From 644a3acf057ad16b6c08e08ffa4a66db46563be4 Mon Sep 17 00:00:00 2001 From: Charles Lowell <10964656+chlowell@users.noreply.github.com> Date: Mon, 8 Apr 2024 10:08:58 -0700 Subject: [PATCH] azidentity test cleanup (#22700) --- sdk/azidentity/azidentity_test.go | 144 ++++++++----- sdk/azidentity/azure_cli_credential_test.go | 2 +- .../client_certificate_credential_test.go | 40 ---- .../client_secret_credential_test.go | 22 -- sdk/azidentity/confidential_client.go | 4 +- sdk/azidentity/device_code_credential_test.go | 12 -- sdk/azidentity/environment_credential_test.go | 201 ++++++------------ .../interactive_browser_credential_test.go | 12 -- .../managed_identity_credential_test.go | 8 - .../username_password_credential_test.go | 10 - 10 files changed, 150 insertions(+), 305 deletions(-) diff --git a/sdk/azidentity/azidentity_test.go b/sdk/azidentity/azidentity_test.go index 3c87b1856693..97d0311aa003 100644 --- a/sdk/azidentity/azidentity_test.go +++ b/sdk/azidentity/azidentity_test.go @@ -101,96 +101,107 @@ func (t *tokenRequestCountingPolicy) Do(req *policy.Request) (*http.Response, er return req.Next() } -func TestEmptyTenantID(t *testing.T) { +func TestTenantID(t *testing.T) { type tc struct { - name string - ctor func() (azcore.TokenCredential, error) + name string + ctor func(tenant string) (azcore.TokenCredential, error) + tenantOptional bool } - // constructors having a tenant parameter should return an error because they require a nonempty value for _, test := range []tc{ { name: credNameAssertion, - ctor: func() (azcore.TokenCredential, error) { - return NewClientAssertionCredential("", fakeClientID, func(context.Context) (string, error) { return "", nil }, nil) + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewClientAssertionCredential(tenant, fakeClientID, func(context.Context) (string, error) { return "", nil }, nil) }, }, { - name: credNameCert, - ctor: func() (azcore.TokenCredential, error) { - return NewClientCertificateCredential("", fakeClientID, allCertTests[0].certs, allCertTests[0].key, nil) + name: credNameAzureCLI, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewAzureCLICredential(&AzureCLICredentialOptions{ + TenantID: tenant, + }) }, + tenantOptional: true, }, { - name: credNameOBO + "/cert", - ctor: func() (azcore.TokenCredential, error) { - return NewOnBehalfOfCredentialWithCertificate("", fakeClientID, "assertion", allCertTests[0].certs, allCertTests[0].key, nil) + name: credNameAzureDeveloperCLI, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewAzureDeveloperCLICredential(&AzureDeveloperCLICredentialOptions{ + TenantID: tenant, + }) }, + tenantOptional: true, }, { - name: credNameOBO + "/secret", - ctor: func() (azcore.TokenCredential, error) { - return NewOnBehalfOfCredentialWithSecret("", fakeClientID, "assertion", fakeSecret, nil) + name: credNameBrowser, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewInteractiveBrowserCredential(&InteractiveBrowserCredentialOptions{ + TenantID: tenant, + }) }, + tenantOptional: true, }, { - name: credNameSecret, - ctor: func() (azcore.TokenCredential, error) { - return NewClientSecretCredential("", fakeClientID, fakeSecret, nil) + name: credNameCert, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewClientCertificateCredential(tenant, fakeClientID, allCertTests[0].certs, allCertTests[0].key, nil) }, }, { - name: credNameUserPassword, - ctor: func() (azcore.TokenCredential, error) { - return NewUsernamePasswordCredential("", fakeClientID, "username", "password", nil) + name: credNameDeviceCode, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewDeviceCodeCredential(&DeviceCodeCredentialOptions{ + TenantID: tenant, + }) }, + tenantOptional: true, }, { - name: credNameWorkloadIdentity, - ctor: func() (azcore.TokenCredential, error) { - t.Setenv(azureTenantID, "") - return NewWorkloadIdentityCredential(&WorkloadIdentityCredentialOptions{ - ClientID: fakeClientID, - TokenFilePath: "...", - }) + name: credNameOBO + "/cert", + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewOnBehalfOfCredentialWithCertificate(tenant, fakeClientID, "assertion", allCertTests[0].certs, allCertTests[0].key, nil) }, }, - } { - t.Run(test.name, func(t *testing.T) { - _, err := test.ctor() - require.ErrorContains(t, err, "tenant") - }) - } - - // constructors having a tenant option should not return an error - for _, test := range []tc{ { - name: credNameAzureCLI, - ctor: func() (azcore.TokenCredential, error) { - return NewAzureCLICredential(nil) + name: credNameOBO + "/secret", + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewOnBehalfOfCredentialWithSecret(tenant, fakeClientID, "assertion", fakeSecret, nil) }, }, { - name: credNameAzureDeveloperCLI, - ctor: func() (azcore.TokenCredential, error) { - return NewAzureDeveloperCLICredential(nil) + name: credNameSecret, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewClientSecretCredential(tenant, fakeClientID, fakeSecret, nil) }, }, { - name: credNameBrowser, - ctor: func() (azcore.TokenCredential, error) { - return NewInteractiveBrowserCredential(nil) + name: credNameUserPassword, + ctor: func(tenant string) (azcore.TokenCredential, error) { + return NewUsernamePasswordCredential(tenant, fakeClientID, "username", "password", nil) }, }, { - name: credNameDeviceCode, - ctor: func() (azcore.TokenCredential, error) { - return NewDeviceCodeCredential(nil) + name: credNameWorkloadIdentity, + ctor: func(tenant string) (azcore.TokenCredential, error) { + t.Setenv(azureTenantID, tenant) + return NewWorkloadIdentityCredential(&WorkloadIdentityCredentialOptions{ + ClientID: fakeClientID, + TokenFilePath: "...", + }) }, }, } { - t.Run(test.name, func(t *testing.T) { - _, err := test.ctor() - require.NoError(t, err) + t.Run(test.name+"/empty", func(t *testing.T) { + _, err := test.ctor("") + if test.tenantOptional { + require.NoError(t, err) + } else { + require.ErrorContains(t, err, "tenant") + } + }) + t.Run(test.name+"/invalid", func(t *testing.T) { + _, err := test.ctor(badTenantID) + require.ErrorContains(t, err, "tenant") }) } } @@ -273,7 +284,7 @@ func TestUserAuthentication(t *testing.T) { _, err = cred.Authenticate(context.Background(), nil) require.NoError(t, err) - os.Setenv(azureAuthorityHost, cc.ActiveDirectoryAuthorityHost) + t.Setenv(azureAuthorityHost, cc.ActiveDirectoryAuthorityHost) cred, err = credential.new(nil, azcore.ClientOptions{Transport: &sts}, AuthenticationRecord{}, false) require.NoError(t, err) _, err = cred.Authenticate(context.Background(), nil) @@ -447,19 +458,38 @@ func Test_DefaultAuthorityHost(t *testing.T) { } } -func Test_GetTokenRequiresScopes(t *testing.T) { +func TestGetTokenRequiresScopes(t *testing.T) { for _, ctor := range []func() (azcore.TokenCredential, error){ func() (azcore.TokenCredential, error) { return NewAzureCLICredential(nil) }, + func() (azcore.TokenCredential, error) { return NewAzureDeveloperCLICredential(nil) }, + func() (azcore.TokenCredential, error) { + return NewClientAssertionCredential( + fakeTenantID, fakeClientID, func(context.Context) (string, error) { return "", nil }, nil, + ) + }, func() (azcore.TokenCredential, error) { - return NewClientCertificateCredential("tenantID", "clientID", allCertTests[0].certs, allCertTests[0].key, nil) + return NewClientCertificateCredential( + fakeTenantID, fakeClientID, allCertTests[0].certs, allCertTests[0].key, nil, + ) }, func() (azcore.TokenCredential, error) { - return NewClientSecretCredential("tenantID", "clientID", fakeSecret, nil) + return NewClientSecretCredential(fakeTenantID, fakeClientID, fakeSecret, nil) }, func() (azcore.TokenCredential, error) { return NewDeviceCodeCredential(nil) }, func() (azcore.TokenCredential, error) { return NewInteractiveBrowserCredential(nil) }, + func() (azcore.TokenCredential, error) { return NewManagedIdentityCredential(nil) }, + func() (azcore.TokenCredential, error) { + return NewOnBehalfOfCredentialWithSecret( + fakeTenantID, fakeClientID, "assertion", fakeSecret, nil, + ) + }, + func() (azcore.TokenCredential, error) { + return