Closed sdgluck closed 2 years ago
Please update to the latest plugin version. It works there but it requires capacitor 3.x.
Please update to the latest plugin version. It works there but it requires capacitor 3.x.
Thank you for the quick reply. We will start looking at upgrading Capacitor then.
Can you provide a little more detail as to why upgrading to Capacitor v3, and the latest plugin version, fixes the issue?
I did not use Azure B2C before in a real project but for the 3.0.0
release I did all my testing with Azure B2C and Google Login.
As I released the plugin 2 days ago I know that it works with Azure B2C because I registered a fresh App in the Azure Portal for all platforms.
Unfortunately I do not know why you have an issue in the old version.
You can try to adapt the new docs https://github.com/moberwasserlechner/capacitor-oauth2#android-1 but I can not help you with it as I'm not using Azure B2C in versions earlier than 3.0.0
Let's keep this task open for a couple of days. Maybe someone can help you.
I will close it in approx. 7 days if it is still open.
Using the docs that you linked to, we were able to get it working with plugin version 2.1.0 and Capacitor v2. Thanks for linking us to the correct part of the documentation.
One thing the docs didn't cover which was required for us before it worked, is changing the appAuthRedirectScheme
to msauth
in the build.gradle
file, like this:
defaultConfig {
// ...
manifestPlaceholders = [
"appAuthRedirectScheme": "msauth"
]
}
We only use Azure AD B2C though, and I'm not sure whether this change would be compatible with other providers should anyone be reading this who uses multiple IdPs.
I will close the issue now we have everything working.
Thanks again for your assistance, and time and effort maintaining the plugin.
Quick follow up... We found that including our own intent filter for msauth://
in our manifest was unnecessary. It seems the underlying OAuth library used by this plugin configures an intent filter for us (using appAuthRedirectScheme
above), so with the additional one in the manifest, when the user was redirected back to the app after successful authn, the app drawer would appear with two items: one for the application (set by the underlying library, AFAICT), and one for the activity (set by us). The latter item in the app drawer would cause the app to fail to obtain the token from Azure. We removed our own intent filter from the manifest, and everything behaves as it should: no app drawer displays on redirect back to the app, and the plugin obtains the necessary tokens from the provider.
@moberwasserlechner using capacitor 4 with Azure MSAL2 i had to set "appAuthRedirectScheme": "msauth" otherwise intent doesn't work. I think it is helpful to all to include it on the current readme!
For anyone in a similar situation, this is still the solution to get it working on android using capacitor 5. Please update the readme
Description
Some things to note:
The redirect URI that is produced by Azure B2C does not match up with what is in the documentation.
This is the form that I see in Azure portal which allows to create an Android redirect URI:
Once filled in, the URI I am given is in this form:
Example:
As you can see, this differs to what is in the documentation, which states the redirect scheme should be the package name, eg.
com.sdgluck.app
.The following happens when I invoke login through the plugin:
If I inspect this blank page using Chrome DevTools, I can see the following message is printed to the console:
(I have substituted the query param values with placeholders.)
This indicates to me that the
msauth
scheme is not being handled by the app. This makes sense, because I did not declare any intent in the manifest file which uses themsauth
scheme.I have tried a number of ways of adding an intent which uses the
msauth
scheme. It works in so much as the in-app browser closes and the app handles the redirect URL with themsauth
scheme, however I then see such errors as these in the app debug logs:Another thing to note is that we use a custom scheme for deep linking in our app, so the
custom_url_scheme
string is something likesdgluck
instead ofcom.sdgluck.app
. I'm not sure how that fits in with the way schemes are meant to be configured for compatibility with this plugin and Azure AD B2C'smsauth
scheme.Thanks for any help you are able to offer.
Capacitor version:
Library version:
2.1.0
OAuth Provider:
Azure AD B2C
Your Plugin Configuration
Let me know if you need to see any of the actual values which are represented as env vars in the config.