Fix FIC test

tests/E2E Tests/OidcIdPSignedAssertionProviderTests/OidCIdPSignedAssertionProviderExtensibilityTests.cs

@@ -3,14 +3,17 @@
 
 using System;
 using System.Collections.Generic;
+using System.Diagnostics;
 using System.IdentityModel.Tokens.Jwt;
 using System.Linq;
 using System.Net.Http;
 using System.Text.Json;
 using System.Threading.Tasks;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.Options;
 using Microsoft.Identity.Abstractions;
+using Microsoft.Identity.Lab.Api;
 using Microsoft.Identity.Web;
 using Microsoft.Identity.Web.Test.Common;
 using Microsoft.Identity.Web.Test.Common.Mocks;
@@ -35,11 +38,14 @@ public class OidCIdPSignedAssertionProviderExtensibilityTests
         [OnlyOnAzureDevopsFact]
         public async Task CrossCloudFicIntegrationTest()
         {
+
             // Arrange
             TokenAcquirerFactoryTesting.ResetTokenAcquirerFactoryInTest();
             TokenAcquirerFactory tokenAcquirerFactory = TokenAcquirerFactory.GetDefaultInstance();
             tokenAcquirerFactory.Services.AddOidcFic();
 
+            UpdateClientSecret(tokenAcquirerFactory); // for test only - get secret from KeyVault
+
             // this is how the authentication options can be configured in code rather than
             // in the appsettings file, though using the appsettings file is recommended
             /*            
@@ -78,6 +84,42 @@ public async Task CrossCloudFicIntegrationTest()
             Assert.Contains("cp1", xmsCcValues);
         }
 
+        private static void UpdateClientSecret(TokenAcquirerFactory tokenAcquirerFactory)
+        {
+            KeyVaultSecretsProvider ksp = new KeyVaultSecretsProvider();
+            var secret = ksp.GetSecretByName("ARLMSIDLAB1-IDLASBS-App-CC-Secret").Value;
+
+
+            var configuration = new ConfigurationBuilder()
+                .SetBasePath(AppContext.BaseDirectory)
+                .AddJsonFile("appsettings.json", optional: false, reloadOnChange: true)
+                .AddEnvironmentVariables()
+                .Build();
+
+            tokenAcquirerFactory.Services.AddSingleton<IConfiguration>(configuration);
+
+            // Bind the AzureAd2 section into the named options.
+            tokenAcquirerFactory.Services.Configure<MicrosoftIdentityApplicationOptions>(
+                "AzureAd2",
+                configuration.GetSection("AzureAd2"));
+
+            // Apply any dynamic overrides after the JSON bind.
+            tokenAcquirerFactory.Services.PostConfigure<MicrosoftIdentityApplicationOptions>(
+                "AzureAd2",
+                options =>
+                {
+                    options.ClientCredentials = new[]
+                    {
+                        new CredentialDescription
+                        {
+                            SourceType = CredentialSource.ClientSecret,
+                            ClientSecret = secret
+                        }
+                    };
+
+                });
+        }
+
         //[Fact(Skip ="Does not run if run with the E2E test")]
         [Theory]
         [InlineData(false)]

tests/E2E Tests/OidcIdPSignedAssertionProviderTests/appsettings.json

@@ -19,14 +19,13 @@
     "AzureAd2": {
         "Instance": "https://login.microsoftonline.us/",
         "TenantId": "45ff0c17-f8b5-489b-b7fd-2fedebbec0c4",
-        "ClientId": "f13080ee-01fe-48c1-8e9f-f0dd6f69ac7b",
+        "ClientId": "c0555d2d-02f2-4838-802e-3463422e571d",
         "ExtraQueryParameters": { "dc": "ESTS-PUB-WEULR1-AZ1-FD000-TEST1" },
         "SendX5C": true,
         "ClientCredentials": [
             {
-                "SourceType": "StoreWithDistinguishedName",
-                "CertificateStorePath": "CurrentUser/My",
-                "CertificateDistinguishedName": "CN=LabAuth.MSIDLab.com"
+                "SourceType": "ClientSecret",
+                "ClientSecret": "placeholder"
             }
         ]
     }