From 8a541de125ccab2bbc9b2c06d25d591ac7fe2776 Mon Sep 17 00:00:00 2001
From: fangyangci <fangyangci@microsoft.com>
Date: Wed, 13 Dec 2023 22:47:35 +0800
Subject: [PATCH] fixUSGovSingleTenant

---
 .../Authentication/AppCredentials.cs            |  2 +-
 .../GovernmentAuthenticationConstants.cs        | 17 +++++++++++++++++
 .../MicrosoftGovernmentAppCredentials.cs        | 15 ++++++++++++++-
 3 files changed, 32 insertions(+), 2 deletions(-)

diff --git a/libraries/Microsoft.Bot.Connector/Authentication/AppCredentials.cs b/libraries/Microsoft.Bot.Connector/Authentication/AppCredentials.cs
index 012bb644d6..b1f5b12c49 100644
--- a/libraries/Microsoft.Bot.Connector/Authentication/AppCredentials.cs
+++ b/libraries/Microsoft.Bot.Connector/Authentication/AppCredentials.cs
@@ -74,7 +74,7 @@ public AppCredentials(string channelAuthTenant = null, HttpClient customHttpClie
         /// <value>
         /// Tenant to be used for channel authentication.
         /// </value>
-        public string ChannelAuthTenant
+        public virtual string ChannelAuthTenant
         {
             get => string.IsNullOrEmpty(AuthTenant) ? AuthenticationConstants.DefaultChannelAuthTenant : AuthTenant;
             set
diff --git a/libraries/Microsoft.Bot.Connector/Authentication/GovernmentAuthenticationConstants.cs b/libraries/Microsoft.Bot.Connector/Authentication/GovernmentAuthenticationConstants.cs
index e961808ffd..e5e8e8d185 100644
--- a/libraries/Microsoft.Bot.Connector/Authentication/GovernmentAuthenticationConstants.cs
+++ b/libraries/Microsoft.Bot.Connector/Authentication/GovernmentAuthenticationConstants.cs
@@ -18,6 +18,18 @@ public static class GovernmentAuthenticationConstants
         /// </summary>
         public const string ToChannelFromBotLoginUrl = "https://login.microsoftonline.us/MicrosoftServices.onmicrosoft.us";
 
+        /// <summary>
+        /// TO CHANNEL FROM BOT: Login URL template string. Bot developer may specify
+        /// which tenant to obtain an access token from. By default, the channels only
+        /// accept tokens from "MicrosoftServices.onmicrosoft.us". For more details see https://aka.ms/bots/tenant-restriction.
+        /// </summary>
+        public const string ToChannelFromBotLoginUrlTemplate = "https://login.microsoftonline.us/{0}";
+
+        /// <summary>
+        /// The default tenant to acquire bot to channel token from.
+        /// </summary>
+        public const string DefaultChannelAuthTenant = "MicrosoftServices.onmicrosoft.us";
+
         /// <summary>
         /// TO GOVERNMENT CHANNEL FROM BOT: OAuth scope to request.
         /// </summary>
@@ -42,5 +54,10 @@ public static class GovernmentAuthenticationConstants
         /// TO BOT FROM GOVERNMENT EMULATOR: OpenID metadata document for tokens coming from MSA.
         /// </summary>
         public const string ToBotFromEmulatorOpenIdMetadataUrl = "https://login.microsoftonline.us/cab8a31a-1906-4287-a0d8-4eef66b95f6e/v2.0/.well-known/openid-configuration";
+
+        /// <summary>
+        /// TO BOT FROM GOVERNMENT AseChannel: OpenID metadata document for tokens coming from MSA.
+        /// </summary>
+        public const string ToBotFromAseChannelOpenIdMetadataUrl = "https://login.microsoftonline.us/cab8a31a-1906-4287-a0d8-4eef66b95f6e/v2.0/.well-known/openid-configuration";
     }
 }
diff --git a/libraries/Microsoft.Bot.Connector/Authentication/MicrosoftGovernmentAppCredentials.cs b/libraries/Microsoft.Bot.Connector/Authentication/MicrosoftGovernmentAppCredentials.cs
index 7839abbc11..42dc9da49b 100644
--- a/libraries/Microsoft.Bot.Connector/Authentication/MicrosoftGovernmentAppCredentials.cs
+++ b/libraries/Microsoft.Bot.Connector/Authentication/MicrosoftGovernmentAppCredentials.cs
@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+using System.Globalization;
 using System.Net.Http;
 using Microsoft.Extensions.Logging;
 
@@ -66,6 +67,18 @@ public MicrosoftGovernmentAppCredentials(string appId, string password, string t
         {
         }
 
+        /// <summary>
+        /// Gets or sets tenant to be used for channel authentication.
+        /// </summary>
+        /// <value>
+        /// Tenant to be used for channel authentication.
+        /// </value>
+        public override string ChannelAuthTenant
+        {
+            get => string.IsNullOrEmpty(AuthTenant) ? GovernmentAuthenticationConstants.DefaultChannelAuthTenant : AuthTenant;
+            set => base.ChannelAuthTenant = value;
+        }
+
         /// <summary>
         /// Gets the OAuth endpoint to use.
         /// </summary>
@@ -74,7 +87,7 @@ public MicrosoftGovernmentAppCredentials(string appId, string password, string t
         /// </value>
         public override string OAuthEndpoint
         {
-            get { return GovernmentAuthenticationConstants.ToChannelFromBotLoginUrl; }
+            get => string.Format(CultureInfo.InvariantCulture, GovernmentAuthenticationConstants.ToChannelFromBotLoginUrlTemplate, ChannelAuthTenant);
         }
     }
 }