[SSH] Serialize AT token_type and expose in result

msal/application.py

@@ -441,7 +441,7 @@ def _acquire_token_silent_from_cache_and_possibly_refresh_it(
                 logger.debug("Cache hit an AT")
                 return {  # Mimic a real response
                     "access_token": entry["secret"],
-                    "token_type": "Bearer",
+                    "token_type": entry.get("token_type", "Bearer"),
                     "expires_in": int(expires_in),  # OAuth2 specs defines it as int
                     }
         return self._acquire_token_silent_by_finding_rt_belongs_to_me_or_my_family(

msal/token_cache.py

@@ -160,6 +160,7 @@ def __add(self, event, now=None):
                     "client_id": event.get("client_id"),
                     "target": target,
                     "realm": realm,
+                    "token_type": response.get("token_type", "Bearer"),
                     "cached_at": str(now),  # Schema defines it as a string
                     "expires_on": str(now + expires_in),  # Same here
                     "extended_expires_on": str(now + ext_expires_in)  # Same here

tests/test_token_cache.py

@@ -83,6 +83,7 @@ def testAddByAad(self):
                 'realm': 'contoso',
                 'secret': 'an access token',
                 'target': 's2 s1 s3',
+                'token_type': 'some type',
             },
             self.cache._cache["AccessToken"].get(
                 'uid.utid-login.example.com-accesstoken-my_client_id-contoso-s2 s1 s3')
@@ -155,6 +156,7 @@ def testAddByAdfs(self):
                 'realm': 'adfs',
                 'secret': 'an access token',
                 'target': 's2 s1 s3',
+                'token_type': 'some type',
             },
             self.cache._cache["AccessToken"].get(
                 'subject-fs.msidlab8.com-accesstoken-my_client_id-adfs-s2 s1 s3')