Skip to content

Add tests to guard client-capabilities forwarding #3351

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 5, 2025
Merged

Add tests to guard client-capabilities forwarding #3351

merged 1 commit into from
May 5, 2025

Conversation

@gladjohn
Copy link
Contributor

@gladjohn gladjohn commented May 1, 2025

Add tests to guard client-capabilities forwarding (no functional change)

  • You've read the Contributor Guide and Code of Conduct.
  • You've included unit or integration tests for your change, where applicable.
  • You've included inline docs for your change, where applicable.
  • There's an open issue for the PR that you are making. If you'd like to propose a new feature or change, please open an issue to discuss the change or find an existing issue.

Summary of the changes

  • Confirmed that client capabilities are already forwarded by UpdateConfidentialClientApplicationOptionsFromMergedOptions, which calls WithClientCapabilities(...) when the CCA is built.
    Tokens issued today already include the expected xms_cc claim.

  • Added a comment to [TokenAcquisition.cs](https://github.com/AzureAD/microsoft-identity-web/compare/gladjohn/cca_capability_idweb?expand=1#diff-3600735102cf2582ea4dc8277f799690b8a8135f4971e0be919fbecd053ae2ca) to clarify that

Changes in this PR

Added test coverage

  • CrossCloudFicIntegrationTest_WithCp1 – decodes the JWT and asserts cp1 is present in the xms_cc claim.
  • CrossCloudFicUnitTest_WithCp1 – inspects the outbound form data and verifies the claims payload carries cp1.

Outcome

No functional change; behavior is now safeguarded by extra checks to prevent future regressions.

Fixes #3349

@gladjohn gladjohn requested a review from a team as a code owner May 1, 2025 17:40
@gladjohn gladjohn mentioned this pull request May 1, 2025
Closed
jmprieur
jmprieur approved these changes May 1, 2025
View reviewed changes
Copy link
Collaborator

@jmprieur jmprieur left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
Thanks for improving the CrossCloudFic tests.

@gladjohn gladjohn merged commit e76c1e5 into master May 5, 2025
5 checks passed
@gladjohn gladjohn deleted the gladjohn/cca_capability_idweb branch May 5, 2025 22:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bgavrilMS bgavrilMS bgavrilMS approved these changes

@jmprieur jmprieur jmprieur approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add tests to guard client-capability (xms_cc) forwarding in CCA flows

5 participants

@gladjohn @bgavrilMS @jmprieur @GladwinJohnson