Open peter1155 opened 8 months ago
As far as I know there is no way to configure proxy in WAM, but WAM should use the Windows proxy settings. How are you configuring the proxy?
Thanks for answer @bgavrilMS I am trying to simulate the proxy settings with Fidler Classic. When Fiddler starts to capture traffic, it registers itself with the Windows Internet (WinINet) networking component and requests that all applications begin directing their requests to Fiddler.
So when I start Fiddler Classic I can see in windows network settings there is enabled option use a proxy server with following proxy ip address: http=127.0.0.1:8888;https=127.0.0.1:8888. (The loopback is excluded)
Assuming this is for test purposes, WAM requires a device wide proxy to be used and one way of doing that is to disable per user proxy settings:
HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\InternetSettings ProxySettingsPerUser, type: REG DWORD, 0: per-machine proxy 1 (or key doesn’t exist) : per-user (account) proxy
Setting the Fiddler proxy: In the admin console configure proxy by running netsh winhttp set proxy proxy-server="http=127.0.0.1:8888;https=127.0.0.1:8888"
To verify settings run netsh winhttp show proxy.
Library version used
4.56.0
.NET version
net6.0-windows10.0.17763.0
Scenario
PublicClient - desktop app
Is this a new or an existing app?
The app is in production, and I have upgraded to a new version of MSAL
Issue description and reproduction steps
We are developing WPF application running on net6.0-windows10.0.17763.0. Some of our users use proxy to access resources on the web and are not able to login using WAM broker. (We have implemented some basic support for proxy set-up which is working with system browser login but not with WAM) The easiest way to simulate the issue for me was to install Fidler Classic and set-up as a system proxy than I tried to authenticate using provided code snippet. And got following exception: Message: WAM Error
Error Code: 3399942148 Error Message: NoNetwork WAM Error Message: (pii) Internal Error Code: 557973641 Possible cause: no Internet connection
Stack trace: at Microsoft.Identity.Client.Platforms.Features.RuntimeBroker.WamAdapters.HandleResponse(AuthResult authResult, AuthenticationRequestParameters authenticationRequestParameters, ILoggerAdapter logger, String errorMessage) at Microsoft.Identity.Client.Platforms.Features.RuntimeBroker.RuntimeBroker.d13.MoveNext()
at Microsoft.Identity.Client.Platforms.Features.RuntimeBroker.RuntimeBroker.d 12.MoveNext()
at Microsoft.Identity.Client.Internal.Broker.BrokerInteractiveRequestComponent.d9.MoveNext()
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d 10.MoveNext()
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d11.MoveNext()
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d 9.MoveNext()
at Microsoft.Identity.Client.Internal.Requests.RequestBase.d12.MoveNext()
at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.d 2.MoveNext()
.....
Is there a way how to configure WAM to support proxy ?
Relevant code snippets
Expected behavior
Users should be able to authenticate using WAM even when they use system proxy.
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
We currently end up with following workaround: When user doesn't use proxy we are using WAM broker when user has some custom proxy settings we are using system browser to authenticate user.