The authority in public static AadIssuerValidator GetIssuerValidator(string aadAuthority) is in the form of URI (ex. https://login.microsoftonline.com/).
In if (s_issuerValidators.TryGetValue(aadAuthority, out AadIssuerValidator aadIssuerValidator)) full authority string is used to query the issuer validator dictionary.
However, only the authority host is used as a key to insert the value.
string authority = authorityHost ?? new Uri(FallbackAuthority).Host;
...
s_issuerValidators[authority] = new AadIssuerValidator(aliases);
So the value is never retrieved in the cache, unless only the host is passed in while the cache has that key.
Investigate if this behavior is intended.
@pmaytak
when you are tired of writing tests, do you want to have a go at fixing it?
Oui.
Fixed in Microsoft.Identity.Web 0.1.2-preview
Most helpful comment
Oui.