#6673 - Fix of SNI auth not working in Cert based authentication

After upgrade from ADAL to MSAL auth library, sendX5C flag was not set and it breaks SN+I authentication with AAD app registrations.
microsoft · Jul 28, 2023 · 8909744 · 8909744
1 parent b9603fb
commit 8909744
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/libraries/Microsoft.Bot.Connector/Authentication/CertificateAppCredentials.cs b/libraries/Microsoft.Bot.Connector/Authentication/CertificateAppCredentials.cs
@@ -139,7 +139,7 @@ protected override Lazy<IAuthenticator> BuildIAuthenticator()
  return new Lazy<IAuthenticator>(
  () =>
  {
- var clientApplication = CreateClientApplication(clientCertificate, MicrosoftAppId, CustomHttpClient);
+ var clientApplication = CreateClientApplication(clientCertificate, MicrosoftAppId, sendX5c, CustomHttpClient);
  return new MsalAppCredentials(
  clientApplication,
  MicrosoftAppId,
@@ -151,11 +151,11 @@ protected override Lazy<IAuthenticator> BuildIAuthenticator()
  LazyThreadSafetyMode.ExecutionAndPublication);
  }
 
- private Identity.Client.IConfidentialClientApplication CreateClientApplication(X509Certificate2 clientCertificate, string appId, HttpClient customHttpClient = null)
+ private Identity.Client.IConfidentialClientApplication CreateClientApplication(X509Certificate2 clientCertificate, string appId, bool sendX5c, HttpClient customHttpClient = null)
  {
  var clientBuilder = Identity.Client.ConfidentialClientApplicationBuilder.Create(appId)
  .WithAuthority(new Uri(OAuthEndpoint), ValidateAuthority)
- .WithCertificate(clientCertificate);
+ .WithCertificate(clientCertificate, sendX5c);
 
  if (customHttpClient != null)
  {