Fix validating B2C issuer with tfp in issuer URI.

[pmaytak]

Issue #274

Fix to validate the B2C issuer with tfp URI type (ex. {domain}/{tfp}/{tid}/{userFlow}/v2.0/) correctly.

More detail:
B2C tokens compatibility
Configure B2C JWT token compatibility

[jmprieur]

Thanks @pmaytak

Let's circle back with the B2C team as my understanding is they want to discourage the use of tfp.
I should probably have reacted a bit earlier, but I'd want to make sure we really want to support this scenario.

[jennyf19]

I agree, i'll ping b2c and see what they say about this. we don't want to necessarily support legacy stuff if we don't have to. i would like to get more context on that before moving forward.

[pmaytak]

So, a couple of options:

1. Keep code as is - B2C tfp issuers with fail with generic invalid issuer exception.
2. Merge this PR - B2C tfp issuers will validate correctly.
3. At the end of the validate method, we can parse actual issuer URI, if it has tfp, then throw a more descriptive exception.
   

   microsoft-identity-web/src/Microsoft.Identity.Web/Resource/AadIssuerValidator.cs

   Lines 128 to 132 in b694b72

   	throw new SecurityTokenInvalidIssuerException(
   	string.Format(
   	CultureInfo.InvariantCulture,
   	IDWebErrorMessage.IssuerDoesNotMatchValidIssuers,
   	actualIssuer));

[jmprieur]

@pmaytak. Given the reply from the B2C team and the customer, I think we could do 3.

• When you write parse, do you mean just verify that there is the /tpf/ string in it?
• We'd throw an exception explaining that this is not supported with an aka.ms link https://aka.ms/ms-id-web/b2c-issuer

[pmaytak]

@jmprieur @jennyf19
Updated PR:

• throwing an exception with an aka.ms link.
• added B2C-Tfp-Issuer.md just to get feedback for the wiki (will not merge it)

[jmprieur]

LGTM.
I wonder what the md file is. Is it for the wiki?

[jennyf19]

let's not include the .md file for this. thx.