diff --git a/eng/Packages.Data.props b/eng/Packages.Data.props
index 88b34e60674f6..d123e62af7725 100644
--- a/eng/Packages.Data.props
+++ b/eng/Packages.Data.props
@@ -152,13 +152,9 @@
-
-
-
-
+
+
+
@@ -177,6 +173,9 @@
+
+
+
- 1.11.2
+ 1.12.0
Microsoft Azure Identity;$(PackageCommonTags)
$(RequiredTargetFrameworks)
$(NoWarn);3021;AZC0011
diff --git a/sdk/identity/Azure.Identity/src/MsalClientBase.cs b/sdk/identity/Azure.Identity/src/MsalClientBase.cs
index bc1cf064c7e53..b35a2be5b511a 100644
--- a/sdk/identity/Azure.Identity/src/MsalClientBase.cs
+++ b/sdk/identity/Azure.Identity/src/MsalClientBase.cs
@@ -108,5 +108,20 @@ await _clientWithCaeAsyncLock.GetLockOrValueAsync(true, default).ConfigureAwait(
return asyncLock.HasValue ? asyncLock.Value.Cache : null;
}
+
+ public UriBuilder BuildTenantIdWithAuthorityHost(string tenantId)
+ {
+ UriBuilder uriBuilder = new UriBuilder(AuthorityHost);
+ if (uriBuilder.Path.EndsWith("/"))
+ {
+ uriBuilder.Path = uriBuilder.Path + tenantId;
+ }
+ else
+ {
+ uriBuilder.Path = uriBuilder.Path + "/" + tenantId;
+ }
+
+ return uriBuilder;
+ }
}
}
diff --git a/sdk/identity/Azure.Identity/src/MsalConfidentialClient.cs b/sdk/identity/Azure.Identity/src/MsalConfidentialClient.cs
index e9d5318f653d4..991c54a26112f 100644
--- a/sdk/identity/Azure.Identity/src/MsalConfidentialClient.cs
+++ b/sdk/identity/Azure.Identity/src/MsalConfidentialClient.cs
@@ -169,12 +169,10 @@ public virtual async ValueTask AcquireTokenForClientCoreAs
if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
+
if (!string.IsNullOrEmpty(claims))
{
builder.WithClaims(claims);
@@ -212,14 +210,13 @@ public virtual async ValueTask AcquireTokenSilentCoreAsync
IConfidentialClientApplication client = await GetClientAsync(enableCae, async, cancellationToken).ConfigureAwait(false);
var builder = client.AcquireTokenSilent(scopes, account);
+
if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
+
if (!string.IsNullOrEmpty(claims))
{
builder.WithClaims(claims);
@@ -260,12 +257,10 @@ public virtual async ValueTask AcquireTokenByAuthorization
if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
+
if (!string.IsNullOrEmpty(claims))
{
builder.WithClaims(claims);
@@ -306,12 +301,10 @@ public virtual async ValueTask AcquireTokenOnBehalfOfCoreA
if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
+
if (!string.IsNullOrEmpty(claims))
{
builder.WithClaims(claims);
diff --git a/sdk/identity/Azure.Identity/src/MsalPublicClient.cs b/sdk/identity/Azure.Identity/src/MsalPublicClient.cs
index 37df7f88673f1..3fc04e01baae4 100644
--- a/sdk/identity/Azure.Identity/src/MsalPublicClient.cs
+++ b/sdk/identity/Azure.Identity/src/MsalPublicClient.cs
@@ -128,12 +128,10 @@ protected virtual async ValueTask AcquireTokenSilentCoreAs
{
builder.WithClaims(claims);
}
- if (tenantId != null)
+
+ if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = TenantId ?? tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
@@ -195,12 +193,9 @@ protected virtual async ValueTask AcquireTokenSilentCoreAs
// user authenticated to originally.
