Azure · HarshaNalluru · Feb 8, 2022 · Jan 31, 2022 · Feb 1, 2022 · Feb 1, 2022
@@ -8,6 +8,9 @@
 
 ### Bugs Fixed
 
+Fixed a bug where the client options are ignored when passed along with an AAD credential.
+[#20175](https://github.com/Azure/azure-sdk-for-js/pull/20175)
+
 ### Other Changes
 
 ## 1.0.0 (2021-08-10)
@@ -24,50 +27,50 @@ and Buffer objects as inputs.
 
 ### Breaking Changes
 
-* Reversed the order of `credentials` and `endpoint` in `AttestationAdministrationClient` to be
+- Reversed the order of `credentials` and `endpoint` in `AttestationAdministrationClient` to be
   consistent with other SDKs.
-* Removed `credentials` top level parameter for `AttestationClient` constructor, moved
+- Removed `credentials` top level parameter for `AttestationClient` constructor, moved
   to the `AttestationClientOptions` object.
-* Renamed the `validateToken` API in the `AttestationToken` class to `getTokenProblems` returning
+- Renamed the `validateToken` API in the `AttestationToken` class to `getTokenProblems` returning
   an array of strings.
-* Attestation Policy APIs (`setPolicy`, `resetPolicy`) have had their `privateKey` and `certificate` parameters moved to options.
-* Renamed `instanceUrl` to `endpoint` to be consistent with other APIs.
-* Removed `policyCertificates` from `AttestationAdministrationClient`.
-* Removed `StoredAttestationPolicy` and replaced it with `AttestationPolicyToken`.
-* Removed `AttestationData` type. Instead of specifying an `AttestationData` for `initTimeData` and `runTimeData` to the Attest APIs, the attest APIs take an `initTimeJson`, `initTimeData`, `runTimeData` and `runTimeJson` object and determine
-the `DataType` to send to the server based on that.
-* Removed the `AttestationSigningKey` model type replaced with two parameters
+- Attestation Policy APIs (`setPolicy`, `resetPolicy`) have had their `privateKey` and `certificate` parameters moved to options.
+- Renamed `instanceUrl` to `endpoint` to be consistent with other APIs.
+- Removed `policyCertificates` from `AttestationAdministrationClient`.
+- Removed `StoredAttestationPolicy` and replaced it with `AttestationPolicyToken`.
+- Removed `AttestationData` type. Instead of specifying an `AttestationData` for `initTimeData` and `runTimeData` to the Attest APIs, the attest APIs take an `initTimeJson`, `initTimeData`, `runTimeData` and `runTimeJson` object and determine
+  the `DataType` to send to the server based on that.
+- Removed the `AttestationSigningKey` model type replaced with two parameters
   `privateKey` and `certificate` to the APIs which used to accept an `AttestationSigningKey`
-* Renamed `AttestationResponse.value` to `AttestationResponse.body` to align with
- API guidelines.
+- Renamed `AttestationResponse.value` to `AttestationResponse.body` to align with
+  API guidelines.
 
 ## 1.0.0-beta.4 (2021-06-15)
 
 ### Features Added
 
-* The package now contains type definitions compatible with TypeScript versions earlier than v3.6.
+- The package now contains type definitions compatible with TypeScript versions earlier than v3.6.
 
 ### Key Bugs Fixed
 
-* Fixes the location of types definition in package.json
+- Fixes the location of types definition in package.json
 
 ## 1.0.0-beta.3 (2021-06-08)
 
 ### Features Added
 
 ### Breaking Changes
 
-* Essentially completely rewritten. All existing functionality has been replaced.
-  * Removed `policy` property on `AttestationClient` object, because it has been replaced.
-  * Removed `policy.reset` and `policy.set`, replaced with the `resetPolicy` and `setPolicy` methods on the `AttestationAdministrationClient`.
-  * Removed `policy.get`, replaced with the `getPolicy` method of the new  `AttestationAdministrationClient` client object.
-  * Removed `attestation.attestSgxEnclave`, `attestation.attestOpenEnclave`, `attestation.attestTpm`, and `attestation` property from attestationClient, replaced with `attestSgxEnclave`, `attestOpenEnclave` and `attestTpm`.
-  * Removed `metadataConfiguration` and `signingCertificates` properties from attestationClient.
-  * Removed `metadataConfiguration.get()` method, replaced with `client.getOpenIdMetadata()`.
-  * Removed `signingCertificates.get()` method, replaced with `client.getAttestationSigners()`. The return value for `getAttestationSigners()` is an array of `AttestationSigner` objects,
-  each of which has two properties: `key_id` and `certificates`. `key_id`
-  reflects the `kid` JSON Web Key attribute, and `certificates` is the **decoded** `x5c` attribute
-  in the JSON Web Key.
+- Essentially completely rewritten. All existing functionality has been replaced.
+  - Removed `policy` property on `AttestationClient` object, because it has been replaced.
+  - Removed `policy.reset` and `policy.set`, replaced with the `resetPolicy` and `setPolicy` methods on the `AttestationAdministrationClient`.
+  - Removed `policy.get`, replaced with the `getPolicy` method of the new `AttestationAdministrationClient` client object.
+  - Removed `attestation.attestSgxEnclave`, `attestation.attestOpenEnclave`, `attestation.attestTpm`, and `attestation` property from attestationClient, replaced with `attestSgxEnclave`, `attestOpenEnclave` and `attestTpm`.
+  - Removed `metadataConfiguration` and `signingCertificates` properties from attestationClient.
+  - Removed `metadataConfiguration.get()` method, replaced with `client.getOpenIdMetadata()`.
+  - Removed `signingCertificates.get()` method, replaced with `client.getAttestationSigners()`. The return value for `getAttestationSigners()` is an array of `AttestationSigner` objects,
+    each of which has two properties: `key_id` and `certificates`. `key_id`
+    reflects the `kid` JSON Web Key attribute, and `certificates` is the **decoded** `x5c` attribute
+    in the JSON Web Key.
 
 ## 1.0.0-beta.2 (2021-01-19)
 
@@ -77,4 +80,4 @@ Regenerated Attestation SDK. The properties alg, kid and use in JsonWebKey objec
 
 Initial early preview release for MAA Data Plane SDK Demonstrates use of the machine generated MAA APIs.
 
-* Initial Release
+- Initial Release
@@ -187,18 +187,14 @@ export class AttestationClient {
   ) {
     let credentialScopes: string[] | undefined = undefined;
     let credential: TokenCredential | undefined = undefined;
-    let options: AttestationClientOptions = {};
+    let options: AttestationClientOptions;
 
-    // If arg2 is defined, it's either a tokenCredential or it's a client options.
-    if (credentialsOrOptions !== undefined) {
-      if (isTokenCredential(credentialsOrOptions)) {
-        credential = credentialsOrOptions;
-        credentialScopes = ["https://attest.azure.net/.default"];
-      } else {
-        options = credentialsOrOptions;
-      }
-    } else if (clientOptions !== undefined) {
+    if (credentialsOrOptions && isTokenCredential(credentialsOrOptions)) {
+      credential = credentialsOrOptions;
+      credentialScopes = ["https://attest.azure.net/.default"];
       options = clientOptions;
+    } else {
+      options = credentialsOrOptions || {};
     }
 
     const internalPipelineOptions: GeneratedClientOptionalParams = {

@@ -197,15 +197,15 @@ describe("[AAD] Attestation Client", function () {
     const binaryRuntimeData = base64url.decodeString(_runtimeData);
     const client = createRecordedClient(recorder, endpointType);
 
-    {
-      // You can't specify both runtimeData and runtimeJson.
-      await expect(
-        client.attestOpenEnclave(base64url.decodeString(_openEnclaveReport).subarray(0x10), {
-          runTimeData: binaryRuntimeData,
-          runTimeJson: binaryRuntimeData,
-        })
-      ).to.eventually.be.rejectedWith("Cannot provide both runTimeData and runTimeJson");
-    }
+    // You can't specify both runtimeData and runtimeJson.
+    await assert.isRejected(
+      client.attestOpenEnclave(base64url.decodeString(_openEnclaveReport).subarray(0x10), {
+        runTimeData: binaryRuntimeData,
+        runTimeJson: binaryRuntimeData,
+      }),
+      "Cannot provide both runTimeData and runTimeJson.",
+      "Expected to throw since you can't specify both runtimeData and runtimeJson"
+    );
 
     {
       const attestationResult = await client.attestOpenEnclave(
@@ -251,15 +251,14 @@ describe("[AAD] Attestation Client", function () {
 
     const binaryRuntimeData = base64url.decodeString(_runtimeData);
 
