migrate naming of azure env vars (#1176)

## Description migrates the client_id, client_secret, and tenant_id environment variables to versions prepended with azure_*. ⚠️ Your local environment will need to change in the following ways: ⚠️ 1. prepend `AZURE_` to your clientID, clientSecret, and tenantID env vars. 2. update those same env references in any `.corso.env` files used for copying envs to docker containers. 3. in `.corso.toml` (and any variants such as .corso_test.toml), replace `tenantid` with `azure_tenantid`. ## Type of change - [x] 🐹 Trivial/Minor ## Issue(s) * #558 ## Test Plan - [x] 💪 Manual - [x] ⚡ Unit test - [x] 💚 E2E
2022-10-17 14:47:04 -06:00 · 2022-10-17 14:47:04 -06:00 · a32f86e40d
commit a32f86e40d
parent fb46f5c7f3
34 changed files with 167 additions and 152 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -135,12 +135,12 @@ jobs:
      # run the tests
      - name: Integration Tests
        env:
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
          CORSO_CI_TESTS: true 
          CORSO_M356_TEST_USER_ID: ${{ secrets.CORSO_M356_TEST_USER_ID }}
          CORSO_PASSPHRASE: ${{ secrets.INTEGRATION_TEST_CORSO_PASSPHRASE }}
-          TENANT_ID: ${{ secrets.TENANT_ID }}
        run: |
          set -euo pipefail
          go test \
--- a/.github/workflows/ci_test_cleanup.yml
+++ b/.github/workflows/ci_test_cleanup.yml
@ -31,11 +31,11 @@ jobs:
      - name: Purge folders
        working-directory: ./src
        env:
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
          CORSO_M356_TEST_USER_ID: ${{ secrets.CORSO_M356_TEST_USER_ID }}
          DELETE_FOLDER_PREFIX: "Corso_Restore_"
-          TENANT_ID: ${{ secrets.TENANT_ID }}
        run: >
          go run ./cmd/purge/purge.go
          --user ${{ secrets.CORSO_M356_TEST_USER_ID }}
--- a/.github/workflows/load_test.yml
+++ b/.github/workflows/load_test.yml
@ -48,11 +48,11 @@ jobs:
      # run the tests
      - name: Integration Tests
        env:
-          CORSO_LOAD_TESTS: true 
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
          CORSO_PASSPHRASE: ${{ secrets.INTEGRATION_TEST_CORSO_PASSPHRASE }}
-          TENANT_ID: ${{ secrets.TENANT_ID }}
+          CORSO_LOAD_TESTS: true 
        run: |
          set -euo pipefail
          go test       \
@ -84,10 +84,10 @@ jobs:
        if: always()
        working-directory: ./src
        env:
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
          DELETE_FOLDER_PREFIX: "Corso_Restore_"
-          TENANT_ID: ${{ secrets.TENANT_ID }}
        run: >
          go run ./cmd/purge/purge.go
          --user '*'
--- a/design/cli.md
+++ b/design/cli.md
@ -37,8 +37,8 @@ Standard format:
 | --- | --- | --- | --- | --- |
 | repo | * |  |  | Same as `repo [*] --help`. |
 | repo | init | {repository} |  | Initialize a Corso repository. |
-| repo | init | {repository} | —tenant {tenant_id} | Provides the account’s tenant ID. |
-| repo | init | {repository} | —client {client_id} | Provides the account’s client ID. |
+| repo | init | {repository} | —tenant {azure_tenant_id} | Provides the account’s tenant ID. |
+| repo | init | {repository} | —client {azure_client_id} | Provides the account’s client ID. |
 | repo | connect | {repository} |  | Connects to the specified repo. |
 | repo | configure | {repository} |  | Sets mutable config properties to the provided values. |
 | repo | * | * | —config {cfg_file_path} | Specify a repo configuration file.  Values may also be provided via individual flags and env vars. |
@ -68,10 +68,10 @@ Standard format:
 **First Run**

 ```bash
-$ export O365_SECRET=my_0365_secret
+$ export AZURE_CLIENT_SECRET=my_azure_secret
 $ export AWS_SECRET_ACCESS_KEY=my_s3_secret
 $ corso repo init s3 --bucket my_s3_bucket --access-key my_s3_key \
-		--tenant my_m365_acct --clientid my_m365_client_id
+		--tenant my_azure_tenant_id --clientid my_azure_client_id
 $ corso backup express
 ```

--- a/docs/docs/configuration/m365_access.md
+++ b/docs/docs/configuration/m365_access.md
@ -60,8 +60,8 @@ To extract the tenant and client ID, select Overview from the app management pan
 environment variables.

 ```bash
-export TENANT_ID=<Directory (tenent) ID for configured app>
-export CLIENT_ID=<Application (client) ID for configured app>
+export AZURE_TENANT_ID=<Directory (tenent) ID for configured app>
+export AZURE_CLIENT_ID=<Application (client) ID for configured app>
 ```

