diff --git a/bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs b/bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs index 7ded57188d..1dea98531e 100644 --- a/bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs +++ b/bitwarden_license/src/Sso/Utilities/DynamicAuthenticationSchemeProvider.cs @@ -36,7 +36,6 @@ public class DynamicAuthenticationSchemeProvider : AuthenticationSchemeProvider private readonly SemaphoreSlim _semaphore; private readonly IServiceProvider _serviceProvider; private readonly IHttpMessageHandlerFactory _httpMessageHandlerFactory; - private DateTime? _lastSchemeLoad; private IEnumerable _schemesCopy = Array.Empty(); private IEnumerable _handlerSchemesCopy = Array.Empty(); @@ -51,7 +50,8 @@ public class DynamicAuthenticationSchemeProvider : AuthenticationSchemeProvider ILogger logger, GlobalSettings globalSettings, SamlEnvironment samlEnvironment, - IServiceProvider serviceProvider) + IServiceProvider serviceProvider, + IHttpMessageHandlerFactory httpMessageHandlerFactory) : base(options) { _oidcPostConfigureOptions = oidcPostConfigureOptions; @@ -79,6 +79,7 @@ public class DynamicAuthenticationSchemeProvider : AuthenticationSchemeProvider _cachedHandlerSchemes = new Dictionary(); _semaphore = new SemaphoreSlim(1); _serviceProvider = serviceProvider ?? throw new ArgumentNullException(nameof(serviceProvider)); + _httpMessageHandlerFactory = httpMessageHandlerFactory; } private bool CacheIsValid @@ -311,6 +312,8 @@ public class DynamicAuthenticationSchemeProvider : AuthenticationSchemeProvider // Prevents URLs that go beyond 1024 characters which may break for some servers AuthenticationMethod = config.RedirectBehavior, GetClaimsFromUserInfoEndpoint = config.GetClaimsFromUserInfoEndpoint, + // Make sure all communication goes through the Platform supplied HttpMessageHandler + BackchannelHttpHandler = _httpMessageHandlerFactory.CreateHandler(), }; oidcOptions.Scope .AddIfNotExists(OpenIdConnectScopes.OpenId)