fb

sdk/identity/Azure.Identity/CHANGELOG.md

@@ -4,7 +4,7 @@
 
 ### Features Added
 
-- `DefaultAzureCredentialOptions` now has a `ClientId` property which allows passing a ClientId value to the `SharedTokenCredential` and `InteractiveBrowserCredential` when constructing a `DefaultAzureCredential`.
+- `DefaultAzureCredentialOptions` now has a `InteractiveBrowserClientId` property which allows passing a ClientId value to the InteractiveBrowserCredential` when constructing a `DefaultAzureCredential`.
 - Implement `OnBehalfOfCredential` which enables authentication to Azure Active Directory using an On-Behalf-Of flow.
 
 ### Breaking Changes

sdk/identity/Azure.Identity/api/Azure.Identity.netstandard2.0.cs

@@ -139,7 +139,6 @@ public DefaultAzureCredential(bool includeInteractiveCredentials = false) { }
     public partial class DefaultAzureCredentialOptions : Azure.Identity.TokenCredentialOptions
     {
         public DefaultAzureCredentialOptions() { }
-        public string ClientId { get { throw null; } set { } }
         public bool ExcludeAzureCliCredential { get { throw null; } set { } }
         public bool ExcludeAzurePowerShellCredential { get { throw null; } set { } }
         public bool ExcludeEnvironmentCredential { get { throw null; } set { } }
@@ -148,6 +147,7 @@ public DefaultAzureCredentialOptions() { }
         public bool ExcludeSharedTokenCacheCredential { get { throw null; } set { } }
         public bool ExcludeVisualStudioCodeCredential { get { throw null; } set { } }
         public bool ExcludeVisualStudioCredential { get { throw null; } set { } }
+        public string InteractiveBrowserCredentialClientId { get { throw null; } set { } }
         public string InteractiveBrowserTenantId { get { throw null; } set { } }
         public string ManagedIdentityClientId { get { throw null; } set { } }
         public string SharedTokenCacheTenantId { get { throw null; } set { } }

sdk/identity/Azure.Identity/src/DefaultAzureCredential.cs

@@ -204,7 +204,7 @@ private static TokenCredential[] GetDefaultAzureCredentialChain(DefaultAzureCred
 
             if (!options.ExcludeSharedTokenCacheCredential)
             {
-                chain[i++] = factory.CreateSharedTokenCacheCredential(options.SharedTokenCacheTenantId, options.SharedTokenCacheUsername, options.ClientId);
+                chain[i++] = factory.CreateSharedTokenCacheCredential(options.SharedTokenCacheTenantId, options.SharedTokenCacheUsername);
             }
 
             if (!options.ExcludeVisualStudioCredential)
@@ -229,7 +229,7 @@ private static TokenCredential[] GetDefaultAzureCredentialChain(DefaultAzureCred
 
             if (!options.ExcludeInteractiveBrowserCredential)
             {
-                chain[i++] = factory.CreateInteractiveBrowserCredential(options.InteractiveBrowserTenantId, options.ClientId);
+                chain[i++] = factory.CreateInteractiveBrowserCredential(options.InteractiveBrowserTenantId, options.InteractiveBrowserCredentialClientId);
             }
 
             if (i == 0)

sdk/identity/Azure.Identity/src/DefaultAzureCredentialFactory.cs

@@ -28,9 +28,9 @@ public virtual TokenCredential CreateManagedIdentityCredential(string clientId)
             return new ManagedIdentityCredential(clientId, Pipeline);
         }
 
-        public virtual TokenCredential CreateSharedTokenCacheCredential(string tenantId, string username, string cliendId)
+        public virtual TokenCredential CreateSharedTokenCacheCredential(string tenantId, string username)
         {
-            return new SharedTokenCacheCredential(tenantId, username, new SharedTokenCacheCredentialOptions{ ClientId = cliendId }, Pipeline);
+            return new SharedTokenCacheCredential(tenantId, username, null, Pipeline);
         }
 
         public virtual TokenCredential CreateInteractiveBrowserCredential(string tenantId, string clientId)

sdk/identity/Azure.Identity/src/DefaultAzureCredentialOptions.cs

@@ -54,7 +54,7 @@ public class DefaultAzureCredentialOptions : TokenCredentialOptions
         /// <summary>
         /// Specifies the client id of the selected credential
         /// </summary>
-        public string ClientId { get; set; } = GetNonEmptyStringOrNull(EnvironmentVariables.ClientId);
+        public string InteractiveBrowserCredentialClientId { get; set; }
 