var builder = client.AcquireTokenSilent(scopes, (AuthenticationAccount)record);
- if (tenantId != null || record.TenantId != null)
+ if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId ?? record.TenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
@@ -310,14 +305,13 @@ protected virtual async ValueTask AcquireTokenInteractiveC
{
builder.WithLoginHint(loginHint);
}
- if (tenantId != null)
+
+ if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
+
if (browserOptions != null)
{
if (browserOptions.UseEmbeddedWebView.HasValue)
@@ -359,10 +353,7 @@ protected virtual async ValueTask AcquireTokenByUsernamePa
}
if (!string.IsNullOrEmpty(tenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenantId
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(tenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
return await builder.ExecuteAsync(async, cancellationToken)
@@ -409,10 +400,7 @@ protected virtual async ValueTask AcquireTokenByRefreshTok
if (!string.IsNullOrEmpty(TenantId))
{
- UriBuilder uriBuilder = new UriBuilder(AuthorityHost)
- {
- Path = tenant
- };
+ UriBuilder uriBuilder = BuildTenantIdWithAuthorityHost(TenantId);
builder.WithTenantIdFromAuthority(uriBuilder.Uri);
}
diff --git a/sdk/identity/Azure.Identity/tests/AuthorizationCodeCredentialTests.cs b/sdk/identity/Azure.Identity/tests/AuthorizationCodeCredentialTests.cs
index 85c8912ee6eab..e24f1622cd4e6 100644
--- a/sdk/identity/Azure.Identity/tests/AuthorizationCodeCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/AuthorizationCodeCredentialTests.cs
@@ -34,6 +34,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
RedirectUri = config.RedirectUri,
+ AuthorityHost = config.AuthorityHost
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/AzureCliCredentialTests.cs b/sdk/identity/Azure.Identity/tests/AzureCliCredentialTests.cs
index 2117aa7d69f23..d3e76e23b516f 100644
--- a/sdk/identity/Azure.Identity/tests/AzureCliCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/AzureCliCredentialTests.cs
@@ -35,6 +35,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
TenantId = config.TenantId,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost
};
var (_, _, processOutput) = CredentialTestHelpers.CreateTokenForAzureCli();
var testProcess = new TestProcess { Output = processOutput };
diff --git a/sdk/identity/Azure.Identity/tests/AzureDeveloperCliCredentialTests.cs b/sdk/identity/Azure.Identity/tests/AzureDeveloperCliCredentialTests.cs
index d15b6e1ce3559..b7bf800e0d0c0 100644
--- a/sdk/identity/Azure.Identity/tests/AzureDeveloperCliCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/AzureDeveloperCliCredentialTests.cs
@@ -34,6 +34,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
TenantId = config.TenantId,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost
};
var (_, _, processOutput) = CredentialTestHelpers.CreateTokenForAzureDeveloperCli();
var testProcess = new TestProcess { Output = processOutput };
diff --git a/sdk/identity/Azure.Identity/tests/AzurePipelinesCredentialTests.cs b/sdk/identity/Azure.Identity/tests/AzurePipelinesCredentialTests.cs
index 3dfe626c7ac90..e7ad3edde4838 100644
--- a/sdk/identity/Azure.Identity/tests/AzurePipelinesCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/AzurePipelinesCredentialTests.cs
@@ -44,6 +44,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
MsalClient = config.MockConfidentialMsalClient,
OidcRequestUri = "https://dev.azure.com/myorg/myproject/_apis/serviceendpoint/endpoints?api-version=2.2.2",
+ AuthorityHost = config.AuthorityHost
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/AzurePowerShellCredentialsTests.cs b/sdk/identity/Azure.Identity/tests/AzurePowerShellCredentialsTests.cs
index 33905e0883af3..eb417519d4f5f 100644
--- a/sdk/identity/Azure.Identity/tests/AzurePowerShellCredentialsTests.cs
+++ b/sdk/identity/Azure.Identity/tests/AzurePowerShellCredentialsTests.cs