-    {
-      // You can't specify both runtimeData and runtimeJson.
-      await expect(
-        client.attestSgxEnclave(base64url.decodeString(_openEnclaveReport).subarray(0x10), {
-          runTimeData: binaryRuntimeData,
-          runTimeJson: binaryRuntimeData,
-        })
-      ).to.eventually.be.rejectedWith("Cannot provide both runTimeData and runTimeJson");
-    }
+    await assert.isRejected(
+      client.attestSgxEnclave(base64url.decodeString(_openEnclaveReport).subarray(0x10), {
+        runTimeData: binaryRuntimeData,
+        runTimeJson: binaryRuntimeData,
+      }),
+      "Cannot provide both runTimeData and runTimeJson.",
+      "Expected to throw since you can't specify both runtimeData and runtimeJson"
+    );
 
     {
       // An OpenEnclave report has a 16 byte header prepended to an SGX quote.

@@ -92,17 +92,18 @@ export function createRecordedClient(
       },
     };
   }
-  if (authenticatedClient !== undefined && authenticatedClient) {
+  if (authenticatedClient) {
     const attClient = new AttestationClient(
       getAttestationUri(endpointType),
       createTestCredential(),
-      options
+      recorder.configureClientOptions(options)
     );
-    recorder.configureClient(attClient["_client"]);
     return attClient;
   }
-  const attClient = new AttestationClient(getAttestationUri(endpointType), options);
-  recorder.configureClient(attClient["_client"]);
+  const attClient = new AttestationClient(
+    getAttestationUri(endpointType),
+    recorder.configureClientOptions(options)
+  );
   return attClient;
 }
 
@@ -128,8 +129,7 @@ export function createRecordedAdminClient(
   const adminClient = new AttestationAdministrationClient(
     getAttestationUri(endpointType),
     createTestCredential(),
-    options
+    recorder.configureClientOptions(options)
   );
-  recorder.configureClient(adminClient["_client"]);
   return adminClient;
 }
@@ -85,7 +85,7 @@
   "autoPublish": false,
   "dependencies": {
     "@azure/core-auth": "^1.3.0",
-    "@azure-rest/core-client": "1.0.0-beta.7",
+    "@azure-rest/core-client": "1.0.0-beta.9",
     "@azure/core-rest-pipeline": "^1.1.0",
     "@azure/logger": "^1.0.0",
     "tslib": "^2.2.0",

@@ -7,8 +7,11 @@ import { Recorder, assertEnvironmentVariable } from "@azure-tools/test-recorder"
 
 export function createRecordedClient(recorder: Recorder): DeviceUpdateRestClient {
   const credential = createTestCredential();
-  const client = DeviceUpdate(assertEnvironmentVariable("ENDPOINT"), credential);
-  recorder.configureClient(client);
+  const client = DeviceUpdate(
+    assertEnvironmentVariable("ENDPOINT"),
+    credential,
+    recorder.configureClientOptions({})
+  );
   return client;
 }
 

@@ -19,7 +19,10 @@ export async function createClient(
 ): Promise<DocumentTranslatorClient> {
   await recorder.start({ envSetupForPlayback });
   const credential = { key: env.DOCUMENT_TRANSLATOR_API_KEY ?? "" };
-  const client = DocumentTranslator(env.ENDPOINT ?? "", credential, options);
-  recorder.configureClient(client);
+  const client = DocumentTranslator(
+    env.ENDPOINT ?? "",
+    credential,
+    recorder.configureClientOptions(options || {})
+  );
   return client;
 }
@@ -113,8 +113,7 @@ describe("RemoteRendering functional tests", () => {
   beforeEach(async function (this: Context) {
     recorder = createRecorder(this);
     await recorder.start(recorderStartOptions);
-    client = createClient();
-    recorder.configureClient(client["client"]);
+    client = createClient(recorder);
   });
 
   afterEach(async function () {

@@ -39,7 +39,7 @@ export const recorderStartOptions: RecorderStartOptions = {
   },
 };
 
