diff --git a/Directory.Build.props b/Directory.Build.props
index d2bf7947e..c9e5ba9bb 100644
--- a/Directory.Build.props
+++ b/Directory.Build.props
@@ -7,10 +7,8 @@
4.3.1
$(MicrosoftIdentityWebVersion)
-
true
4.2.0
-
$(MSBuildThisFileDirectory)/build
$(BuildDirectory)/35MSSharedLib1024.snk
git
diff --git a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
index 68ca848ac..f1c869a4a 100644
--- a/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
+++ b/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
@@ -1228,13 +1228,11 @@ private void NotifyCertificateSelection(
string? tokenUsedToCallTheWebApi = GetActualToken(validatedToken);
AcquireTokenOnBehalfOfParameterBuilder? builder = null;
- TokenAcquisitionExtensionOptions? addInOptions = null;
+ TokenAcquisitionExtensionOptions? addInOptions = tokenAcquisitionExtensionOptionsMonitor?.CurrentValue;
// Case of web APIs: we need to do an on-behalf-of flow, with the token used to call the API
if (tokenUsedToCallTheWebApi != null)
{
- addInOptions = tokenAcquisitionExtensionOptionsMonitor?.CurrentValue;
-
if (string.IsNullOrEmpty(tokenAcquisitionOptions?.LongRunningWebApiSessionKey))
{
builder = application
diff --git a/tests/Microsoft.Identity.Web.Test/AuthorizationHeaderProviderTests.cs b/tests/Microsoft.Identity.Web.Test/AuthorizationHeaderProviderTests.cs
index 940bf6b54..142679f8d 100644
--- a/tests/Microsoft.Identity.Web.Test/AuthorizationHeaderProviderTests.cs
+++ b/tests/Microsoft.Identity.Web.Test/AuthorizationHeaderProviderTests.cs
@@ -37,6 +37,7 @@ public async Task LongRunningSessionForDefaultAuthProviderForUserDefaultKeyTest(
var claimsPrincipal = new ClaimsPrincipal(identity);
var tokenAcquirerFactory = InitTokenAcquirerFactoryForTest();
+ bool argsNotNull = true;
// Configure the extension option such that the event is subscribed to
// so the test can observe if the service provider is set in the extra parameters
@@ -44,9 +45,12 @@ public async Task LongRunningSessionForDefaultAuthProviderForUserDefaultKeyTest(
{
options.OnBeforeTokenAcquisitionForOnBehalfOf += (builder, options, args) =>
{
- //verify that the ClaimsPrincipal passed in the event is the same as the one passed to CreateAuthorizationHeaderForUserAsync and that the BootstrapContext is preserved
- Assert.Equal(((CaseSensitiveClaimsIdentity)claimsPrincipal.Identity!).BootstrapContext, ((CaseSensitiveClaimsIdentity)args?.User?.Identity!).BootstrapContext);
- Assert.Equal(((CaseSensitiveClaimsIdentity)claimsPrincipal.Identity!).BootstrapContext, args.UserAssertionToken);
+ if (argsNotNull)
+ {
+ //verify that the ClaimsPrincipal passed in the event is the same as the one passed to CreateAuthorizationHeaderForUserAsync and that the BootstrapContext is preserved
+ Assert.Equal(((CaseSensitiveClaimsIdentity)claimsPrincipal.Identity!).BootstrapContext, ((CaseSensitiveClaimsIdentity)args?.User?.Identity!).BootstrapContext);
+ Assert.Equal(((CaseSensitiveClaimsIdentity)claimsPrincipal.Identity!).BootstrapContext, args.UserAssertionToken);
+ }
};
});
IServiceProvider serviceProvider = tokenAcquirerFactory.Build();
@@ -57,8 +61,6 @@ public async Task LongRunningSessionForDefaultAuthProviderForUserDefaultKeyTest(
using (mockHttpClient)
{
-
-
// Create options with LongRunningWebApiSessionKey
var options = new AuthorizationHeaderProviderOptions
{
@@ -85,6 +87,7 @@ public async Task LongRunningSessionForDefaultAuthProviderForUserDefaultKeyTest(
string key1 = options.AcquireTokenOptions.LongRunningWebApiSessionKey;
// Step 4: Second call without ClaimsPrincipal should return the token from cache
+ argsNotNull = false;
result = await authorizationHeaderProvider.CreateAuthorizationHeaderForUserAsync(
scopes,
options);
@@ -94,6 +97,7 @@ public async Task LongRunningSessionForDefaultAuthProviderForUserDefaultKeyTest(
Assert.Equal(key1, options.AcquireTokenOptions.LongRunningWebApiSessionKey);
// Step 5: First call with ClaimsPrincipal to initiate LR session for CreateAuthorizationHeaderAsync
+ argsNotNull = true;
scopes = new[] { "User.Write" };
mockHttpClient!.AddMockHandler(MockHttpCreator.CreateLrOboTokenHandler("User.Write"));
result = await authorizationHeaderProvider.CreateAuthorizationHeaderAsync(
@@ -105,6 +109,7 @@ public async Task LongRunningSessionForDefaultAuthProviderForUserDefaultKeyTest(
Assert.NotEqual(options.AcquireTokenOptions.LongRunningWebApiSessionKey, TokenAcquisitionOptions.LongRunningWebApiSessionKeyAuto);
key1 = options.AcquireTokenOptions.LongRunningWebApiSessionKey;
+ argsNotNull = false;
// Step 6: Second call without ClaimsPrincipal should return the token from cache for CreateAuthorizationHeaderAsync
result = await authorizationHeaderProvider.CreateAuthorizationHeaderAsync(
scopes,