[Bug] System.PlatformNotSupportedException when using AcquireTokenInteractive on macOS (Darwin 23.4.0, ARM64, M3 chip)

qvarnstr0m commented 2 months ago

Library version used

4.63.0

.NET version

.NET 8.0

Scenario

PublicClient - desktop app

Is this a new or an existing app?

This is a new app or experiment

Issue description and reproduction steps

Bug Description: When attempting to authenticate using AcquireTokenInteractive with MSAL on macOS (Darwin 23.4.0, ARM64, M3 chip), a System.PlatformNotSupportedException is thrown. This issue occurs when trying to initiate the authentication flow using the default system web view. The exception trace indicates that the issue arises from the StartDefaultOsBrowserAsync method within NetCorePlatformProxy.

Steps to Reproduce:

Set up a .NET MAUI project on a macOS device running on the ARM64 architecture (M3 chip).
Initialize MSAL with a PublicClientApplicationBuilder using a redirect URI (e.g., http://localhost:5666).
Attempt to authenticate interactively using AcquireTokenInteractive.
Observe that the exception System.PlatformNotSupportedException is thrown.

Expected Behavior: The authentication process should proceed without errors, utilizing either ASWebAuthenticationSession or another supported web view method on macOS.

Actual Behavior: The authentication flow fails, and the following exception is thrown: System.PlatformNotSupportedException: Operation is not supported on this platform. at Microsoft.Identity.Client.Platforms.netcore.NetCorePlatformProxy.StartDefaultOsBrowserAsync(String url, Boolean isBrokerConfigured) at Microsoft.Identity.Client.SystemWebViewOptions.OpenWithEdgeBrowserAsync(Uri uri) at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.InterceptAuthorizationUriAsync(Uri authorizationUri, Uri redirectUri, Boolean isBrokerConfigured, CancellationToken cancellationToken)

Environment:

macOS version: 23.4.0 (Darwin Kernel Version 23.4.0)
Architecture: ARM64 (M3 chip)
MSAL.NET version: 4.63.0
.NET version: (Specify the exact version used)
Project type: .NET MAUI

Additional Information:

During debugging, msalClient.IsSystemWebViewAvailable throws a System.PlatformNotSupportedException with the message "Operation is not supported on this platform."
The stack trace is as follows: at Microsoft.Identity.Client.PlatformsCommon.Shared.DesktopOsHelper.IsUserInteractive() at Microsoft.Identity.Client.Platforms.Shared.NetStdCore.NetCoreWebUIFactory.get_IsUserInteractive() at Microsoft.Identity.Client.Platforms.Shared.NetStdCore.NetCoreWebUIFactory.get_IsSystemWebViewAvailable() at Microsoft.Identity.Client.PublicClientApplication.get_IsSystemWebViewAvailable() Attempts to use WithSystemWebView and WithUseEmbeddedWebView(true) yield different exceptions or unsupported behavior on macOS. The issue appears to be related to the platform's handling of web views and default browser interactions.

This problem significantly impacts the ability to use MSAL for interactive authentication on macOS ARM64 devices with the M3 chip. Any guidance or a potential fix would be greatly appreciated.

Relevant code snippets

public AuthenticationService(IConfiguration configuration)
    {
        try
        {
            _tenantId = "<TenantId>";
            _clientId = "<ClientId";
            _scopes = new string[] { "<Scopes>" };

            _msalClient = PublicClientApplicationBuilder.Create(_clientId)
                .WithAuthority(AzureCloudInstance.AzurePublic, _tenantId)
                .WithRedirectUri("http://localhost:5000")
                .Build();

            SetPersistentStorage().GetAwaiter().GetResult();
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
            throw;
        }
    }

    public async Task<AuthenticationResult?> AcquireTokenInteractiveAsync()
    {
        if (_msalClient == null)
            return null;

        AuthenticationResult result;
        try
        {
            result = await _msalClient.AcquireTokenInteractive(_scopes)
                .WithUseEmbeddedWebView(false)
                .WithTenantId(_tenantId)
                .ExecuteAsync();

            return result;
        }
        catch (MsalClientException msalClientException)
        {
            Console.WriteLine(msalClientException);
            return null;
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
            return null;
        }
    }

Expected behavior

The authentication process should initiate successfully, and the system's default browser (e.g., Safari on macOS) should open to handle the interactive login flow.

Identity provider

Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)

Regression

No response

Solution and workarounds

No response

bgavrilMS commented 2 months ago

Can you try to delete .WithUseEmbeddedWebView(false) - that's the default anyway.

lterry2 commented 1 month ago

I know this is only a couple of weeks old, but have you found any fix or workaround for this issue? I am experiencing the same thing and have not found a fix. Thank you!

AzureAD / microsoft-authentication-library-for-dotnet