Source user object id directly instead of with graph (#6687)

Co-authored-by: Ben Broderick Phillips <bebroder@microsoft.com>
2025-08-06 12:19:05 -07:00 · 2025-08-06 12:19:05 -07:00 · 28a55c5161
commit 28a55c5161
parent 093d25d839
1 changed files with 9 additions and 15 deletions
--- a/eng/common/TestResources/New-TestResources.ps1
+++ b/eng/common/TestResources/New-TestResources.ps1
@ -353,15 +353,12 @@ try {
    # Make sure the provisioner OID is set so we can pass it through to the deployment.
    if (!$ProvisionerApplicationId -and !$ProvisionerApplicationOid) {
        if ($context.Account.Type -eq 'User') {
-            # Support corp tenant and TME tenant user id lookups
-            $user = Get-AzADUser -Mail $context.Account.Id
-            if ($null -eq $user -or !$user.Id) {
-                $user = Get-AzADUser -UserPrincipalName $context.Account.Id
-            }
-            if ($null -eq $user -or !$user.Id) {
+            # HomeAccountId format is '<object id>.<tenant id>'
+            $userAccountId = (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
+            if ($null -eq $userAccountId) {
                throw "Failed to find entra object ID for the current user"
            }
-            $ProvisionerApplicationOid = $user.Id
+            $ProvisionerApplicationOid = $userAccountId
        } elseif ($context.Account.Type -eq 'ServicePrincipal') {
            $sp = Get-AzADServicePrincipal -ApplicationId $context.Account.Id
            $ProvisionerApplicationOid = $sp.Id
@ -431,17 +428,14 @@ try {
            Write-Warning "The specified TestApplicationId '$TestApplicationId' will be ignored when -ServicePrincipalAutth is not set."
        }

-        # Support corp tenant and TME tenant user id lookups
-        $userAccount = (Get-AzADUser -Mail (Get-AzContext).Account.Id)
-        if ($null -eq $userAccount -or !$userAccount.Id) {
-            $userAccount = (Get-AzADUser -UserPrincipalName (Get-AzContext).Account)
-        }
-        if ($null -eq $userAccount -or !$userAccount.Id) {
+        $userAccountName = (Get-AzContext).Account.Id
+        # HomeAccountId format is '<object id>.<tenant id>'
+        $userAccountId = (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
+        if ($null -eq $userAccountId) {
            throw "Failed to find entra object ID for the current user"
        }
-        $TestApplicationOid = $userAccount.Id
+        $TestApplicationOid = $userAccountId
        $TestApplicationId = $testApplicationOid
-        $userAccountName = $userAccount.UserPrincipalName
        Log "User authentication with user '$userAccountName' ('$TestApplicationId') will be used."
    }
    # If user has specified -ServicePrincipalAuth