/// <inheritdoc />
public async Task <string> ValidateAuthorityAndGetOpenIdDiscoveryEndpointAsync(
AuthorityInfo authorityInfo,
string userPrincipalName,
RequestContext requestContext)
{
var authorityUri = new Uri(authorityInfo.CanonicalAuthority);
if (authorityInfo.ValidateAuthority && !AadAuthority.IsInTrustedHostList(authorityUri.Host))
{
await _serviceBundle.AadInstanceDiscovery.GetMetadataEntryAsync(
authorityUri,
requestContext).ConfigureAwait(false);
}
return(authorityInfo.CanonicalAuthority + Constants.OpenIdConfigurationEndpoint);
}
private async Task <InstanceDiscoveryResponse> SendInstanceDiscoveryRequestAsync(
Uri authority,
RequestContext requestContext)
{
var client = new OAuth2Client(_logger, _httpManager, _telemetryManager);
client.AddQueryParameter("api-version", "1.1");
client.AddQueryParameter("authorization_endpoint", BuildAuthorizeEndpoint(authority.Host, GetTenant(authority)));
string discoveryHost = AadAuthority.IsInTrustedHostList(authority.Host)
? authority.Host
: AadAuthority.DefaultTrustedHost;
string instanceDiscoveryEndpoint = BuildInstanceDiscoveryEndpoint(discoveryHost);
var discoveryResponse = await client.DiscoverAadInstanceAsync(new Uri(instanceDiscoveryEndpoint), requestContext)
.ConfigureAwait(false);
return(discoveryResponse);
}