add OS default broker auth to DAC #45891
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-project-automation
bot
moved this to Untriaged
in Azure Identity SDK Improvements
g2vinay
force-pushed
the
add-ibbcr-to-dac
branch
from
d269e1b to
c7fc022
Compare
g2vinay
changed the title
g2vinay
changed the title
g2vinay
requested review from
maorleger,
christothes,
pvaneck,
KarishmaGhiya,
chlowell and
minhanh-phan
There was a problem hiding this comment.
Pull Request Overview
This PR adds OS Broker authentication support to the DefaultAzureCredential by introducing a new OSBrokerCredential, integrating it into the credential chains, and updating tests and documentation.
- Introduce
OSBrokerCredentialand refactorIdentityUtilfor broker availability. - Integrate
OSBrokerCredentialinto both developer-only and default credential chains inDefaultAzureCredentialBuilder. - Update existing tests to mock and assert OS broker behavior; add a new test for broker-unavailable scenarios and document troubleshooting steps.
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| sdk/identity/azure-identity/src/test/java/com/azure/identity/DefaultAzureCredentialTest.java | Added OSBrokerCredential mocks and assertions to user and developer credential chain tests. |
| sdk/identity/azure-identity/src/test/java/com/azure/identity/DacOsBrokerCredentialTest.java | Added new test covering the broker-unavailable error path for OSBrokerCredential. |
| sdk/identity/azure-identity/src/main/java/com/azure/identity/implementation/util/IdentityUtil.java | Refactored broker availability check; added isVsCodeBrokerAuthAvailable and simplified isBrokerAvailable. |
| sdk/identity/azure-identity/src/main/java/com/azure/identity/OSBrokerCredential.java | Introduced the OSBrokerCredential implementation, handling dynamic broker credential creation. |
| sdk/identity/azure-identity/src/main/java/com/azure/identity/DefaultAzureCredentialBuilder.java | Integrated OSBrokerCredential into the developer credentials list. |
| sdk/identity/azure-identity/TROUBLESHOOTING.md | Documented broker-authentication errors, mitigation steps, and Windows-only support note. |
Comments suppressed due to low confidence (4)
sdk/identity/azure-identity/src/main/java/com/azure/identity/implementation/util/IdentityUtil.java:182
- [nitpick] Update this comment to reflect that the method also verifies broker availability (i.e., it returns true only if the broker is available and the VS Code auth record file exists).
// Check if VS Code broker auth record file exists
sdk/identity/azure-identity/src/main/java/com/azure/identity/OSBrokerCredential.java:16
- Add JavaDoc to describe the purpose and behavior of
OSBrokerCredentialand itsgetTokenmethod, in line with Azure SDK public API documentation requirements.
class OSBrokerCredential implements TokenCredential {
sdk/identity/azure-identity/src/main/java/com/azure/identity/OSBrokerCredential.java:57
- [nitpick] Capitalize the beginning of this error message (e.g., "Azure-identity-broker dependency is not available...") to match sentence casing conventions used elsewhere.
new CredentialUnavailableException("azure-identity-broker dependency is not available. "
sdk/identity/azure-identity/src/test/java/com/azure/identity/DacOsBrokerCredentialTest.java:10
- Add a test for the successful (happy-path) scenario where the broker dependency is available and
getTokenreturns a validAccessToken.
public class DacOsBrokerCredentialTest {
sdk/identity/azure-identity/src/main/java/com/azure/identity/OSBrokerCredential.java
Show resolved
Hide resolved
christothes
reviewed
Jul 15, 2025
sdk/identity/azure-identity/src/main/java/com/azure/identity/OSBrokerCredential.java
Show resolved
Hide resolved
chlowell
reviewed
Jul 16, 2025
sdk/identity/azure-identity/src/test/java/com/azure/identity/DefaultAzureCredentialTest.java
Show resolved
Hide resolved
|
/check-enforcer override |
github-project-automation
bot
moved this from Untriaged
to Done
in Azure Identity SDK Improvements
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.