Allow custom tenant for Entra ID auth (#10658)

* Allow custom tenant for Entra ID auth
* Remove-Item is no longer needed for load test results

Author: joelverhagen

src/NuGetGallery.Services/Authentication/Providers/AzureActiveDirectoryV2/AzureActiveDirectoryV2Authenticator.cs

@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
@@ -42,7 +42,6 @@ public static class AuthenticationType
 
         public static readonly string DefaultAuthenticationType = "AzureActiveDirectoryV2";
         public static readonly string PersonalMSATenant = "9188040d-6c67-4c5b-b112-36a304b66dad";
-        public static readonly string V2CommonTenant = "common";
         public static readonly string Authority = "https://login.microsoftonline.com/{0}/v2.0";
 
         private static string _callbackPath = "users/account/authenticate/return";
@@ -280,4 +279,4 @@ private Task AuthorizationCodeReceived(AuthorizationCodeReceivedNotification con
             return Task.CompletedTask;
         }
     }
-}
+}

src/NuGetGallery.Services/Authentication/Providers/AzureActiveDirectoryV2/AzureActiveDirectoryV2AuthenticatorConfiguration.cs

@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
@@ -11,6 +11,7 @@ namespace NuGetGallery.Authentication.Providers.AzureActiveDirectoryV2
 {
     public class AzureActiveDirectoryV2AuthenticatorConfiguration : AuthenticatorConfiguration
     {
+        public string TenantId { get; set; }
         public string ClientId { get; set; }
 
         public AzureActiveDirectoryV2AuthenticatorConfiguration()
@@ -30,17 +31,24 @@ public override void ApplyToOwinSecurityOptions(AuthenticationOptions options)
                 // the auth flow.
                 openIdOptions.AuthenticationMode = AuthenticationMode.Passive;
 
-                // Make sure ClientId is configured
-                if (String.IsNullOrEmpty(ClientId))
+                if (string.IsNullOrEmpty(TenantId))
                 {
-                    throw new ConfigurationErrorsException(String.Format(
+                    throw new ConfigurationErrorsException(string.Format(
+                        CultureInfo.CurrentCulture,
+                        ServicesStrings.MissingRequiredConfigurationValue,
+                        "Auth.CommonAuth.TenantId"));
+                }
+
+                if (string.IsNullOrEmpty(ClientId))
+                {
+                    throw new ConfigurationErrorsException(string.Format(
                         CultureInfo.CurrentCulture,
                         ServicesStrings.MissingRequiredConfigurationValue,
                         "Auth.CommonAuth.ClientId"));
                 }
 
                 openIdOptions.ClientId = ClientId;
-                openIdOptions.Authority = String.Format(CultureInfo.InvariantCulture, AzureActiveDirectoryV2Authenticator.Authority, AzureActiveDirectoryV2Authenticator.V2CommonTenant);
+                openIdOptions.Authority = string.Format(CultureInfo.InvariantCulture, AzureActiveDirectoryV2Authenticator.Authority, TenantId);
             }
         }
     }

src/NuGetGallery/Web.config

@@ -96,6 +96,7 @@
     <add key="Auth.MicrosoftAccount.ClientId" value=""/>
     <add key="Auth.MicrosoftAccount.ClientSecret" value=""/>
     <add key="Auth.AzureActiveDirectoryV2.Enabled" value="false"/>
+    <add key="Auth.AzureActiveDirectoryV2.TenantId" value="common"/>
     <add key="Auth.AzureActiveDirectoryV2.ClientId" value=""/>
     <add key="Auth.AzureActiveDirectory.Enabled" value="false"/>
     <add key="Auth.AzureActiveDirectory.ClientId" value=""/>

tests/Scripts/RunGalleryFunctionalTestCategory.ps1

@@ -20,7 +20,6 @@ $webUITestResults = "$parentDir/NuGetGallery.$TestCategory.WebUITests.trx"
 # Clean previous test results
 Remove-Item $functionalTestsResults -ErrorAction Ignore
 Remove-Item $webUITestResults -ErrorAction Ignore
-Remove-Item $loadTestResults -ErrorAction Ignore
 
 # Run functional tests
 $fullTestCategory = "$($testCategory)Tests"
@@ -35,7 +34,7 @@ if ($LASTEXITCODE -ne 0) {
 # Run web UI tests
 $webTestsDirectory = "$parentDir\NuGetGallery.WebUITests.$TestCategory\bin\$Configuration\net472"
 
-if (Test-Path $webTestsDirectory -PathType Container) { 
+if (Test-Path $webTestsDirectory -PathType Container) {
     & $vsTest "$webTestsDirectory\NuGetGallery.WebUITests.$TestCategory.dll" "/Settings:$parentDir\Local.testsettings" "/Logger:trx;LogFileName=$webUITestResults"
     if ($LASTEXITCODE -ne 0) {
         $exitCode = 1