search

AzureAD / microsoft-authentication-library-for-dotnet

Microsoft Authentication Library (MSAL) for .NET
https://aka.ms/msal-net
MIT License
1.36k stars 330 forks source link

[Bug] Problem with new version 4.61.1 #4783

Closed COMADD closed 4 weeks ago

COMADD commented 1 month ago

Library version used

4.61.1

.NET version

C# UWP

Scenario

PublicClient - desktop app

Is this a new or an existing app?

The app is in production, and I have upgraded to a new version of MSAL

Issue description and reproduction steps

Hello,

With the new version of the Microsoft.Identity.Client 4.61.1 package, I have a bug that has appeared. This bug is not present in version 4.60.3, nor previous ones.

When I try to acquire a token, I get the error message: Only loopback redirect uri is supported, but urn:ietf:wg:oauth:2.0:oob was found. Configure http://localhost or http://localhost:port both during app registration and when you create the PublicClientApplication object. See https://aka.ms/msal-net-os-browser for details

Having not modified anything on my side, neither my code nor the Azure settings, I think this is a regression on your part!

Best regards

Relevant code snippets

PublicClientApplicationBuilder PCAB = PublicClientApplicationBuilder.Create(_clientId);
_IdentityClientApp = PCAB.Build();
IEnumerable<IAccount> accounts = await _IdentityClientApp.GetAccountsAsync();
AuthenticationResult authResult;
try
{
   authResult = await _IdentityClientApp.AcquireTokenSilent(scopes, accounts.FirstOrDefault()).ExecuteAsync();
}
catch (MsalUiRequiredException ex)
{
  Debug.WriteLine(ex.Message);
  authResult = await _IdentityClientApp.AcquireTokenInteractive(scopes).ExecuteAsync();
}

Expected behavior

I would like to acquire a token correctly.

Identity provider

Azure B2C Basic Policy

Regression

4.60.3

Solution and workarounds

Revert to version 4.60.3

bgavrilMS commented 1 month ago

Hi @COMADD - we have dropped support for UWP, see https://devblogs.microsoft.com/identity/uwp-xamarin-msal-net-deprecation/

You app is now referencing MSAL netstandard, which will not work in a UWP environment.

We recommend you stay on 4.59.* and consider moving your app to WinUI

Arslan007 commented 1 month ago

@bgavrilMS We are facing the same issue even we are using .NET Maui and kind of same error

Only loopback redirect uri is supported, but msal{CLIENT_ID}://auth/ was found. Configure http://localhost or http://localhost:port both during app registration and when you create the PublicClientApplication object. See https://aka.ms/msal-net-os-browser for details

I believe we cannot set localhost since we are using B2C and B2C doesn't support just localhost. Can you please confirm we can set any port with localhost or it needs to be specific or we are missing anything else since its already MAUI app

bgavrilMS commented 4 weeks ago

Please see https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/4790 @Arslan007 . I would recommend staying on 4.60.0 for now, I have seen some strangeness on 4.60.1

dmoon-aiq commented 1 day ago

I experienced this same issue in our MAUI Windows app in .NET 8.0 using MSAL library for our B2C Tenant.

I have to back rev the Microsoft.Identity.Client library to 4.60.4

Will you be fixing this issue or not?

Arslan007 commented 1 day ago

@dmoon-aiq I have no issues with latest. You have to do three things for Windows

1- RedirectUI should be http://localhost 2- Add a reference to Microsoft.Identity.Client.Desktop and to Microsoft.Identity.Client.Extensions.Msal (same version as MSAL) 3- When you construct your PublicClientApplication add WithWindowsEmbeddedBrowserSupport()

Thats all it should work for you!