AzureAD / azure-activedirectory-library-for-js

The code for ADAL.js and ADAL Angular has been moved to the MSAL.js repo. Please open any issues or PRs at the link below.
https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/adal-angular
Apache License 2.0
627 stars 373 forks source link

fixing timing issue with redirect #926

Closed moonchoon closed 3 years ago

moonchoon commented 3 years ago

this will cancel out any previous schedule attempt to redirect and let handleWindowCallback to redirect to correct originating url.

Issue - when we trying to attempt silent signin with "prompt=none" (with redirect), first attempt work fine and login.microsoft.com first redirect to teams.microsoft.com with error_description in url hash and then adal.js redirect browser to originating url i.e. teams.microsoft.com (expected behavior)

Now, if we refresh page, again teams.microsoft.com try to silent signin with prompt=none, but when login.microsoftonline.com redirect back to teams.microsoft.com with error_description in url hash, adal.js instead of redirecting back to originating url, it redirect again to login.microsoftonline.com without prompt=none.

This seems like some scheduling of redirect to login.microsoftonline.com. So even with location.href=, it always redirect to login.microsoftonline.com.

example: setTimeout(function(){window.location.href="https://www.msn.com"},100);window.location.href="https://www.google.com";

proposed fix, will make sure to redirect to expected url and resolve any timing issue with href change.

jasonnutter commented 3 years ago

Now, if we refresh page, again teams.microsoft.com try to silent signin with prompt=none, but when login.microsoftonline.com redirect back to teams.microsoft.com with error_description in url hash, adal.js instead of redirecting back to originating url, it redirect again to login.microsoftonline.com without prompt=none.

I'm not sure the proposed solution is the appropriate way to fix this issue. CONSTANTS.STORAGE.LOGIN_REQUEST is always set to a location on the application (e.g. teams.microsoft.com), not to a url on login.microsoftonline.com. If navigating to the location saved as CONSTANTS.STORAGE.LOGIN_REQUEST results in the user ending up on login.microsoftonline.com (with no prompt=none set in the url), that likely means something else is causing that undesired redirect, e.g. your application invoking loginRedirect/acquireTokenRedirect.

jasonnutter commented 3 years ago

@pkanher617 @sameerag Any thoughts?

jasonnutter commented 3 years ago

Closing, as we will be arching this repo and moving the ADAL.js code to the MSAL.js repo: https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/adal-angular

Please reopen the PR there, thanks!