 <img src="/img/m365app_ids.png" className="guideImages"/>
@ -75,7 +75,7 @@ Click **New Client Secret** and follow the instructions to create a secret. Afte
 value right away because it won't be available later and export it as an environment variable.

 ```bash
-export CLIENT_SECRET=<client secret value>
+export AZURE_CLIENT_SECRET=<client secret value>
 ```

 <img src="/img/m365app_secret.png" className="guideImages"/>
--- a/docs/docs/developers/testing.md
+++ b/docs/docs/developers/testing.md
@ -33,9 +33,9 @@
    > You can find more information on how to get these values in [configuration docs](/configuration/m365_access).

    ```bash
-    export TENANT_ID=<tenant>
-    export CLIENT_ID=<id>
-    export CLIENT_SECRET=<secret>
+    export AZURE_CLIENT_ID=<id>
+    export AZURE_CLIENT_SECRET=<secret>
+    export AZURE_TENANT_ID=<tenant>
    ```

 ## Running tests
--- a/docs/docs/install.md
+++ b/docs/docs/install.md
@ -36,9 +36,9 @@ To create the environment variables file, you can run the following.
 # create an env vars file
 $ cat <<EOF ~/.corso/corso.env 
 CORSO_PASSPHRASE
-TENANT_ID
-CLIENT_ID
-CLIENT_SECRET
+AZURE_TENANT_ID
+AZURE_CLIENT_ID
+AZURE_CLIENT_SECRET
 AWS_ACCESS_KEY_ID
 AWS_SECRET_ACCESS_KEY
 AWS_SESSION_TOKEN
--- a/src/cli/config/account.go
+++ b/src/cli/config/account.go
@ -21,14 +21,14 @@ func m365ConfigsFromViper(vpr *viper.Viper) (account.M365Config, error) {
 		return m365, errors.New("unsupported account provider: " + providerType)
 	}

-	m365.TenantID = vpr.GetString(TenantIDKey)
+	m365.AzureTenantID = vpr.GetString(AzureTenantIDKey)

 	return m365, nil
 }

 func m365Overrides(in map[string]string) map[string]string {
 	return map[string]string{
-		account.TenantID:       in[account.TenantID],
+		account.AzureTenantID:  in[account.AzureTenantID],
 		AccountProviderTypeKey: in[AccountProviderTypeKey],
 	}
 }
@ -65,14 +65,17 @@ func configureAccount(

 	m365Cfg = account.M365Config{
 		M365: m365,
-		TenantID: common.First(overrides[account.TenantID], m365Cfg.TenantID, os.Getenv(account.TenantID)),
+		AzureTenantID: common.First(
+			overrides[account.AzureTenantID],
+			m365Cfg.AzureTenantID,
+			os.Getenv(account.AzureTenantID)),
 	}

 	// ensure required properties are present
 	if err := utils.RequireProps(map[string]string{
-		credentials.ClientID:     m365Cfg.ClientID,
-		credentials.ClientSecret: m365Cfg.ClientSecret,
-		account.TenantID:         m365Cfg.TenantID,
+		credentials.AzureClientID:     m365Cfg.AzureClientID,
+		credentials.AzureClientSecret: m365Cfg.AzureClientSecret,
+		account.AzureTenantID:         m365Cfg.AzureTenantID,
 	}); err != nil {
 		return acct, err
 	}
--- a/src/cli/config/config.go
+++ b/src/cli/config/config.go
@ -26,7 +26,7 @@ const (

 	// M365 config
 	AccountProviderTypeKey = "account_provider"
-	TenantIDKey            = "tenantid"
+	AzureTenantIDKey       = "azure_tenantid"
 )

 var (
@ -198,7 +198,7 @@ func writeRepoConfigWithViper(vpr *viper.Viper, s3Config storage.S3Config, m365C
 	vpr.Set(PrefixKey, s3Config.Prefix)

 	vpr.Set(AccountProviderTypeKey, account.ProviderM365.String())
-	vpr.Set(TenantIDKey, m365Config.TenantID)
+	vpr.Set(AzureTenantIDKey, m365Config.AzureTenantID)

 	if err := vpr.SafeWriteConfig(); err != nil {
 		if _, ok := err.(viper.ConfigFileAlreadyExistsError); ok {
@ -266,7 +266,7 @@ func getStorageAndAccountWithViper(
 // ---------------------------------------------------------------------------

 var constToTomlKeyMap = map[string]string{
-	account.TenantID:       TenantIDKey,
+	account.AzureTenantID:  AzureTenantIDKey,
 	AccountProviderTypeKey: AccountProviderTypeKey,
 	storage.Bucket:         BucketNameKey,
 	storage.Endpoint:       EndpointKey,
--- a/src/cli/config/config_test.go
+++ b/src/cli/config/config_test.go
@ -25,7 +25,7 @@ const (
 ` + PrefixKey + ` = 'test-prefix/'
 ` + StorageProviderTypeKey + ` = 'S3'
 ` + AccountProviderTypeKey + ` = 'M365'
-` + TenantIDKey + ` = '%s'
+` + AzureTenantIDKey + ` = '%s'
 `
 )