         /// <summary>
         /// Specifies the client id of the azure ManagedIdentity in the case of user assigned identity.

sdk/identity/Azure.Identity/tests/DefaultAzureCredentialTests.cs

@@ -76,7 +76,6 @@ public void ValidateCtorOptionsPassedToCredentials()
             string expVsTenantId = Guid.NewGuid().ToString();
             string expCodeTenantId = Guid.NewGuid().ToString();
             string actClientId_ManagedIdentity = null;
-            string actClientId_SharedToken = null;
             string actClientId_InteractiveBrowser = null;
             string actUsername = null;
             string actCacheTenantId = null;
@@ -87,15 +86,15 @@ public void ValidateCtorOptionsPassedToCredentials()
             var credFactory = new MockDefaultAzureCredentialFactory(CredentialPipeline.GetInstance(null));
 
             credFactory.OnCreateManagedIdentityCredential = (clientId, _) => actClientId_ManagedIdentity = clientId;
-            credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, clientId, _) => { actCacheTenantId = tenantId; actUsername = username; actClientId_SharedToken = clientId; };
+            credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _) => { actCacheTenantId = tenantId; actUsername = username; };
             credFactory.OnCreateInteractiveBrowserCredential = (tenantId, clientId,  _) => { actBrowserTenantId = tenantId; actClientId_InteractiveBrowser = clientId; };
             credFactory.OnCreateVisualStudioCredential = (tenantId, _) => { actVsTenantId = tenantId; };
             credFactory.OnCreateVisualStudioCodeCredential = (tenantId, _) => { actCodeTenantId = tenantId; };
             credFactory.OnCreateAzurePowerShellCredential = _ => {};
 
             var options = new DefaultAzureCredentialOptions
             {
-                ClientId = expClientId,
+                InteractiveBrowserCredentialClientId = expClientId,
                 ManagedIdentityClientId = expClientId,
                 SharedTokenCacheUsername = expUsername,
                 ExcludeSharedTokenCacheCredential = false,
@@ -109,7 +108,6 @@ public void ValidateCtorOptionsPassedToCredentials()
             new DefaultAzureCredential(credFactory, options);
 
             Assert.AreEqual(expClientId, actClientId_ManagedIdentity);
-            Assert.AreEqual(expClientId, actClientId_SharedToken);
             Assert.AreEqual(expClientId, actClientId_InteractiveBrowser);
             Assert.AreEqual(expUsername, actUsername);
             Assert.AreEqual(expCacheTenantId, actCacheTenantId);
@@ -146,19 +144,17 @@ public void ValidateEnvironmentBasedOptionsPassedToCredentials([Values] bool cli
                     Assert.AreEqual(expClientId, clientId);
                 };
 
-                credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, clientId, _) =>
+                credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _) =>
                 {
                     onCreateSharedCalled = true;
                     Assert.AreEqual(expTenantId, tenantId);
                     Assert.AreEqual(expUsername, username);
-                    Assert.AreEqual(expClientId, clientId);
                 };
 
                 credFactory.OnCreateInteractiveBrowserCredential = (tenantId, clientId, _) =>
                 {
                     onCreateInteractiveCalled = true;
                     Assert.AreEqual(expTenantId, tenantId);
-                    Assert.AreEqual(expClientId, clientId);
                 };
 
                 credFactory.OnCreateVisualStudioCredential = (tenantId, _) =>
@@ -221,7 +217,7 @@ public void ValidateEmptyEnvironmentBasedOptionsNotPassedToCredentials([Values]
                     Assert.IsNull(clientId);
                 };
 
