[BUG] iss b2clogin.com

[steve-cardenas]

While working on an Angular App connected to Azure B2C, I received the next exception while using the aad-b2c-resource-server API.
However, the app functioned properly when I tried using the test curl with the client credentials.

THE EXCEPTION
WWW-Authenticate: Bearer error="invalid_token", error_description="An error occurred while attempting to decode the Jwt: The issuer: 'https://XXXXXX.b2clogin.com/e761f276-37f8-499d-aaec-47801cdea4d1/v2.0/' is not registered in trusted issuer repository, so cannot create JWSKeySelector.", error_uri="https://tools.ietf.org/html/rfc6750#section-3.1"

I was reviewing the issuer generation process and noticed a difference.

When I used the client's credentials, the "iss" value was set to "https://login.microsoftonline.com/e761f276-37f8-499d-aaec-47801cdea4d1/v2.0".
However, when I used my Angular app, the "iss" value changed to "https://ABC.b2clogin.com/e761f276-37f8-499d-aaec-47801cdea4d1/v2.0/".

[steve-cardenas]

In the example described in aad-b2c-resource-server.
In the section "Access the web api" in point 1, the token is obtained from Azure AD and not from b2c (https://github.com/Azure-Samples/azure-spring-boot-samples/tree/main/aad/spring-cloud-azure-starter-active-directory-b2c/aad-b2c-resource-server#access-the-web-api)

It should be as follows to use real B2C instead of AD.

curl -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=client_credentials&client_id=&scope=<app-id-uri like https:/ /tenant.onmicrosoft.com/AAAAA/>.default&client_secret=' 'https://.b2clogin.com///oauth2/v2.0/token'

But the problem is that then the issuer error comes out when the token is generated by the Azure B2C

[Netyyyy]

same issue: Azure/azure-sdk-for-java#35918