Implement warning log for conflicting Authority and Instance/TenantId/B2C configs (no exception) #3611
Description
Background
When both Authority and Instance/TenantId are provided, the current behavior is to silently ignore Authority. To avoid breaking changes, log a warning rather than throwing an exception. Ensure clear diagnostics for both AAD B2C (including policies, user-flows, /tfp/ etc.), and CIAM authorities
Implementation
- In
MergedOptions.ParseAuthorityIfNecessaryand/or merging points, emit a warning via ILogger when both Authority and Instance or TenantId are set. - Enhance existing merge logic for B2C authorities so warnings clarify which configuration is being honored.
- Add test case using your test harness to verify warning is emitted.
- Use high performance logging.
Example warning format
_logger?.LogWarning("Both Authority and Instance/TenantId are set in MicrosoftIdentityApplicationOptions. Authority will be ignored. To avoid confusion, use one or the other.");Sample conflicting config
option.Authority = "https://login.microsoftonline.com/tenantA/v2.0";
option.Instance = "https://login.microsoftonline.us/";
option.TenantId = "tenantB";
// B2C variant:
option.Authority = "https://contoso.b2clogin.com/tfp/contoso.onmicrosoft.com/B2C_1_signup_signin/v2.0";
option.Instance = "https://login.microsoftonline.com/";
option.TenantId = "contoso.onmicrosoft.com";
option.DefaultUserFlow = "B2C_1_signup_signin";Acceptance Criteria
- Existing behavior preserved (no throw)
- New warning is logged in all affected code paths
- Unit tests verify warning is emitted
- B2C-specific paths are covered
- AAD-specific paths are covered
- CIAM-specific paths are covered
- Documentation updated: clearly explains precedence and warning
Related files
- MergedOptions.cs: https://github.com/AzureAD/microsoft-identity-web/blob/main/src/Microsoft.Identity.Web.TokenAcquisition/MergedOptions.cs
- TokenAcquisition.cs: https://github.com/AzureAD/microsoft-identity-web/blob/main/src/Microsoft.Identity.Web.TokenAcquisition/TokenAcquisition.cs
- TokenAcquirerTests/TokenAcquirer.cs
Bridge: Propose exact logging diff(s) and add test mapping when Jean-Marc replies "Go ahead".