Fix for #4791 - don't use WSTrust for ROPC except for AAD authorities (#4794)

* Fix for #4791

* Fix for #4791

* fix

---------

Co-authored-by: Neha Bhargava <[email protected]>

Author: bgavrilMS

src/client/Microsoft.Identity.Client/AppConfig/AuthorityInfo.cs

@@ -117,9 +117,9 @@ private AuthorityInfo(
         /// <summary>
         /// For IWA
         /// </summary>
-        internal bool IsUserAssertionSupported => 
-            AuthorityType != AuthorityType.Adfs && 
-            AuthorityType != AuthorityType.B2C;
+        internal bool IsWsTrustFlowSupported =>
+            AuthorityType == AuthorityType.Aad ||
+            AuthorityType == AuthorityType.Dsts;
 
         /// <summary>
         /// Authority supports multi-tenancy. ADFS and Generic authorities are not tenanted.

src/client/Microsoft.Identity.Client/Internal/Requests/IntegratedWindowsAuthRequest.cs

@@ -52,7 +52,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(CancellationTok
 
         private async Task<UserAssertion> FetchAssertionFromWsTrustAsync()
         {
-            if (!AuthenticationRequestParameters.AuthorityInfo.IsUserAssertionSupported)
+            if (!AuthenticationRequestParameters.AuthorityInfo.IsWsTrustFlowSupported)
             {
                 //IWA is currently not supported in pure adfs environments. See https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/2771
                 throw new MsalClientException(

src/client/Microsoft.Identity.Client/Internal/Requests/UsernamePasswordRequest.cs

@@ -106,7 +106,7 @@ private async Task<MsalTokenResponse> GetTokenResponseAsync(CancellationToken ca
 
         private async Task<UserAssertion> FetchAssertionFromWsTrustAsync()
         {
-            if (!AuthenticationRequestParameters.AuthorityInfo.IsUserAssertionSupported)
+            if (!AuthenticationRequestParameters.AuthorityInfo.IsWsTrustFlowSupported)
             {
                 return null;
             }

tests/Microsoft.Identity.Test.Unit/CoreTests/InstanceTests/DstsAuthorityTests.cs

@@ -98,7 +98,7 @@ public void DstsAuthorityFlags()
             Assert.IsTrue((app.AppConfig as ApplicationConfiguration).Authority.AuthorityInfo.CanBeTenanted);
             Assert.IsTrue((app.AppConfig as ApplicationConfiguration).Authority.AuthorityInfo.IsClientInfoSupported);
             Assert.IsFalse((app.AppConfig as ApplicationConfiguration).Authority.AuthorityInfo.IsInstanceDiscoverySupported);
-            Assert.IsTrue((app.AppConfig as ApplicationConfiguration).Authority.AuthorityInfo.IsUserAssertionSupported);
+            Assert.IsTrue((app.AppConfig as ApplicationConfiguration).Authority.AuthorityInfo.IsWsTrustFlowSupported);
         }
 
         [TestMethod]