diff --git a/change/@azure-msal-common-70d0aa55-97ea-4486-bcca-a7e3ff2c2bc9.json b/change/@azure-msal-common-70d0aa55-97ea-4486-bcca-a7e3ff2c2bc9.json new file mode 100644 index 0000000000..e437bcc673 --- /dev/null +++ b/change/@azure-msal-common-70d0aa55-97ea-4486-bcca-a7e3ff2c2bc9.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "Removing allowestsrnonmsi query parameter", + "packageName": "@azure/msal-common", + "email": "trwalke@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/lib/msal-common/src/authority/Authority.ts b/lib/msal-common/src/authority/Authority.ts index f26aeb0178..6a2f7672da 100644 --- a/lib/msal-common/src/authority/Authority.ts +++ b/lib/msal-common/src/authority/Authority.ts @@ -1205,12 +1205,11 @@ export class Authority { regionalMetadata.authorization_endpoint, azureRegion ); - // TODO: Enquire on whether we should leave the query string or remove it before releasing the feature + regionalMetadata.token_endpoint = Authority.buildRegionalAuthorityString( regionalMetadata.token_endpoint, - azureRegion, - Constants.REGIONAL_AUTH_NON_MSI_QUERY_STRING + azureRegion ); if (regionalMetadata.end_session_endpoint) { diff --git a/lib/msal-common/src/utils/Constants.ts b/lib/msal-common/src/utils/Constants.ts index 5967004115..fe22bcb431 100644 --- a/lib/msal-common/src/utils/Constants.ts +++ b/lib/msal-common/src/utils/Constants.ts @@ -51,7 +51,6 @@ export const Constants = { IMDS_TIMEOUT: 2000, AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect", REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com", - REGIONAL_AUTH_NON_MSI_QUERY_STRING: "allowestsrnonmsi=true", KNOWN_PUBLIC_CLOUDS: [ "login.microsoftonline.com", "login.windows.net", diff --git a/lib/msal-common/test/authority/Authority.spec.ts b/lib/msal-common/test/authority/Authority.spec.ts index fe31499381..07b604f48c 100644 --- a/lib/msal-common/test/authority/Authority.spec.ts +++ b/lib/msal-common/test/authority/Authority.spec.ts @@ -606,7 +606,7 @@ describe("Authority.ts Class Unit Tests", () => { .replace( "login.microsoftonline.com", "westus2.login.microsoft.com" - )}/?allowestsrnonmsi=true` + )}/` ); expect(authority.endSessionEndpoint).toEqual( `${deepCopyOpenIdResponse.body.end_session_endpoint @@ -661,7 +661,7 @@ describe("Authority.ts Class Unit Tests", () => { .replace( "login.microsoftonline.com", "westus2.login.microsoft.com" - )}/?allowestsrnonmsi=true` + )}/` ); expect(authority.endSessionEndpoint).toEqual( `${deepCopyOpenIdResponse.body.end_session_endpoint @@ -723,7 +723,7 @@ describe("Authority.ts Class Unit Tests", () => { .replace( "login.microsoftonline.com", "westus2.login.microsoft.com" - )}/?allowestsrnonmsi=true` + )}/` ); expect(authority.endSessionEndpoint).toEqual( `${deepCopyOpenIdResponse.body.end_session_endpoint @@ -778,7 +778,7 @@ describe("Authority.ts Class Unit Tests", () => { .replace( "login.microsoftonline.com", "centralus.login.microsoft.com" - )}/?allowestsrnonmsi=true` + )}/` ); expect(authority.endSessionEndpoint).toEqual( `${deepCopyOpenIdResponse.body.end_session_endpoint @@ -1153,7 +1153,7 @@ describe("Authority.ts Class Unit Tests", () => { jwks_uri: "https://login.microsoftonline.com/common/discovery/v2.0/keys", token_endpoint: - "https://westus2.login.microsoft.com/common/oauth2/v2.0/token/?allowestsrnonmsi=true", + "https://westus2.login.microsoft.com/common/oauth2/v2.0/token/", }; networkInterface.sendGetRequestAsync = (