@ -66,7 +66,7 @@ func (suite *ConfigSuite) TestReadRepoConfigBasic() {

 	m365, err := m365ConfigsFromViper(vpr)
 	require.NoError(t, err)
-	assert.Equal(t, tID, m365.TenantID)
+	assert.Equal(t, tID, m365.AzureTenantID)
 }

 func (suite *ConfigSuite) TestWriteReadConfig() {
@ -85,7 +85,7 @@ func (suite *ConfigSuite) TestWriteReadConfig() {
 	require.NoError(t, initWithViper(vpr, testConfigFilePath), "initializing repo config")

 	s3Cfg := storage.S3Config{Bucket: bkt}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}

 	require.NoError(t, writeRepoConfigWithViper(vpr, s3Cfg, m365), "writing repo config")
 	require.NoError(t, vpr.ReadInConfig(), "reading repo config")
@ -96,7 +96,7 @@ func (suite *ConfigSuite) TestWriteReadConfig() {

 	readM365, err := m365ConfigsFromViper(vpr)
 	require.NoError(t, err)
-	assert.Equal(t, readM365.TenantID, m365.TenantID)
+	assert.Equal(t, readM365.AzureTenantID, m365.AzureTenantID)
 }

 func (suite *ConfigSuite) TestMustMatchConfig() {
@ -115,7 +115,7 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 	require.NoError(t, initWithViper(vpr, testConfigFilePath), "initializing repo config")

 	s3Cfg := storage.S3Config{Bucket: bkt}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}

 	require.NoError(t, writeRepoConfigWithViper(vpr, s3Cfg, m365), "writing repo config")
 	require.NoError(t, vpr.ReadInConfig(), "reading repo config")
@ -129,7 +129,7 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 			name: "full match",
 			input: map[string]string{
 				storage.Bucket:        bkt,
-				account.TenantID: tid,
+				account.AzureTenantID: tid,
 			},
 			errCheck: assert.NoError,
 		},
@ -137,7 +137,7 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 			name: "empty values",
 			input: map[string]string{
 				storage.Bucket:        "",
-				account.TenantID: "",
+				account.AzureTenantID: "",
 			},
 			errCheck: assert.NoError,
 		},
@ -163,7 +163,7 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 			name: "mismatch",
 			input: map[string]string{
 				storage.Bucket:        tid,
-				account.TenantID: bkt,
+				account.AzureTenantID: bkt,
 			},
 			errCheck: assert.Error,
 		},
@ -221,7 +221,7 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount() {
 		Endpoint: end,
 		Prefix:   pfx,
 	}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}

 	require.NoError(t, writeRepoConfigWithViper(vpr, s3Cfg, m365), "writing repo config")
 	require.NoError(t, vpr.ReadInConfig(), "reading repo config")
@ -241,9 +241,9 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount() {

 	readM365, err := ac.M365Config()
 	require.NoError(t, err, "reading m365 config from account")
-	assert.Equal(t, readM365.TenantID, m365.TenantID)
-	assert.Equal(t, readM365.ClientID, os.Getenv(credentials.ClientID))
-	assert.Equal(t, readM365.ClientSecret, os.Getenv(credentials.ClientSecret))
+	assert.Equal(t, readM365.AzureTenantID, m365.AzureTenantID)
+	assert.Equal(t, readM365.AzureClientID, os.Getenv(credentials.AzureClientID))
+	assert.Equal(t, readM365.AzureClientSecret, os.Getenv(credentials.AzureClientSecret))
 }

 func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount_noFileOnlyOverrides() {
@ -263,10 +263,10 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount_noFileOnlyOverride
 		Endpoint: end,
 		Prefix:   pfx,
 	}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}

 	overrides := map[string]string{
-		account.TenantID:       tid,
+		account.AzureTenantID:  tid,
 		AccountProviderTypeKey: account.ProviderM365.String(),
 		storage.Bucket:         bkt,
 		storage.Endpoint:       end,
@ -289,7 +289,7 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount_noFileOnlyOverride

 	readM365, err := ac.M365Config()
 	require.NoError(t, err, "reading m365 config from account")
-	assert.Equal(t, readM365.TenantID, m365.TenantID)
-	assert.Equal(t, readM365.ClientID, os.Getenv(credentials.ClientID))
-	assert.Equal(t, readM365.ClientSecret, os.Getenv(credentials.ClientSecret))
+	assert.Equal(t, readM365.AzureTenantID, m365.AzureTenantID)
+	assert.Equal(t, readM365.AzureClientID, os.Getenv(credentials.AzureClientID))
+	assert.Equal(t, readM365.AzureClientSecret, os.Getenv(credentials.AzureClientSecret))
 }
--- a/src/cli/help/env.go
+++ b/src/cli/help/env.go
@ -67,8 +67,8 @@ var (
 			"It is impossible to use the repository or recover any backups without this key."},
 	}
 	azureEVs = []envVar{
-		{azure, "CLIENT_ID", "Client ID for your Azure AD application used to access your M365 tenant."},
-		{azure, "CLIENT_SECRET", "Azure secret for your Azure AD application used to access your M365 tenant."},
+		{azure, "AZURE_CLIENT_ID", "Client ID for your Azure AD application used to access your M365 tenant."},
+		{azure, "AZURE_CLIENT_SECRET", "Azure secret for your Azure AD application used to access your M365 tenant."},
 	}
 	awsEVs = []envVar{
 		{aws, "AWS_ACCESS_KEY_ID", "AWS access key for an IAM user or role for accessing S3 bucket repository."},
--- a/src/cmd/factory/factory.go
+++ b/src/cmd/factory/factory.go
@ -98,12 +98,12 @@ func handleOneDriveFactory(cmd *cobra.Command, args []string) error {
 // ------------------------------------------------------------------------------------------

 func getGCAndVerifyUser(ctx context.Context, userID string) (*connector.GraphConnector, string, error) {
-	tid := common.First(tenant, os.Getenv(account.TenantID))
+	tid := common.First(tenant, os.Getenv(account.AzureTenantID))

 	// get account info
 	m365Cfg := account.M365Config{
 		M365:          credentials.GetM365(),
-		TenantID: tid,
+		AzureTenantID: tid,
 	}

 	acct, err := account.NewAccount(account.ProviderM365, m365Cfg)
--- a/src/cmd/purge/purge.go
+++ b/src/cmd/purge/purge.go
@ -416,7 +416,7 @@ func getGC(ctx context.Context) (*connector.GraphConnector, error) {
 	// get account info
 	m365Cfg := account.M365Config{
 		M365:          credentials.GetM365(),
-		TenantID: common.First(tenant, os.Getenv(account.TenantID)),
+		AzureTenantID: common.First(tenant, os.Getenv(account.AzureTenantID)),
 	}

 	acct, err := account.NewAccount(account.ProviderM365, m365Cfg)
--- a/src/internal/connector/exchange/contact_folder_cache_test.go
+++ b/src/internal/connector/exchange/contact_folder_cache_test.go
@ -38,6 +38,7 @@ func TestContactFolderCacheIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
--- a/src/internal/connector/exchange/event_calendar_cache_test.go
+++ b/src/internal/connector/exchange/event_calendar_cache_test.go
@ -20,6 +20,7 @@ func TestEventCalendarCacheIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
--- a/src/internal/connector/exchange/exchange_service_test.go
+++ b/src/internal/connector/exchange/exchange_service_test.go
@ -29,6 +29,7 @@ func TestExchangeServiceSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
@ -58,7 +59,7 @@ func (suite *ExchangeServiceSuite) SetupSuite() {
 func (suite *ExchangeServiceSuite) TestCreateService() {
 	creds := suite.es.credentials
 	invalidCredentials := suite.es.credentials
-	invalidCredentials.ClientSecret = ""
+	invalidCredentials.AzureClientSecret = ""

 	tests := []struct {
 		name        string
@ -78,7 +79,7 @@ func (suite *ExchangeServiceSuite) TestCreateService() {
 	}
 	for _, test := range tests {
 		suite.T().Run(test.name, func(t *testing.T) {
-			t.Log(test.credentials.ClientSecret)
+			t.Log(test.credentials.AzureClientSecret)
 			_, err := createService(test.credentials, false)
 			test.checkErr(t, err)
 		})
@ -587,7 +588,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc1: func() path.Path {
 					pth, err := path.Builder{}.Append("Griffindor").
 						Append("Croix").ToDataLayerExchangePathForCategory(
-						suite.es.credentials.TenantID,
+						suite.es.credentials.AzureTenantID,
 						user,
 						path.EmailCategory,
 						false,
@ -599,7 +600,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc2: func() path.Path {
 					pth, err := path.Builder{}.Append("Griffindor").
 						Append("Felicius").ToDataLayerExchangePathForCategory(
-						suite.es.credentials.TenantID,
+						suite.es.credentials.AzureTenantID,
 						user,
 						path.EmailCategory,
 						false,
@ -615,7 +616,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc1: func() path.Path {
 					aPath, err := path.Builder{}.Append("HufflePuff").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.ContactsCategory,
 							false,
@ -627,7 +628,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc2: func() path.Path {
 					aPath, err := path.Builder{}.Append("Ravenclaw").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.ContactsCategory,
 							false,
@ -643,7 +644,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc1: func() path.Path {
 					aPath, err := path.Builder{}.Append("Durmstrang").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.EventsCategory,
 							false,
@ -654,7 +655,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc2: func() path.Path {
 					aPath, err := path.Builder{}.Append("Beauxbatons").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.EventsCategory,
 							false,
--- a/src/internal/connector/exchange/iterators_test.go
+++ b/src/internal/connector/exchange/iterators_test.go
@ -25,6 +25,7 @@ func TestExchangeIteratorSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
--- a/src/internal/connector/exchange/mail_folder_cache_test.go
+++ b/src/internal/connector/exchange/mail_folder_cache_test.go
@ -323,6 +323,7 @@ func TestMailFolderCacheIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
--- a/src/internal/connector/exchange/service_functions.go
+++ b/src/internal/connector/exchange/service_functions.go
@ -48,9 +48,9 @@ func (es *exchangeService) ErrPolicy() bool {
 // NOTE: Incorrect account information will result in errors on subsequent queries.
 func createService(credentials account.M365Config, shouldFailFast bool) (*exchangeService, error) {
 	adapter, err := graph.CreateAdapter(
-		credentials.TenantID,
-		credentials.ClientID,
-		credentials.ClientSecret,
+		credentials.AzureTenantID,
+		credentials.AzureClientID,
+		credentials.AzureClientSecret,
 	)
 	if err != nil {
 		return nil, err
@ -460,7 +460,7 @@ func getCollectionPath(
 	returnPath, err := resolveCollectionPath(
 		ctx,
 		resolver,
-		qp.Credentials.TenantID,
+		qp.Credentials.AzureTenantID,
 		qp.User,
 		directory,
 		category,
@ -471,7 +471,7 @@ func getCollectionPath(

 	aPath, err1 := path.Builder{}.Append(directory).
 		ToDataLayerExchangePathForCategory(
-			qp.Credentials.TenantID,
+			qp.Credentials.AzureTenantID,
 			qp.User,
 			category,
 			false,
--- a/src/internal/connector/exchange/service_functions_test.go
+++ b/src/internal/connector/exchange/service_functions_test.go
@ -21,6 +21,7 @@ func TestServiceFunctionsIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
--- a/src/internal/connector/exchange/service_iterators.go
+++ b/src/internal/connector/exchange/service_iterators.go
@ -205,7 +205,7 @@ func CollectionsFromResolver(
 		}

 		completePath, err := item.Path().ToDataLayerExchangePathForCategory(
-			qp.Credentials.TenantID,
+			qp.Credentials.AzureTenantID,
 			qp.User,
 			category,
 			false,
@ -504,7 +504,7 @@ func IterateSelectAllContactsForCollections(
 			// Create and Populate Default Contacts folder Collection if true
 			if qp.Scope.Matches(selectors.ExchangeContactFolder, DefaultContactFolder) {
 				dirPath, err := path.Builder{}.Append(DefaultContactFolder).ToDataLayerExchangePathForCategory(
-					qp.Credentials.TenantID,
+					qp.Credentials.AzureTenantID,
 					qp.User,
 					path.ContactsCategory,
 					false,
--- a/src/internal/connector/graph_connector.go
+++ b/src/internal/connector/graph_connector.go
@ -77,7 +77,7 @@ func NewGraphConnector(ctx context.Context, acct account.Account) (*GraphConnect
 	}

 	gc := GraphConnector{
-		tenant:      m365.TenantID,
+		tenant:      m365.AzureTenantID,
 		Users:       make(map[string]string, 0),
 		wg:          &sync.WaitGroup{},
 		credentials: m365,
@ -101,9 +101,9 @@ func NewGraphConnector(ctx context.Context, acct account.Account) (*GraphConnect
 // createService constructor for graphService component
 func (gc *GraphConnector) createService(shouldFailFast bool) (*graphService, error) {
 	adapter, err := graph.CreateAdapter(
-		gc.credentials.TenantID,
-		gc.credentials.ClientID,
-		gc.credentials.ClientSecret,
+		gc.credentials.AzureTenantID,
+		gc.credentials.AzureClientID,
+		gc.credentials.AzureClientSecret,
 	)
 	if err != nil {
 		return nil, err
@ -520,7 +520,7 @@ func (gc *GraphConnector) OneDriveDataCollections(
 			logger.Ctx(ctx).With("user", user).Debug("Creating OneDrive collections")

