Closed kunjgupta closed 6 years ago
danieldobalian
commented
6 years ago Hi @kunjgupta,
Copying the ask from StackOverflow, can you share the code you're using to ensure it's the same WebView and has access to the same Cookies as well as MSAL logs. Thanks!
kunjgupta
commented
6 years ago Hi @danieldobalian ,
Please find the code
public class WebviewActivity extends AppCompatActivity {
private WebView myWebView;
@Override
protected void onCreate(@Nullable Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.webview_activity);
myWebView = (WebView) findViewById(R.id.webview);
WebSettings webSettings = myWebView.getSettings();
webSettings.setJavaScriptEnabled(true);
myWebView.loadUrl("https://portal.azure.com/");
Log.e("WebViewClient", "onCreate: webSettings.getUserAgentString():
"+webSettings.getUserAgentString());
myWebView.setWebViewClient(new WebViewClient() {
public boolean shouldOverrideUrlLoading(WebView view, String url){
// do your handling codes here, which url is the requested url
// probably you need to open that url rather than redirect:
Log.e("Azure Ad", "shouldOverrideUrlLoading: url: "+url);
myWebView.loadUrl(url);
return true; // then it is not handled by default action
}
});
}}
iambmelt
commented
6 years ago @kunjgupta If you're using MSAL version 0.2.+, the behavior you can expect in this scenario will differ depending on the configuration of your authorization_user_agent - if you've authenticated with MSAL using Chrome CustomTabs or the system browser, you can expect cookies set by your authority to be available in subsequent usages of Chrome CustomTabs or the browser [but not your application's WebView].
Cookies set on your application WebView should be available to all WebView instances in your application, but not to your browser.
Assuming your authority is https://login.microsoftonline.com and you've used a WebView to authenticate - you should be able to query CookieManager and determine whether or not cookies are available to your application.
kunjgupta
commented
6 years ago @danieldobalian and @iambmelt Finally, I got the solution - We have to use Chrome custom tabs (Android support lib). Chrome custome comes with two main features those are following
danieldobalian
commented
6 years ago @kunjgupta to add, MSAL will use a Custom Tab (Chrome or any other browser that supports the Custom Tab requirements) if you use the default behavior. I'd recommend taking a look at our BrowserSelection logic to ensure the browser signed in with is the same one you launch. We will use Chrome Custom Tabs if the user has set Chrome as their default, but other browsers in the case the default is something else. In the latter case, you'll need to use the same browser to get SSO.
Also keep in mind not all devices will support or have Chrome, so if you rely only on Chrome Custom Tabs you may a) hit problems if the device doesn't have it and b) like I said above, launch a browser other than the one MSAL used to sign in with.
After successful login with MSAL. I'm trying to load URL(https://portal.azure.com) in webview. After loading it's asking the credentials again but it should load the URL without asking the credentials. Whenever I'm trying to load the same URL in an external browser, It's not asking any credentials. Same behavior expecting with Webview.