You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
bgavrilMS
changed the title
[Bug] WWW-Authentication parser should strip the optional v2.0 form authroization uri
[Bug] WWW-Authentication parser should strip the optional v2.0 form authorization uri
Nov 9, 2023
Library version used
4.56
.NET version
all
Scenario
Other - please specify
Is this a new or an existing app?
This is a new app or experiment
Issue description and reproduction steps
https://login.microsoftonline.com//common/v2.0/.well-known/openid-configuration
See how the authroization uri is "authorization_endpoint": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
Our WWW-Authenticate parser doesn't convert this correctly to an authority, see https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/main/src/client/Microsoft.Identity.Client/WwwAuthenticateParameters.cs#L424
Relevant code snippets
No response
Expected behavior
Strip out the v2.0 but only if it exists
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
No response
The text was updated successfully, but these errors were encountered: