIdentityCredential` authentication on an Azure VM when using WinHTTP transport adapter.
 
 ### Other Changes
 

sdk/identity/azure-identity/CMakeLists.txt

@@ -20,9 +20,9 @@ include(AzureGlobalCompileOptions)
 az_vcpkg_integrate()
 
 if(NOT AZ_ALL_LIBRARIES)
-  find_package(azure-core-cpp "1.0.0" CONFIG QUIET)
+  find_package(azure-core-cpp "1.2.0" CONFIG QUIET)
   if(NOT azure-core-cpp_FOUND)
-    find_package(azure-core-cpp "1.0.0" REQUIRED)
+    find_package(azure-core-cpp "1.2.0" REQUIRED)
   endif()
 endif()
 

sdk/identity/azure-identity/vcpkg/Config.cmake.in

@@ -4,7 +4,7 @@
 @PACKAGE_INIT@
 
 include(CMakeFindDependencyMacro)
-find_dependency(azure-core-cpp)
+find_dependency(azure-core-cpp "1.2.0")
 
 include("${CMAKE_CURRENT_LIST_DIR}/azure-identity-cppTargets.cmake")
 

sdk/identity/azure-identity/vcpkg/vcpkg.json

@@ -15,7 +15,7 @@
     {
       "name": "azure-core-cpp",
       "default-features": false,
-      "version>=": "1.0.0"
+      "version>=": "1.2.0"
     },
     {
       "name": "vcpkg-cmake",