DmytroKuznyetsov
commented
3 years ago The same issue on new 2.14.1 version. On 2.14.0 everything works as expected.
Closed walnut-co closed 3 years ago
DmytroKuznyetsov
commented
3 years ago The same issue on new 2.14.1 version. On 2.14.0 everything works as expected.
hectormmg
commented
3 years ago Hi @kberawala . Could you provide a network trace over e-mail so we can help you debug this error? My e-mail is in my GitHub profile. Thanks!
tnmckesson
commented
3 years ago @hectormmg Can you please provide the solution if you are able to resolve this issue? I'm having the same issue. Thanks
brriann
commented
3 years ago I saw this issue as well. Solution was to update @azure/msal-browser 2.11.2 to 2.14.0 as @DmytroKuznyetsov mentioned. Ideally we would update to latest, but maybe best to hold off is this bug is present in 2.14.1 as well.
hectormmg
commented
3 years ago Updating the thread since there's more activity: We're still investigating the root cause and will update when we have an answer and solution. Thanks.
hectormmg
commented
3 years ago Hi everyone, I can confirm there's a bug in this scenario.
A temporary workaround for now is to add the app's clientId as a scope to the request that is resulting in an error.
const request = {
scopes = ['YOUR_CLIENT_ID']
};
publicClientApplication.loginRedirect(request);The bug happens because MSAL expects an access token in the /token response, but some IDPs (like B2C) may not return an access token if there are no resource scopes in the request (which is the case for some login calls).
I'll update this issue when we have a fix, please let us know if the workaround works for you. Thanks!
chtourou-youssef
commented
3 years ago I saw this issue as well. Solution was to update @azure/msal-browser 2.11.2 to 2.14.0 as @DmytroKuznyetsov mentioned. Ideally we would update to latest, but maybe best to hold off is this bug is present in 2.14.1 as well.
Not working for me
walnut-co
commented
3 years ago Below is the workaround, worked for me.
signin() {
var request = {
redirectStartPage: `${BaseConfig.AppUrl}login`,
scopes: ["openid", "profile", `${YourAppClientID}`] // this line wasn't there before, this for AD B2C
}
this.app.loginRedirect(request);
}@kberawala this works for me as well
ottodranik
commented
3 years ago This works for me.
var request = {
redirectStartPage: 'some_redirect_link',
scopes: ['app_id_that_used_for_susi']
}
this.app.loginRedirect(request);But there is a problem with msal-angular npm package because the loginRedirect() method is calling in MsalGuard.ts. For now just create this MsalGuard by myself as CustomMsalGuard.
hectormmg
commented
3 years ago But there is a problem with msal-angular npm package because the loginRedirect() method is calling in MsalGuard.ts. For now just create this MsalGuard by myself as CustomMsalGuard.
@ottodranik thanks for pointing it out, should be resolved when we fix the underlying issue.
eluchsinger
commented
3 years ago Downgrading @azure/msal-browser to 2.13.1 stopped showing this behavior. I can't confirm it fixes everything, because I am now getting an other issue (the infamous interaction_in_progress).
Core Library
@azure/msal-browser
Core Library Version
2.14.1
Wrapper Library
Not Applicable
Wrapper Library Version
0
Description
on handleRedirectPromise() after login
ClientAuthError: access_token_entity_null: Access token entity is null, please check logs and cache to ensure a valid access token is present.
Error Message
No response
Msal Logs
No response
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Expected Behavior
should return object with correct data.
Identity Provider
Azure B2C Basic Policy
Browsers Affected (Select all that apply)
Edge
Regression
2.13.1
Source
External (Customer)