search

BingAds / BingAds-dotNet-SDK

Other
27 stars 42 forks source link

Tenant-specific token refresh fails with unexpected request to common endpoint #142

Closed victorfrye closed 3 days ago

victorfrye commented 2 weeks ago

Describe the bug When trying to request an access token for msads.manage scope and a tenant other than `common``, the request is using the common endpoint and may fail if the application is registered in a single tenant.

To Reproduce

  1. Replace the values in the following code snippet with actuals.
using Microsoft.BingAds;

var grant = new OAuthWebAuthCodeGrant(
    clientId: "YOUR_CLIENT_ID",
    clientSecret: "YOUR_CLIENT_SECRET",
    redirectionUri: new("https://example.com/"),
    refreshToken: "YOUR_REFRESH_TOKEN",
    environment: ApiEnvironment.Production,
    oAuthScope: OAuthScope.MSADS_MANAGE,
    tenant: "example.onmicrosoft.com");

await grant.RequestAccessAndRefreshTokensAsync("YOUR_REFRESH_TOKEN");
  1. Request fails on call to RequestAccessAndRefreshTokensAsync with the following example error message:
Microsoft.BingAds.OAuthTokenRequestException: Couldn't request OAuth AccessTokens. Please check the Details property for more information. Details: invalid_request - AADSTS50194: Application '{example-guid}'(Example App) is not configured as a multi-tenant application. Usage of the /common endpoint is not supported for such applications created after '10/15/2018'. Use a tenant-specific endpoint or configure the application to be multi-tenant.

Additional context

victorfrye commented 2 weeks ago

I opened a draft PR because this seems like a simple fix with a potentially newer EndpointType of OAuthEndpointType.ProductionMSIdentityV2_MSScope wasn't included in the conditionals to replace common tenant with the actual.

i.e.: https://github.com/BingAds/BingAds-dotNet-SDK/blob/main/BingAdsApiSDK/Internal/OAuth/UriOAuthService.cs#L124-L127

xinyuwen2 commented 3 days ago

I just merged the PR. Thank you for fixing it!