search

AzureAD / microsoft-authentication-library-for-js

Microsoft Authentication Library (MSAL) for JS
http://aka.ms/aadv2
MIT License
3.66k stars 2.65k forks source link

EditProfile/EditPhone/EditEmail doesn't trigger on first redirect to app. #6385

Closed doug-williamson closed 1 year ago

doug-williamson commented 1 year ago

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.0.2

Wrapper Library

MSAL Angular (@azure/msal-angular)

Wrapper Library Version

3.0.2

Public or Confidential Client?

Public

Description

After completing an Edit policy page (EditProfile, EditPhone, EditEmail), I need to grab the claims object for the account that was just edited.

I'm noticing, when navigating back to my app, that the ACQUIRE_TOKEN_SUCCESS EventType isn't being triggered for my three policies on the first try. Every subsequent Edit policy save works fine.

I notice that I'm getting a new MSSTS authorityType key/value pair in my sessionStorage, but it doesn't seem to be added until after the ACQUIRE_TOKEN_SUCCESS triggers for the default SignIn policy first.

MSAL Configuration

export function MSALInstanceFactory(): IPublicClientApplication {
    return new PublicClientApplication({
        auth: {
            clientId: isIgniteReHost() ? environment.msalConfig.auth.igniteReClientId : environment.msalConfig.auth.standaloneClientId,
            authority: environment.b2cPolicies.authorities.signIn.authority,
            redirectUri: environment.msalConfig.auth.logoutRedirectUri,
            postLogoutRedirectUri: environment.msalConfig.auth.logoutRedirectUri,
            knownAuthorities: [environment.b2cPolicies.authorityDomain],
            navigateToLoginRequestUrl: false,
        },
        cache: {
            cacheLocation: BrowserCacheLocation.SessionStorage,
        },
        system: {
            loggerOptions: {
                loggerCallback,
                logLevel: LogLevel.Verbose,
                piiLoggingEnabled: false,
            },
        },
    });
}

Relevant Code Snippets

In my app.component.ts ngOnInit():

this.msalBroadcastService.msalSubject$
            .pipe(
                filter((msg: EventMessage) => msg.eventType == EventType.ACQUIRE_TOKEN_SUCCESS),
                takeUntil(this._destroying$),
            )
            .subscribe((result: EventMessage) => {
                if (result.payload) {
                    let payload = result.payload as AuthenticationResult;
                    let idtoken = payload.idTokenClaims as IdTokenClaimsWithPolicyId;
                    let accessToken = payload.accessToken;
                    this.storageService.setItem('AccessToken', accessToken);

                    switch (true) {
                        case this.checkIdTokenForPolicy(idtoken, environment.b2cPolicies.names.editProfile.toLowerCase()) ||
                            this.checkIdTokenForPolicy(idtoken, environment.b2cPolicies.names.editPhone.toLowerCase()) ||
                            this.checkIdTokenForPolicy(idtoken, environment.b2cPolicies.names.editEmail.toLowerCase()):
                            this.router.navigateByUrl('/profile-updated');
                            break;
                    }
                    return result;
                }
            });

Identity Provider

Azure AD / MSA

Source

External (Customer)

lalimasharda commented 1 year ago

Hey @doug-williamson , can you please provide some more clarity on the flow here. After you save the edit policy page, you are redirecting back to your app right? what do you do after you redirect back to your app? Are you making an acquire token call?

microsoft-github-policy-service[bot] commented 1 year ago

@doug-williamson This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 5 days. If your issue has been resolved please let us know by closing the issue. If your issue has not been resolved please leave a comment to keep this open. It will be closed automatically in 7 days if it remains stale.

doug-williamson commented 1 year ago

Hi @lalimasharda. Yes, I'm being redirected to my app after EditProfile policy, and am not doing any kind of acquire token call. Will that be necessary for me to pick up the ACQUIRE_TOKEN_SUCCESS event type?

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.

microsoft-github-policy-service[bot] commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @lalimasharda please follow up.