Temporary Workaround for AAD JWT Token Signing Algorithm Issue (#4692)

gladjohn · GladwinJohnson · web-flow · commit 463c98518caf · 2024-04-01T17:18:44.000-07:00
force set IsSha2CredentialSupported to false

Co-authored-by: Gladwin Johnson &lt;gljohns@microsoft.com&gt;
diff --git a/src/client/Microsoft.Identity.Client/AppConfig/AuthorityInfo.cs b/src/client/Microsoft.Identity.Client/AppConfig/AuthorityInfo.cs
@@ -141,10 +141,7 @@ private AuthorityInfo(
         /// <summary>
         /// True if SHA2 and PSS can be used for creating the client credential from a certificate 
         /// </summary>
-        internal bool IsSha2CredentialSupported =>
-            AuthorityType != AuthorityType.Dsts &&
-            AuthorityType != AuthorityType.Generic &&
-            AuthorityType != AuthorityType.Adfs;
+        internal bool IsSha2CredentialSupported => false; 
 
         #region Builders
         internal static AuthorityInfo FromAuthorityUri(string authorityUri, bool validateAuthority)
diff --git a/tests/Microsoft.Identity.Test.Unit/ApiConfigTests/AuthorityTests.cs b/tests/Microsoft.Identity.Test.Unit/ApiConfigTests/AuthorityTests.cs
@@ -104,15 +104,15 @@ public void WithTenantIdAtRequestLevel_NonAad(string inputAuthority)
         }
 
         [DataTestMethod]
-        [DataRow(TestConstants.AuthorityCommonTenant, true)]
-        [DataRow(TestConstants.AuthorityCommonPpeAuthority, true)]
+        [DataRow(TestConstants.AuthorityCommonTenant, false)]
+        [DataRow(TestConstants.AuthorityCommonPpeAuthority, false)]
         [DataRow(TestConstants.DstsAuthorityCommon, false)]
         [DataRow(TestConstants.DstsAuthorityTenanted, false)]
-        [DataRow(TestConstants.CiamAuthorityMainFormat, true)]
-        [DataRow(TestConstants.CiamAuthorityWithFriendlyName, true)]
-        [DataRow(TestConstants.CiamAuthorityWithGuid, true)]
-        [DataRow(TestConstants.B2CAuthority, true)]
-        [DataRow(TestConstants.B2CCustomDomain, true)]
+        [DataRow(TestConstants.CiamAuthorityMainFormat, false)]
+        [DataRow(TestConstants.CiamAuthorityWithFriendlyName, false)]
+        [DataRow(TestConstants.CiamAuthorityWithGuid, false)]
+        [DataRow(TestConstants.B2CAuthority, false)]
+        [DataRow(TestConstants.B2CCustomDomain, false)]
         [DataRow(TestConstants.ADFSAuthority, false)]
         public void IsSha2Supported(string inputAuthority, bool expected)
         {
