[#6643] WithManagedIdentity is experimental and not exist in Microsoft.Identity.Client 4.51.0

libraries/Microsoft.Bot.Connector/Authentication/ManagedIdentityAuthenticator.cs

@@ -8,6 +8,7 @@
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Logging.Abstractions;
 using Microsoft.Identity.Client;
+using Microsoft.Identity.Client.AppConfig;
 
 namespace Microsoft.Bot.Connector.Authentication
 {
@@ -16,10 +17,9 @@ namespace Microsoft.Bot.Connector.Authentication
  /// </summary>
  public class ManagedIdentityAuthenticator : IAuthenticator
  {
- private readonly string _appId;
  private readonly string _resource;
  private readonly ILogger _logger;
- private readonly IConfidentialClientApplication _clientApplication;
+ private readonly IManagedIdentityApplication _clientApplication;
 
  /// <summary>
  /// Initializes a new instance of the <see cref="ManagedIdentityAuthenticator"/> class.
@@ -40,7 +40,6 @@ public ManagedIdentityAuthenticator(string appId, string resource, HttpClient cu
  throw new ArgumentNullException(nameof(resource));
  }
 
- _appId = appId;
  _resource = resource;
  _logger = logger ?? NullLogger.Instance;
  _clientApplication = CreateClientApplication(appId, customHttpClient);
@@ -63,10 +62,8 @@ public async Task<AuthenticatorResult> GetTokenAsync(bool forceRefresh = false)
 
  private async Task<AuthenticatorResult> AcquireTokenAsync(bool forceRefresh)
  {
- var scopes = new string[] { $"{_resource}/.default" };
  var authResult = await _clientApplication
- .AcquireTokenForClient(scopes)
- .WithManagedIdentity(_appId)
+ .AcquireTokenForManagedIdentity(_resource)
  .WithForceRefresh(forceRefresh)
  .ExecuteAsync()
  .ConfigureAwait(false);
@@ -86,10 +83,9 @@ private RetryParams HandleTokenProviderException(Exception e, int retryCount)
  : RetryParams.DefaultBackOff(retryCount);
  }
 
- private IConfidentialClientApplication CreateClientApplication(string appId, HttpClient customHttpClient = null)
+ private IManagedIdentityApplication CreateClientApplication(string appId, HttpClient customHttpClient = null)
  {
- var clientBuilder = ConfidentialClientApplicationBuilder.Create(appId)
- .WithExperimentalFeatures();
+ var clientBuilder = ManagedIdentityApplicationBuilder.Create(ManagedIdentityId.WithUserAssignedClientId(appId));
 
  if (customHttpClient != null)
  {

libraries/Microsoft.Bot.Connector/Microsoft.Bot.Connector.csproj

@@ -29,7 +29,7 @@
  <PackageReference Include="Microsoft.CSharp" Version="4.5.0" />
  <PackageReference Include="Microsoft.Extensions.Logging" Version="2.1.0" />
  <PackageReference Include="Microsoft.Extensions.Http" Version="2.1.0" />
- <PackageReference Include="Microsoft.Identity.Client" Version="4.50.0" />
+ <PackageReference Include="Microsoft.Identity.Client" Version="4.55.0" />
  <PackageReference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect" Version="5.6.0" />
  <PackageReference Include="Microsoft.Rest.ClientRuntime" Version="2.3.24" />
  <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />

tests/Microsoft.Bot.Connector.Tests/Authentication/ManagedIdentityAuthenticatorTests.cs

@@ -16,8 +16,8 @@ namespace Microsoft.Bot.Connector.Tests.Authentication
 {
  public class ManagedIdentityAuthenticatorTests
  {
- private const string TestAppId = "foo";
- private const string TestAudience = "bar";
+ private readonly Func<string, string> appId = (id) => $"id {id} ";
+ private readonly Func<string, string> audience = (id) => $"audience {id} ";
 
  [Fact]
  public void CanGetJwtToken()
@@ -37,17 +37,17 @@ public void CanGetJwtToken()
  .ReturnsAsync(response);
  var httpClient = new HttpClient(mockHttpMessageHandler.Object);
 
- var sut = new ManagedIdentityAuthenticator(TestAppId, TestAudience, httpClient);
+ var sut = new ManagedIdentityAuthenticator(appId(nameof(CanGetJwtToken)), audience(nameof(CanGetJwtToken)), httpClient);
  var token = sut.GetTokenAsync().GetAwaiter().GetResult();
 
  Assert.Equal("at_secret", token.AccessToken);
  Assert.Equal(expiresOn, token.ExpiresOn.ToUnixTimeSeconds());
  }
 
  [Theory]
- [InlineData(false)]
- [InlineData(true)]
- public void CanGetJwtTokenWithForceRefresh(bool forceRefreshInput)
+ [InlineData(false, 1)]
+ [InlineData(true, 2)]
+ public void CanGetJwtTokenWithForceRefresh(bool forceRefreshInput, int index)
  {
  var response = new HttpResponseMessage(HttpStatusCode.OK);
  var expiresOn = DateTimeOffset.Now.ToUnixTimeSeconds() + 10000;
@@ -64,7 +64,7 @@ public void CanGetJwtTokenWithForceRefresh(bool forceRefreshInput)
  .ReturnsAsync(response);
  var httpClient = new HttpClient(mockHttpMessageHandler.Object);
 
- var sut = new ManagedIdentityAuthenticator(TestAppId, TestAudience, httpClient);
+ var sut = new ManagedIdentityAuthenticator(appId(nameof(CanGetJwtTokenWithForceRefresh)) + index, audience(nameof(CanGetJwtTokenWithForceRefresh)) + index, httpClient);
  var token = sut.GetTokenAsync(forceRefreshInput).GetAwaiter().GetResult();
 
  Assert.Equal("at_secret", token.AccessToken);
@@ -86,7 +86,7 @@ public void DefaultRetryOnException()
  });
  var httpClient = new HttpClient(mockHttpMessageHandler.Object);
 
- var sut = new ManagedIdentityAuthenticator(TestAppId, TestAudience, httpClient);
+ var sut = new ManagedIdentityAuthenticator(appId(nameof(DefaultRetryOnException)), audience(nameof(DefaultRetryOnException)), httpClient);
 
  try
  {
@@ -130,7 +130,7 @@ public void CanRetryAndAcquireToken()
  });
  var httpClient = new HttpClient(mockHttpMessageHandler.Object);
 
- var sut = new ManagedIdentityAuthenticator(TestAppId, TestAudience, httpClient);
+ var sut = new ManagedIdentityAuthenticator(appId(nameof(CanRetryAndAcquireToken)), audience(nameof(CanRetryAndAcquireToken)), httpClient);
  var token = sut.GetTokenAsync().GetAwaiter().GetResult();
 
  Assert.Equal("at_secret", token.AccessToken);