Remove app id validation

sadika9 · web-flow · commit f9d635cdcb8b · 2020-07-04T13:47:01.000+05:30
diff --git a/src/Provider/Azure.php b/src/Provider/Azure.php
@@ -281,15 +281,7 @@ public function validateAccessToken($accessToken)
      * @return void
      */
     public function validateTokenClaims($tokenClaims) {
-        $version = array_key_exists('ver', $tokenClaims) ? $tokenClaims['ver'] : $this->defaultEndPointVersion;
-
-        if ($version == self::ENDPOINT_VERSION_1_0) {
-            $appId = $tokenClaims['appid'];
-        } else {
-            $appId = $tokenClaims['azp'];
-        }
-
-        if ($this->getClientId() != $tokenClaims['aud'] && $this->getClientId() != $appId) {
+        if ($this->getClientId() != $tokenClaims['aud']) {
             throw new \RuntimeException('The client_id / audience is invalid!');
         }
         if ($tokenClaims['nbf'] > time() || $tokenClaims['exp'] < time()) {
@@ -301,6 +293,7 @@ public function validateTokenClaims($tokenClaims) {
             $this->tenant = $tokenClaims['tid'];
         }
 
+        $version = array_key_exists('ver', $tokenClaims) ? $tokenClaims['ver'] : $this->defaultEndPointVersion;
         $tenant = $this->getTenantDetails($this->tenant, $version);
         if ($tokenClaims['iss'] != $tenant['issuer']) {
             throw new \RuntimeException('Invalid token issuer (tokenClaims[iss]' . $tokenClaims['iss'] . ', tenant[issuer] ' . $tenant['issuer'] . ')!');
