diff --git a/sdk/identity/identity/CHANGELOG.md b/sdk/identity/identity/CHANGELOG.md index 665a85d911bb..e6f1405da927 100644 --- a/sdk/identity/identity/CHANGELOG.md +++ b/sdk/identity/identity/CHANGELOG.md @@ -10,6 +10,8 @@ ### Other Changes +- Refactored and cleaned up `MsalClientOptions` to eliminate nested property duplication, replaced `getIdentityClientAuthorityHost` with `getAuthorityHost`, and removed deprecated `isNode` in favor of `isNodeLike`. [#36731](https://github.com/Azure/azure-sdk-for-js/pull/36731) + ## 4.14.0-beta.1 (2025-11-06) ### Features Added diff --git a/sdk/identity/identity/src/client/identityClient.ts b/sdk/identity/identity/src/client/identityClient.ts index 2181170ef2f1..54ab44322528 100644 --- a/sdk/identity/identity/src/client/identityClient.ts +++ b/sdk/identity/identity/src/client/identityClient.ts @@ -4,13 +4,12 @@ import type { INetworkModule, NetworkRequestOptions, NetworkResponse } from "@azure/msal-node"; import type { AccessToken, GetTokenOptions } from "@azure/core-auth"; import { ServiceClient } from "@azure/core-client"; -import { isNode } from "@azure/core-util"; import type { PipelineRequest, PipelineResponse } from "@azure/core-rest-pipeline"; import { createHttpHeaders, createPipelineRequest } from "@azure/core-rest-pipeline"; import type { AbortSignalLike } from "@azure/abort-controller"; import { AuthenticationError, AuthenticationErrorName } from "../errors.js"; import { getIdentityTokenEndpointSuffix } from "../util/identityTokenEndpoint.js"; -import { DefaultAuthorityHost, SDK_VERSION } from "../constants.js"; +import { SDK_VERSION } from "../constants.js"; import { tracingClient } from "../util/tracing.js"; import { logger } from "../util/logging.js"; import type { TokenCredentialOptions } from "../tokenCredentialOptions.js"; @@ -19,6 +18,7 @@ import { parseExpirationTimestamp, parseRefreshTimestamp, } from "../credentials/managedIdentityCredential/utils.js"; +import { getAuthorityHost } from "../util/authorityHost.js"; const noCorrelationId = "noCorrelationId"; @@ -37,22 +37,6 @@ export interface TokenResponse { refreshToken?: string; } -/** - * @internal - */ -export function getIdentityClientAuthorityHost(options?: TokenCredentialOptions): string { - // The authorityHost can come from options or from the AZURE_AUTHORITY_HOST environment variable. - let authorityHost = options?.authorityHost; - - // The AZURE_AUTHORITY_HOST environment variable can only be provided in Node.js. - if (isNode) { - authorityHost = authorityHost ?? process.env.AZURE_AUTHORITY_HOST; - } - - // If the authorityHost is not provided, we use the default one from the public cloud: https://login.microsoftonline.com - return authorityHost ?? DefaultAuthorityHost; -} - /** * The network module used by the Identity credentials. * @@ -74,7 +58,7 @@ export class IdentityClient extends ServiceClient implements INetworkModule { ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}` : `${packageDetails}`; - const baseUri = getIdentityClientAuthorityHost(options); + const baseUri = getAuthorityHost(options); if (!baseUri.startsWith("https:")) { throw new Error("The authorityHost address must use the 'https' protocol."); } diff --git a/sdk/identity/identity/src/credentials/authorizationCodeCredential.ts b/sdk/identity/identity/src/credentials/authorizationCodeCredential.ts index 44dc18ed4e99..74016b5f10e3 100644 --- a/sdk/identity/identity/src/credentials/authorizationCodeCredential.ts +++ b/sdk/identity/identity/src/credentials/authorizationCodeCredential.ts @@ -127,7 +127,6 @@ export class AuthorizationCodeCredential implements TokenCredential { this.msalClient = createMsalClient(clientId, tenantId, { ...options, logger, - tokenCredentialOptions: options ?? {}, }); } diff --git a/sdk/identity/identity/src/credentials/brokerCredential.ts