Closed tommycbarker closed 3 years ago
mipetriu
commented
3 years ago Hi @tommycbarker, thanks for reporting this. Its possible that some changes were made recently to the sample tenant in the B2C portal. We will double check the configuration of the https://fabrikamb2c.onmicrosoft.com/ B2C tenant to make sure there isn't an issue with the configuration.
ameyapat
commented
3 years ago @tommycbarker Can you retry? We had misconfigured the reply url for this sample app client id in the portal. It should be fixed now
codes-harikrishnan
commented
3 years ago @ameyapat I am also getting the similar error and apparently it hasn't been fixed. Instead of 'https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read' I have my own valid URL. Could you please help?
ameyapat
commented
3 years ago Hi @codes-harikrishnan, Did you also get -51118 error. That error indicates that redirect scheme is not registered. Are you using the client Id as specified here or did you register your own app in azure portal using these instructions.Also, did you register your own api in the portal following these instructions?
codes-harikrishnan
commented
3 years ago TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:22] Default app's access group: "Masked(not-null)".
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:22] Using "Masked(not-null)" Team ID.
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:22] Init MSIDKeychainTokenCache with keychainGroup: Masked(not-null)
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:24] Requiring default broker type due to app being built with iOS 13 SDK
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:24 - E9F43402-C82F-4FA9-A97F-3E58B796A0D7] [MSAL] -[MSALPublicClientApplication acquireTokenWithParameters:(
"https://dev-dnn.allsober.com/login"
)
extraScopesToConsent:(null)
account:Masked(null)
loginHint:Masked(null)
promptType:MSALPromptTypeSelectAccount
extraQueryParameters:(null)
authority:<MSALB2CAuthority: 0x600000597cc0>
webviewType:MSALWebviewTypeDefault
customWebview:No
correlationId:(null)
capabilities:(null)
claimsRequest:(null)]
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:24 - E9F43402-C82F-4FA9-A97F-3E58B796A0D7] [MSAL] Beginning interactive flow.
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:24] Start background app task with type 0
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:24 - E9F43402-C82F-4FA9-A97F-3E58B796A0D7] [MSAL] Resolving authority: Masked(not-null), upn: Masked(null)
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:24 - E9F43402-C82F-4FA9-A97F-3E58B796A0D7] [MSAL] Resolved authority, validated: NO, error: 0
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:41] Creating Error with description: User cancelled the authorization session.
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:41 - E9F43402-C82F-4FA9-A97F-3E58B796A0D7] [MSAL] Interactive flow finished. Result (null), error: -51700 error domain: MSIDErrorDomain
TID=2609628 MSAL 1.1.19 iOS Sim 14.5 [2021-07-23 17:06:41 - E9F43402-C82F-4FA9-A97F-3E58B796A0D7] [MSAL] acquireToken returning with error: (MSALErrorDomain, -50005) Masked(not-null)
When I tap on Sign In button, an authentication screen in safari gets presented and tries to load a URL. Later on , it throws an error on Safari. Please see the attachments.
ameyapat
commented
3 years ago @codes-harikrishnan Can you make sure redirect uri for your app registration for mobile application is in the format msal
codes-harikrishnan
commented
3 years ago Hi,
I had resolved that issue and it was working fine.I was able to retrieve access token. But all of a sudden it is not returning access token. The login pop-up is opening up and rendering as expected and I am able to sign in as well. But after sign-in, it is not returning access token. Is there any update happened in the framework or backend side? Could you please help me to find out the issue? I am providing the logs below
TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:20] Default app's access group: "Masked(not-null)". TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:20] Using "Masked(not-null)" Team ID. TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:20] Init MSIDKeychainTokenCache with keychainGroup: Masked(not-null) TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:24] Requiring default broker type due to app being built with iOS 13 SDK TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:24 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] -[MSALPublicClientApplication acquireTokenWithParameters:( "https://dev-dnn.allsober.com/login" ) extraScopesToConsent:(null) account:Masked(null) loginHint:Masked(null) promptType:MSALPromptTypeSelectAccount extraQueryParameters:(null) authority:<MSALB2CAuthority: 0x281f912c0> webviewType:MSALWebviewTypeDefault customWebview:No correlationId:(null) capabilities:(null) claimsRequest:(null)] TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:24 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Beginning interactive flow. TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:24] Start background app task with type 0 TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:24 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Resolving authority: Masked(not-null), upn: Masked(null) TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:24 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Resolved authority, validated: NO, error: 0 TID=24213 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:50 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] No cached preferred_network for authority TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52] Creating Error with description: It is not B2C authority. TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52] Stop background task with type 0 TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Validate and save token response... TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] Missing correlation id - No correlation id received for request with correlation id: 9C48272F-4D24-4FD2-9876-C8877AC84D0D TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52] Trying to initialize access token when missing access token field TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Keychain find status: 0 TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Saving token response, only save SSO state 0 TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] (Default accessor) Saving multi resource refresh token TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52] Trying to initialize access token when missing access token field TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Didn't get access token from server. Skipping access token saving TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Saving keychain item, item info Masked(not-null) TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Saving keychain item, item info Masked(not-null) TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Keychain find status: 0 TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Saving keychain item, item info Masked(not-null) TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Interactive flow finished. Result (not-null), error: 0 error domain: (null) TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] Saving keychain item, item info <MSIDThrottlingMetaData: 0x281fe3860> TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52] Access token missing in token result. Continuing without it TID=24709 MSAL 1.1.19 iOS 14.4.2 [2021-08-29 12:08:52 - 9C48272F-4D24-4FD2-9876-C8877AC84D0D] [MSAL] acquireToken returning with at: e3b0c44 scopes:( ) expiration:(null)
codes-harikrishnan
commented
3 years ago @ameyapat Could you please help me to resolve this issue? We are badly in need of this to be resolved.
