Skip to content

Fix Instance/Tenant Parsing for V2 Authority #2954

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Jul 31, 2024
Merged

Fix Instance/Tenant Parsing for V2 Authority #2954

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
9d52ba4
Fix Tenant Parsing for V2 Authority
jackj-msft Jul 26, 2024
99b3d68
Consolidate line endings
jackj-msft Jul 26, 2024
12b60c5
Keep existing indexTenant check
jackj-msft Jul 26, 2024
9d28f2a
Put back the comment
jackj-msft Jul 26, 2024
de60bb9
use 'is' syntax for null checking
jackj-msft Jul 26, 2024
8bd3f6b
Merge branch 'master' into master
jennyf19 Jul 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 19 additions & 14 deletions src/Microsoft.Identity.Web.TokenAcquisition/MergedOptions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,7 +186,7 @@ internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftId

mergedOptions.SaveTokens |= microsoftIdentityOptions.SaveTokens;
#if NET8_0_OR_GREATER
mergedOptions.TokenHandler ??= microsoftIdentityOptions.TokenHandler;
mergedOptions.TokenHandler ??= microsoftIdentityOptions.TokenHandler;
#else
mergedOptions.SecurityTokenValidator ??= microsoftIdentityOptions.SecurityTokenValidator;
#endif
Expand Down Expand Up @@ -215,12 +215,12 @@ internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftId
mergedOptions.TimeProvider = microsoftIdentityOptions.TimeProvider;
#endif
#if NET9_0_OR_GREATER
if (microsoftIdentityOptions.AdditionalAuthorizationParameters != null)
{
foreach (var parameter in microsoftIdentityOptions.AdditionalAuthorizationParameters)
{
mergedOptions.AdditionalAuthorizationParameters.Add(parameter.Key, parameter.Value);
}
if (microsoftIdentityOptions.AdditionalAuthorizationParameters != null)
{
foreach (var parameter in microsoftIdentityOptions.AdditionalAuthorizationParameters)
{
mergedOptions.AdditionalAuthorizationParameters.Add(parameter.Key, parameter.Value);
}
}
#endif
mergedOptions.TokenValidationParameters = microsoftIdentityOptions.TokenValidationParameters.Clone();
Expand All @@ -244,7 +244,7 @@ internal static void UpdateMergedOptionsFromMicrosoftIdentityOptions(MicrosoftId
mergedOptions.AutomaticRefreshInterval = microsoftIdentityOptions.AutomaticRefreshInterval;
#endif
#endif
// Non ASP.NET Core specific
// Non ASP.NET Core specific
if (string.IsNullOrEmpty(mergedOptions.Instance) && !string.IsNullOrEmpty(microsoftIdentityOptions.Instance))
{
mergedOptions.Instance = microsoftIdentityOptions.Instance;
Expand Down Expand Up @@ -432,13 +432,18 @@ internal static void ParseAuthorityIfNecessary(MergedOptions mergedOptions)
{
if (string.IsNullOrEmpty(mergedOptions.TenantId) && string.IsNullOrEmpty(mergedOptions.Instance) && !string.IsNullOrEmpty(mergedOptions.Authority))
{
string authority = mergedOptions.Authority!.TrimEnd('/');
int indexTenant = authority.LastIndexOf('/');
if (indexTenant >= 0)
{
const int StartingIndex = 8; // length of "https://"
ReadOnlySpan<char> authoritySpan = mergedOptions.Authority.AsSpan().TrimEnd('/');

int indexTenant = authoritySpan.Slice(StartingIndex).IndexOf('/') + StartingIndex;
if (indexTenant >= 0)
{
int indexVersion = authoritySpan.Slice(indexTenant + 1).IndexOf('/') + indexTenant + 1;
int indexEndOfTenant = indexVersion == -1 ? authoritySpan.Length : indexVersion;

// In CIAM and B2C, customers will use "authority", not Instance and TenantId
mergedOptions.Instance = mergedOptions.PreserveAuthority ? mergedOptions.Authority : authority.Substring(0, indexTenant);
mergedOptions.TenantId = mergedOptions.PreserveAuthority ? null : authority.Substring(indexTenant + 1);
mergedOptions.Instance = mergedOptions.PreserveAuthority ? mergedOptions.Authority : authoritySpan.Slice(0, indexTenant).ToString();
mergedOptions.TenantId = mergedOptions.PreserveAuthority ? null : authoritySpan.Slice(indexTenant + 1, indexEndOfTenant - indexTenant - 1).ToString();
}
}
}
Expand Down
16 changes: 16 additions & 0 deletions tests/Microsoft.Identity.Web.Test/TokenAcquisitionAuthorityTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,22 @@ public void TestParseAuthorityIfNecessary_CIAM()
Assert.Null(mergedOptions.TenantId);
}

[Fact]
public void TestParseAuthorityIfNecessary_V2Authority()
{
MergedOptions mergedOptions = new()
{
Authority = TC.AuthorityWithTenantSpecifiedWithV2,
PreserveAuthority = false
};

MergedOptions.ParseAuthorityIfNecessary(mergedOptions);

Assert.Equal(TC.AuthorityWithTenantSpecifiedWithV2, mergedOptions.Authority);
Assert.Equal(TC.AadInstance, mergedOptions.Instance);
Assert.Equal(TC.TenantIdAsGuid, mergedOptions.TenantId);
}

[Fact]
public void MergeExtraQueryParametersTest()
{
Expand Down