b/sdk/identity/identity/src/credentials/brokerCredential.ts index 835f3dc14808..0aea4ec2c68d 100644 --- a/sdk/identity/identity/src/credentials/brokerCredential.ts +++ b/sdk/identity/identity/src/credentials/brokerCredential.ts @@ -14,8 +14,8 @@ import { tracingClient } from "../util/tracing.js"; import type { MsalClient, MsalClientOptions } from "../msal/nodeFlows/msalClient.js"; import { createMsalClient } from "../msal/nodeFlows/msalClient.js"; import { DeveloperSignOnClientId } from "../constants.js"; -import { TokenCredentialOptions } from "../tokenCredentialOptions.js"; -import { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js"; +import type { TokenCredentialOptions } from "../tokenCredentialOptions.js"; +import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js"; import { CredentialUnavailableError } from "../errors.js"; const logger = credentialLogger("BrokerCredential"); @@ -46,7 +46,6 @@ export class BrokerCredential implements TokenCredential { ); const msalClientOptions: MsalClientOptions = { ...options, - tokenCredentialOptions: options, logger, brokerOptions: { enabled: true, diff --git a/sdk/identity/identity/src/credentials/clientAssertionCredential.ts b/sdk/identity/identity/src/credentials/clientAssertionCredential.ts index e3b0bc21defc..2ade12a91e00 100644 --- a/sdk/identity/identity/src/credentials/clientAssertionCredential.ts +++ b/sdk/identity/identity/src/credentials/clientAssertionCredential.ts @@ -67,9 +67,8 @@ export class ClientAssertionCredential implements TokenCredential { this.options = options; this.getAssertion = getAssertion; this.msalClient = createMsalClient(clientId, tenantId, { - ...options, + ...this.options, logger, - tokenCredentialOptions: this.options, }); } diff --git a/sdk/identity/identity/src/credentials/clientCertificateCredential.ts b/sdk/identity/identity/src/credentials/clientCertificateCredential.ts index 5957962ecacf..72093aacbf78 100644 --- a/sdk/identity/identity/src/credentials/clientCertificateCredential.ts +++ b/sdk/identity/identity/src/credentials/clientCertificateCredential.ts @@ -129,7 +129,6 @@ export class ClientCertificateCredential implements TokenCredential { this.msalClient = createMsalClient(clientId, tenantId, { ...options, logger, - tokenCredentialOptions: options, }); } diff --git a/sdk/identity/identity/src/credentials/clientSecretCredential.ts b/sdk/identity/identity/src/credentials/clientSecretCredential.ts index 6e118f5dbc8e..adb77d898e29 100644 --- a/sdk/identity/identity/src/credentials/clientSecretCredential.ts +++ b/sdk/identity/identity/src/credentials/clientSecretCredential.ts @@ -74,7 +74,6 @@ export class ClientSecretCredential implements TokenCredential { this.msalClient = createMsalClient(clientId, tenantId, { ...options, logger, - tokenCredentialOptions: options, }); } diff --git a/sdk/identity/identity/src/credentials/deviceCodeCredential.ts b/sdk/identity/identity/src/credentials/deviceCodeCredential.ts index 85abf5f3ee4c..a4126310b4ab 100644 --- a/sdk/identity/identity/src/credentials/deviceCodeCredential.ts +++ b/sdk/identity/identity/src/credentials/deviceCodeCredential.ts @@ -74,7 +74,6 @@ export class DeviceCodeCredential implements TokenCredential { this.msalClient = createMsalClient(clientId, tenantId, { ...options, logger, - tokenCredentialOptions: options || {}, }); this.disableAutomaticAuthentication = options?.disableAutomaticAuthentication; } diff --git a/sdk/identity/identity/src/credentials/interactiveBrowserCredential.ts b/sdk/identity/identity/src/credentials/interactiveBrowserCredential.ts index a582de85f52d..6de116fa4d7b 100644 --- a/sdk/identity/identity/src/credentials/interactiveBrowserCredential.ts +++ b/sdk/identity/identity/src/credentials/interactiveBrowserCredential.ts @@ -56,7 +56,6 @@ export class InteractiveBrowserCredential implements TokenCredential { const msalClientOptions: MsalClientOptions = { ...options, - tokenCredentialOptions: options, logger, }; const ibcNodeOptions = options as InteractiveBrowserCredentialNodeOptions; diff --git a/sdk/identity/identity/src/credentials/onBehalfOfCredential.ts b/sdk/identity/identity/src/credentials/onBehalfOfCredential.ts index 4efec098422f..3dc0978f7cb6 100644 --- a/sdk/identity/identity/src/credentials/onBehalfOfCredential.ts +++ b/sdk/identity/identity/src/credentials/onBehalfOfCredential.ts @@ -181,7 +181,6 @@ export class OnBehalfOfCredential implements TokenCredential { this.msalClient = createMsalClient(clientId, this.tenantId, { ...options, logger, - tokenCredentialOptions: options, }); } diff --git a/sdk/identity/identity/src/credentials/usernamePasswordCredential.ts b/sdk/identity/identity/src/credentials/usernamePasswordCredential.ts index 3c872b5d91c4..20a997a83099 100644 --- a/sdk/identity/identity/src/credentials/usernamePasswordCredential.ts +++ b/sdk/identity/identity/src/credentials/usernamePasswordCredential.ts @@ -83,7 +83,6 @@ export class UsernamePasswordCredential implements TokenCredential { this.msalClient = createMsalClient(clientId, this.tenantId, { ...options, - tokenCredentialOptions: options ?? {}, }); } diff --git a/sdk/identity/identity/src/credentials/visualStudioCodeCredential.ts b/sdk/identity/identity/src/credentials/visualStudioCodeCredential.ts index 14185b7052f3..fa7b2e482993 100644 --- a/sdk/identity/identity/src/credentials/visualStudioCodeCredential.ts +++ b/sdk/identity/identity/src/credentials/visualStudioCodeCredential.ts @@ -10,12 +10,12 @@ import { import { CredentialUnavailableError } from "../errors.js"; import type { VisualStudioCodeCredentialOptions } from "./visualStudioCodeCredentialOptions.js"; import { checkTenantId } from "../util/tenantIdUtils.js"; -import { createMsalClient, MsalClient } from "../msal/nodeFlows/msalClient.js"; +import { createMsalClient, type MsalClient } from "../msal/nodeFlows/msalClient.js"; import { ensureScopes } from "../util/scopeUtils.js"; import { hasVSCodePlugin, vsCodeAuthRecordPath } from "../msal/nodeFlows/msalPlugins.js"; import { deserializeAuthenticationRecord } from "../msal/utils.js"; import { readFile } from "node:fs/promises"; -import { AuthenticationRecord } from "../msal/types.js"; +import type { AuthenticationRecord } from "../msal/types.js"; const CommonTenantId = "common"; const VSCodeClientId = "aebc6443-996d-45c2-90f0-388ff96faa56"; diff --git a/sdk/identity/identity/src/msal/nodeFlows/msalClient.ts b/sdk/identity/identity/src/msal/nodeFlows/msalClient.ts index b277e8bdd0b8..f6ff922413cf 100644 --- a/sdk/identity/identity/src/msal/nodeFlows/msalClient.ts +++ b/sdk/identity/identity/src/msal/nodeFlows/msalClient.ts @@ -13,7 +13,6 @@ import { defaultLoggerCallback, ensureValidMsalToken, getAuthority, - getAuthorityHost, getKnownAuthorities, getMSALLogLevel, handleMsalError, @@ -30,6 +29,9 @@ import type { TokenCachePersistenceOptions } from "./tokenCachePersistenceOption import { calculateRegionalAuthority } from "../../regionalAuthority.js"; import { getLogLevel } from "@azure/logger"; import { resolveTenantId } from "../../util/tenantIdUtils.js"; +import { CommonClientOptions } from "@azure/core-client"; +import { LogPolicyOptions } from "@azure/core-rest-pipeline"; +import { getAuthorityHost } from "../../util/authorityHost.js"; /** * The default logger used if no logger was passed in by the credential. @@ -215,7 +217,7 @@ export interface MsalClient { /** * Represents the options for configuring the MsalClient. */ -export interface MsalClientOptions { +export interface MsalClientOptions extends CommonClientOptions { /** * Parameters that enable WAM broker authentication in the InteractiveBrowserCredential. */ @@ -234,17 +236,21 @@ export interface MsalClientOptions { /** * A custom authority host. */ - authorityHost?: IdentityClient["tokenCredentialOptions"]["authorityHost"]; + authorityHost?: string; /** * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support. */ - loggingOptions?: IdentityClient["tokenCredentialOptions"]["loggingOptions"]; - - /** - * The token credential options for the MsalClient. - */ - tokenCredentialOptions?: IdentityClient["tokenCredentialOptions"]; + loggingOptions?: LogPolicyOptions & { + /** + * Allows logging account information once the authentication flow succeeds. + */ + allowLoggingAccountIdentifiers?: boolean; + /** + * Allows logging personally identifiable information for customer support. + */ + enableUnsafeSupportLogging?: boolean; + }; /** * Determines whether instance discovery is disabled. @@ -281,11 +287,10 @@ export function generateMsalConfiguration( clientId, ); - // TODO: move and reuse getIdentityClientAuthorityHost const authority = getAuthority(resolvedTenant, getAuthorityHost(msalClientOptions)); const httpClient = new IdentityClient({ - ...msalClientOptions.tokenCredentialOptions, + ...msalClientOptions, authorityHost: authority, loggingOptions: msalClientOptions.loggingOptions, }); diff --git a/sdk/identity/identity/src/msal/utils.ts b/sdk/identity/identity/src/msal/utils.ts index 8afc96ff7b44..d25382a4d7c5 100644 --- a/sdk/identity/identity/src/msal/utils.ts +++ b/sdk/identity/identity/src/msal/utils.ts @@ -6,7 +6,7 @@ import { AuthenticationRequiredError, CredentialUnavailableError } from "../erro import type { CredentialLogger } from "../util/logging.js"; import { credentialLogger, formatError } from "../util/logging.js"; import { DefaultAuthority, DefaultAuthorityHost, DefaultTenantId } from "../constants.js"; -import { randomUUID as coreRandomUUID, isNode, isNodeLike } from "@azure/core-util"; +import { randomUUID as coreRandomUUID, isNodeLike } from "@azure/core-util"; import { AbortError } from "@azure/abort-controller"; import type { AzureLogLevel } from "@azure/logger"; @@ -52,22 +52,6 @@ export function ensureValidMsalToken( } } -/** - * Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable. - * - * Defaults to {@link DefaultAuthorityHost}. - * @internal - */ -export function getAuthorityHost(options?: { authorityHost?: string }): string { - let authorityHost = options?.authorityHost; - - if (!authorityHost && isNodeLike) { - authorityHost = process.env.AZURE_AUTHORITY_HOST; - } - - return authorityHost ?? DefaultAuthorityHost; -} - /** * Generates a valid authority by combining a host with a tenantId. * @internal @@ -113,7 +97,7 @@ export const defaultLoggerCallback: ( logger: CredentialLogger, platform?: "Node" | "Browser", ) => ILoggerCallback = - (credLogger: CredentialLogger, platform: "Node" | "Browser" = isNode ? "Node" : "Browser") => + (credLogger: CredentialLogger, platform: "Node" | "Browser" = isNodeLike ? "Node" : "Browser") => (level, message, containsPii): void => { if (containsPii) { return; diff --git a/sdk/identity/identity/src/util/authorityHost.ts b/sdk/identity/identity/src/util/authorityHost.ts new file mode 100644 index 000000000000..a6815ba9b916 --- /dev/null +++ b/sdk/identity/identity/src/util/authorityHost.ts @@ -0,0 +1,21 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + +import { isNodeLike } from "@azure/core-util"; +import { DefaultAuthorityHost } from "../constants.js"; + +/** + * Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable. + * + * Defaults to {@link DefaultAuthorityHost}. + * @internal + */ +export function getAuthorityHost(options?: { authorityHost?: string }): string { + let authorityHost = options?.authorityHost; + + if (!authorityHost && isNodeLike) { + authorityHost = process.env.AZURE_AUTHORITY_HOST; + } + + return authorityHost ?? DefaultAuthorityHost; +} diff --git a/sdk/identity/identity/test/internal/node/brokerCredential.spec.ts b/sdk/identity/identity/test/internal/node/brokerCredential.spec.ts