ci(deploy): add OIDC token authentication for Azure deployment

Add permissions block (id-token, contents, pull-requests), install
@actions/core and @actions/http-client for OIDC, fetch an ID token
via actions/github-script, and pass it to the Azure deploy step.

Co-Authored-By: Hagicode <noreply@hagicode.com>
Signed-off-by: newbe36524 <newbe36524@qq.com>

Author: newbe36524

.github/workflows/azure-static-web-apps-agreeable-stone-04924c800.yml

@@ -25,6 +25,10 @@ jobs:
     if: github.event.action != 'closed'
     runs-on: ubuntu-latest
     name: Build and Deploy Job
+    permissions:
+      id-token: write
+      contents: read
+      pull-requests: write
     steps:
       - uses: actions/checkout@v4
         with:
@@ -40,6 +44,18 @@ jobs:
       - name: Install dependencies
         run: npm ci
 
+      - name: Install OIDC Client from Core Package
+        run: npm install @actions/core@1.6.0 @actions/http-client
+
+      - name: Get Id Token
+        uses: actions/github-script@v6
+        id: idtoken
+        with:
+          script: |
+            const coredemo = require('@actions/core');
+            return await coredemo.getIDToken();
+          result-encoding: string
+
       - name: Build docs
         run: npm run build:ci
         env:
@@ -55,6 +71,7 @@ jobs:
           app_location: dist
           skip_app_build: true
           skip_api_build: true
+          github_id_token: ${{ steps.idtoken.outputs.result }}
 
   close_pull_request_job:
     if: github.event_name == 'pull_request' && github.event.action == 'closed'