NewUsernamePasswordCredential(fakeTenantID, fakeClientID, fakeUsername, "password", nil) + }, func() (azcore.TokenCredential, error) { - return NewUsernamePasswordCredential("tenantID", "clientID", "username", "password", nil) + return NewWorkloadIdentityCredential(&WorkloadIdentityCredentialOptions{ + ClientID: fakeClientID, TokenFilePath: ".", TenantID: fakeTenantID, + }) }, } { cred, err := ctor() diff --git a/sdk/azidentity/azure_cli_credential_test.go b/sdk/azidentity/azure_cli_credential_test.go index 7f026a9b678a..d3841c2ff643 100644 --- a/sdk/azidentity/azure_cli_credential_test.go +++ b/sdk/azidentity/azure_cli_credential_test.go @@ -40,7 +40,7 @@ func mockAzTokenProviderFailure(context.Context, []string, string, string) ([]by return nil, newAuthenticationFailedError(credNameAzureCLI, "mock provider error", nil, nil) } -func mockAzTokenProviderSuccess(ctx context.Context, scopes []string, tenant, subscription string) ([]byte, error) { +func mockAzTokenProviderSuccess(context.Context, []string, string, string) ([]byte, error) { return azTokenOutput("2001-02-03 04:05:06.000007", 0), nil } diff --git a/sdk/azidentity/client_certificate_credential_test.go b/sdk/azidentity/client_certificate_credential_test.go index 1526614fd1fa..b85cf8f4e046 100644 --- a/sdk/azidentity/client_certificate_credential_test.go +++ b/sdk/azidentity/client_certificate_credential_test.go @@ -63,33 +63,6 @@ func TestParseCertificates_Error(t *testing.T) { } } -func TestClientCertificateCredential_InvalidTenantID(t *testing.T) { - test := allCertTests[0] - cred, err := NewClientCertificateCredential(badTenantID, fakeClientID, test.certs, test.key, nil) - if err == nil { - t.Fatal("Expected an error but received none") - } - if cred != nil { - t.Fatalf("Expected a nil credential value. Received: %v", cred) - } -} - -func TestClientCertificateCredential_GetTokenSuccess(t *testing.T) { - for _, test := range allCertTests { - t.Run(test.name, func(t *testing.T) { - cred, err := NewClientCertificateCredential(fakeTenantID, fakeClientID, test.certs, test.key, nil) - if err != nil { - t.Fatalf("Expected an empty error but received: %s", err.Error()) - } - cred.client.noCAE = fakeConfidentialClient{} - _, err = cred.GetToken(context.Background(), testTRO) - if err != nil { - t.Fatalf("Expected an empty error but received: %s", err.Error()) - } - }) - } -} - func TestClientCertificateCredential_SendCertificateChain(t *testing.T) { for _, test := range allCertTests { t.Run(test.name, func(t *testing.T) { @@ -114,19 +87,6 @@ func TestClientCertificateCredential_SendCertificateChain(t *testing.T) { } } -func TestClientCertificateCredential_GetTokenCheckPrivateKeyBlocks(t *testing.T) { - test := allCertTests[0] - cred, err := NewClientCertificateCredential(fakeTenantID, fakeClientID, test.certs, test.key, nil) - if err != nil { - t.Fatalf("Expected an empty error but received: %s", err.Error()) - } - cred.client.noCAE = fakeConfidentialClient{} - _, err = cred.GetToken(context.Background(), testTRO) - if err != nil { - t.Fatalf("Expected an empty error but received: %s", err.Error()) - } -} - func TestClientCertificateCredential_NoData(t *testing.T) { var key crypto.PrivateKey _, err := NewClientCertificateCredential(fakeTenantID, fakeClientID, []*x509.Certificate{}, key, nil) diff --git a/sdk/azidentity/client_secret_credential_test.go b/sdk/azidentity/client_secret_credential_test.go index 868c05d3df91..d7d687c0b4e0 100644 --- a/sdk/azidentity/client_secret_credential_test.go +++ b/sdk/azidentity/client_secret_credential_test.go @@ -17,28 +17,6 @@ import ( const fakeSecret = "secret" -func TestClientSecretCredential_InvalidTenantID(t *testing.T) { - cred, err := NewClientSecretCredential(badTenantID, fakeClientID, fakeSecret, nil) - if err == nil { - t.Fatal("Expected an error but received none") - } - if cred != nil { - t.Fatalf("Expected a nil credential value. Received: %v", cred) - } -} - -func TestClientSecretCredential_GetTokenSuccess(t *testing.T) { - cred, err := NewClientSecretCredential(fakeTenantID, fakeClientID, fakeSecret, nil) - if err != nil { - t.Fatalf("Unable to create credential. Received: %v", err) - } - cred.client.noCAE = fakeConfidentialClient{} - _, err = cred.GetToken(context.Background(), testTRO) - if err != nil { - t.Fatalf("Expected an empty error but received: %v", err) - } -} - func TestClientSecretCredential_Live(t *testing.T) { for _, disabledID := range []bool{true, false} { name := "default options" diff --git a/sdk/azidentity/confidential_client.go b/sdk/azidentity/confidential_client.go index 01446a7242a4..76020112c7a7 100644 --- a/sdk/azidentity/confidential_client.go +++ b/sdk/azidentity/confidential_client.go @@ -91,7 +91,7 @@ func (c *confidentialClient) GetToken(ctx context.Context, tro policy.TokenReque } tro.TenantID = tenant } - client, mu, err := c.client(ctx, tro) + client, mu, err := c.client(tro) if err != nil { return azcore.AccessToken{}, err } @@ -121,7 +121,7 @@ func (c *confidentialClient) GetToken(ctx context.Context, tro policy.TokenReque return azcore.AccessToken{Token: ar.AccessToken, ExpiresOn: ar.ExpiresOn.UTC()}, err } -func (c *confidentialClient) client(ctx context.Context, tro policy.TokenRequestOptions) (msalConfidentialClient, *sync.Mutex, error) { +func (c *confidentialClient) client(tro policy.TokenRequestOptions) (msalConfidentialClient, *sync.Mutex, error) { c.clientMu.Lock() defer c.clientMu.Unlock() if tro.EnableCAE { diff --git a/sdk/azidentity/device_code_credential_test.go b/sdk/azidentity/device_code_credential_test.go index ab2fe1679014..5a00a0eaa3cb 100644 --- a/sdk/azidentity/device_code_credential_test.go +++ b/sdk/azidentity/device_code_credential_test.go @@ -16,18 +16,6 @@ import ( "github.com/AzureAD/microsoft-authentication-library-for-go/apps/public" ) -func TestDeviceCodeCredential_InvalidTenantID(t *testing.T) { - options := DeviceCodeCredentialOptions{} - options.TenantID = badTenantID - cred, err := NewDeviceCodeCredential(&options) - if err == nil { - t.Fatal("Expected an error but received none") - } - if cred != nil { - t.Fatalf("Expected a nil credential value. Received: %v", cred) - } -} - func TestDeviceCodeCredential_GetTokenInvalidCredentials(t *testing.T) { cred, err := NewDeviceCodeCredential(nil) if err != nil { diff --git a/sdk/azidentity/environment_credential_test.go b/sdk/azidentity/environment_credential_test.go index 4282615c4791..4d5c857f8ce3 100644 --- a/sdk/azidentity/environment_credential_test.go +++ b/sdk/azidentity/environment_credential_test.go @@ -17,85 +17,74 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/internal/recording" + "github.com/stretchr/testify/require" ) -func resetEnvironmentVarsForTest() { - clearEnvVars(azureTenantID, azureClientID, azureClientSecret, azureClientCertificatePath, azureUsername, azurePassword) -} - -func TestEnvironmentCredential_TenantIDNotSet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureClientID, fakeClientID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientSecret, fakeSecret) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - _, err = NewEnvironmentCredential(nil) - if err == nil { - t.Fatalf("Expected an error but received nil") - } -} - -func TestEnvironmentCredential_ClientIDNotSet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureTenantID, fakeTenantID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientSecret, fakeSecret) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - _, err = NewEnvironmentCredential(nil) - if err == nil { - t.Fatalf("Expected an error but received nil") - } -} - -func TestEnvironmentCredential_ClientSecretNotSet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureTenantID, fakeTenantID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientID, fakeClientID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - _, err = NewEnvironmentCredential(nil) - if err == nil { - t.Fatalf("Expected an error but received nil") +func unsetEnvironmentVarsForTest(t *testing.T) { + for _, k := range []string{ + azureClientCertificatePath, azureClientID, azureClientSecret, azurePassword, azureTenantID, azureUsername, + } { + if v, set := os.LookupEnv(k); set { + require.NoError(t, os.Unsetenv(k)) + t.Cleanup(func() { require.NoError(t, os.Setenv(k, v)) }) + } } } -func TestEnvironmentCredential_ClientSecretSet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureTenantID, fakeTenantID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientID, fakeClientID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientSecret, fakeSecret) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - cred, err := NewEnvironmentCredential(nil) - if err != nil { - t.Fatalf("Did not expect an error. Received: %v", err) - } - if _, ok := cred.cred.(*ClientSecretCredential); !ok { - t.Fatalf("Did not receive the right credential type. Expected *azidentity.ClientSecretCredential, Received: %t", cred) +func TestEnvironmentCredential(t *testing.T) { + unsetEnvironmentVarsForTest(t) + for _, test := range []struct { + env map[string]string + cred azcore.TokenCredential + }{ + { + cred: &ClientCertificateCredential{}, + env: map[string]string{ + azureClientCertificatePath: "testdata/certificate.pem", + azureClientID: fakeClientID, + azureTenantID: fakeTenantID, + }, + }, + { + cred: &ClientSecretCredential{}, + env: map[string]string{ + azureClientID: fakeClientID, + azureClientSecret: fakeSecret, + azureTenantID: fakeTenantID, + }, + }, + { + cred: &UsernamePasswordCredential{}, + env: map[string]string{ + azureClientID: fakeClientID, + azurePassword: "fake", + azureTenantID: fakeTenantID, + azureUsername: fakeUsername, + }, + }, + } { + t.Run(fmt.Sprintf("%T", test.cred), func(t *testing.T) { + for k, v := range test.env { + t.Setenv(k, v) + } + cred, err := NewEnvironmentCredential(nil) + require.NoError(t, err) + require.IsType(t, test.cred, cred.cred) + for k := range test.env { + t.Run("missing "+k, func(t *testing.T) { + before := os.Getenv(k) + require.NoError(t, os.Unsetenv(k)) + defer os.Setenv(k, before) + _, err := NewEnvironmentCredential(nil) + require.Error(t, err) + }) + } + }) } } func TestEnvironmentCredential_CertificateErrors(t *testing.T) { - resetEnvironmentVarsForTest() + unsetEnvironmentVarsForTest(t) for _, test := range []struct { name, path string }{ @@ -118,29 +107,6 @@ func TestEnvironmentCredential_CertificateErrors(t *testing.T) { } } -func TestEnvironmentCredential_ClientCertificatePathSet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureTenantID, fakeTenantID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientID, fakeClientID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientCertificatePath, "testdata/certificate.pem") - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - cred, err := NewEnvironmentCredential(nil) - if err != nil { - t.Fatalf("Did not expect an error. Received: %v", err) - } - if _, ok := cred.cred.(*ClientCertificateCredential); !ok { - t.Fatalf("Did not receive the right credential type. Expected *azidentity.ClientCertificateCredential, Received: %t", cred) - } -} - func TestEnvironmentCredential_ClientCertificatePassword(t *testing.T) { for key, value := range map[string]string{ azureTenantID: fakeTenantID, @@ -171,53 +137,6 @@ func TestEnvironmentCredential_ClientCertificatePassword(t *testing.T) { } } -func TestEnvironmentCredential_UsernameOnlySet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureTenantID, fakeTenantID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientID, fakeClientID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureUsername, "username") - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - _, err = NewEnvironmentCredential(nil) - if err == nil { - t.Fatalf("Expected an error but received nil") - } -} - -func TestEnvironmentCredential_UsernamePasswordSet(t *testing.T) { - resetEnvironmentVarsForTest() - err := os.Setenv(azureTenantID, fakeTenantID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureClientID, fakeClientID) - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azureUsername, "username") - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - err = os.Setenv(azurePassword, "password") - if err != nil { - t.Fatalf("Unexpected error when initializing environment variables: %v", err) - } - cred, err := NewEnvironmentCredential(nil) - if err != nil { - t.Fatalf("Did not expect an error. Received: %v", err) - } - if _, ok := cred.cred.