[Bug] ConfigurationManager.GetConfiguration() no longer performs blocking call, nor throw exception #3192
Description
Which version of Microsoft.IdentityModel are you using?
Starting from 8.0.2 until most recent version
Where is the issue?
- M.IM.JsonWebTokens
- M.IM.KeyVaultExtensions
- M.IM.Logging
- M.IM.ManagedKeyVaultSecurityKey
- M.IM.Protocols
- M.IM.Protocols.OpenIdConnect
- M.IM.Protocols.SignedHttpRequest
- M.IM.Protocols.WsFederation
- M.IM.TestExtensions
- M.IM.Tokens
- M.IM.Tokens.Saml
- M.IM.Validators
- M.IM.Xml
- S.IM.Tokens.Jwt
- Other (please describe)
Is this a new or an existing app?
Existing application.
Repro
configurationManager.RequestRefresh();
[...]
configurationManager.GetConfiguration(); // Used to block call until most recent configuration was pulled, or throw exception if it couldn'tExpected behavior
GetConfiguration no longer performs a blocking call when a refresh is required nor does it still throw exceptions when the configuration cannot be reached. (breaking behavior change)
Customers building on top of this behavior may not be aware of it and have (sever) impact on their platforms.
Actual behavior
As part of #2780, the OIDC configuration fetching was moved to a background check which makes GetConfiguration no longer a blocking call, nor will it throw exceptions if it cannot pull the configuration anymore.
Possible solution
Restore previous behaviour or introduce new approach to be able to block getting configuration in a blocking call.
Additional context / logs / screenshots / links to code
Ref internal discussion between identity & Azure API Management