From a8f63c7e6e00d93f1825c41307c98103c934a1e1 Mon Sep 17 00:00:00 2001
From: Victor Vazquez <vhvb1989@gmail.com>
Date: Thu, 14 Apr 2022 01:26:49 -0700
Subject: [PATCH] use policy for both clients

---
 .../src/attestation_administration_client.cpp |  5 ++++
 .../src/attestation_client.cpp                | 27 -------------------
 .../private/attestation_client_private.cpp    | 16 ++++++++++-
 .../private/attestation_client_private.hpp    | 23 ++++++++++++++++
 4 files changed, 43 insertions(+), 28 deletions(-)

diff --git a/sdk/attestation/azure-security-attestation/src/attestation_administration_client.cpp b/sdk/attestation/azure-security-attestation/src/attestation_administration_client.cpp
index b555a0f3f..0ada37832 100644
--- a/sdk/attestation/azure-security-attestation/src/attestation_administration_client.cpp
+++ b/sdk/attestation/azure-security-attestation/src/attestation_administration_client.cpp
@@ -57,6 +57,11 @@ AttestationAdministrationClient::AttestationAdministrationClient(
   m_apiVersion = options.Version.ToString();
   std::vector<std::unique_ptr<HttpPolicy>> perCallpolicies;
 
+#if defined(BUILD_TRANSPORT_WINHTTP_ADAPTER)
+  // This configuration will make winHTTP to disable client certificate for all attestation requests
+  perCallpolicies.emplace_back(std::make_unique<SetNoClientCertificatePolicy>());
+#endif
+
   m_pipeline = std::make_shared<Azure::Core::Http::_internal::HttpPipeline>(
       options,
       "Attestation",
diff --git a/sdk/attestation/azure-security-attestation/src/attestation_client.cpp b/sdk/attestation/azure-security-attestation/src/attestation_client.cpp
index 7f668749f..5e8d80edc 100644
--- a/sdk/attestation/azure-security-attestation/src/attestation_client.cpp
+++ b/sdk/attestation/azure-security-attestation/src/attestation_client.cpp
@@ -26,33 +26,6 @@ using namespace Azure::Core::Http::Policies;
 using namespace Azure::Core::Http::Policies::_internal;
 using namespace Azure::Core::Http::_internal;
 
-#if defined(BUILD_TRANSPORT_WINHTTP_ADAPTER)
-// Whenever winHTTP transport is built, create a policy to make request with no client certificate
-// for attestation requests
-#include "azure/core/http/win_http_transport.hpp"
-
-namespace {
-class SetNoClientCertificatePolicy : public Azure::Core::Http::Policies::HttpPolicy {
-public:
-  std::unique_ptr<Azure::Core::Http::Policies::HttpPolicy> Clone() const override
-  {
-    return std::make_unique<SetNoClientCertificatePolicy>();
-  }
-
-  std::unique_ptr<Azure::Core::Http::RawResponse> Send(
-      Azure::Core::Http::Request& request,
-      Azure::Core::Http::Policies::NextHttpPolicy nextHttpPolicy,
-      const Azure::Core::Context& ctx) const override
-  {
-    return nextHttpPolicy.Send(
-        request,
-        Azure::Core::Http::_internal::WinHttpTransportContextProvider::
-            GetNoClientCertificateContext(ctx));
-  }
-};
-} // namespace
-#endif
-
 AttestationClient::AttestationClient(
     std::string const& endpoint,
     std::shared_ptr<Core::Credentials::TokenCredential const> credential,
diff --git a/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.cpp b/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.cpp
index 073c0fe1c..f8cc00a36 100644
--- a/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.cpp
+++ b/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.cpp
@@ -8,6 +8,7 @@
  *
  */
 #include "attestation_client_models_private.hpp"
+#include "attestation_client_private.hpp"
 #include "crypto/inc/crypto.hpp"
 #include <azure/core/internal/json/json.hpp>
 #include <chrono>
@@ -18,8 +19,21 @@
 using namespace Azure::Security::Attestation::_detail;
 
 namespace Azure { namespace Security { namespace Attestation { namespace _detail {
+#if defined(BUILD_TRANSPORT_WINHTTP_ADAPTER)
 
-}}}} // namespace Azure::Security::Attestation::_detail
+  std::unique_ptr<Azure::Core::Http::RawResponse> SetNoClientCertificatePolicy::Send(
+      Azure::Core::Http::Request& request,
+      Azure::Core::Http::Policies::NextHttpPolicy nextHttpPolicy,
+      const Azure::Core::Context& ctx) const
+  {
+    return nextHttpPolicy.Send(
+        request,
+        Azure::Core::Http::_internal::WinHttpTransportContextProvider::
+            GetNoClientCertificateContext(ctx));
+  }
+};
+#endif
+}}} // namespace Azure::Security::Attestation::_detail
 
 namespace Azure {
   namespace Security {
diff --git a/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.hpp b/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.hpp
index 2b5624c1e..e1445c0e0 100644
--- a/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.hpp
+++ b/sdk/attestation/azure-security-attestation/src/private/attestation_client_private.hpp
@@ -26,6 +26,12 @@
 #include <string>
 #include <vector>
 
+  #if defined(BUILD_TRANSPORT_WINHTTP_ADAPTER)
+// Whenever winHTTP transport is built, create a policy to make request with no client certificate
+// for attestation requests
+#include "azure/core/http/win_http_transport.hpp"
+#endif
+
 namespace Azure { namespace Security { namespace Attestation { namespace _detail {
 
   template <class T> class EmptyDeserializer {
@@ -448,4 +454,21 @@ namespace Azure { namespace Security { namespace Attestation { namespace _detail
      */
     operator Models::AttestationToken<T> const &() const { return m_token; }
   };
+
+  #if defined(BUILD_TRANSPORT_WINHTTP_ADAPTER)
+
+class SetNoClientCertificatePolicy : public Azure::Core::Http::Policies::HttpPolicy {
+public:
+  std::unique_ptr<Azure::Core::Http::Policies::HttpPolicy> Clone() const override
+  {
+    return std::make_unique<SetNoClientCertificatePolicy>();
+  }
+
+  std::unique_ptr<Azure::Core::Http::RawResponse> Send(
+      Azure::Core::Http::Request& request,
+      Azure::Core::Http::Policies::NextHttpPolicy nextHttpPolicy,
+      const Azure::Core::Context& ctx) const override;
+};
+
+#endif
 }}}} // namespace Azure::Security::Attestation::_detail