-                credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _, _) =>
+                credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _) =>
                 {
                     onCreateSharedCalled = true;
                     Assert.IsNull(tenantId);
@@ -297,7 +293,7 @@ public void ValidateCtorWithExcludeOptions([Values(true, false)]bool excludeEnvi
             {
                 managedIdentityCredentialIncluded = true;
             };
-            credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _, _) =>
+            credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _) =>
             {
                 sharedTokenCacheCredentialIncluded = true;
             };
@@ -360,7 +356,7 @@ void SetupMockForException<T>(Mock<T> mock) where T : TokenCredential =>
                 SetupMockForException(c);
             credFactory.OnCreateManagedIdentityCredential = (_, c) =>
                 SetupMockForException(c);
-            credFactory.OnCreateSharedTokenCacheCredential = (_, _, _, c) =>
+            credFactory.OnCreateSharedTokenCacheCredential = (_, _, c) =>
                 SetupMockForException(c);
             credFactory.OnCreateAzureCliCredential = c =>
                 SetupMockForException(c);
@@ -446,7 +442,7 @@ void SetupMockForException<T>(Mock<T> mock) where T : TokenCredential
                 SetupMockForException(c);
             credFactory.OnCreateManagedIdentityCredential = (_, c) =>
                 SetupMockForException(c);
-            credFactory.OnCreateSharedTokenCacheCredential = (_, _, _, c) =>
+            credFactory.OnCreateSharedTokenCacheCredential = (_, _, c) =>
                 SetupMockForException(c);
             credFactory.OnCreateVisualStudioCredential = (_, c) =>
                 SetupMockForException(c);
@@ -576,7 +572,7 @@ void SetupMockForException<T>(Mock<T> mock) where T : TokenCredential =>
                 SetupMockForException(c);
             credFactory.OnCreateManagedIdentityCredential = (clientId, c) =>
                 SetupMockForException(c);
-            credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, _, c) =>
+            credFactory.OnCreateSharedTokenCacheCredential = (tenantId, username, c) =>
                 SetupMockForException(c);
             credFactory.OnCreateAzureCliCredential = c =>
                 SetupMockForException(c);

sdk/identity/Azure.Identity/tests/Mock/MockDefaultAzureCredentialFactory.cs

@@ -17,7 +17,7 @@ public MockDefaultAzureCredentialFactory(CredentialPipeline pipeline) : base(pip
         private Mock<AzureCliCredential> mockAzureCliCredential = new();
         public Action<string, Mock<ManagedIdentityCredential>> OnCreateManagedIdentityCredential { get; set; }
         private Mock<ManagedIdentityCredential> mockManagedIdentityCredential = new();
-        public Action<string, string, string, Mock<SharedTokenCacheCredential>> OnCreateSharedTokenCacheCredential { get; set; }
+        public Action<string, string, Mock<SharedTokenCacheCredential>> OnCreateSharedTokenCacheCredential { get; set; }
         private Mock<SharedTokenCacheCredential> mockSharedTokenCacheCredential = new();
         public Action<string, string, Mock<InteractiveBrowserCredential>> OnCreateInteractiveBrowserCredential { get; set; }
         private Mock<InteractiveBrowserCredential> mockInteractiveBrowserCredential = new();
@@ -40,9 +40,9 @@ public override TokenCredential CreateManagedIdentityCredential(string clientId)
             return mockManagedIdentityCredential.Object;
         }
 
-        public override TokenCredential CreateSharedTokenCacheCredential(string tenantId, string username, string clientId)
+        public override TokenCredential CreateSharedTokenCacheCredential(string tenantId, string username)
         {
-            OnCreateSharedTokenCacheCredential?.Invoke(tenantId, username, clientId, mockSharedTokenCacheCredential);
+            OnCreateSharedTokenCacheCredential?.Invoke(tenantId, username, mockSharedTokenCacheCredential);
             return mockSharedTokenCacheCredential.Object;
         }
 

sdk/identity/Azure.Identity/tests/Mock/TestDefaultAzureCredentialFactory.cs

@@ -26,8 +26,8 @@ public override TokenCredential CreateEnvironmentCredential()
         public override TokenCredential CreateManagedIdentityCredential(string clientId)
             => new ManagedIdentityCredential(new ManagedIdentityClient(Pipeline, clientId));
 
-        public override TokenCredential CreateSharedTokenCacheCredential(string tenantId, string username, string clientId)
-            => new SharedTokenCacheCredential(tenantId, username, new SharedTokenCacheCredentialOptions { ClientId = clientId }, Pipeline);
+        public override TokenCredential CreateSharedTokenCacheCredential(string tenantId, string username)
+            => new SharedTokenCacheCredential(tenantId, username, null, Pipeline);
 
         public override TokenCredential CreateInteractiveBrowserCredential(string tenantId, string clientId)
             => new InteractiveBrowserCredential(tenantId, clientId ?? Constants.DeveloperSignOnClientId, new InteractiveBrowserCredentialOptions(), Pipeline);