Temporary Workaround for AAD JWT Token Signing Algorithm Issue (#4692)

force set IsSha2CredentialSupported to false Co-authored-by: Gladwin Johnson <[email protected]>
AzureAD · Apr 2, 2024 · 463c985 · 463c985
1 parent 6e129f6
commit 463c985
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 11 deletions.
diff --git a/src/client/Microsoft.Identity.Client/AppConfig/AuthorityInfo.cs b/src/client/Microsoft.Identity.Client/AppConfig/AuthorityInfo.cs
@@ -141,10 +141,7 @@ private AuthorityInfo(
         /// <summary>
         /// True if SHA2 and PSS can be used for creating the client credential from a certificate 
         /// </summary>
-        internal bool IsSha2CredentialSupported =>
-            AuthorityType != AuthorityType.Dsts &&
-            AuthorityType != AuthorityType.Generic &&
-            AuthorityType != AuthorityType.Adfs;
+        internal bool IsSha2CredentialSupported => false; 
 
         #region Builders
         internal static AuthorityInfo FromAuthorityUri(string authorityUri, bool validateAuthority)

diff --git a/tests/Microsoft.Identity.Test.Unit/ApiConfigTests/AuthorityTests.cs b/tests/Microsoft.Identity.Test.Unit/ApiConfigTests/AuthorityTests.cs
@@ -104,15 +104,15 @@ public void WithTenantIdAtRequestLevel_NonAad(string inputAuthority)
         }
 
         [DataTestMethod]
-        [DataRow(TestConstants.AuthorityCommonTenant, true)]
-        [DataRow(TestConstants.AuthorityCommonPpeAuthority, true)]
+        [DataRow(TestConstants.AuthorityCommonTenant, false)]
+        [DataRow(TestConstants.AuthorityCommonPpeAuthority, false)]
         [DataRow(TestConstants.DstsAuthorityCommon, false)]
         [DataRow(TestConstants.DstsAuthorityTenanted, false)]
-        [DataRow(TestConstants.CiamAuthorityMainFormat, true)]
-        [DataRow(TestConstants.CiamAuthorityWithFriendlyName, true)]
-        [DataRow(TestConstants.CiamAuthorityWithGuid, true)]
-        [DataRow(TestConstants.B2CAuthority, true)]
-        [DataRow(TestConstants.B2CCustomDomain, true)]
+        [DataRow(TestConstants.CiamAuthorityMainFormat, false)]
+        [DataRow(TestConstants.CiamAuthorityWithFriendlyName, false)]
+        [DataRow(TestConstants.CiamAuthorityWithGuid, false)]
+        [DataRow(TestConstants.B2CAuthority, false)]
+        [DataRow(TestConstants.B2CCustomDomain, false)]
         [DataRow(TestConstants.ADFSAuthority, false)]
         public void IsSha2Supported(string inputAuthority, bool expected)
         {