From cd7fb42e9181d7f154b826555592b1ec7f6338b9 Mon Sep 17 00:00:00 2001
From: David Obando <daobando@microsoft.com>
Date: Wed, 5 Jul 2017 17:04:54 -0700
Subject: [PATCH] [ACR] Login sends both access and refresh token

---
 src/azure-cli-core/azure/cli/core/_profile.py                | 4 ++--
 .../azure/cli/command_modules/acr/_docker_utils.py           | 5 +++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/azure-cli-core/azure/cli/core/_profile.py b/src/azure-cli-core/azure/cli/core/_profile.py
index d37e80c2977..d947dde38ce 100644
--- a/src/azure-cli-core/azure/cli/core/_profile.py
+++ b/src/azure-cli-core/azure/cli/core/_profile.py
@@ -333,10 +333,10 @@ def get_refresh_token(self, resource=CLOUD.endpoints.active_directory_resource_i
         if user_type == _USER:
             _, _, token_entry = self._creds_cache.retrieve_token_for_user(
                 username_or_sp_id, account[_TENANT_ID], resource)
-            return None, token_entry[_REFRESH_TOKEN], str(account[_TENANT_ID])
+            return None, token_entry[_REFRESH_TOKEN], token_entry[_ACCESS_TOKEN], str(account[_TENANT_ID])
 
         sp_secret = self._creds_cache.retrieve_secret_of_service_principal(username_or_sp_id)
-        return username_or_sp_id, sp_secret, str(account[_TENANT_ID])
+        return username_or_sp_id, sp_secret, None, str(account[_TENANT_ID])
 
     def get_raw_token(self, resource=CLOUD.endpoints.active_directory_resource_id,
                       subscription=None):
diff --git a/src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_docker_utils.py b/src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_docker_utils.py
index 2c611d80b61..00a5134e0e9 100644
--- a/src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_docker_utils.py
+++ b/src/command_modules/azure-cli-acr/azure/cli/command_modules/acr/_docker_utils.py
@@ -44,14 +44,15 @@ def _get_login_token(login_server, only_refresh_token=True, repository=None):
 
     from azure.cli.core._profile import Profile
     profile = Profile()
-    sp_id, refresh, tenant = profile.get_refresh_token()
+    sp_id, refresh, access, tenant = profile.get_refresh_token()
 
     headers = {'Content-Type': 'application/x-www-form-urlencoded'}
     if sp_id is None:
         content = {
-            'grant_type': 'refresh_token',
+            'grant_type': 'access_token_refresh_token',
             'service': params['service'],
             'tenant': tenant,
+            'access_token': access,
             'refresh_token': refresh
         }
     else: