From 56d1a1c1afb3fac86d24aa08d2a75a2706ae7c51 Mon Sep 17 00:00:00 2001
From: Amir Omidi <amomidi@microsoft.com>
Date: Fri, 24 Jul 2020 16:00:25 -0700
Subject: [PATCH] Use home_oid, over oid, over unique_name, over sub (#11514)

* Prefer the homeOid over oid

* Prefer unique_name over sub

* Not always defined
---
 extensions/azurecore/src/account-provider/auths/azureAuth.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/extensions/azurecore/src/account-provider/auths/azureAuth.ts b/extensions/azurecore/src/account-provider/auths/azureAuth.ts
index ed95d66fc2..9c681e6d3f 100644
--- a/extensions/azurecore/src/account-provider/auths/azureAuth.ts
+++ b/extensions/azurecore/src/account-provider/auths/azureAuth.ts
@@ -262,7 +262,7 @@ export abstract class AzureAuth implements vscode.Disposable {
 
 		const tokenClaims: TokenClaims = this.getTokenClaims(accessTokenString);
 
-		const userKey = tokenClaims.sub ?? tokenClaims.oid;
+		const userKey = tokenClaims.home_oid ?? tokenClaims.oid ?? tokenClaims.unique_name ?? tokenClaims.sub;
 
 		if (!userKey) {
 			const msg = localize('azure.noUniqueIdentifier', "The user had no unique identifier within AAD");
@@ -666,6 +666,7 @@ export interface TokenClaims { // https://docs.microsoft.com/en-us/azure/active-
 	idp: string,
 	nbf: number;
 	exp: number;
+	home_oid?: string;
 	c_hash: string;
 	at_hash: string;
 	aio: string;