Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Regional Authority is not used with latest version of ClientCertificateCredential #29454

Closed
degant opened this issue Jun 24, 2022 · 1 comment · Fixed by #29612
Closed

[BUG] Regional Authority is not used with latest version of ClientCertificateCredential #29454

degant opened this issue Jun 24, 2022 · 1 comment · Fixed by #29612
Assignees
@schaabs
Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-team-attention This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that

Comments

@degant
Copy link

degant commented Jun 24, 2022
edited

Library name and version

Azure.Identity 1.6.0

Describe the bug

The regional authority is not being used by the ClientCertificateCredential constructor even when it is passed in with options since it no longer passes it onto the MsalConfidentialClient ctor: link

We're trying to use the regional endpoints and this was working fine in the older versions:

It accidentally got removed here during a refactor while the other credentials that support Regional Authority i.e ClientSecretCredential and OnBehalfOfCredential still have support for RA.

Our service can't rollback to the previous versions because we need to be on 1.6.0 which has the fix for #27679 (OBOCredentials not passing x5c)

Expected behavior

Regional Authority should work with ClientCertificateCredential just like it does with ClientSecretCredential and OnBehalfOfCredential types.

Actual behavior

Regional Authority doesn't work and calls are sent to global AAD authority instead.

Reproduction Steps

  1. Create a new ClientCertificateCredential and try to pass a valid Regional Authority
  2. Calls go out to global AAD instead of regional authority

Environment

No response
@ghost ghost added needs-triage This is a new issue that needs to be triaged to the appropriate team. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Jun 24, 2022
@azure-sdk azure-sdk added Azure.Identity Client This issue points to a problem in the data-plane of the library. needs-team-triage This issue needs the team to triage. labels Jun 24, 2022
@ghost ghost removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Jun 24, 2022
@degant degant mentioned this issue Jun 24, 2022
Closed
@jsquire jsquire added needs-team-attention This issue needs attention from Azure service team or SDK team and removed needs-team-triage This issue needs the team to triage. labels Jun 24, 2022
@jsquire
Copy link
Member

jsquire commented Jun 24, 2022

Thank you for your feedback. Tagging and routing to the team member best able to assist.

@schaabs schaabs mentioned this issue Jul 1, 2022
Merged
@github-actions github-actions bot locked and limited conversation to collaborators Mar 25, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@schaabs schaabs

Labels
Azure.Identity Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. needs-team-attention This issue needs attention from Azure service team or SDK team question The issue doesn't require a change to the product in order to be resolved. Most issues start as that
Projects
None yet
Milestone
No milestone
4 participants
@jsquire @degant @schaabs @azure-sdk