search

AzureAD / microsoft-authentication-library-for-js

Microsoft Authentication Library (MSAL) for JS
http://aka.ms/aadv2
MIT License
3.66k stars 2.65k forks source link

Query params are being lost after Azure AD Login #7326

Closed pavankarthikparuchuri closed 1 month ago

pavankarthikparuchuri commented 1 month ago

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.5.0

Wrapper Library

MSAL Angular (@azure/msal-angular)

Wrapper Library Version

none

Public or Confidential Client?

Public

Description

Hi Team,

We are using Azure AD Authentication to validate users after successful verification it is navigating to url with same pathname but not carrying query params

For example :

redirecturi : https://www.testurl.com/ (Configured in App registration under Auzre portal) Here it will navigate azure ad login page after successful login it will navigate to above redirecturi.

Problem : Now If user is trying to access specific document or specific url as mentioned below (If user is not authenticated)

https://www.testurl.com/abc?id=100

User should navigate to Azure AD login page >> after successful login >> it should navigate to user requested URL for example above URL (https://www.testurl.com/abc?id=100), But it is navigating to https://www.testurl.com/abc.

How to handle this type of scenario to navigate to desired URL?

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

MSAL Configuration

const msalConfig = {
  auth: {
    clientId: REACT_APP_CLIENT_ID, // This is the ONLY mandatory field that you need to supply.
    authority: REACT_APP_AUTHORITY, // Defaults to "https://login.microsoftonline.com/common"
    redirectUri: window.location.href.includes("http://localhost:3000/")
      ? "http://localhost:3000/"
      : REACT_APP_REDIRECT_URI, // You must register this URI on Azure Portal/App Registration. Defaults to window.location.origin
    // postLogoutRedirectUri: `${process.env["REACT_APP_AAD_APP_REDIRECT_URI"]}`, // Indicates the page to navigate after logout.
    navigateToLoginRequestUrl: false, // If "true", will navigate back to the original request location before processing the auth code response.
  },
  cache: {
    cacheLocation: "sessionStorage", // Configures cache location. "sessionStorage" is more secure, but "localStorage" gives you SSO between tabs.
    storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge
  },
  system: {
    loggerOptions: {
      loggerCallback: (level, message, containsPii) => {
        if (containsPii) {
          return;
        }
        switch (level) {
          case LogLevel.Error:
            console.error(message);
            return;
          case LogLevel.Info:
            console.info(message);
            return;
          case LogLevel.Verbose:
            console.debug(message);
            return;
          case LogLevel.Warning:
            console.warn(message);
            return;
        }
      },
    },
  },
};

Relevant Code Snippets

async function handleLogin() {
    //loginRedirect || loginPopup
    sessionStorage.setItem("authMethod", "SSO");

    // Adding Source code to prevent browser errors
    await instance.handleRedirectPromise();
    const accounts = instance.getAllAccounts();

    if (accounts.length === 0) {
      //This will be executed if there's no user authenticated
      let request = { ...loginRequest, state: window.location.href };
      await instance.loginRedirect(request).catch((error) => {
        console.error(error);
      });
    }
  } using this code in unauthenticated template

  try {
        await msalInstance.initialize();
        const response = await msalInstance.handleRedirectPromise();
        if (response) {
          const originalUrl = response.state;
          if (originalUrl) {
            window.location.href = originalUrl;
          }
        }
      } catch (error) {
        console.error(error);
      }
    } using this after redirection

Reproduction Steps

none

Expected Behavior

Redirection along with query params

Identity Provider

Entra ID (formerly Azure AD) / MSA

Browsers Affected (Select all that apply)

Chrome, Firefox, Edge, Safari, Other

Regression

@azure/msal-browser 3.5.0

Source

Internal (Microsoft)

pavankarthikparuchuri commented 1 month ago

@jo-arroyo hi could you help me out with this.

tnorling commented 1 month ago

You've set navigateToLoginRequestUrl config param to false which disables the behavior you're looking for. Either remove this config (default is true) or explicitly set it to true.

microsoft-github-policy-service[bot] commented 1 month ago

@pavankarthikparuchuri This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 5 days. If your issue has been resolved please let us know by closing the issue. If your issue has not been resolved please leave a comment to keep this open. It will be closed automatically in 7 days if it remains stale.