Fix the config authority type to acquire the type from AuthorityInfo (#…

…4943) * Fix the config authority type to acquire the type using the authority info * Add tests specific to bug
AzureAD · Sep 25, 2024 · e8baa99 · e8baa99 · github-actions · Sep 25, 2024
1 parent 54e1a94
commit e8baa99
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 3 deletions.
diff --git a/src/client/Microsoft.Identity.Client/AppConfig/AbstractApplicationBuilder.cs b/src/client/Microsoft.Identity.Client/AppConfig/AbstractApplicationBuilder.cs
@@ -501,7 +501,8 @@ public T WithAuthority(
                 cloudInstanceUri,
                 tenant,
                 validateAuthority);
-            Config.Authority = new AadAuthority(authorityInfo);
+
+            Config.Authority = authorityInfo.CreateAuthority();
 
             return this as T;
         }

diff --git a/tests/Microsoft.Identity.Test.Common/TestConstants.cs b/tests/Microsoft.Identity.Test.Common/TestConstants.cs
@@ -110,8 +110,8 @@ public static HashSet<string> s_scope
         public const string ADFSAuthority2 = "https://someAdfs.com/adfs/";
 
         public const string DstsAuthorityTenantless = "https://some.url.dsts.core.azure-test.net/dstsv2/";
-        public const string DstsAuthorityTenanted = "https://some.url.dsts.core.azure-test.net/dstsv2/" + TenantId + "/";
-        public const string DstsAuthorityCommon = "https://some.url.dsts.core.azure-test.net/dstsv2/" + Common + "/";
+        public const string DstsAuthorityTenanted = DstsAuthorityTenantless + TenantId + "/";
+        public const string DstsAuthorityCommon = DstsAuthorityTenantless + Common + "/";
 
         public const string GenericAuthority = "https://demo.duendesoftware.com";
 

diff --git a/tests/Microsoft.Identity.Test.Unit/ApiConfigTests/AuthorityTests.cs b/tests/Microsoft.Identity.Test.Unit/ApiConfigTests/AuthorityTests.cs
@@ -433,6 +433,30 @@ public void IsDefaultAuthorityTest()
             Assert.IsFalse(s_b2cAuthority.AuthorityInfo.IsDefaultAuthority);
         }
 
+        [DataTestMethod]
+        [DataRow(TestConstants.AuthorityCommonTenant, typeof(AadAuthority), "Aad")]
+        [DataRow(TestConstants.AuthorityCommonPpeAuthority, typeof(AadAuthority), "Aad")]
+        [DataRow(TestConstants.AuthorityConsumersTenant, typeof(AadAuthority), "Aad")]
+        [DataRow(TestConstants.AuthorityOrganizationsTenant, typeof(AadAuthority), "Aad")]
+        [DataRow(TestConstants.AuthorityGuidTenant, typeof(AadAuthority), "Aad")]
+        [DataRow(TestConstants.DstsAuthorityCommon, typeof(DstsAuthority), "Dsts")]
+        [DataRow(TestConstants.DstsAuthorityTenantless, typeof(DstsAuthority), "Dsts")]
+        [DataRow(TestConstants.ADFSAuthority, typeof(AdfsAuthority), "Adfs")]
+        [DataRow(TestConstants.CiamAuthorityMainFormat, typeof(CiamAuthority), "Ciam")]
+        public void VerifyConfigAuthorityType(string authorityHost, Type authorityTypeInstance, string authorityType)
+        {
+            string tenantId = "tenant";
+
+            var app = ConfidentialClientApplicationBuilder
+                .Create(TestConstants.ClientId)
+                .WithAuthority(authorityHost, tenantId)
+                .WithClientSecret("secret")
+                .BuildConcrete();
+
+            Assert.IsInstanceOfType(app.ServiceBundle.Config.Authority, authorityTypeInstance);
+            Assert.AreEqual(app.AuthorityInfo.AuthorityType.ToString(), authorityType);
+        }
+
         private static void VerifyAuthority(
             Authority configAuthority,
             Authority requestAuthority,

diff --git a/tests/Microsoft.Identity.Test.Unit/CoreTests/InstanceTests/DstsAuthorityTests.cs b/tests/Microsoft.Identity.Test.Unit/CoreTests/InstanceTests/DstsAuthorityTests.cs
@@ -84,6 +84,36 @@ public async Task DstsClientCredentialSuccessfulTestAsync(string authority)
             }
         }
 
+        [TestMethod]
+        public async Task DstsClientCredentialWithTenantIdFromAuthorityTestAsync()
+        {
+            using (var httpManager = new MockHttpManager())
+            {
+                IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
+                    .Create(TestConstants.ClientId)
+                    .WithHttpManager(httpManager)
+                    .WithAuthority(TestConstants.DstsAuthorityTenantless, TestConstants.TenantId)
+                    .WithClientSecret(TestConstants.ClientSecret)
+                    .Build();
+
+                Assert.AreEqual(TestConstants.DstsAuthorityTenanted, app.Authority);
+                var confidentailClientApp = (ConfidentialClientApplication)app;
+                Assert.AreEqual(AuthorityType.Dsts, confidentailClientApp.AuthorityInfo.AuthorityType);
+
+                httpManager.AddMockHandler(CreateTokenResponseHttpHandler(TestConstants.DstsAuthorityTenanted));
+
+                AuthenticationResult result = await app
+                    .AcquireTokenForClient(TestConstants.s_scope)
+                    .WithTenantIdFromAuthority(new Uri(TestConstants.DstsAuthorityTenanted))
+                    .ExecuteAsync(CancellationToken.None)
+                    .ConfigureAwait(false);
+
+                Assert.IsNotNull(result);
+                Assert.IsNotNull(result.AccessToken);
+                Assert.AreEqual(TokenSource.IdentityProvider, result.AuthenticationResultMetadata.TokenSource);
+            }
+        }
+
         [TestMethod]
         public void DstsAuthorityFlags()
         {