(*UsernamePasswordCredential); !ok { - t.Fatalf("Did not receive the right credential type. Expected *azidentity.UsernamePasswordCredential, Received: %t", cred) - } -} - func TestEnvironmentCredential_SendCertificateChain(t *testing.T) { certData, err := os.ReadFile(liveSP.pfxPath) if err != nil { @@ -227,7 +146,7 @@ func TestEnvironmentCredential_SendCertificateChain(t *testing.T) { if err != nil { t.Fatal(err) } - resetEnvironmentVarsForTest() + unsetEnvironmentVarsForTest(t) sts := mockSTS{tokenRequestCallback: validateX5C(t, certs)} vars := map[string]string{ azureClientID: liveSP.clientID, diff --git a/sdk/azidentity/interactive_browser_credential_test.go b/sdk/azidentity/interactive_browser_credential_test.go index 751b9a404511..62476df28a97 100644 --- a/sdk/azidentity/interactive_browser_credential_test.go +++ b/sdk/azidentity/interactive_browser_credential_test.go @@ -19,18 +19,6 @@ import ( "github.com/AzureAD/microsoft-authentication-library-for-go/apps/public" ) -func TestInteractiveBrowserCredential_InvalidTenantID(t *testing.T) { - options := InteractiveBrowserCredentialOptions{} - options.TenantID = badTenantID - cred, err := NewInteractiveBrowserCredential(&options) - if err == nil { - t.Fatal("Expected an error but received none") - } - if cred != nil { - t.Fatalf("Expected a nil credential value. Received: %v", cred) - } -} - func TestInteractiveBrowserCredential_GetTokenSuccess(t *testing.T) { cred, err := NewInteractiveBrowserCredential(nil) if err != nil { diff --git a/sdk/azidentity/managed_identity_credential_test.go b/sdk/azidentity/managed_identity_credential_test.go index b34d6b69085e..b1d0dd5658b6 100644 --- a/sdk/azidentity/managed_identity_credential_test.go +++ b/sdk/azidentity/managed_identity_credential_test.go @@ -31,13 +31,6 @@ const ( expiresOnNonStringIntResp = `{"access_token": "new_token", "refresh_token": "", "expires_in": "", "expires_on": 1560974028, "not_before": "1560970130", "resource": "https://vault.azure.net", "token_type": "Bearer"}` ) -// TODO: replace with 1.17's T.Setenv -func clearEnvVars(envVars ...string) { - for _, ev := range envVars { - _ = os.Unsetenv(ev) - } -} - func TestManagedIdentityCredential_AzureArc(t *testing.T) { file, err := os.Create(filepath.Join(t.TempDir(), "arc.key")) if err != nil { @@ -587,7 +580,6 @@ func TestManagedIdentityCredential_IMDSRetries(t *testing.T) { } func TestManagedIdentityCredential_ServiceFabric(t *testing.T) { - resetEnvironmentVarsForTest() expectedSecret := "expected-secret" pred := func(req *http.Request) bool { if secret := req.Header.Get("Secret"); secret != expectedSecret { diff --git a/sdk/azidentity/username_password_credential_test.go b/sdk/azidentity/username_password_credential_test.go index 64960ab7f4e3..ef493ecfd8ce 100644 --- a/sdk/azidentity/username_password_credential_test.go +++ b/sdk/azidentity/username_password_credential_test.go @@ -15,16 +15,6 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/internal/recording" ) -func TestUsernamePasswordCredential_InvalidTenantID(t *testing.T) { - cred, err := NewUsernamePasswordCredential(badTenantID, fakeClientID, "username", "password", nil) - if err == nil { - t.Fatal("Expected an error but received none") - } - if cred != nil { - t.Fatalf("Expected a nil credential value. Received: %v", cred) - } -} - func TestUsernamePasswordCredential_Live(t *testing.T) { for _, disabledID := range []bool{true, false} { name := "default options"