ameyapat
commented
3 years ago @codes-harikrishnan Nothing should have changed and if you are using the same MSAL version when it worked for you the issue might not be on the client side. What are the scopes that you are requesting? Can you make sure that scopes you are requesting has permission for that user in API permissions in Azure portal?
ameyapat
commented
3 years ago Closing
Hello, Having successfully configured this project via the Carthage docs for XCode 12, I have brought up this sample and the initial view displays without issue. When I click Authorize, I see "fabrikamb2c.b2clogin.com" in the webview header and then the webview starts cycling. There is no other logging activity until the termination risk log entry is added. After that entry, I cancel the webview. At this point, logging shows the "User cancelled" error.
The code is untouched and I have otherwise reviewed at all past issues and related sample docs.
I have confirmed the changes and added the swift callback to the appDelegate from here: https://github.com/AzureAD/microsoft-authentication-library-for-objc#swift-1
I don't see any keychain issues in the unfiltered (with PII) logs. (Am I missing anything here?)
I have inspected the Authority vars and also notice that the scope is correctly set to "https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read".
I have tried all combinations of CFBundleURLSchemes,
I have added LSApplicationQueriesSchemes.
I have experimented with minimum build versions
I have recently upgraded to MSAL 1.1.18 per the swift package option.
My MSAL logs follow.
What are your recommendations on fixing this issue? Thanks so much!
MSAL logs, as is, no PII filter
%@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:12] Default app's access group: "Masked(not-null)". %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:12] Using "Masked(not-null)" Team ID. %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:12] Init MSIDKeychainTokenCache with keychainGroup: Masked(not-null) %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:21] Requiring default broker type due to app being built with iOS 13 SDK %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:21 - A321E1FA-C248-4E06-AFB0-57615607ACD0] [MSAL] -[MSALPublicClientApplication acquireTokenWithParameters:( "https://fabrikamb2c.onmicrosoft.com/helloapi/demo.read" ) extraScopesToConsent:(null) account:Masked(null) loginHint:Masked(null) promptType:MSALPromptTypeSelectAccount extraQueryParameters:(null) authority:<MSALB2CAuthority: 0x600000a85fc0> webviewType:MSALWebviewTypeDefault customWebview:No correlationId:(null) capabilities:(null) claimsRequest:(null)] %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:21 - A321E1FA-C248-4E06-AFB0-57615607ACD0] [MSAL] Beginning interactive flow. %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:21] Start background app task with type 0 %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:21 - A321E1FA-C248-4E06-AFB0-57615607ACD0] [MSAL] Resolving authority: Masked(not-null), upn: Masked(null) %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:07:21 - A321E1FA-C248-4E06-AFB0-57615607ACD0] [MSAL] Resolved authority, validated: NO, error: 0 2021-05-04 08:07:56.191044-0400 MSALiOSB2C[35446:3226128] [BackgroundTask] Background Task 1 ("Interactive login"), was created over 30 seconds ago. In applications running in the background, this creates a risk of termination. Remember to call UIApplication.endBackgroundTask(_:) for your task in a timely manner to avoid this. %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:08:02] Creating Error with description: User cancelled the authorization session. %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:08:02 - A321E1FA-C248-4E06-AFB0-57615607ACD0] [MSAL] Interactive flow finished. Result (null), error: -51700 error domain: MSIDErrorDomain %@ TID=3226128 MSAL 1.1.18 iOS Sim 14.5 [2021-05-04 12:08:02 - A321E1FA-C248-4E06-AFB0-57615607ACD0] [MSAL] acquireToken returning with error: (MSALErrorDomain, -50005) Masked(not-null)