diff --git a/sdk/identity/Azure.Identity/src/EnvironmentVariables.cs b/sdk/identity/Azure.Identity/src/EnvironmentVariables.cs
index a4d0e09398dc3..a2057c087ab4e 100644
--- a/sdk/identity/Azure.Identity/src/EnvironmentVariables.cs
+++ b/sdk/identity/Azure.Identity/src/EnvironmentVariables.cs
@@ -21,5 +21,6 @@ internal class EnvironmentVariables
public static string ProgramFilesX86 => Environment.GetEnvironmentVariable("ProgramFiles(x86)");
public static string ProgramFiles => Environment.GetEnvironmentVariable("ProgramFiles");
+ public static string AuthorityHost => Environment.GetEnvironmentVariable("AZURE_AUTHORITY_HOST");
}
}
diff --git a/sdk/identity/Azure.Identity/src/TokenCredentialOptions.cs b/sdk/identity/Azure.Identity/src/TokenCredentialOptions.cs
index 5f7b02caa6dd5..507dac14564dc 100644
--- a/sdk/identity/Azure.Identity/src/TokenCredentialOptions.cs
+++ b/sdk/identity/Azure.Identity/src/TokenCredentialOptions.cs
@@ -11,17 +11,14 @@ namespace Azure.Identity
///
public class TokenCredentialOptions : ClientOptions
{
+ private Uri _authorityHost;
///
/// The host of the Azure Active Directory authority. The default is https://login.microsoftonline.com/. For well known authority hosts for Azure cloud instances see .
///
- public Uri AuthorityHost { get; set; }
-
- ///
- /// Creates an instance of with default settings.
- ///
- public TokenCredentialOptions()
+ public Uri AuthorityHost
{
- AuthorityHost = KnownAuthorityHosts.AzureCloud;
+ get { return _authorityHost ?? (EnvironmentVariables.AuthorityHost != null ? new Uri(EnvironmentVariables.AuthorityHost) : KnownAuthorityHosts.AzureCloud); }
+ set { _authorityHost = value; }
}
}
}
diff --git a/sdk/identity/Azure.Identity/tests/TokenCredentialOptionsTests.cs b/sdk/identity/Azure.Identity/tests/TokenCredentialOptionsTests.cs
new file mode 100644
index 0000000000000..002d4f6b01089
--- /dev/null
+++ b/sdk/identity/Azure.Identity/tests/TokenCredentialOptionsTests.cs
@@ -0,0 +1,73 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System;
+using Azure.Core.Testing;
+using NUnit.Framework;
+
+namespace Azure.Identity.Tests
+{
+ public class TokenCredentialOptionsTests : ClientTestBase
+ {
+ public TokenCredentialOptionsTests(bool isAsync) : base(isAsync)
+ {
+ }
+
+ [NonParallelizable]
+ [Test]
+ public void InvalidEnvAuthorityHost()
+ {
+ using (new TestEnvVar("AZURE_AUTHORITY_HOST", "mock-env-authority-host"))
+ {
+ TokenCredentialOptions option = new TokenCredentialOptions();
+
+ Assert.Throws(() => { Uri authHost = option.AuthorityHost; });
+ }
+ }
+
+ [NonParallelizable]
+ [Test]
+ public void EnvAuthorityHost()
+ {
+ string envHostValue = KnownAuthorityHosts.AzureChinaCloud.ToString();
+
+ using (new TestEnvVar("AZURE_AUTHORITY_HOST", envHostValue))
+ {
+ TokenCredentialOptions option = new TokenCredentialOptions();
+ Uri authHost = option.AuthorityHost;
+
+ Assert.AreEqual(authHost, new Uri(envHostValue));
+ }
+ }
+
+ [NonParallelizable]
+ [Test]
+ public void CustomAuthorityHost()
+ {
+ string envHostValue = KnownAuthorityHosts.AzureGermanCloud.ToString();
+
+ using (new TestEnvVar("AZURE_AUTHORITY_HOST", envHostValue))
+ {
+ Uri customUri = KnownAuthorityHosts.AzureChinaCloud;
+
+ TokenCredentialOptions option = new TokenCredentialOptions() { AuthorityHost = customUri };
+ Uri authHost = option.AuthorityHost;
+
+ Assert.AreNotEqual(authHost, new Uri(envHostValue));
+ Assert.AreEqual(authHost, customUri);
+ }
+ }
+
+ [NonParallelizable]
+ [Test]
+ public void DefaultAuthorityHost()
+ {
+ using (new TestEnvVar("AZURE_AUTHORITY_HOST", null))
+ {
+ TokenCredentialOptions option = new TokenCredentialOptions();
+
+ Assert.AreEqual(option.AuthorityHost, KnownAuthorityHosts.AzureCloud);
+ }
+ }
+ }
+}