@@ -42,6 +42,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
TenantId = config.TenantId,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost
};
var (_, _, processOutput) = CredentialTestHelpers.CreateTokenForAzurePowerShell(TimeSpan.FromSeconds(30));
var testProcess = new TestProcess { Output = processOutput };
diff --git a/sdk/identity/Azure.Identity/tests/ClientAssertionCredentialTests.cs b/sdk/identity/Azure.Identity/tests/ClientAssertionCredentialTests.cs
index 9600f39f6ff48..a16e9e296f16c 100644
--- a/sdk/identity/Azure.Identity/tests/ClientAssertionCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/ClientAssertionCredentialTests.cs
@@ -37,6 +37,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
MsalClient = config.MockConfidentialMsalClient,
+ AuthorityHost = config.AuthorityHost
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/ClientCertificateCredentialTests.cs b/sdk/identity/Azure.Identity/tests/ClientCertificateCredentialTests.cs
index e675f9a71d537..1461575474fec 100644
--- a/sdk/identity/Azure.Identity/tests/ClientCertificateCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/ClientCertificateCredentialTests.cs
@@ -41,6 +41,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/ClientSecretCredentialTests.cs b/sdk/identity/Azure.Identity/tests/ClientSecretCredentialTests.cs
index f3ef3e41171ed..9154fa6918cb0 100644
--- a/sdk/identity/Azure.Identity/tests/ClientSecretCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/ClientSecretCredentialTests.cs
@@ -30,6 +30,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/CredentialTestBase.cs b/sdk/identity/Azure.Identity/tests/CredentialTestBase.cs
index 10ab25adb30cc..64c4d6e15b881 100644
--- a/sdk/identity/Azure.Identity/tests/CredentialTestBase.cs
+++ b/sdk/identity/Azure.Identity/tests/CredentialTestBase.cs
@@ -422,6 +422,52 @@ public async Task CachingOptionsAreRespected()
Assert.AreEqual(actualToken1.Token, actualToken2.Token);
}
+ [Test]
+ public async Task AuthorityHostConfigSupportsdStS()
+ {
+ // Configure the transport
+ var token = Guid.NewGuid().ToString();
+ TransportConfig transportConfig = new()
+ {
+ TokenFactory = req => token,
+ RequestValidator = req =>
+ {
+ if (req.Content != null)
+ {
+ var stream = new MemoryStream();
+ req.Content.WriteTo(stream, default);
+ var content = new BinaryData(stream.ToArray()).ToString();
+ var queryString = Uri.UnescapeDataString(content)
+ .Split('&')
+ .Select(q => q.Split('='))
+ .ToDictionary(kvp => kvp[0], kvp => kvp[1]);
+ }
+ }
+ };
+ var factory = MockTokenTransportFactory(transportConfig);
+ var mockTransport = new MockTransport(factory);
+
+ var config = new CommonCredentialTestConfig()
+ {
+ TransportConfig = transportConfig,
+ Transport = mockTransport,
+ TenantId = TenantId,
+ AuthorityHost = new("https://usnorth-passive-dsts.dsts.core.windows.net/dstsv2"),
+ RedirectUri = new Uri("http://localhost:8400/")
+ };
+ var credential = GetTokenCredential(config);
+ if (!CredentialTestHelpers.IsMsalCredential(credential))
+ {
+ Assert.Ignore("EnableCAE tests do not apply to the non-MSAL credentials.");
+ }
+ transportConfig.IsPubClient = CredentialTestHelpers.IsCredentialTypePubClient(credential);
+
+ // First call to populate the account record for confidential client creds
+ await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Default), default);
+ var actualToken = await credential.GetTokenAsync(new TokenRequestContext(MockScopes.Alternate), default);
+ Assert.AreEqual(token, actualToken.Token);
+ }
+
public class MemoryTokenCache : UnsafeTokenCacheOptions
{
public ReadOnlyMemory Data { get; set; } = new ReadOnlyMemory();
diff --git a/sdk/identity/Azure.Identity/tests/CredentialTestHelpers.cs b/sdk/identity/Azure.Identity/tests/CredentialTestHelpers.cs
index c39dec1c137c4..17d1e22cf0fdf 100644
--- a/sdk/identity/Azure.Identity/tests/CredentialTestHelpers.cs
