Angular MSAL - "Forgot Password?" loop when using the login redirect + MSALGuard

[cacodev]

Library

• [ ] msal@1.x.x or @azure/msal@1.x.x
• [ ] @azure/msal-browser@2.x.x
• [ ] @azure/msal-node@1.x.x
• [ ] @azure/msal-react@1.x.x
• [ ] @azure/msal-angular@0.x.x
• [x] @azure/msal-angular@1.1.1
• [ ] @azure/msal-angular@2.x.x
• [ ] @azure/msal-angularjs@1.x.x

Description

Not sure if this is a bug or I have something setup wrong. I have my angular project using MSAL route guards for protected routes which MSAL guard redirects to the Azure AD login page. If a user clicks "Forgot password?" on the sign in screen (see pic below), it redirects back to my angular app as failure THEN the MSAL service attempts to redirect back to the route the user was trying to access and MSAL guard redirects back to the login page.

I originally had this working when I was using the login popup method but I kept running into issues with the popup being blocked.

My other question is why does the 'Forgot Password?' link have to redirect back to my angular app? Can't it just start that flow in that screen?

[jasonnutter]

@cacodev Please look at our Angular B2C sample for guidance on how to handle forgotten password flows: https://github.com/Azure-Samples/active-directory-b2c-javascript-angular-spa/blob/master/src/app/app.component.ts

[cacodev]

@jasonnutter not sure what happened but I reimplemented based on the example you provided and the loop is no longer happening! Thanks!

Question though - I still notice that when the 'msal:loginFailure' happens, I get redirected back to my homepage, then to the 'requested redirect page' within my app and then back to the password reset page. Is there a way to stop that redirect from happening if a password is about to happen?

[jasonnutter]

I still notice that when the 'msal:loginFailure' happens, I get redirected back to my homepage

What is causing this redirect? Your app code?

[cacodev]

I'm assuming its the MSAL service because it's trying to resume the route where the app was prior to the login. Should I maybe not using my main homepage as a landing page for login redirects?

[Michael-Xie]

I am also experiencing the same issue when using React using this unofficial package. How was the forgot password issue resolved in the sample code above? I wasn't too sure how to read the code properly.

[github-actions[bot]]

This issue has not seen activity in 14 days. It will be closed in 7 days if it remains stale.

[github-actions[bot]]

This issue has not seen activity in 14 days. It will be closed in 7 days if it remains stale.

[github-actions[bot]]

This issue has not seen activity in 14 days. It will be closed in 7 days if it remains stale.

[github-actions[bot]]

This issue has been closed due to inactivity. If this has not been resolved please open a new issue. Thanks!