Add WithAuthority to MSAL application level (#6671)

libraries/Microsoft.Bot.Connector/Authentication/CertificateAppCredentials.cs

@@ -154,6 +154,7 @@ protected override Lazy<IAuthenticator> BuildIAuthenticator()
         private Identity.Client.IConfidentialClientApplication CreateClientApplication(X509Certificate2 clientCertificate, string appId, HttpClient customHttpClient = null)
         {
             var clientBuilder = Identity.Client.ConfidentialClientApplicationBuilder.Create(appId)
+               .WithAuthority(new Uri(OAuthEndpoint), ValidateAuthority)
                .WithCertificate(clientCertificate);
 
             if (customHttpClient != null)

libraries/Microsoft.Bot.Connector/Authentication/MicrosoftAppCredentials.cs

@@ -172,6 +172,7 @@ protected override Lazy<IAuthenticator> BuildIAuthenticator()
         private Identity.Client.IConfidentialClientApplication CreateClientApplication(string appId, string password, HttpClient customHttpClient = null)
         {
             var clientBuilder = Identity.Client.ConfidentialClientApplicationBuilder.Create(appId)
+               .WithAuthority(new Uri(OAuthEndpoint), ValidateAuthority)
                .WithClientSecret(password);
 
             if (customHttpClient != null)

libraries/Microsoft.Bot.Connector/Authentication/MsalAppCredentials.cs

@@ -68,13 +68,17 @@ public MsalAppCredentials(IConfidentialClientApplication clientApplication, stri
         [System.Diagnostics.CodeAnalysis.SuppressMessage("Usage", "CA2234:Pass system uri objects instead of strings", Justification = "Using string overload for legacy compatibility.")]
         public MsalAppCredentials(string appId, string appPassword, string authority = null, string scope = null, bool validateAuthority = true, ILogger logger = null)
             : this(
-                  clientApplication: ConfidentialClientApplicationBuilder.Create(appId).WithClientSecret(appPassword).Build(),
+                  clientApplication: null,
                   appId: appId,
                   authority: authority,
                   scope: scope,
                   validateAuthority: validateAuthority,
                   logger: logger)
         {
+            _clientApplication = ConfidentialClientApplicationBuilder.Create(appId)
+                .WithAuthority(authority ?? OAuthEndpoint, validateAuthority)
+                .WithClientSecret(appPassword)
+                .Build();
         }
 
         /// <summary>
@@ -89,13 +93,17 @@ public MsalAppCredentials(string appId, string appPassword, string authority = n
         [System.Diagnostics.CodeAnalysis.SuppressMessage("Usage", "CA2234:Pass system uri objects instead of strings", Justification = "Using string overload for legacy compatibility.")]
         public MsalAppCredentials(string appId, X509Certificate2 certificate, string authority = null, string scope = null, bool validateAuthority = true, ILogger logger = null)
             : this(
-                  clientApplication: ConfidentialClientApplicationBuilder.Create(appId).WithCertificate(certificate).Build(),
+                  clientApplication: null,
                   appId: appId,
                   authority: authority,
                   scope: scope,
                   validateAuthority: validateAuthority,
                   logger: logger)
         {
+            _clientApplication = ConfidentialClientApplicationBuilder.Create(appId)
+                .WithAuthority(authority ?? OAuthEndpoint, validateAuthority)
+                .WithCertificate(certificate)
+                .Build();
         }
 
         async Task<AuthenticatorResult> IAuthenticator.GetTokenAsync(bool forceRefresh)
@@ -168,7 +176,7 @@ private async Task<AuthenticatorResult> AcquireTokenAsync(bool forceRefresh = fa
 
                     // This means we acquired a valid token successfully. We can make our retry policy null.
                     return new AuthenticatorResult()
-                    { 
+                    {
                         AccessToken = msalResult.AccessToken,
                         ExpiresOn = msalResult.ExpiresOn
                     };