+++ b/sdk/identity/Azure.Identity/tests/CredentialTestHelpers.cs
@@ -404,15 +404,15 @@ public static bool RequestBodyHasUserAssertionWithHeader(Request req, string hea
return new MockResponse(200);
});
- public static byte[] GetMockCacheBytes(string objectId, string userName, string clientId, string tenantId, string token, string refreshToken)
+ public static byte[] GetMockCacheBytes(string objectId, string userName, string clientId, string tenantId, string token, string refreshToken, string authority = "login.microsoftonline.com")
{
var cacheString = @$"{{
""AccessToken"": {{
- ""{objectId}.{tenantId}-login.microsoftonline.com-accesstoken-{clientId}-organizations-{MockScopes.Default}"": {{
+ ""{objectId}.{tenantId}-{authority}-accesstoken-{clientId}-organizations-{MockScopes.Default}"": {{
""credential_type"": ""AccessToken"",
""secret"": ""{token}"",
""home_account_id"": ""{objectId}.{tenantId}"",
- ""environment"": ""login.microsoftonline.com"",
+ ""environment"": ""{authority}"",
""client_id"": ""{clientId}"",
""target"": ""{MockScopes.Default}"",
""realm"": ""organizations"",
@@ -423,9 +423,9 @@ public static byte[] GetMockCacheBytes(string objectId, string userName, string
}}
}},
""Account"": {{
- ""{objectId}.{tenantId}-login.microsoftonline.com-organizations"": {{
+ ""{objectId}.{tenantId}-{authority}-organizations"": {{
""home_account_id"": ""{objectId}.{tenantId}"",
- ""environment"": ""login.microsoftonline.com"",
+ ""environment"": ""{authority}"",
""realm"": ""organizations"",
""local_account_id"": ""{objectId}"",
""username"": ""{userName}"",
@@ -433,21 +433,21 @@ public static byte[] GetMockCacheBytes(string objectId, string userName, string
}}
}},
""IdToken"": {{
- ""{objectId}.{tenantId}-login.microsoftonline.com-idtoken-{clientId}-organizations-"": {{
+ ""{objectId}.{tenantId}-{authority}-idtoken-{clientId}-organizations-"": {{
""credential_type"": ""IdToken"",
""secret"": ""{token}"",
""home_account_id"": ""{objectId}.{tenantId}"",
- ""environment"": ""login.microsoftonline.com"",
+ ""environment"": ""{authority}"",
""realm"": ""organizations"",
""client_id"": ""{clientId}""
}},
}},
""RefreshToken"": {{
- ""{objectId}.{tenantId}-login.microsoftonline.com-refreshtoken-{clientId}--{MockScopes.Default}"": {{
+ ""{objectId}.{tenantId}-{authority}-refreshtoken-{clientId}--{MockScopes.Default}"": {{
""credential_type"": ""RefreshToken"",
""secret"": ""{refreshToken}"",
""home_account_id"": ""{objectId}.{tenantId}"",
- ""environment"": ""login.microsoftonline.com"",
+ ""environment"": ""{authority}"",
""client_id"": ""{clientId}"",
""target"": ""{MockScopes.Default}"",
""last_modification_time"": ""1674853645"",
@@ -455,9 +455,9 @@ public static byte[] GetMockCacheBytes(string objectId, string userName, string
}}
}},
""AppMetadata"": {{
- ""appmetadata-login.microsoftonline.com-{clientId}"": {{
+ ""appmetadata-{authority}-{clientId}"": {{
""client_id"": ""{clientId}"",
- ""environment"": ""login.microsoftonline.com"",
+ ""environment"": ""{authority}"",
""family_id"": ""1""
}}
}}
@@ -489,10 +489,10 @@ public static string CreateMsalClientInfo(string objectId = null, string tenantI
return MsalEncode($"{{\"uid\":\"{uid}\",\"utid\":\"{tid}\"}}");
}
- public static string CreateMsalIdToken(string uniqueId, string displayableId, string tenantId)
+ public static string CreateMsalIdToken(string uniqueId, string displayableId, string tenantId, string authority = "login.microsoftonline.com")
{
string id = "{\"aud\": \"e854a4a7-6c34-449c-b237-fc7a28093d84\"," +
- "\"iss\": \"https://login.microsoftonline.com/6c3d51dd-f0e5-4959-b4ea-a80c4e36fe5e/v2.0/\"," +
+ $"\"iss\": \"https://{authority}/6c3d51dd-f0e5-4959-b4ea-a80c4e36fe5e/v2.0/\"," +
"\"iat\": 1455833828," +
"\"nbf\": 1455833828," +
"\"exp\": 1455837728," +
diff --git a/sdk/identity/Azure.Identity/tests/DeviceCodeCredentialTests.cs b/sdk/identity/Azure.Identity/tests/DeviceCodeCredentialTests.cs