index 938798fabbf2..57c3d7e520d9 100644 --- a/sdk/identity/identity/test/internal/node/brokerCredential.spec.ts +++ b/sdk/identity/identity/test/internal/node/brokerCredential.spec.ts @@ -74,7 +74,6 @@ describe("BrokerCredential (internal)", function () { "test-tenant-id", expect.objectContaining({ ...options, - tokenCredentialOptions: options, logger: expect.anything(), brokerOptions: { enabled: true, diff --git a/sdk/identity/identity/test/internal/node/identityClient.spec.ts b/sdk/identity/identity/test/internal/node/identityClient.spec.ts index 0c6722e39989..2e71b273e2fc 100644 --- a/sdk/identity/identity/test/internal/node/identityClient.spec.ts +++ b/sdk/identity/identity/test/internal/node/identityClient.spec.ts @@ -1,14 +1,15 @@ // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. -import { IdentityClient, getIdentityClientAuthorityHost } from "$internal/client/identityClient.js"; +import { IdentityClient } from "$internal/client/identityClient.js"; +import { getAuthorityHost } from "$internal/util/authorityHost.js"; import { IdentityTestContext } from "./httpRequests.js"; import type { IdentityTestContextInterface } from "../../httpRequestsCommon.js"; import { createResponse } from "../../httpRequestsCommon.js"; import { ClientSecretCredential } from "@azure/identity"; import { openIdConfigurationResponse, PlaybackTenantId } from "../../msalTestUtils.js"; import { isExpectedError } from "../../authTestUtils.js"; -import { isNode } from "@azure/core-util"; +import { isNodeLike } from "@azure/core-util"; import { describe, it, assert, beforeEach, afterEach, vi, expect } from "vitest"; import type { HttpClient } from "@azure/core-rest-pipeline"; import { createDefaultHttpClient, createHttpHeaders } from "@azure/core-rest-pipeline"; @@ -20,7 +21,7 @@ describe("IdentityClient", function () { testContext = new IdentityTestContext({ replaceLogger: true, logLevel: "verbose" }); }); afterEach(async function () { - if (isNode) { + if (isNodeLike) { delete process.env.AZURE_AUTHORITY_HOST; } await testContext.restore(); @@ -40,7 +41,7 @@ describe("IdentityClient", function () { }), ], }); - if (isNode) { + if (isNodeLike) { assert.strictEqual(error!.name, "CredentialUnavailableError"); } else { // The browser version of this credential uses a legacy approach. @@ -78,7 +79,7 @@ describe("IdentityClient", function () { httpClient: mockHttpClient, }); - if (isNode) { + if (isNodeLike) { await expect(credential.getToken(["scope"])).rejects.toThrow("This is a test error"); } else { // The browser version of this credential uses a legacy approach. @@ -105,13 +106,13 @@ describe("IdentityClient", function () { ); }); - it.skipIf(!isNode)("parses authority host environment variable as expected", function () { + it.skipIf(!isNodeLike)("parses authority host environment variable as expected", function () { process.env.AZURE_AUTHORITY_HOST = "http://totallyinsecure.lol"; - assert.equal(getIdentityClientAuthorityHost({}), process.env.AZURE_AUTHORITY_HOST); + assert.equal(getAuthorityHost({}), process.env.AZURE_AUTHORITY_HOST); return; }); - it.skipIf(!isNode)( + it.skipIf(!isNodeLike)( "throws an exception when an Env AZURE_AUTHORITY_HOST using 'http' is provided", async function () { process.env.AZURE_AUTHORITY_HOST = "http://totallyinsecure.lol"; @@ -159,7 +160,7 @@ describe("IdentityClient", function () { httpClient: mockHttpClient, }); - if (isNode) { + if (isNodeLike) { await expect(credential.getToken(["scope"])).rejects.toThrow( 'Response had no "expiresOn" property.', ); @@ -171,9 +172,9 @@ describe("IdentityClient", function () { } }); - it.skipIf(!isNode)("parses authority host environment variable as expected", function () { + it.skipIf(!isNodeLike)("parses authority host environment variable as expected", function () { process.env.AZURE_AUTHORITY_HOST = "http://totallyinsecure.lol"; - assert.equal(getIdentityClientAuthorityHost({}), process.env.AZURE_AUTHORITY_HOST); + assert.equal(getAuthorityHost({}), process.env.AZURE_AUTHORITY_HOST); return; }); diff --git a/sdk/identity/identity/test/internal/node/managedIdentityCredential/msalMsiProvider.spec.ts b/sdk/identity/identity/test/internal/node/managedIdentityCredential/msalMsiProvider.spec.ts index 200a7f293eac..0f9b5323d9a7 100644 --- a/sdk/identity/identity/test/internal/node/managedIdentityCredential/msalMsiProvider.spec.ts +++ b/sdk/identity/identity/test/internal/node/managedIdentityCredential/msalMsiProvider.spec.ts @@ -16,7 +16,7 @@ import { describe, it, assert, expect, vi, beforeEach, afterEach, type MockInsta import type { IdentityClient } from "$internal/client/identityClient.js"; import { serviceFabricErrorMessage } from "$internal/credentials/managedIdentityCredential/utils.js"; import { logger } from "@azure/identity"; -import { InternalManagedIdentityCredentialOptions } from "$internal/credentials/managedIdentityCredential/options.js"; +import type { InternalManagedIdentityCredentialOptions } from "$internal/credentials/managedIdentityCredential/options.js"; describe("ManagedIdentityCredential (MSAL)", function () { let acquireTokenStub: MockInstance< diff --git a/sdk/identity/identity/test/internal/node/msalClient.spec.ts b/sdk/identity/identity/test/internal/node/msalClient.spec.ts index 149cd9fb41ad..bd18b3a45b4f 100644 --- a/sdk/identity/identity/test/internal/node/msalClient.spec.ts +++ b/sdk/identity/identity/test/internal/node/msalClient.spec.ts @@ -45,7 +45,7 @@ describe("MsalClient", function () { const clientOptions = recorder.configureClientOptions({}); const client = msalClient.createMsalClient(clientId, tenantId, { - tokenCredentialOptions: { additionalPolicies: clientOptions.additionalPolicies }, + additionalPolicies: clientOptions.additionalPolicies, }); const accessToken = await client.getTokenByClientSecret(scopes, clientSecret); @@ -61,7 +61,7 @@ describe("MsalClient", function () { const clientOptions = recorder.configureClientOptions({}); const client = msalClient.createMsalClient(clientId, tenantId, { - tokenCredentialOptions: { additionalPolicies: clientOptions.additionalPolicies }, + additionalPolicies: clientOptions.additionalPolicies, }); const accessToken = await client.getTokenByDeviceCode(scopes, (info) => { @@ -79,7 +79,7 @@ describe("MsalClient", function () { const clientOptions = recorder.configureClientOptions({}); const client = msalClient.createMsalClient(clientId, tenantId, { - tokenCredentialOptions: { additionalPolicies: clientOptions.additionalPolicies }, + additionalPolicies: clientOptions.additionalPolicies, }); const accessToken = await client.getTokenByUsernamePassword(scopes, username, password); diff --git a/sdk/identity/identity/test/internal/node/onBehalfOfCredential.spec.ts b/sdk/identity/identity/test/internal/node/onBehalfOfCredential.spec.ts index 26d98ca4d9ca..af2e935e2aad 100644 --- a/sdk/identity/identity/test/internal/node/onBehalfOfCredential.spec.ts +++ b/sdk/identity/identity/test/internal/node/onBehalfOfCredential.spec.ts @@ -6,7 +6,7 @@ import { IdentityTestContext, prepareMSALResponses } from "./httpRequests.js"; import type { IdentityTestContextInterface } from "../../httpRequestsCommon.js"; import { createResponse } from "../../httpRequestsCommon.js"; import { OnBehalfOfCredential } from "@azure/identity"; -import { isNode } from "@azure/core-util"; +import { isNodeLike } from "@azure/core-util"; import { describe, it, assert, afterEach, beforeEach } from "vitest"; describe("OnBehalfOfCredential", function () { @@ -17,7 +17,7 @@ describe("OnBehalfOfCredential", function () { }); afterEach(async function () { - if (isNode) { + if (isNodeLike) { delete process.env.AZURE_AUTHORITY_HOST; } await testContext.restore();