Closed walnut-co closed 3 years ago
The same issue on new 2.14.1 version. On 2.14.0 everything works as expected.
Hi @kberawala . Could you provide a network trace over e-mail so we can help you debug this error? My e-mail is in my GitHub profile. Thanks!
@hectormmg Can you please provide the solution if you are able to resolve this issue? I'm having the same issue. Thanks
I saw this issue as well. Solution was to update @azure/msal-browser 2.11.2 to 2.14.0 as @DmytroKuznyetsov mentioned. Ideally we would update to latest, but maybe best to hold off is this bug is present in 2.14.1 as well.
Updating the thread since there's more activity: We're still investigating the root cause and will update when we have an answer and solution. Thanks.
Hi everyone, I can confirm there's a bug in this scenario.
A temporary workaround for now is to add the app's clientId as a scope to the request that is resulting in an error.
const request = {
scopes = ['YOUR_CLIENT_ID']
};
publicClientApplication.loginRedirect(request);
The bug happens because MSAL expects an access token in the /token response, but some IDPs (like B2C) may not return an access token if there are no resource scopes in the request (which is the case for some login calls).
I'll update this issue when we have a fix, please let us know if the workaround works for you. Thanks!
I saw this issue as well. Solution was to update @azure/msal-browser 2.11.2 to 2.14.0 as @DmytroKuznyetsov mentioned. Ideally we would update to latest, but maybe best to hold off is this bug is present in 2.14.1 as well.
Not working for me
Below is the workaround, worked for me.
signin() {
var request = {
redirectStartPage: `${BaseConfig.AppUrl}login`,
scopes: ["openid", "profile", `${YourAppClientID}`] // this line wasn't there before, this for AD B2C
}
this.app.loginRedirect(request);
}
@kberawala this works for me as well
This works for me.
var request = {
redirectStartPage: 'some_redirect_link',
scopes: ['app_id_that_used_for_susi']
}
this.app.loginRedirect(request);
But there is a problem with msal-angular
npm package because the loginRedirect() method is calling in MsalGuard.ts
. For now just create this MsalGuard by myself as CustomMsalGuard.
But there is a problem with msal-angular npm package because the loginRedirect() method is calling in MsalGuard.ts. For now just create this MsalGuard by myself as CustomMsalGuard.
@ottodranik thanks for pointing it out, should be resolved when we fix the underlying issue.
Downgrading @azure/msal-browser
to 2.13.1
stopped showing this behavior. I can't confirm it fixes everything, because I am now getting an other issue (the infamous interaction_in_progress
).
Core Library
@azure/msal-browser
Core Library Version
2.14.1
Wrapper Library
Not Applicable
Wrapper Library Version
0
Description
on handleRedirectPromise() after login
ClientAuthError: access_token_entity_null: Access token entity is null, please check logs and cache to ensure a valid access token is present.
Error Message
No response
Msal Logs
No response
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Expected Behavior
should return object with correct data.
Identity Provider
Azure B2C Basic Policy
Browsers Affected (Select all that apply)
Edge
Regression
2.13.1
Source
External (Customer)