github/azure-sdk-for-cpp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Source user ID from graph api in TME (#6720)

Browse Source 
Co-authored-by: Ben Broderick Phillips <bebroder@microsoft.com>
This commit is contained in:
Azure SDK Bot 2025-08-29 13:15:45 -07:00 committed by GitHub
parent d65440b7dc
commit bc178b1f98
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
eng/common/TestResources/New-TestResources.ps1
View File

@ -358,8 +358,15 @@ try {
# Make sure the provisioner OID is set so we can pass it through to the deployment.
if (!$ProvisionerApplicationId -and !$ProvisionerApplicationOid) {
if ($context.Account.Type -eq 'User') {
# HomeAccountId format is '<object id>.<tenant id>'
$userAccountId = (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
# Calls to graph API in corp tenant get blocked by conditional access policy now
# but not in TME. For corp tenant we get the user's id from the login context
# but for TME it is different so we have to source it from graph
$userAccountId = if ($wellKnownTMETenants.Contains($TenantId)) {
(Get-AzADUser -SignedIn).Id
} else {
# HomeAccountId format is '<object id>.<tenant id>'
(Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
}
if ($null -eq $userAccountId) {
throw "Failed to find entra object ID for the current user"
}
@ -430,12 +437,20 @@ try {
if (!$CI -and !$ServicePrincipalAuth) {
if ($TestApplicationId) {
Write-Warning "The specified TestApplicationId '$TestApplicationId' will be ignored when -ServicePrincipalAutth is not set."
Write-Warning "The specified TestApplicationId '$TestApplicationId' will be ignored when -ServicePrincipalAuth is not set."
}
$userAccountName = (Get-AzContext).Account.Id
# HomeAccountId format is '<object id>.<tenant id>'
$userAccountId = (Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
# Calls to graph API in corp tenant get blocked by conditional access policy now
# but not in TME. For corp tenant we get the user's id from the login context
# but for TME it is different so we have to source it from graph
$userAccountId = if ($wellKnownTMETenants.Contains($TenantId)) {
(Get-AzADUser -SignedIn).Id
} else {
# HomeAccountId format is '<object id>.<tenant id>'
(Get-AzContext).Account.ExtendedProperties.HomeAccountId.Split('.')[0]
}
if ($null -eq $userAccountId) {
throw "Failed to find entra object ID for the current user"
}