 			odcs, err := onedrive.NewCollections(
-				gc.credentials.TenantID,
+				gc.credentials.AzureTenantID,
 				user,
 				scope,
 				&gc.graphService,
--- a/src/internal/connector/graph_connector_disconnected_test.go
+++ b/src/internal/connector/graph_connector_disconnected_test.go
@ -43,10 +43,10 @@ func (suite *DisconnectedGraphConnectorSuite) TestBadConnection() {
 					account.ProviderM365,
 					account.M365Config{
 						M365: credentials.M365{
-							ClientID:     "Test",
-							ClientSecret: "without",
+							AzureClientID:     "Test",
+							AzureClientSecret: "without",
 						},
-						TenantID: "data",
+						AzureTenantID: "data",
 					},
 				)
 				require.NoError(t, err)
--- a/src/internal/connector/graph_connector_test.go
+++ b/src/internal/connector/graph_connector_test.go
@ -38,6 +38,7 @@ func TestGraphConnectorIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
--- a/src/internal/connector/onedrive/drive.go
+++ b/src/internal/connector/onedrive/drive.go
@ -86,8 +86,10 @@ func collectItems(
 }

 // getFolder will lookup the specified folder name under `parentFolderID`
-func getFolder(ctx context.Context, service graph.Service, driveID string, parentFolderID string,
-	folderName string,
+func getFolder(
+	ctx context.Context,
+	service graph.Service,
+	driveID, parentFolderID, folderName string,
 ) (models.DriveItemable, error) {
 	// The `Children().Get()` API doesn't yet support $filter, so using that to find a folder
 	// will be sub-optimal.
--- a/src/internal/connector/onedrive/drive_test.go
+++ b/src/internal/connector/onedrive/drive_test.go
@ -44,9 +44,9 @@ func loadService(t *testing.T) *testService {
 	require.NoError(t, err)

 	adapter, err := graph.CreateAdapter(
-		m365.TenantID,
-		m365.ClientID,
-		m365.ClientSecret,
+		m365.AzureTenantID,
+		m365.AzureClientID,
+		m365.AzureClientSecret,
 	)
 	require.NoError(t, err)

--- a/src/internal/connector/onedrive/item_test.go
+++ b/src/internal/connector/onedrive/item_test.go
@ -40,6 +40,7 @@ func TestItemIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorOneDriveTests,
 	); err != nil {
 		t.Skip(err)
 	}
@ -59,7 +60,7 @@ func (suite *ItemIntegrationSuite) SetupSuite() {
 	m365, err := a.M365Config()
 	require.NoError(suite.T(), err)

-	adapter, err := graph.CreateAdapter(m365.TenantID, m365.ClientID, m365.ClientSecret)
+	adapter, err := graph.CreateAdapter(m365.AzureTenantID, m365.AzureClientID, m365.AzureClientSecret)
 	require.NoError(suite.T(), err)
 	suite.client = msgraphsdk.NewGraphServiceClient(adapter)
 	suite.adapter = adapter
--- a/src/internal/events/events_test.go
+++ b/src/internal/events/events_test.go
@ -42,10 +42,10 @@ func (suite *EventsIntegrationSuite) TestNewBus() {
 		account.ProviderM365,
 		account.M365Config{
 			M365: credentials.M365{
-				ClientID:     "id",
-				ClientSecret: "secret",
+				AzureClientID:     "id",
+				AzureClientSecret: "secret",
 			},
-			TenantID: "tid",
+			AzureTenantID: "tid",
 		},
 	)
 	require.NoError(t, err)
--- a/src/internal/tester/account.go
+++ b/src/internal/tester/account.go
@ -10,8 +10,8 @@ import (
 )

 var M365AcctCredEnvs = []string{
-	credentials.ClientID,
-	credentials.ClientSecret,
+	credentials.AzureClientID,
+	credentials.AzureClientSecret,
 }

 // NewM365Account returns an account.Account object initialized with environment
@ -24,7 +24,7 @@ func NewM365Account(t *testing.T) account.Account {
 		account.ProviderM365,
 		account.M365Config{
 			M365:          credentials.GetM365(),
-			TenantID: cfg[TestCfgTenantID],
+			AzureTenantID: cfg[TestCfgAzureTenantID],
 		},
 	)
 	require.NoError(t, err, "initializing account")
--- a/src/internal/tester/config.go
+++ b/src/internal/tester/config.go
@ -20,7 +20,7 @@ const (
 	TestCfgStorageProvider = "provider"

