Closed bkarabanms closed 4 years ago
antrix1989
commented
4 years ago hi @bkarabanms, this sounds like ADFS configuration issue. Can you capture network traces for both cases and compare headers that your client sends to the ADFS?
You can e-mail me them too (sedemche@microsoft.com), just make sure you remove sensitive information first (like passwords).
bkarabanms
commented
4 years ago Hi, I've synced with the customer and they don't repro the issue with the latest version of our app, even though we neither updated the ADAL version nor changed anything auth related. I suspect it could indeed be an ADFS configuration issue that got introduced then fixed between the two updates.
I think it's ok to close this. Sorry for the spam.
oldalton
commented
4 years ago Thanks for the confirmation. Closing the issue. Please reopen if needed.
One of our customer is facing an issue when using our application with ADFS configured for OAuth on iOS 12.4 since we've upgraded to ADAL 4.0.4. The user neither reproes the issues with older versions of our app, which used ADAL 2.6.9, nor on iOS 13.
Here's what happens when it fails (I've changed the URLs for the sake of anonymity):
On iOS 13. Step 2 is different, the WebView navigates to https://adfs.contoso.com/adfs/oauth2/authorize (without the port number), the port number gets stripped at some point, and everything works fine afterward. I've witnessed the same behavior (stripping the redundant port number) on desktop browsers so I guess this is expected.
I suspect this could be caused by the change from UIWebView to WKWebView in ADAL 4.0.4. I know this change is needed and we can mitigate the issue by upgrading to iOS 13, but having it working on iOS 12 would be really nice.
It should be possible to intercept the WKWebView redirection event and manually remove the port number.