Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] When used with MISE, client certificates are not taken into account when calling downstream APIs in controllers #1583

Closed
jmprieur opened this issue Jan 7, 2022 · 2 comments
Closed

[Bug] When used with MISE, client certificates are not taken into account when calling downstream APIs in controllers #1583

jmprieur opened this issue Jan 7, 2022 · 2 comments
Assignees
@jennyf19
Labels
bug Something isn't working fixed P0
Milestone
1.22.0

Comments

@jmprieur
Copy link
Collaborator

jmprieur commented Jan 7, 2022

Which version of Microsoft Identity Web are you using?
1.21.1

Where is the issue?

  • Web API
    • [x ] Protected web APIs call downstream web APIs

Integrated with MISE

Repro
See Mise webApiCallGraph sample

Expected behavior
Client certificates are taken into account

Actual behavior
Neither cert or client secret

Additional context / logs / screenshots / link to code
The internal method EnableTokenAcquisition initializes the CcaOptions from the delegate, but not the MicrosoftIdentityOptions. However, the client certs are in MicrosoftIdentityOptions, not CcaOptions

The fix is easy. just bind the configuration with the mergeOptions (which have all the members of MicrosoftIdentityOptions)
@jmprieur jmprieur added bug Something isn't working P0 labels Jan 7, 2022
@jmprieur
Copy link
Collaborator Author

jmprieur commented Jan 7, 2022

As we are here, let's make sure that the configuration is an IConfigurationSection instead of an IConfiguration

@jennyf19 jennyf19 added the fixed label Jan 7, 2022
@jennyf19
Copy link
Collaborator

jennyf19 commented Jan 8, 2022

Included in the [1.22.0 release](https://github.com/AzureAD/microsoft-identity-web/releases/tag/1.22.00

@jennyf19 jennyf19 closed this as completed Jan 8, 2022
@jennyf19 jennyf19 added this to the 1.22.0 milestone Jan 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jennyf19 jennyf19

Labels
bug Something isn't working fixed P0
Projects
None yet
Milestone
1.22.0
Development

No branches or pull requests
2 participants
@jmprieur @jennyf19