search

AzureAD / microsoft-authentication-library-for-dotnet

Microsoft Authentication Library (MSAL) for .NET
https://aka.ms/msal-net
MIT License
1.37k stars 338 forks source link

[Bug] MSAL fails to compile or to run in self-contained WinUI3 app #4826

Open anpin opened 2 months ago

anpin commented 2 months ago

Library version used

4.61.3

.NET version

8.0.204

Scenario

PublicClient - desktop app

Is this a new or an existing app?

The app is in production, and I have upgraded to a new version of MSAL

Issue description and reproduction steps

MSAL 4.61.3 fails to compile targeting WinUI3 self-contained deployment with Payload contains two or more files with the same destination path 'Microsoft.Web.WebView2.Core.dll'

Above error is fixed by using <PackageReference Include="Microsoft.WindowsAppSDK" Version="1.6.240701003-experimental2" /> see https://github.com/microsoft/microsoft-ui-xaml/issues/5689#issuecomment-2206866464. However authentication fails on runtime due to missing webview2 assembly as the version in Microsoft.WindowsAppSDK is newer than MSAL

System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Web.WebView2.Core, Version=1.0.864.35, Culture=neutral, PublicKeyToken=2a8ab48044d2601e'. The system cannot find the file specified.
File name: 'Microsoft.Web.WebView2.Core, Version=1.0.864.35, Culture=neutral, PublicKeyToken=2a8ab48044d2601e'
   at Microsoft.Identity.Client.Desktop.WebView2WebUi.WebView2WebUiFactory.IsWebView2Available()
   at Microsoft.Identity.Client.Desktop.WebView2WebUi.WebView2WebUiFactory.CreateAuthenticationDialog(CoreUIParent coreUIParent, WebViewPreference useEmbeddedWebView, RequestContext requestContext)
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.CreateWebAuthenticationDialog()
   at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.<>c__DisplayClass11_1.<<RunAsync>b__1>d.MoveNext()
--- End of stack trace from previous location ---
   at Microsoft.Identity.Client.Utils.StopwatchService.MeasureCodeBlockAsync(Func`1 codeBlock)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
   at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenInteractiveParameters interactiveParameters, CancellationToken cancellationToken)

Is there a way to override which version of webview should be used?

related to https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/3583 https://github.com/microsoft/microsoft-ui-xaml/issues/5689 https://github.com/microsoft/WindowsAppSDK/issues/2492

Relevant code snippets

No response

Expected behavior

No response

Identity provider

Azure B2C Basic Policy

Regression

No response

Solution and workarounds

No response

anpin commented 1 month ago

I have tried to fork MSAL and align webview2 version with one referenced by Microsoft.WindowsAppSDK. Now the project fails to compile with the same Payload contains two or more files with the same destination path 'Microsoft.Web.WebView2.Core.dll'

anpin commented 1 month ago

ok after git clean -ffdx it builds and starts, yet fails with the same error of Could not load file or assembly..., but with an updated version of 1.0.2646.

Execution fails around here

https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/8a26913b997213c2685579834504517b52902733/src/client/Microsoft.Identity.Client.Desktop/WebView2WebUi/WebView2WebUiFactory.cs#L66

I can invoke CoreWebView2Environment.GetAvailableBrowserVersionString() method from the app code and it returns actual version string and I do see the webview2 assembly in the bin/Debug

FoggyFinder commented 3 weeks ago

One could try to use <PackageReference Include="Microsoft.WindowsAppSDK" Version="1.6.240701003-experimental2" /> until it's properly fixed

anpin commented 3 weeks ago

@FoggyFinder I had to fork, update the reference you have mentioned and build MSAL myself https://github.com/anpin/microsoft-authentication-library-for-dotnet/tree/fix/webview2

FoggyFinder commented 3 weeks ago

it works for me without forking with reference to <PackageReference Include="Microsoft.Web.WebView2" Version="1.0.864.35" NoWarn="NU1902, NU1605" /> but alas with aot enabled I get

ILCompiler.NativeAotFatalErrorException: ILC: error IL1013: Error processing '...\Roots.xml'. ---> Internal.TypeSystem.TypeSystemException+FileNotFoundException: Failed to load assembly 'Microsoft.Web.WebView2.Core.Projection' at Internal.TypeSystem.ThrowHelper.ThrowFileNotFoundException(ExceptionStringID, String) + 0x30

wasn't able to find workaround for that yet

FoggyFinder commented 3 weeks ago

Internal.TypeSystem.TypeSystemException+FileNotFoundException: Failed to load assembly 'Microsoft.Web.WebView2.Core.Projection'

I had to remove <type fullname="Microsoft.UI.Xaml.Markup.*" /> from TrimmerRootDescriptor to get rid of this error

FoggyFinder commented 3 weeks ago

and now I get runtime exception when aot is enabled:

System.NotSupportedException: COM Interop requires ComWrapper instance registered for marshalling. at System.Runtime.InteropServices.ComWrappers.ComInterfaceForObject(Object instance) + 0x73 at System.Runtime.InteropServices.ComWrappers.ComInterfaceForObject(Object instance, Guid targetIID) + 0x20 at Microsoft.Web.WebView2.Core.CoreWebView2Environment.CreateCoreWebView2EnvironmentWithOptions(String, String, ICoreWebView2EnvironmentOptions, ICoreWebView2CreateCoreWebView2EnvironmentCompletedHandler) + 0xb3 at Microsoft.Web.WebView2.Core.CoreWebView2Environment.d__3.MoveNext() + 0xc0

charlesroddie commented 3 weeks ago

@manodasanW to resolve the AOT error above, is it a matter of getting the right way to reference a webview2 package or windowsappsdk, or are changes likely to be needed in the msal repo?

manodasanW commented 3 weeks ago

Based on the above stack, it doesn't look like the CsWinRT projected version of WebView2 is being used. That looks to be the netcoreapp3 version possibly? Not sure if that was intentional or not? With that said, WebView2 also hasn't updated yet to the CsWinRT version with AOT support, but I believe they will be soon for one of their upcoming releases.