 	// M365 config
-	TestCfgTenantID        = "tenantid"
+	TestCfgAzureTenantID   = "azure_tenantid"
 	TestCfgUserID          = "m365userid"
 	TestCfgAccountProvider = "account_provider"
 )
@ -100,7 +100,7 @@ func readTestConfig() (map[string]string, error) {
 	fallbackTo(testEnv, TestCfgBucket, vpr.GetString(TestCfgBucket), "test-corso-repo-init")
 	fallbackTo(testEnv, TestCfgEndpoint, vpr.GetString(TestCfgEndpoint), "s3.amazonaws.com")
 	fallbackTo(testEnv, TestCfgPrefix, vpr.GetString(TestCfgPrefix))
-	fallbackTo(testEnv, TestCfgTenantID, os.Getenv(account.TenantID), vpr.GetString(TestCfgTenantID))
+	fallbackTo(testEnv, TestCfgAzureTenantID, os.Getenv(account.AzureTenantID), vpr.GetString(TestCfgAzureTenantID))
 	fallbackTo(
 		testEnv,
 		TestCfgUserID,
--- a/src/internal/tester/integration_runners.go
+++ b/src/internal/tester/integration_runners.go
@ -17,6 +17,8 @@ const (
 	CorsoCLIRestoreTests             = "CORSO_COMMAND_LINE_RESTORE_TESTS"
 	CorsoCLITests                    = "CORSO_COMMAND_LINE_TESTS"
 	CorsoGraphConnectorTests         = "CORSO_GRAPH_CONNECTOR_TESTS"
+	CorsoGraphConnectorExchangeTests = "CORSO_GRAPH_CONNECTOR_EXCHANGE_TESTS"
+	CorsoGraphConnectorOneDriveTests = "CORSO_GRAPH_CONNECTOR_ONE_DRIVE_TESTS"
 	CorsoKopiaWrapperTests           = "CORSO_KOPIA_WRAPPER_TESTS"
 	CorsoModelStoreTests             = "CORSO_MODEL_STORE_TESTS"
 	CorsoOneDriveTests               = "CORSO_ONE_DRIVE_TESTS"
--- a/src/pkg/account/m365.go
+++ b/src/pkg/account/m365.go
@ -8,19 +8,19 @@ import (

 // config exported name consts
 const (
-	TenantID = "TENANT_ID"
+	AzureTenantID = "AZURE_TENANT_ID"
 )

 type M365Config struct {
 	credentials.M365 // requires: ClientID, ClientSecret
-	TenantID         string
+	AzureTenantID    string
 }

 // config key consts
 const (
-	keyM365ClientID     = "m365_clientID"
-	keyM365ClientSecret = "m365_clientSecret"
-	keyM365TenantID     = "m365_tenantID"
+	keyAzureClientID     = "azure_clientid"
+	keyAzureClientSecret = "azure_clientSecret"
+	keyAzureTenantID     = "azure_tenantid"
 )

 // StringConfig transforms a m365Config struct into a plain
@ -28,9 +28,9 @@ const (
 // serialize into the map are expected to be strings.
 func (c M365Config) StringConfig() (map[string]string, error) {
 	cfg := map[string]string{
-		keyM365ClientID:     c.ClientID,
-		keyM365ClientSecret: c.ClientSecret,
-		keyM365TenantID:     c.TenantID,
+		keyAzureClientID:     c.AzureClientID,
+		keyAzureClientSecret: c.AzureClientSecret,
+		keyAzureTenantID:     c.AzureTenantID,
 	}

 	return cfg, c.validate()
@ -39,7 +39,7 @@ func (c M365Config) StringConfig() (map[string]string, error) {
 // providerID returns the c.TenantID if ap is a ProviderM365.
 func (c M365Config) providerID(ap accountProvider) string {
 	if ap == ProviderM365 {
-		return c.TenantID
+		return c.AzureTenantID
 	}

 	return ""
@ -49,9 +49,9 @@ func (c M365Config) providerID(ap accountProvider) string {
 func (a Account) M365Config() (M365Config, error) {
 	c := M365Config{}
 	if len(a.Config) > 0 {
-		c.ClientID = a.Config[keyM365ClientID]
-		c.ClientSecret = a.Config[keyM365ClientSecret]
-		c.TenantID = a.Config[keyM365TenantID]
+		c.AzureClientID = a.Config[keyAzureClientID]
+		c.AzureClientSecret = a.Config[keyAzureClientSecret]
+		c.AzureTenantID = a.Config[keyAzureTenantID]
 	}

 	return c, c.validate()
@ -59,9 +59,9 @@ func (a Account) M365Config() (M365Config, error) {

