Closed samirkumar closed 5 years ago
shoatman
commented
5 years ago Did you update your Android Manifest to add the intent filter that matches your redirect_uri? https://github.com/AzureAD/microsoft-authentication-library-for-android#step-1-configure-the-androidmanifestxml
samirkumar
commented
5 years ago Yes. Updated manifest as well as /res/raw/auth_config.json. I saw issue where the browser tab should be closed down after successful authentication. It shows redirect URI https://localhost:44321 in address bar but stays there. And you click back button of android or close icon of tab, it takes you back to app in getAuthInteractive callback with OnCancel. Is there any way I can just get the code?
Also how to do you configure for code challenge and code_verifier?
On Tue, Apr 23, 2019 at 9:33 AM Shane Oatman notifications@github.com wrote:
Did you update your Android Manifest to add the intent filter that matches your redirect_uri? https://github.com/AzureAD/microsoft-authentication-library-for-android#step-1-configure-the-androidmanifestxml
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/583#issuecomment-485829179, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGPK2WHACTCVCUBLCGRYMDPR4M4FANCNFSM4HHYH2WQ .
-- Regards, Samir
shoatman
commented
5 years ago I noticed that you didn't use a custom scheme for your redirect. MSAL uses a full browser (default browser) to perform authentication/authorization. In this case you're redirecting to a local web server with port 44321. I'm assuming that there is nothing registered with Android to receive that request. Any reason why you're not using a custom scheme? Migrating from ADAL?
samirkumar
commented
5 years ago Yes, It’s redirected to a dummy uri- localhost:44321, App will pick this redirect uri in onload event of browser and parse code from this to obtain access token and refresh token from authorization end point. We have couple of applications with adal lib and wanted to move on with msal.
On Tuesday, April 23, 2019, Shane Oatman notifications@github.com wrote:
I noticed that you didn't use a custom scheme for your redirect. MSAL uses a full browser (default browser) to perform authentication/authorization. In this case you're redirecting to a local web server with port 44321. I'm assuming that there is nothing registered with Android to receive that request. Any reason why you're not using a custom scheme? Migrating from ADAL?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/583#issuecomment-485851152, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGPK2TW5AL6SBQRXB44TYTPR4S2JANCNFSM4HHYH2WQ .
-- Regards, Samir
shoatman
commented
5 years ago MSAL does not use embedded webview by default. Therefore it's not able to intercept the redirect. Possible to share the part of your android manifest where you configure the intent filter for the browertabactivity?
samirkumar
commented
5 years ago Shane, While navigating through the library code, i came to know of setting option of user agent. When you set authorisation user agent to webview, it invokes web view.
Now I have much bigger problem, of converting all the msal dependency to a Titanium module and adding support for code challenge.
Really appreciate your timely response
On Fri, Apr 26, 2019 at 12:23 PM Shane Oatman notifications@github.com wrote:
MSAL does not use embedded webview by default. Therefore it's not able to intercept the redirect. Possible to share the part of your android manifest where you configure the intent filter for the browertabactivity?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/583#issuecomment-487135290, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGPK2TC4SVU2YACUTGNCCLPSM3CHANCNFSM4HHYH2WQ .
-- Regards, Samir
shoatman
commented
5 years ago K. If you're using embedded web view. And it's not working then we'll need to investigate. Thanks
heidijinxujia
commented
5 years ago @samirkumar could you be more specific on what problem you encountered when trying embedded webview? Please share your manifest settings, the configuration and repro steps. Thanks,
samirkumar
commented
5 years ago Embedded webview worked as it should be. I was looking for a javascript and webview based msal solution for android as Appcelerator Titanium module. The task of porting android msal libraries for msal like framework will be a kill, as we need to develop one each for iOS and Android.
Also with msal android, i do not figured out option to pass code_challenge parameter.
On Fri, Apr 26, 2019 at 4:58 PM Jinxu Jia notifications@github.com wrote:
@samirkumar https://github.com/samirkumar could you be more specific on what problem you encountered when trying embedded webview? Please share your manifest settings, the configuration and repro steps. Thanks,
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/583#issuecomment-487214045, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGPK2UBZD7JXGP25CPFPRLPSN3HJANCNFSM4HHYH2WQ .
-- Regards, Samir
heidijinxujia
commented
5 years ago As to the redirect url, I do not think you could use "https" or "http" here. If "https" scheme is used for the intent filter, there are at least two activities listening for this url scheme, one is BrowserTabActivity, the other will be your browser app's activity. MSAL prohibits this behavior by verifying the redirect url. Thus, custom scheme is recommended for the redirect url.
heidijinxujia
commented
5 years ago As to the code code challenge, the pkce challenge is auto created when initializing the authorization request. And the code_challenge is valued from mPkceChallenge.getCodeChallenge(), which you do not need to worry about.
Would you like to let me know about your concerns on code_challenge?
heidijinxujia
commented
5 years ago As to the javascript msal solution, please have a look at our MSAL.JS SDK here. Thanks.
samirkumar
commented
5 years ago Thanks Jinxu Jia, is there any active development for msal library for Titanium/Appcelerator multiplatform mobile app devlopment?
On Fri, Apr 26, 2019 at 6:18 PM Jinxu Jia notifications@github.com wrote:
As to the javascript msal solution, please have a look at our MSAL.JS SDK here https://github.com/AzureAD/microsoft-authentication-library-for-js. Thanks.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/AzureAD/microsoft-authentication-library-for-android/issues/583#issuecomment-487229413, or mute the thread https://github.com/notifications/unsubscribe-auth/AAGPK2WXHZZLSQHYOQ73SJ3PSOEVXANCNFSM4HHYH2WQ .
-- Regards, Samir
heidijinxujia
commented
5 years ago @samirkumar AFAIK, we don't have SDKs support for Titanium/Appcelerator. We have Xamarin
I am implementing authentication in mobile client apps on android with msal. After setting the configuration, application is able to invoke Chrome tab and prompts for login. After a successful authentication the page stays there. My redirect uri - is https://localhost:44321,
getAuthInteractiveCallback receives OnCancel when the tab is closed. Is there any solution for this?
Also, Is there any solution exist for core Javascript and webview for Appcelerator Titanium framework?
When used with android webview and javascript, the pages hangs on the - redirect to organization sign-in page.