index 5abcfbadec9c2..752d9953cf299 100644
--- a/sdk/identity/Azure.Identity/tests/DeviceCodeCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/DeviceCodeCredentialTests.cs
@@ -65,6 +65,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientCertificateTests.cs b/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientCertificateTests.cs
index cfbb5c58f4396..dda520c69aa6e 100644
--- a/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientCertificateTests.cs
+++ b/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientCertificateTests.cs
@@ -47,7 +47,8 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
MsalConfidentialClient = config.MockConfidentialMsalClient,
- MsalPublicClient = config.MockPublicMsalClient
+ MsalPublicClient = config.MockPublicMsalClient,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientSecretTests.cs b/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientSecretTests.cs
index d63437060558e..803f9bd161eea 100644
--- a/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientSecretTests.cs
+++ b/sdk/identity/Azure.Identity/tests/EnvironmentCredential_ClientSecretTests.cs
@@ -47,7 +47,8 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
MsalConfidentialClient = config.MockConfidentialMsalClient,
- MsalPublicClient = config.MockPublicMsalClient
+ MsalPublicClient = config.MockPublicMsalClient,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/EnvironmentCredential_UserNamePasswordTests.cs b/sdk/identity/Azure.Identity/tests/EnvironmentCredential_UserNamePasswordTests.cs
index a25afc176014d..26d3038c2f798 100644
--- a/sdk/identity/Azure.Identity/tests/EnvironmentCredential_UserNamePasswordTests.cs
+++ b/sdk/identity/Azure.Identity/tests/EnvironmentCredential_UserNamePasswordTests.cs
@@ -48,7 +48,8 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
MsalConfidentialClient = config.MockConfidentialMsalClient,
- MsalPublicClient = config.MockPublicMsalClient
+ MsalPublicClient = config.MockPublicMsalClient,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/IdentityRecordedTestBase.cs b/sdk/identity/Azure.Identity/tests/IdentityRecordedTestBase.cs
index 711800a04833e..548deaaee0923 100644
--- a/sdk/identity/Azure.Identity/tests/IdentityRecordedTestBase.cs
+++ b/sdk/identity/Azure.Identity/tests/IdentityRecordedTestBase.cs
@@ -26,6 +26,8 @@ private void InitializeRecordingSettings()
LegacyExcludedHeaders.Add("x-client-SKU");
LegacyExcludedHeaders.Add("x-client-CPU");
LegacyExcludedHeaders.Add("x-client-Ver");
+ LegacyExcludedHeaders.Add("x-app-name");
+ LegacyExcludedHeaders.Add("x-app-ver");
// x-ms-PKeyAuth is only added on MAC and Linux so recordings made on windows will fail on these platforms and vice-versa
// ignoring this header as CI must run on all platforms
LegacyExcludedHeaders.Add("x-ms-PKeyAuth");
diff --git a/sdk/identity/Azure.Identity/tests/InteractiveBrowserCredentialTests.cs b/sdk/identity/Azure.Identity/tests/InteractiveBrowserCredentialTests.cs
index b176e9cd1b117..90c0871c4376b 100644
--- a/sdk/identity/Azure.Identity/tests/InteractiveBrowserCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/InteractiveBrowserCredentialTests.cs
@@ -25,7 +25,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
{
// Configure mock cache to return a token for the expected user
string resolvedTenantId = config.RequestContext.TenantId ?? config.TenantId ?? TenantId;
- var mockBytes = CredentialTestHelpers.GetMockCacheBytes(ObjectId, ExpectedUsername, ClientId, resolvedTenantId, "token", "refreshToken");
+ var mockBytes = CredentialTestHelpers.GetMockCacheBytes(ObjectId, ExpectedUsername, ClientId, resolvedTenantId, "token", "refreshToken", config.AuthorityHost.Host);
var tokenCacheOptions = new MockTokenCache(
() => Task.FromResult>(mockBytes),
args => Task.FromResult>(mockBytes));
@@ -37,6 +37,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