-export function createClient(): RemoteRenderingClient {
+export function createClient(recorder: Recorder): RemoteRenderingClient {
   const serviceEndpoint = assertEnvironmentVariable("REMOTERENDERING_ARR_SERVICE_ENDPOINT");
   const accountDomain = assertEnvironmentVariable("REMOTERENDERING_ARR_ACCOUNT_DOMAIN");
   const accountId = assertEnvironmentVariable("REMOTERENDERING_ARR_ACCOUNT_ID");
@@ -50,10 +50,21 @@ export function createClient(): RemoteRenderingClient {
     // the AccessToken auth path.
     const maxTimestampMs = 8640000000000000;
     const credential: AccessToken = { token: "<access_token>", expiresOnTimestamp: maxTimestampMs };
-    return new RemoteRenderingClient(serviceEndpoint, accountId, credential);
+    return new RemoteRenderingClient(
+      serviceEndpoint,
+      accountId,
+      credential,
+      recorder.configureClientOptions({})
+    );
   } else {
     const credential: AzureKeyCredential = new AzureKeyCredential(accountKey);
-    return new RemoteRenderingClient(serviceEndpoint, accountId, accountDomain, credential);
+    return new RemoteRenderingClient(
+      serviceEndpoint,
+      accountId,
+      accountDomain,
+      credential,
+      recorder.configureClientOptions({})
+    );
   }
 }
 

@@ -23,8 +23,8 @@ export function createRecordedClient(recorder: Recorder): SchemaRegistryClient {
   const credential = createTestCredential();
   const client = new SchemaRegistryClient(
     assertEnvironmentVariable("SCHEMA_REGISTRY_ENDPOINT"),
-    credential
+    credential,
+    recorder.configureClientOptions({})
   );
-  recorder.configureClient(client["client"]);
   return client;
 }
@@ -55,19 +55,28 @@ export async function createClients<IndexModel>(
   indexName = recorder.variable("TEST_INDEX_NAME", indexName);
   const endPoint: string = process.env.ENDPOINT ?? "https://endpoint";
   const credential = new AzureKeyCredential(testEnv.SEARCH_API_ADMIN_KEY);
-  const searchClient = new SearchClient<IndexModel>(endPoint, indexName, credential, {
-    serviceVersion,
-  });
-  const indexClient = new SearchIndexClient(endPoint, credential, {
-    serviceVersion,
-  });
-  const indexerClient = new SearchIndexerClient(endPoint, credential, {
-    serviceVersion,
-  });
-
-  recorder.configureClient(searchClient["client"]);
-  recorder.configureClient(indexClient["client"]);
-  recorder.configureClient(indexerClient["client"]);
+  const searchClient = new SearchClient<IndexModel>(
+    endPoint,
+    indexName,
+    credential,
+    recorder.configureClientOptions({
+      serviceVersion,
+    })
+  );
+  const indexClient = new SearchIndexClient(
+    endPoint,
+    credential,
+    recorder.configureClientOptions({
+      serviceVersion,
+    })
+  );
+  const indexerClient = new SearchIndexerClient(
+    endPoint,
+    credential,
+    recorder.configureClientOptions({
+      serviceVersion,
+    })
+  );
 
   return {
     searchClient,

@@ -7,7 +7,7 @@
   "sdk-type": "client",
   "version": "1.0.0-beta.1",
   "dependencies": {
-    "@azure-rest/core-client": "1.0.0-beta.7",
+    "@azure-rest/core-client": "1.0.0-beta.9",
     "@azure/core-auth": "^1.3.0",
     "@azure/core-rest-pipeline": "^1.3.0",
     "@azure/core-paging": "^1.2.0",

@@ -24,8 +24,7 @@ export async function createClient(
   await recorder.start({ envSetupForPlayback: replaceableVariables });
 
   let credential: TokenCredential = createTestCredential();
-  const client = AccessControlClient(env.ENDPOINT ?? "", credential, {...options, allowInsecureConnection: true});
-  recorder.configureClient(client);
+  const client = AccessControlClient(env.ENDPOINT ?? "", credential, recorder.configureClientOptions({ ...options, allowInsecureConnection: true }));
   return client;
 }
 

@@ -23,12 +23,9 @@ export async function createClient(
     },
   });
 
-  const client = new ArtifactsClient(credential, env.ENDPOINT ?? "", {
+  const client = new ArtifactsClient(credential, env.ENDPOINT ?? "", recorder.configureClientOptions({
     ...options,
     allowInsecureConnection: true,
-  });
-  recorder.configureClient(client);
-
-
+  }));
   return client;
 }
@@ -28,6 +28,7 @@ extends:
   template: ../../eng/pipelines/templates/stages/archetype-sdk-client.yml
   parameters:
     ServiceDirectory: tables
+    TestProxy: true
     Artifacts:
       - name: azure-data-tables
         safeName: azuretables