Fix token acquisition when using azure-json

sdk/keyvault/azure-security-keyvault-jca/README.md

@@ -192,6 +192,18 @@ Please replace `${KEY_VAULT}` with your key vault name and replace `${MANAGED_ID
 
 ## Troubleshooting
 
+### Debug Key Vault Provider
+
+Remote debugger can be used to troubleshoot complex issues, add below parameter for `jarsigner` command to enable remote debug:
+
+```shell
+-J-agentlib:jdwp=transport=dt_socket,address=5005,server=y,suspend=y
+```
+
+Create a Remote JVM Debug configuration in your IDE tool, such as in Intellij IDEA:
+
+![remote-jvm-debug.png](./resources/remote-jvm-debug.png.png)
+
 ## Configure logging
 This module uses JUL (`java.util.logging`), so to configure things like the logging level you can directly modify the JUL configuration.
 

sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/implementation/model/AccessToken.java

@@ -108,7 +108,7 @@ public static AccessToken fromJson(JsonReader jsonReader) throws IOException {
                 if ("access_token".equals(fieldName)) {
                     deserializedAccessToken.accessToken = reader.getString();
                 } else if ("expires_in".equals(fieldName)) {
-                    deserializedAccessToken.expiresIn = reader.getLong();
+                    deserializedAccessToken.expiresIn = Long.parseLong(reader.getString());
                 } else {
                     reader.skipChildren();
                 }

sdk/keyvault/azure-security-keyvault-jca/src/main/resources/module-info.java

@@ -24,4 +24,5 @@
     exports com.azure.security.keyvault.jca.implementation.signature to java.base;
 
     provides java.security.Provider with com.azure.security.keyvault.jca.KeyVaultJcaProvider;
+    uses com.azure.security.keyvault.jca.implementation.shaded.com.azure.json.JsonProvider;
 }

sdk/keyvault/azure-security-keyvault-jca/src/test/java/com/azure/security/keyvault/jca/implementation/utils/JsonConverterUtilTest.java

@@ -3,20 +3,30 @@
 
 package com.azure.security.keyvault.jca.implementation.utils;
 
+import com.azure.json.JsonProviders;
+import com.azure.json.JsonReader;
+import com.azure.json.JsonToken;
 import com.azure.json.ReadValueCallback;
+import com.azure.json.implementation.jackson.core.JsonParseException;
+import com.azure.security.keyvault.jca.implementation.model.AccessToken;
 import com.azure.security.keyvault.jca.implementation.model.CertificateBundle;
 import org.junit.jupiter.api.Test;
 
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.nio.file.Paths;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrowsExactly;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
 /**
  * The JUnit tests for the {@link JsonConverterUtil} class.
  */
 public class JsonConverterUtilTest {
+
     /**
      * Test the {@link JsonConverterUtil#fromJson(ReadValueCallback, String)} method.
      */
@@ -43,4 +53,44 @@ public void testToJson() {
         assertTrue(string.contains("cer"));
         assertTrue(string.contains("\"value\""));
     }
+
+    @Test
+    void testFromJsonWithInvalidTokenResponseBody() {
+        final String accessTokenBody = getAccessTokenBody("src/test/resources/aad/invalid-access-token-response.json");
+        assertThrowsExactly(JsonParseException.class, () -> {
+            try (JsonReader reader = JsonProviders.createReader(accessTokenBody)) {
+                while (reader.nextToken() != JsonToken.END_OBJECT) {
+                    String fieldName = reader.getFieldName();
+                    reader.nextToken();
+                    if ("expires_in".equals(fieldName)) {
+                        reader.getLong();
+                    } else {
+                        reader.skipChildren();
+                    }
+                }
+            }
+        });
+    }
+
+    @Test
+    void testFromJsonWithTokenResponseBody() {
+        String accessTokenBody = getAccessTokenBody("src/test/resources/aad/access-token-response.json");
+        AccessToken accessToken = null;
+        try {
+            accessToken = JsonConverterUtil.fromJson(AccessToken::fromJson, accessTokenBody);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+        assertNotNull(accessToken);
+        assertEquals("test_access_token_value", accessToken.getAccessToken());
+    }
+
+    private static String getAccessTokenBody(String filePath) {
+        String accessTokenBody = null;
+        try {
+            accessTokenBody = new String(Files.readAllBytes(Paths.get(filePath)), StandardCharsets.UTF_8);
+        } catch (IOException ignored) {
+        }
+        return accessTokenBody;
+    }
 }

sdk/keyvault/azure-security-keyvault-jca/src/test/resources/aad/access-token-response.json

@@ -0,0 +1,9 @@
+{
+  "token_type": "Bearer",
+  "expires_in": "3599",
+  "ext_expires_in": "3599",
+  "expires_on": "1731052824",
+  "not_before": "1731048924",
+  "resource": "https://vault.azure.net",
+  "access_token": "test_access_token_value"
+}

sdk/keyvault/azure-security-keyvault-jca/src/test/resources/aad/invalid-access-token-response.json

@@ -0,0 +1,9 @@
+{
+  "token_type": "Bearer",
+  "expires_in": "3599",
+  "ext_expires_in": 3599,
+  "expires_on": "1731052824",
+  "not_before": "1731048924",
+  "resource": "https://vault.azure.net",
+  "access_token": "test_invalid_access_token_value"
+}