Pass the validate function to the http manager (#5242)

Author: neha-bhargava

src/client/Microsoft.Identity.Client/ManagedIdentity/AbstractManagedIdentity.cs

@@ -65,7 +65,8 @@ public virtual async Task<ManagedIdentityResponse> AuthenticateAsync(
                             logger: _requestContext.Logger,
                             doNotThrow: true,
                             mtlsCertificate: null,
-                            validateServerCertificate: null, cancellationToken: cancellationToken).ConfigureAwait(false);
+                            validateServerCertificate: ValidateServerCertificate, 
+                            cancellationToken: cancellationToken).ConfigureAwait(false);
                 }
                 else
                 {
@@ -78,7 +79,8 @@ public virtual async Task<ManagedIdentityResponse> AuthenticateAsync(
                             logger: _requestContext.Logger,
                             doNotThrow: true,
                             mtlsCertificate: null,
-                            validateServerCertificate: null, cancellationToken: cancellationToken)
+                            validateServerCertificate: ValidateServerCertificate, 
+                            cancellationToken: cancellationToken)
                         .ConfigureAwait(false);
 
                 }

tests/Microsoft.Identity.Test.Unit/ManagedIdentityTests/ServiceFabricTests.cs

@@ -3,6 +3,7 @@
 
 using System;
 using System.Globalization;
+using System.Net.Http;
 using System.Net.Security;
 using System.Security.Cryptography.X509Certificates;
 using System.Threading.Tasks;
@@ -89,5 +90,43 @@ public void ValidateServerCertificateCallback_ServerCertificateValidationCallbac
                 Assert.IsNotNull(callback);
             }
         }
+
+        [TestMethod]
+        public async Task SFThrowsWhenGetHttpClientWithValidationIsNotImplementedAsync()
+        {
+            using (new EnvVariableContext())
+            using (var httpManager = new MockHttpManager(isManagedIdentity: true))
+            {
+                SetEnvironmentVariables(ManagedIdentitySource.ServiceFabric, "http://localhost:40342/metadata/identity/oauth2/token");
+                var miBuilder = ManagedIdentityApplicationBuilder.Create(ManagedIdentityId.SystemAssigned)
+                    .WithHttpClientFactory(new MsalSFFactoryNotImplementedException());
+
+                // Disabling the shared cache to avoid the test to pass because of the cache
+                miBuilder.Config.AccessorOptions = null;
+                var mi = miBuilder.BuildConcrete();
+
+                MsalServiceException ex = await Assert.ThrowsExceptionAsync<MsalServiceException>(async () =>
+                 {
+                     await mi.AcquireTokenForManagedIdentity(Resource)
+                         .ExecuteAsync().ConfigureAwait(false);
+                 }).ConfigureAwait(false);
+
+                Assert.IsNotNull(ex);
+                Assert.IsInstanceOfType(ex.InnerException, typeof(NotImplementedException));
+            }
+        }
+    }
+
+    internal class MsalSFFactoryNotImplementedException : IMsalSFHttpClientFactory
+    {
+        public HttpClient GetHttpClient(Func<HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, bool> validateServerCert)
+        {
+            throw new NotImplementedException();
+        }
+
+        public HttpClient GetHttpClient()
+        {
+            return new HttpClient();
+        }
     }
 }