- Fixes 3181 (#3183)

* - Fixes 3181 - Removes the need to provide the MSAL redirect URI in web apps - Updates the binding redirect in the OWIN samples * Addressing PR feedback
AzureAD · Jan 7, 2025 · 2dd962b · 2dd962b
1 parent fa46329
commit 2dd962b
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 31 deletions.
diff --git a/src/Microsoft.Identity.Web.OWIN/AppBuilderExtension.cs b/src/Microsoft.Identity.Web.OWIN/AppBuilderExtension.cs
@@ -161,6 +161,12 @@ public static IAppBuilder AddMicrosoftIdentityWebApp(
                         }
                         context.ProtocolMessage.SetParameter(ClaimConstants.ClientInfo, Constants.One);
                         context.ProtocolMessage.SetParameter(Constants.TelemetryHeaderKey, IdHelper.CreateTelemetryInfo());
+
+                        if (context.ProtocolMessage.IssuerAddress != null && context.ProtocolMessage.IssuerAddress.EndsWith("/authorize", StringComparison.OrdinalIgnoreCase))
+                        {
+                            context.ProtocolMessage.RedirectUri = context.Request.Uri.ToString();
+                        }
+
                         return Task.CompletedTask;
                     },
 

diff --git a/src/Microsoft.Identity.Web.OWIN/Microsoft.Identity.Web.OWIN.xml b/src/Microsoft.Identity.Web.OWIN/Microsoft.Identity.Web.OWIN.xml
diff --git a/src/Microsoft.Identity.Web.OWIN/OwinTokenAcquirerFactory.cs b/src/Microsoft.Identity.Web.OWIN/OwinTokenAcquirerFactory.cs
@@ -6,6 +6,7 @@
 using System.Configuration;
 using System.Linq;
 using System.Web;
+using System.Web.Hosting;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Identity.Web.Hosts;
@@ -34,7 +35,8 @@ protected override string DefineConfiguration(IConfigurationBuilder builder)
                 ["AzureAd:SignedOutCallbackPath"] = ConfigurationManager.AppSettings["ida:PostLogoutRedirectUri"],
                 ["AzureAd:RedirectUri"] = ConfigurationManager.AppSettings["ida:RedirectUri"],
             });
-            return HttpContext.Current.Request.PhysicalApplicationPath;
+
+            return HostingEnvironment.MapPath("~/");
         }
 
         /// <summary>

diff --git a/tests/DevApps/aspnet-mvc/OwinWebApi/Web.config b/tests/DevApps/aspnet-mvc/OwinWebApi/Web.config
@@ -24,10 +24,6 @@
 				<assemblyIdentity name="WebGrease" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
 				<bindingRedirect oldVersion="0.0.0.0-1.6.5135.21930" newVersion="1.6.5135.21930"/>
 			</dependentAssembly>
-			<dependentAssembly>
-				<assemblyIdentity name="System.ValueTuple" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-4.0.3.0" newVersion="4.0.3.0"/>
-			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="System.Threading.Tasks.Extensions" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
 				<bindingRedirect oldVersion="0.0.0.0-4.2.0.1" newVersion="4.2.0.1"/>
@@ -180,7 +176,6 @@
 				<assemblyIdentity name="Antlr3.Runtime" publicKeyToken="EB42632606E9261F" culture="neutral"/>
 				<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2"/>
 			</dependentAssembly>
-
     </assemblyBinding>
   </runtime>
   <system.codedom>

diff --git a/tests/DevApps/aspnet-mvc/OwinWebApp/App_Start/Startup.Auth.cs b/tests/DevApps/aspnet-mvc/OwinWebApp/App_Start/Startup.Auth.cs
@@ -21,24 +21,10 @@ public void ConfigureAuth(IAppBuilder app)
 
             app.AddMicrosoftIdentityWebApp(factory);
             factory.Services
-                .Configure<ConfidentialClientApplicationOptions>(options => { options.RedirectUri = "https://localhost:44386/"; })
                 .AddMicrosoftGraph()
                 .AddDownstreamApi("DownstreamAPI1", factory.Configuration.GetSection("DownstreamAPI"))
                 .AddInMemoryTokenCaches();
             factory.Build();
-
-            /*
-            app.AddMicrosoftIdentityWebApp(configureServices: services =>
-            {
-                services
-                .Configure<ConfidentialClientApplicationOptions>(options => { options.RedirectUri = "https://localhost:44386/"; })
-                .AddMicrosoftGraph()
-               // WE cannot do that today: Configuration is not available.
-               // .AddDownstreamApi("CalledApi", null)
-                .AddInMemoryTokenCaches();
-            });
-            */
-
         }
     }
 }
diff --git a/tests/DevApps/aspnet-mvc/OwinWebApp/Web.config b/tests/DevApps/aspnet-mvc/OwinWebApp/Web.config
@@ -31,7 +31,7 @@
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="System.Text.Json" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.0.0.4" newVersion="8.0.0.4"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.0.0.5" newVersion="8.0.0.5"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="System.Text.Encodings.Web" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
@@ -59,7 +59,7 @@
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.1.0.0" newVersion="8.1.0.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.3.0.0" newVersion="8.3.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="System.Diagnostics.DiagnosticSource" publicKeyToken="CC7B13FFCD2DDD51" culture="neutral"/>
@@ -75,31 +75,31 @@
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.IdentityModel.Tokens" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.1.0.0" newVersion="8.1.0.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.3.0.0" newVersion="8.3.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.IdentityModel.Protocols.WsFederation" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
 				<bindingRedirect oldVersion="0.0.0.0-5.5.0.0" newVersion="5.5.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.IdentityModel.Protocols.OpenIdConnect" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.1.0.0" newVersion="8.1.0.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.3.0.0" newVersion="8.3.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.IdentityModel.Protocols" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.1.0.0" newVersion="8.1.0.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.3.0.0" newVersion="8.3.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.1.0.0" newVersion="8.1.0.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.3.0.0" newVersion="8.3.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.IdentityModel.Abstractions" publicKeyToken="31BF3856AD364E35" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-8.1.0.0" newVersion="8.1.0.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-8.3.0.0" newVersion="8.3.0.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.Identity.Client" publicKeyToken="0A613F4DD989E8AE" culture="neutral"/>
-				<bindingRedirect oldVersion="0.0.0.0-4.65.2.0" newVersion="4.65.2.0"/>
+				<bindingRedirect oldVersion="0.0.0.0-4.66.1.0" newVersion="4.66.1.0"/>
 			</dependentAssembly>
 			<dependentAssembly>
 				<assemblyIdentity name="Microsoft.Extensions.Primitives" publicKeyToken="ADB9793829DDAE60" culture="neutral"/>
@@ -170,6 +170,7 @@
 				<bindingRedirect oldVersion="0.0.0.0-3.5.0.2" newVersion="3.5.0.2"/>
 			</dependentAssembly>
 
+
     </assemblyBinding>
   </runtime>
   <system.codedom>