You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The line deleted in MicrosoftIdentityWebApiAuthenticationBuilderExtensions.cs calls builder.Services.Configure which is also happening in the builder constructor itself (MicrosoftIdentityWebApiAuthenticationBuilder) with the same arguments which duplicated the configuration every time a builder was run using the CallDownstreamApi.
Testing:
Unit tests all pass
Succeeded running the DaemonConsoleCallingDownstreamApi sample against the MinimalWebApi sample.
Fixes #{bug number} (in this specific format)
The private function AddMicrosoftIdentityWebApiImplementation I deleted the builder.Services.Configure call from is only called by the two implementations of the AddMicrosoftIdentityWebApi method in the same file (1, 2). These two functions return a new builder, using the same builder Object, JwtBearerOptions, and MicrosoftIdentityOptions used as arguments in the call from private function whose line I deleted. Those two returned builder objects either are or derive from the MicrosoftIdentityWebApiAuthenticationBuilder where on line 45 in the constructor a Services.Configure call is made using those same JwtBearerOptions and MicrosoftIdentityOptions arguments.
Reproduction steps
If you run the dev app which is webAppCallsWebApiCallsGraph, and add this to the service:
services.Configure( o => o.ClientSecret = "your_secret-here");
and comment it out in the appsettings.json then run them both as startup projects. I get this error:
An unhandled exception occurred while processing the request.
HttpRequestException: 500 InternalServerError MSAL.NetCore.4.55.0.0.MsalServiceException:
ErrorCode: invalid_client
Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'a4c2469b-cf84-4145-8f5f-cb7bacf814bc'.
As it's not longer picking up the MicrosoftIdentityOptions.
Error message
No response
Id Web logs
No response
Relevant code snippets
n/a
Regression
No response
Expected behavior
no additional allocations where they are not needed.
The text was updated successfully, but these errors were encountered:
Microsoft.Identity.Web Library
Microsoft.Identity.Web
Microsoft.Identity.Web version
2.11.1
Web app
Sign-in users and call web APIs
Web API
Protected web APIs (validating tokens)
Token cache serialization
Not Applicable
Description
The line deleted in MicrosoftIdentityWebApiAuthenticationBuilderExtensions.cs calls builder.Services.Configure which is also happening in the builder constructor itself (MicrosoftIdentityWebApiAuthenticationBuilder) with the same arguments which duplicated the configuration every time a builder was run using the CallDownstreamApi.
Testing:
Unit tests all pass
Succeeded running the DaemonConsoleCallingDownstreamApi sample against the MinimalWebApi sample.
Fixes #{bug number} (in this specific format)
The private function AddMicrosoftIdentityWebApiImplementation I deleted the builder.Services.Configure call from is only called by the two implementations of the AddMicrosoftIdentityWebApi method in the same file (1, 2). These two functions return a new builder, using the same builder Object, JwtBearerOptions, and MicrosoftIdentityOptions used as arguments in the call from private function whose line I deleted. Those two returned builder objects either are or derive from the MicrosoftIdentityWebApiAuthenticationBuilder where on line 45 in the constructor a Services.Configure call is made using those same JwtBearerOptions and MicrosoftIdentityOptions arguments.
Reproduction steps
If you run the dev app which is webAppCallsWebApiCallsGraph, and add this to the service:
services.Configure( o => o.ClientSecret = "your_secret-here");
and comment it out in the appsettings.json then run them both as startup projects. I get this error:
An unhandled exception occurred while processing the request.
HttpRequestException: 500 InternalServerError MSAL.NetCore.4.55.0.0.MsalServiceException:
ErrorCode: invalid_client
Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app 'a4c2469b-cf84-4145-8f5f-cb7bacf814bc'.
As it's not longer picking up the MicrosoftIdentityOptions.
Error message
No response
Id Web logs
No response
Relevant code snippets
n/aRegression
No response
Expected behavior
no additional allocations where they are not needed.
The text was updated successfully, but these errors were encountered: