From 37930fb29bf88e99f29d7df96c03975eb49962d1 Mon Sep 17 00:00:00 2001
From: Bogdan Gavril <bogavril@microsoft.com>
Date: Wed, 6 Nov 2024 15:59:55 +0000
Subject: [PATCH] If authority segments <3, throw

---
 apps/internal/oauth/ops/authority/authority.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/internal/oauth/ops/authority/authority.go b/apps/internal/oauth/ops/authority/authority.go
index ccdf824f..36240655 100644
--- a/apps/internal/oauth/ops/authority/authority.go
+++ b/apps/internal/oauth/ops/authority/authority.go
@@ -362,7 +362,7 @@ func NewInfoFromAuthorityURI(authority string, validateAuthority bool, instanceD
 	cannonicalAuthority := authority
 
 	// suffix authority with / if it doesn't have one
-	if !strings.HasSuffix(authority, "/") {
+	if !strings.HasSuffix(cannonicalAuthority, "/") {
 		cannonicalAuthority += "/"
 	}
 
@@ -376,7 +376,7 @@ func NewInfoFromAuthorityURI(authority string, validateAuthority bool, instanceD
 	}
 
 	pathParts := strings.Split(u.EscapedPath(), "/")
-	if len(pathParts) < 2 {
+	if len(pathParts) < 3 {
 		return Info{}, errors.New(`authority must be an URL such as "https://login.microsoftonline.com/<your tenant>"`)
 	}