Incorrect base url for azuread b2c backend

[zahid-arbisoft]

As per this documentation, I think the base URL for backend "azuread-b2c-oauth2" for custom domain should be

BASE_URL = "https://{authority_host}/{tenant_name}.onmicrosoft.com"

but not

BASE_URL = "https://{tenant_name}.{authority_host}/{tenant_name}.onmicrosoft.com"

From Azure documentation:

With Azure AD B2C custom domain the corresponding updated endpoint would look like:

https://login.contoso.com/.onmicrosoft.com//oauth2/v2.0/authorize https://login.contoso.com/.onmicrosoft.com/oauth2/v2.0/authorize?p=

[nijel]

This change was done in #777 by @zchoate

[zchoate]

When I put together the PR, I didn't take into account the custom domains feature of b2c. I was just using b2clogin.com. Does it make sense to create a separate backend like azuread-b2c-custom-oauth2 for custom domains?

[olehy]

I think the change also broke the URL for endpoints which do not contain a policy parameter, as described in https://learn.microsoft.com/en-us/azure/active-directory-b2c/b2clogin#endpoints-that-are-not-affected

Obviously Microsoft has now (at least) three different ways to compose the base url which need to be distinguished.

[nijel]

It would also be great to cover this topic in the documentation so that users know which backend to choose in which situation: https://github.com/python-social-auth/social-docs/blob/master/docs/backends/azuread.rst