Client_id is case sensitive #304
Description
Describe the bug
A clear and concise description of what the bug is.
If the client_id provided to the PublicClientApplication class is not lowercase the following exception is received:
RuntimeError: 3. The aud (audience) Claim must contain this client's client_id. id_token was: {
I have redacted the contents for privacy
}
To Reproduce
Steps to reproduce the behavior:
- Go to the usage sample on the homepage
from msal import PublicClientApplication
app = PublicClientApplication(
"UPPER-CASE-CLIENT-ID",
authority="https://login.microsoftonline.com/Enter_the_Tenant_Name_Here")
token = app.acquire_token_interactive([SCOPE], prompt="login")
- Provide an uppercase client id
- Acquire token interactively
- See error:
Traceback (most recent call last):
File "example.py", line 30, in <module>
token = app.acquire_token_interactive([SCOPE], prompt="login")
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\application.py", line 1072, in acquire_token_interactive
**kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oidc.py", line 241, in obtain_token_by_browser
**kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oauth2.py", line 645, in obtain_token_by_browser
flow, auth_response, scope=scope, **kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oidc.py", line 186, in obtain_token_by_auth_code_flow
auth_code_flow, auth_response, **kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oauth2.py", line 559, in obtain_token_by_auth_code_flow
**kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oauth2.py", line 698, in _obtain_token_by_authorization_code
return self._obtain_token("authorization_code", data=data, **kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oidc.py", line 98, in _obtain_token
ret = super(Client, self)._obtain_token(grant_type, *args, **kwargs)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oauth2.py", line 761, in _obtain_token
"response": _resp, "params": params, "data": _data,
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\application.py", line 300, in <lambda>
event, environment=authority.instance)),
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\token_cache.py", line 113, in add
return self.__add(event, now=now)
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\token_cache.py", line 138, in __add
if id_token else {})
File "C:\Users\smehan\.venvs\gallery_venv\lib\site-packages\msal\oauth2cli\oidc.py", line 73, in decode_id_token
err, json.dumps(decoded, indent=2)))
RuntimeError: 3. The aud (audience) Claim must contain this client's client_id. id_token was: {
I have redacted the contents for privacy
}
Expected behavior
A clear and concise description of what you expected to happen.
Ideally the token would be printed.
Failing that an error message that reminds the user that the client_id is case sensitive.
Failing that some documentation that the client_id should be lowercase.
What you see instead
Paste the sample output, or add screenshots to help explain your problem.
Instead the following error is seen:
RuntimeError: 3. The aud (audience) Claim must contain this client's client_id. id_token was: {
I have redacted the contents for privacy
}
The MSAL Python version you are using
Paste the output of this
python -c "import msal; print(msal.__version__)"
1.8.0
Additional context
Add any other context about the problem here.