wip(examples): use object id for user assigned

ndyakov · ndyakov · commit a3add6754d16 · 2025-05-23T22:54:19.000+03:00
diff --git a/README.md b/README.md
@@ -279,7 +279,7 @@ type ManagedIdentityProviderOptions struct {
     ManagedIdentityType ManagedIdentityType // SystemAssignedIdentity or UserAssignedIdentity
 
     // Optional: Client ID for user-assigned identity
-    UserAssignedClientID string
+    UserAssignedObjectID string
 
     // Optional: Scopes for token access
     // Default: ["https://redis.azure.com/.default"]
@@ -427,7 +427,7 @@ provider, err := entraid.NewManagedIdentityCredentialsProvider(entraid.ManagedId
     },
     ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
         ManagedIdentityType: identity.UserAssignedIdentity,
-        UserAssignedClientID: os.Getenv("AZURE_USER_ASSIGNED_MANAGED_ID"),
+        UserAssignedObjectID: os.Getenv("AZURE_USER_ASSIGNED_MANAGED_ID"),
         Scopes: []string{"https://redis.azure.com/.default"},
     },
 })
diff --git a/examples/entraid/managedidentity_user/main.go b/examples/entraid/managedidentity_user/main.go
@@ -29,7 +29,7 @@ func main() {
 		},
 		ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
 			ManagedIdentityType:  "UserAssigned",
-			UserAssignedClientID: cfg.AzureUserAssignedManagedID,
+			UserAssignedObjectID: cfg.AzureUserAssignedManagedID,
 			Scopes:               cfg.GetRedisScopes(),
 		},
 	})
diff --git a/identity/managed_identity_provider.go b/identity/managed_identity_provider.go
@@ -21,9 +21,9 @@ type ManagedIdentityClient interface {
 // ManagedIdentityProviderOptions represents the options for the managed identity provider.
 // It is used to configure the identity provider when requesting a token.
 type ManagedIdentityProviderOptions struct {
-	// UserAssignedClientID is the client ID of the user assigned identity.
+	// UserAssignedObjectID is the object ID that is used to identify the user assigned identity.
 	// This is used to identify the identity when requesting a token.
-	UserAssignedClientID string
+	UserAssignedObjectID string
 	// ManagedIdentityType is the type of managed identity.
 	// This can be either SystemAssigned or UserAssigned.
 	ManagedIdentityType string
@@ -34,9 +34,9 @@ type ManagedIdentityProviderOptions struct {
 
 // ManagedIdentityProvider represents a managed identity provider.
 type ManagedIdentityProvider struct {
-	// userAssignedClientID is the client ID of the user assigned identity.
+	// userAssignedObjectID is the client ID of the user assigned identity.
 	// This is used to identify the identity when requesting a token.
-	userAssignedClientID string
+	userAssignedObjectID string
 
 	// managedIdentityType is the type of managed identity.
 	// This can be either SystemAssigned or UserAssigned.
@@ -80,19 +80,19 @@ func NewManagedIdentityProvider(opts ManagedIdentityProviderOptions) (*ManagedId
 		client = &realManagedIdentityClient{client: miClient}
 	case UserAssignedIdentity:
 		// UserAssignedIdentity is required to be specified when using a user assigned identity.
-		if opts.UserAssignedClientID == "" {
-			return nil, errors.New("user assigned client ID is required when using user assigned identity")
+		if opts.UserAssignedObjectID == "" {
+			return nil, errors.New("user assigned object ID is required when using user assigned identity")
 		}
 		// UserAssignedIdentity is the type of identity that is managed by the user.
-		miClient, err := mi.New(mi.UserAssignedClientID(opts.UserAssignedClientID))
+		miClient, err := mi.New(mi.UserAssignedObjectID(opts.UserAssignedObjectID))
 		if err != nil {
 			return nil, fmt.Errorf("couldn't create managed identity client: %w", err)
 		}
 		client = &realManagedIdentityClient{client: miClient}
 	}
 
 	return &ManagedIdentityProvider{
-		userAssignedClientID: opts.UserAssignedClientID,
+		userAssignedObjectID: opts.UserAssignedObjectID,
 		managedIdentityType:  opts.ManagedIdentityType,
 		scopes:               opts.Scopes,
 		client:               client,
diff --git a/identity/managed_identity_provider_test.go b/identity/managed_identity_provider_test.go
@@ -40,7 +40,7 @@ func TestNewManagedIdentityProvider(t *testing.T) {
 			name: "User assigned identity with client ID",
 			opts: ManagedIdentityProviderOptions{
 				ManagedIdentityType:  UserAssignedIdentity,
-				UserAssignedClientID: "test-client-id",
+				UserAssignedObjectID: "test-client-id",
 				Scopes:               []string{"https://redis.azure.com"},
 			},
 			expectedError: "",
@@ -51,7 +51,7 @@ func TestNewManagedIdentityProvider(t *testing.T) {
 				ManagedIdentityType: UserAssignedIdentity,
 				Scopes:              []string{"https://redis.azure.com"},
 			},
-			expectedError: "user assigned client ID is required when using user assigned identity",
+			expectedError: "user assigned object ID is required when using user assigned identity",
 		},
 		{
 			name: "Invalid identity type",
@@ -75,7 +75,7 @@ func TestNewManagedIdentityProvider(t *testing.T) {
 				assert.NoError(t, err)
 				assert.NotNil(t, provider)
 				assert.Equal(t, tt.opts.ManagedIdentityType, provider.managedIdentityType)
-				assert.Equal(t, tt.opts.UserAssignedClientID, provider.userAssignedClientID)
+				assert.Equal(t, tt.opts.UserAssignedObjectID, provider.userAssignedObjectID)
 				assert.Equal(t, tt.opts.Scopes, provider.scopes)
 				assert.NotNil(t, provider.client)
 			}
diff --git a/providers_test.go b/providers_test.go
@@ -30,7 +30,7 @@ func TestNewManagedIdentityCredentialsProvider(t *testing.T) {
 					},
 				},
 				ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
-					UserAssignedClientID: "test-client-id",
+					UserAssignedObjectID: "test-client-id",
 					ManagedIdentityType:  identity.UserAssignedIdentity,
 					Scopes:               []string{identity.RedisScopeDefault},
 				},
@@ -277,7 +277,7 @@ func TestCredentialsProviderInterface(t *testing.T) {
 						},
 					},
 					ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
-						UserAssignedClientID: "test-client-id",
+						UserAssignedObjectID: "test-client-id",
 						ManagedIdentityType:  identity.UserAssignedIdentity,
 						Scopes:               []string{identity.RedisScopeDefault},
 					},
@@ -392,7 +392,7 @@ func TestNewManagedIdentityCredentialsProvider_TokenManagerFactoryError(t *testi
 			},
 		},
 		ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
-			UserAssignedClientID: "test-client-id",
+			UserAssignedObjectID: "test-client-id",
 			ManagedIdentityType:  identity.UserAssignedIdentity,
 			Scopes:               []string{identity.RedisScopeDefault},
 		},
@@ -470,7 +470,7 @@ func TestNewManagedIdentityCredentialsProvider_TokenManagerStartError(t *testing
 			},
 		},
 		ManagedIdentityProviderOptions: identity.ManagedIdentityProviderOptions{
-			UserAssignedClientID: "test-client-id",
+			UserAssignedObjectID: "test-client-id",
 			ManagedIdentityType:  identity.UserAssignedIdentity,
 			Scopes:               []string{identity.RedisScopeDefault},
 		},
