From 3db89e72010e8468d9fa6e50ed0bbf5df3bd3fc6 Mon Sep 17 00:00:00 2001
From: Louis Zhuang <louis.zhuang@acm.org>
Date: Wed, 13 May 2026 09:16:05 +0100
Subject: [PATCH] Remove custom Azure issuer handling from JWT verifier
 configuration

---
 src/jwk.cpp | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/src/jwk.cpp b/src/jwk.cpp
index 208e5f7..342af8d 100644
--- a/src/jwk.cpp
+++ b/src/jwk.cpp
@@ -123,15 +123,6 @@ jwt_verifier configure_verifier_with_jwks(const std::string& issuer, const picoj
                                           const std::string& required_kid) {
   std::string expected_issuer = issuer;
 
-  if (issuer_is_azure(issuer)) {
-    // Microsoft flow is tricky
-    // JWTs contain issuer referring to sts.windows.net, but device flow only
-    // works correctly with login.microsoftonline.com/v2
-    // we have to be aware of this and add custom issuer to the verifier
-    elog(DEBUG1, "Detected Azure issuer, will use custom issuer validation");
-    expected_issuer = convert_azure_issuer_to_jwt_format(issuer);
-  }
-
   auto verifier = jwt::verify().with_issuer(expected_issuer);
 
   if (!jwksInfo.is<picojson::object>()) {