Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] When setting a ClientSecret programmatically, the developer should not need to configure both MicrosoftIdentityOptions and ConfidentialClientApplicationOptions #536

Closed
6 tasks
jmprieur opened this issue Sep 2, 2020 · 0 comments
Assignees
Labels
bug Something isn't working fixed P2
Milestone

Comments

@jmprieur
Copy link
Collaborator

jmprieur commented Sep 2, 2020

Which version of Microsoft Identity Web are you using?
0.4.0-preview

Where is the issue?

  • Web app
    • Sign-in users
    • [ x] Sign-in users and call web APIs
  • Web API
    • Protected web APIs (validating tokens)
    • Protected web APIs (validating scopes)
    • [ ]x Protected web APIs call downstream web APIs
  • Token cache serialization
    • In-memory caches
    • Session caches
    • Distributed caches
  • Other (please describe)

Repro
See https://github.com/AzureAD/microsoft-identity-web/pull/535/files/1785b25251235523daf49c0b35cef2bc784d85d6..95dbcf7d20ccf26ba63921ba635c65f76011dcc7

Expected behavior

  • Ideally: Passing the client secret in either MicrosoftIdentityOptions or ConfidentialClientApplicationOptions shoud work
  • If not possible : Passing the client secret in ConfidentialClientApplicationOptions should set it in MicrosoftIdentityOptions

Actual behavior
The developer has to set it in both places:

     public void ConfigureServices(IServiceCollection services)
        {
            _keyVault = new KeyVaultSecretsProvider();
            string ccaSecret = _keyVault.GetSecret(TestConstants.OBOClientKeyVaultUri).Value;

            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddMicrosoftIdentityWebApi(Configuration, subscribeToJwtBearerMiddlewareDiagnosticsEvents: true)
                    .EnableTokenAcquisitionToCallDownstreamApi()
                        .AddInMemoryTokenCaches();

            services.Configure<MicrosoftIdentityOptions>(options =>
            {
                options.ClientSecret = ccaSecret;
            });
            services.Configure<ConfidentialClientApplicationOptions>(options =>
            {
                options.ClientSecret = ccaSecret;
            });
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working fixed P2
Projects
None yet
Development

No branches or pull requests

2 participants