MSAL Authentication Library cannot open browser on mobile

[baaron4]

Forewarning, yes this is a copy of an post I made on reddit: https://www.reddit.com/r/AvaloniaUI/comments/1bzckg6/msal_authentication_on_android_help_with_browser/

I would really like to get this issue resolved. Otherwise I may have to move to MAUI, thank you!

Hello all,

Avalonia has been pretty awesome to use, however my project has been stuck on figuring out authentication for a little too long. We need to use Microsoft Entra ID so that we can use our existing companys emails for login. I have followed this guide and have it working:

https://learn.microsoft.com/en-us/azure/developer/mobile-apps/azure-mobile-apps/quickstarts/avalonia/authentication

...for the desktop app only. If I deploy to Android nothing happens when I fire "result = await IdentityClient.AcquireTokenInteractive(Constants.Scopes).ExecuteAsync();". I have fiddled with setting the parent activity, setting it to embedded, etc however nothing seems to be happening. Even worst the android debug log doesnt provide any errors and I never get any exceptions. There are examples for MAUI and Xarmin on this same tutorial site however I dont know where to begin translating those examples over to Avalonia. The MAUI example seems to suggest setting up another activity but from my understanding Avalonia is a single Activity only so this wont work?

TLDR: How do I get "result = await IdentityClient.AcquireTokenInteractive(Constants.Scopes).ExecuteAsync();" to open a browser/open the embedded browser for android on a multi-platform Avalonia project?

[maxkatz6]

Have you tried asking on Azure Identity repository? Specifically https://github.com/AzureAD/microsoft-authentication-library-for-dotnet

Since latest versions of that library support net6.0-android and net6.0-ios it should just work, assuming that you have configured that library properly (shouldn't be much different from maui or xamarin native). https://www.nuget.org/packages/Microsoft.Identity.Client#supportedframeworks-body-tab

Specifically, this configuration can be done in the same way, since in Avalonia you also have access to the MainActivity (android) and AppDelegate (ios): https://github.com/Azure-Samples/active-directory-xamarin-native-v2/blob/main/1-Basic/README.md#android-specific-considerations

[baaron4]

Thanks for the response!

My issue lies in implementing that Xamarin approach. In the MainActivity OnCreate function they add a line "App.ParentWindow = this" however in Avalonia we do not define a parent window on the Application. I cant seem to define a Activity object type in the App.axaml.cs for a Parent Activity... unless I am getting that data type wrong.

[maxkatz6]

They define App in their own sample: https://github.com/Azure-Samples/active-directory-xamarin-native-v2/blob/main/1-Basic/UserDetailsClient/UserDetailsClient/App.cs#L20

Just to use it later in this method: https://github.com/Azure-Samples/active-directory-xamarin-native-v2/blob/main/1-Basic/UserDetailsClient/UserDetailsClient/MainPage.xaml.cs#L40

In other words, you only need to pass main activity to this method, in any way you prefer.

[baaron4]

Holy cow that worked I could kiss you. I didnt think to make App.ParentWindow a generic type and was trying to make it a Android Activity type.

Next issue however, after I sign in the browser doesn't close and return to the main activity with the token. I would like to dig into this a little more and see if this is azure not finishing the sign in.

Thank you!

[maxkatz6]

Make sure you configured IntentFilter https://github.com/Azure-Samples/active-directory-xamarin-native-v2/blob/main/1-Basic/README.md#optional-step-3b-configure-the-android-project-with-your-return-uri

[stevemonaco]

@baaron4 Hi. For future reference, https://github.com/AvaloniaUI/Avalonia/discussions is the better place to ask questions like these about Avalonia. It's more discoverable for other people, too. This repo is aimed towards problems with existing docs or requests for new docs. Docs to cover integration of various auth flows would be a valid request (as a new issue), but there's a large docs backlog and writing in such an area requires a lot of expertise that few have.