Skip to content

Commit

Permalink
fix: [#4582] UserAssignedIdentity(WorkloadIdentity) auth fails with '…
Browse files Browse the repository at this point in the history
…scope https://api.botframework.com is not valid' (#4607)

* Add scope post-fix in managedIdentityAuthenticator.

* Fix unit test
  • Loading branch information
ceciliaavila authored and Tracy Boehrer committed Jan 24, 2024
1 parent e9c44b9 commit f09c538
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@ export class ManagedIdentityAuthenticator {
ok(resource?.trim(), 'ManagedIdentityAuthenticator.constructor(): missing resource.');
ok(tokenProviderFactory, 'ManagedIdentityAuthenticator.constructor(): missing tokenProviderFactory.');

const scopePostfix = '/.default';
if (!resource.endsWith(scopePostfix)) {
resource = `${resource}${scopePostfix}`;
}

this.resource = resource;
this.tokenProvider = tokenProviderFactory.createAzureServiceTokenProvider(appId);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ const sinon = require('sinon');
const { JwtTokenProviderFactory, ManagedIdentityAuthenticator } = require('../../lib');

const testAppId = 'foo';
const testAudience = 'bar';
const testAudience = 'bar/.default';
const authResult = {
token: '123',
expiresOnTimestamp: 3000,
Expand Down

0 comments on commit f09c538

Please sign in to comment.