Update logging for AAD fallback.

Microsoft.Azure.Cosmos/src/Authorization/TokenCredentialCache.cs

@@ -214,23 +214,6 @@ private async ValueTask<AccessToken> RefreshCachedTokenWithRetryHelperAsync(
                             }
 
                             return this.cachedAccessToken.Value;
-                        }
-                        catch (RequestFailedException requestFailedException)
-                        {
-                            lastException = requestFailedException;
-                            getTokenTrace.AddDatum(
-                                $"RequestFailedException at {DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)}",
-                                requestFailedException.Message);
-
-                            DefaultTrace.TraceError($"TokenCredential.GetToken() failed with RequestFailedException. scope = {string.Join(";", tokenRequestContext.Scopes)}, retry = {retry}, Exception = {lastException.Message}");
-
-                            // Don't retry on auth failures
-                            if (requestFailedException.Status == (int)HttpStatusCode.Unauthorized ||
-                                requestFailedException.Status == (int)HttpStatusCode.Forbidden)
-                            {
-                                this.cachedAccessToken = default;
-                                throw;
-                            }
                         }
                         catch (OperationCanceledException operationCancelled)
                         {
@@ -258,16 +241,21 @@ private async ValueTask<AccessToken> RefreshCachedTokenWithRetryHelperAsync(
                                 $"Exception at {DateTime.UtcNow.ToString(CultureInfo.InvariantCulture)}",
                                 exception.Message);
 
-                            bool didFallback = this.scopeProvider.TryFallback(exception);
-                            string logMessage = $"TokenCredential.GetTokenAsync() failed. scope = {string.Join(";", tokenRequestContext.Scopes)}, retry = {retry}, Exception = {lastException.Message}. Fallback attempted: {didFallback}";
+                            DefaultTrace.TraceError($"TokenCredential.GetToken() failed with RequestFailedException. scope = {string.Join(";", tokenRequestContext.Scopes)}, retry = {retry}, Exception = {lastException.Message}");
 
-                            if (didFallback)
+                            // Don't retry on auth failures
+                            if (exception is RequestFailedException requestFailedException &&
+                                   (requestFailedException.Status == (int)HttpStatusCode.Unauthorized ||
+                                    requestFailedException.Status == (int)HttpStatusCode.Forbidden))
                             {
-                                DefaultTrace.TraceInformation(logMessage);
+                                this.cachedAccessToken = default;
+                                throw;
                             }
-                            else
+                            bool didFallback = this.scopeProvider.TryFallback(exception);
+
+                            if (didFallback)
                             {
-                                DefaultTrace.TraceWarning(logMessage);
+                                DefaultTrace.TraceInformation($"TokenCredential.GetTokenAsync() failed. scope = {string.Join(";", tokenRequestContext.Scopes)}, retry = {retry}, Exception = {lastException.Message}. Fallback attempted: {didFallback}");
                             }
                         }
                     }