 func (c M365Config) validate() error {
 	check := map[string]string{
-		credentials.ClientID:     c.ClientID,
-		credentials.ClientSecret: c.ClientSecret,
-		TenantID:                 c.TenantID,
+		credentials.AzureClientID:     c.AzureClientID,
+		credentials.AzureClientSecret: c.AzureClientSecret,
+		AzureTenantID:                 c.AzureTenantID,
 	}

 	for k, v := range check {
--- a/src/pkg/account/m365_test.go
+++ b/src/pkg/account/m365_test.go
@ -21,10 +21,10 @@ func TestM365CfgSuite(t *testing.T) {

 var goodM365Config = account.M365Config{
 	M365: credentials.M365{
-		ClientID:     "cid",
-		ClientSecret: "cs",
+		AzureClientID:     "cid",
+		AzureClientSecret: "cs",
 	},
-	TenantID: "tid",
+	AzureTenantID: "tid",
 }

 func (suite *M365CfgSuite) TestM365Config_Config() {
@ -36,9 +36,9 @@ func (suite *M365CfgSuite) TestM365Config_Config() {
 		key    string
 		expect string
 	}{
-		{"m365_clientID", m365.ClientID},
-		{"m365_clientSecret", m365.ClientSecret},
-		{"m365_tenantID", m365.TenantID},
+		{"azure_clientid", m365.AzureClientID},
+		{"azure_clientSecret", m365.AzureClientSecret},
+		{"azure_tenantid", m365.AzureTenantID},
 	}
 	for _, test := range table {
 		assert.Equal(suite.T(), test.expect, c[test.key])
@ -54,18 +54,18 @@ func (suite *M365CfgSuite) TestAccount_M365Config() {
 	out, err := a.M365Config()
 	require.NoError(t, err)

-	assert.Equal(t, in.ClientID, out.ClientID)
-	assert.Equal(t, in.ClientSecret, out.ClientSecret)
-	assert.Equal(t, in.TenantID, out.TenantID)
+	assert.Equal(t, in.AzureClientID, out.AzureClientID)
+	assert.Equal(t, in.AzureClientSecret, out.AzureClientSecret)
+	assert.Equal(t, in.AzureTenantID, out.AzureTenantID)
 }

 func makeTestM365Cfg(cid, cs, tid string) account.M365Config {
 	return account.M365Config{
 		M365: credentials.M365{
-			ClientID:     cid,
-			ClientSecret: cs,
+			AzureClientID:     cid,
+			AzureClientSecret: cs,
 		},
-		TenantID: tid,
+		AzureTenantID: tid,
 	}
 }

@ -94,19 +94,19 @@ func (suite *M365CfgSuite) TestAccount_M365Config_InvalidCases() {
 		{
 			"missing clientID",
 			func(a account.Account) {
-				a.Config["m365_clientID"] = ""
+				a.Config["azure_clientid"] = ""
 			},
 		},
 		{
 			"missing client secret",
 			func(a account.Account) {
-				a.Config["m365_clientSecret"] = ""
+				a.Config["azure_clientSecret"] = ""
 			},
 		},
 		{
 			"missing tenant id",
 			func(a account.Account) {
-				a.Config["m365_tenantID"] = ""
+				a.Config["azure_tenantid"] = ""
 			},
 		},
 	}
--- a/src/pkg/credentials/m365.go
+++ b/src/pkg/credentials/m365.go
@ -8,14 +8,14 @@ import (

 // envvar consts
 const (
-	ClientID     = "CLIENT_ID"
-	ClientSecret = "CLIENT_SECRET"
+	AzureClientID     = "AZURE_CLIENT_ID"
+	AzureClientSecret = "AZURE_CLIENT_SECRET"
 )

 // M365 aggregates m365 credentials from flag and env_var values.
 type M365 struct {
-	ClientID     string
-	ClientSecret string
+	AzureClientID     string
+	AzureClientSecret string
 }

 // M365 is a helper for aggregating m365 secrets and credentials.
@ -23,15 +23,15 @@ func GetM365() M365 {
 	// todo (rkeeprs): read from either corso config file or env vars.
 	// https://github.com/alcionai/corso/issues/120
 	return M365{
-		ClientID:     os.Getenv(ClientID),
-		ClientSecret: os.Getenv(ClientSecret),
+		AzureClientID:     os.Getenv(AzureClientID),
+		AzureClientSecret: os.Getenv(AzureClientSecret),
 	}
 }

 func (c M365) Validate() error {
 	check := map[string]string{
-		ClientID:     c.ClientID,
-		ClientSecret: c.ClientSecret,
+		AzureClientID:     c.AzureClientID,
+		AzureClientSecret: c.AzureClientSecret,
 	}

 	for k, v := range check {