contractForCanonicalType('remoteDomain'); expect($contract)->not->toBeNull() ->and($contract['command_name'])->toBe('Get-RemoteDomain') ->and($contract['source_surface'])->toBe('exchange_online_powershell_rest') ->and($contract['adapter_pattern'])->toBe('new_exchange_powershell_adapter') ->and($contract['read_only'])->toBeTrue() ->and($contract['allowed_parameters'])->toBe([]) ->and($contract['collection_shape'])->toBe('collection') ->and($contract['fake_runner_testable'])->toBeTrue() ->and($contract['provider_calls_allowed'])->toBeFalse() ->and($contract['execution_enabled'])->toBeFalse() ->and($contract['capture_eligibility_state'])->toBe('pending_capture') ->and($contract['restore_tier'])->toBe('not_restorable'); }); it('Spec430 remoteDomain contract distinguishes stable and derived identity candidates', function (): void { $contract = (new ExchangePowerShellCommandContracts)->contractForCanonicalType('remoteDomain'); expect($contract['identity_handoff']['preferred_identity_fields'])->toBe(['id', 'sourceId', 'Guid', 'RemoteDomainId', 'Identity']) ->and($contract['identity_handoff']['derived_identity_fields'])->toBe(['DomainName', 'domainName']) ->and($contract['identity_handoff']['display_name_is_stable_identity'])->toBeFalse() ->and($contract['response_shape']['protected_configuration_fields'])->toContain('DomainName') ->and($contract['response_shape']['protected_configuration_fields'])->toContain('TargetDeliveryDomain') ->and($contract['redaction_rules']['protected_configuration_fields'])->toContain('AutoForwardEnabled') ->and($contract['normalization_handoff']['identity_fields'])->toContain('RemoteDomainId') ->and($contract['permission_model']['least_privilege_runtime_validated'])->toBeFalse(); });