Fix metadata address creation when using AddMicrosoftIdentityWebApp (#…

…2883) (#2891)
AzureAD · Jun 26, 2024 · 7aff5f9 · 7aff5f9
1 parent 05e6d74
commit 7aff5f9
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/...t.Identity.Web/WebAppExtensions/MicrosoftIdentityWebAppAuthenticationBuilderExtensions.cs b/...t.Identity.Web/WebAppExtensions/MicrosoftIdentityWebAppAuthenticationBuilderExtensions.cs
@@ -317,7 +317,7 @@ s.ServiceKey is null &&
                         mergedOptions.PreserveAuthority = preserveAuthority;
                         if (mergedOptions.ExtraQueryParameters != null)
                         {
-                            options.MetadataAddress = mergedOptions.Authority + "/.well-known/openid-configuration?" + string.Join("&", mergedOptions.ExtraQueryParameters.Select(p => $"{p.Key}={p.Value}"));
+                            mergedOptions.MetadataAddress = mergedOptions.Authority + "/.well-known/openid-configuration?" + string.Join("&", mergedOptions.ExtraQueryParameters.Select(p => $"{p.Key}={p.Value}"));
                         }
                     }
 

diff --git a/tests/Microsoft.Identity.Web.Test/WebAppExtensionsTests.cs b/tests/Microsoft.Identity.Web.Test/WebAppExtensionsTests.cs
@@ -183,6 +183,38 @@ public void AddMicrosoftIdentityWebApp_WithConfigActionParameters(bool subscribe
             AddMicrosoftIdentityWebApp_TestSubscribesToDiagnostics(services, diagnosticsMock, subscribeToDiagnostics);
         }
 
+        [Fact]
+        public Task AddMicrosoftIdentityWebApp_WithConfigAuthority_TestCorrectMetadataAddress()
+        {
+            // Arrange
+            string authority = "https://login.microsoftonline.com/some-tenant-id/v2.0";
+            string appId = "some-client-id";
+            string expectedMetadataAddress = $"{authority}/.well-known/openid-configuration?appId={appId}";
+            var configMock = Substitute.For<IConfiguration>();
+            configMock.Configure().GetSection(ConfigSectionName).Returns(_configSection);
+
+            var services = new ServiceCollection()
+                .AddSingleton(configMock)
+                .PostConfigure<MicrosoftIdentityOptions>(OidcScheme, (options) =>
+                {
+                    options.Authority = authority;
+                    options.ExtraQueryParameters = new Dictionary<string, string>
+                        {
+                            {"appId", appId}
+                        };
+                });
+
+            // Act
+            services.AddAuthentication()
+                .AddMicrosoftIdentityWebApp(configMock, ConfigSectionName, OidcScheme, CookieScheme, subscribeToOpenIdConnectMiddlewareDiagnosticsEvents: false);
+            var provider = services.BuildServiceProvider();
+            var providedOptions = provider.GetRequiredService<IOptionsMonitor<OpenIdConnectOptions>>().Get(OidcScheme);
+
+            // Assert
+            Assert.Equal(expectedMetadataAddress, providedOptions.MetadataAddress);
+            return Task.CompletedTask;
+        }
+
         [Fact]
         public async Task AddMicrosoftIdentityWebApp_WithConfigNameParameters_TestRedirectToIdentityProviderEvent()
         {