You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi @neha-bhargava , RFC 7638 defines that "Only the required members of a key's representation are used when
computing its JWK Thumbprint value.". But in PoPAuehnticationScheme.cs, it used all jwk claims for JWK thumbprint computing.
Actually, I am trying to create a PoPCryptoProvider with "x5c" in the JWK. Is that doable with MSAL?
Library version used
4.57.0
.NET version
.NET 6.0
Scenario
ConfidentialClient - service to service (AcquireTokenForClient)
Is this a new or an existing app?
This is a new app or experiment
Issue description and reproduction steps
The RFC 7638 has defined the JWK thumbprint. When computing the JWK thumbprint, it should use the required members of JWK.
https://datatracker.ietf.org/doc/html/rfc7638#section-3
But in PoPAuthenticationScheme.cs, it used all members of JWK for thumbprint generation.
microsoft-authentication-library-for-dotnet/src/client/Microsoft.Identity.Client/AuthScheme/PoP/PoPAuthenticationScheme.cs
Line 47 in 80faef7
Relevant code snippets
No response
Expected behavior
No response
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
No response
The text was updated successfully, but these errors were encountered: