Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNI auth not working in Cert based both authentication #6673

Closed
MandeepShahi opened this issue Jul 14, 2023 · 0 comments · Fixed by #6676
Closed

SNI auth not working in Cert based both authentication #6673

MandeepShahi opened this issue Jul 14, 2023 · 0 comments · Fixed by #6676
Labels
Bot Services Required for internal Azure reporting. Do not delete. Do not change color. bug Indicates an unexpected problem or an unintended behavior. needs-triage The issue has just been created and it has not been reviewed by the team.

Comments

@MandeepShahi
Copy link

MandeepShahi commented Jul 14, 2023
edited
Loading

Github issues should be used for bugs and feature requests. Use Stack Overflow for general "how-to" questions.

Version

4.20.0

Describe the bug

When using Cert based authentication, SNI auth flow is not working. I see in the code that x5c claim is not being passed in CertificateAppCredentials which results it not being passed (and used while calling AcquireTokenAsync) in MsalAppCredentials resulting in SNI auth breaking.

The sendX5c flag was being passed in the ADAL authenticator but got missed in MSAL one!

To Reproduce

Steps to reproduce the behavior:

  1. Deploy any sample bot service web app in Azure. The service should use an auto-renewed cert for authentication.
  2. Try sending notification request to the service. Auth flow would break with SNI auth issue
@MandeepShahi MandeepShahi added bug Indicates an unexpected problem or an unintended behavior. needs-triage The issue has just been created and it has not been reviewed by the team. labels Jul 14, 2023
@ramfattah ramfattah added the Bot Services Required for internal Azure reporting. Do not delete. Do not change color. label Jul 14, 2023
mikeus-hanzlik pushed a commit to mikeus-hanzlik/botbuilder-dotnet that referenced this issue Jul 28, 2023
@mihanzlk
microsoft#6673 - Fix of SNI auth not working in Cert based authentica…
8909744 
…tion

After upgrade from ADAL to MSAL auth library, sendX5C flag was not set and it breaks SN+I authentication with AAD app registrations.
@mikeus-hanzlik mikeus-hanzlik mentioned this issue Jul 28, 2023
Merged
tracyboehrer pushed a commit that referenced this issue Jul 28, 2023
@mikeus-hanzlik @mihanzlk
#6673 - Fix of SNI auth not working in Cert based authentication (#6676)
6baf0f8 
After upgrade from ADAL to MSAL auth library, sendX5C flag was not set and it breaks SN+I authentication with AAD app registrations.

Co-authored-by: Michal Hanzlik <mihanzlk@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bot Services Required for internal Azure reporting. Do not delete. Do not change color. bug Indicates an unexpected problem or an unintended behavior. needs-triage The issue has just been created and it has not been reviewed by the team.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

#6673 - Fix of SNI auth not working in Cert based authentication mikeus-hanzlik/botbuilder-dotnet
2 participants
@ramfattah @MandeepShahi