AuthenticationRecord = new AuthenticationRecord(ExpectedUsername, "login.windows.net", $"{ObjectId}.{resolvedTenantId}", resolvedTenantId, ClientId),
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/OnBehalfOfCredentialTests.cs b/sdk/identity/Azure.Identity/tests/OnBehalfOfCredentialTests.cs
index 079c1615afbaa..bc45e6bab6e13 100644
--- a/sdk/identity/Azure.Identity/tests/OnBehalfOfCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/OnBehalfOfCredentialTests.cs
@@ -53,6 +53,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs b/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs
index aa6f2c9fc0fcb..552935530c574 100644
--- a/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/SharedTokenCacheCredentialTests.cs
@@ -25,7 +25,7 @@ public override TokenCredential GetTokenCredential(TokenCredentialOptions option
public override TokenCredential GetTokenCredential(CommonCredentialTestConfig config)
{
// Configure mock cache to return a token for the expected user
- var mockBytes = CredentialTestHelpers.GetMockCacheBytes(ObjectId, ExpectedUsername, ClientId, TenantId, "token", "refreshToken");
+ var mockBytes = CredentialTestHelpers.GetMockCacheBytes(ObjectId, ExpectedUsername, ClientId, TenantId, "token", "refreshToken", config.AuthorityHost.Host);
var tokenCacheOptions = new MockTokenCache(
() => Task.FromResult>(mockBytes),
args => Task.FromResult>(mockBytes));
@@ -34,6 +34,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
{
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/UsernamePasswordCredentialTests.cs b/sdk/identity/Azure.Identity/tests/UsernamePasswordCredentialTests.cs
index ddd4d1e7619fa..d9a354dcf1278 100644
--- a/sdk/identity/Azure.Identity/tests/UsernamePasswordCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/UsernamePasswordCredentialTests.cs
@@ -35,6 +35,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
DisableInstanceDiscovery = config.DisableInstanceDiscovery,
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost,
};
if (config.Transport != null)
{
diff --git a/sdk/identity/Azure.Identity/tests/VisualStudioCredentialTests.cs b/sdk/identity/Azure.Identity/tests/VisualStudioCredentialTests.cs
index f1183a3f715dc..19ad6c81cd1eb 100644
--- a/sdk/identity/Azure.Identity/tests/VisualStudioCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/VisualStudioCredentialTests.cs
@@ -39,6 +39,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
{
AdditionallyAllowedTenants = config.AdditionallyAllowedTenants,
IsUnsafeSupportLoggingEnabled = config.IsUnsafeSupportLoggingEnabled,
+ AuthorityHost = config.AuthorityHost,
};
return InstrumentClient(new VisualStudioCredential(config.TenantId, default, fileSystem, new TestProcessService(testProcess, true), vsOptions));
}
diff --git a/sdk/identity/Azure.Identity/tests/WorkloadIdentityCredentialTests.cs b/sdk/identity/Azure.Identity/tests/WorkloadIdentityCredentialTests.cs
index fe0dd7b6d2f04..8236bcad25b17 100644
--- a/sdk/identity/Azure.Identity/tests/WorkloadIdentityCredentialTests.cs
+++ b/sdk/identity/Azure.Identity/tests/WorkloadIdentityCredentialTests.cs
@@ -80,6 +80,7 @@ public override TokenCredential GetTokenCredential(CommonCredentialTestConfig co
workloadOptions.ClientId = ClientId;
workloadOptions.TokenFilePath = _tempFiles.GetTempFilePath();
workloadOptions.MsalClient = config.MockConfidentialMsalClient;
+ workloadOptions.AuthorityHost = config.AuthorityHost;
string assertion = CredentialTestHelpers.CreateClientAssertionJWT(workloadOptions.AuthorityHost, workloadOptions.ClientId, workloadOptions.TenantId, mockCert);
diff --git a/sdk/openai/Azure.AI.OpenAI/src/Azure.AI.OpenAI.csproj b/sdk/openai/Azure.AI.OpenAI/src/Azure.AI.OpenAI.csproj
index 97bed641ea9aa..2fc3e44a474aa 100644
--- a/sdk/openai/Azure.AI.OpenAI/src/Azure.AI.OpenAI.csproj
+++ b/sdk/openai/Azure.AI.OpenAI/src/Azure.AI.OpenAI.csproj
@@ -19,7 +19,7 @@
-
+