[Bug] TokenAcquisition not implemented for App Services in EasyAuth

[yonail]

Which version of Microsoft Identity Web are you using? Microsoft Identity Web 1.22.2

Where is the issue?

• Web app
  • [ ] Sign-in users
  • [x] Sign-in users and call web APIs
• Web API
  • [ ] Protected web APIs (validating tokens)
  • [ ] Protected web APIs (validating scopes)
  • [x] Protected web APIs call downstream web APIs
• Token cache serialization
  • [x] In-memory caches
  • [ ] Session caches
  • [ ] Distributed caches
• Other (please describe)

Is this a new or an existing app? This is a new app or an experiment.

Repro

I'm using a typed http client with the App Authentication Handler (see code below) to call a protected api. Everything works correctly locally but as soon as I deploy the app to an app service (with authentication enabled), I get a "not implemented exception".

Program.cs

builder.Services
    .AddMicrosoftIdentityWebAppAuthentication(builder.Configuration)
    .EnableTokenAcquisitionToCallDownstreamApi()
    .AddInMemoryTokenCaches();

...

builder.Services
    .AddHttpClient<TypedClient>(httpClient =>
    {
        httpClient.BaseAddress = new Uri("https://xxx");
    })
    .AddMicrosoftIdentityAppAuthenticationHandler(nameof(TypedClient), builder.Configuration.GetSection("TypedClientConf"));

Expected behavior No exception thrown!

Actual behavior

An exception is thrown:

System.NotImplementedException: The method or operation is not implemented. at Microsoft.Identity.Web.AppServicesAuthenticationTokenAcquisition.GetAuthenticationResultForAppAsync(String scope, String authenticationScheme, String tenant, TokenAcquisitionOptions tokenAcquisitionOptions) at Microsoft.Identity.Web.MicrosoftIdentityAppAuthenticationMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at Microsoft.Extensions.Http.Logging.LoggingScopeHttpMessageHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) at System.Net.Http.HttpClient.g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken)

Possible solution Implement the token acquisition or advise on a workaround

[AlrikOlson]

I just ran into this issue after deploying a Blazor Server app to Azure. Similarly making a call to an EasyAuth-protected API and getting a NotImplementedException when deployed to Azure. The same call works fine when running the Blazor app locally.

Is there an ETA on implementing these methods? It's not obvious that turning on EasyAuth on the host application is a breaking change for this feature.