search

carlfranklin / MsalAuthInBlazor

Call a Secure Web API with MSAL Authentication against Azure AD B2C
5 stars 2 forks source link

When deployed to Azure I get: "the app is unable to listen on the specified URL"" #3

Open MarkEvans8 opened 1 week ago

MarkEvans8 commented 1 week ago

I've been stuck on this problem for a week and I have no idea what to try next. I've checked all the configuration. It works fine on my local machine but when deployed to Azure I get the error:

MSAL.NetCore.4.64.1.0.MsalClientException:
    ErrorCode: http_listener_error
Microsoft.Identity.Client.MsalClientException: An HttpListenerException occurred 
while listening on http://localhost:52140/ for the system 
browser to complete the login. 
Possible cause and mitigation: the app is unable to listen on the specified URL; 
run 'netsh http add iplisten 127.0.0.1' from the Admin command prompt.
 ---> System.Net.HttpListenerException (5): Access is denied.

The error is raised on this line of code:

PCA = PublicClientApplicationBuilder
    .Create(_settings?.ClientId)
    .WithB2CAuthority(_settings?.Authority)
    .WithRedirectUri("http://localhost")
    .Build();

Help!!!!!!!

carlfranklin commented 1 week ago

The localhost URL is not routable. That's for debugging on your local machine. When you deploy, you have to change that to the base address of your deployed app. For example https://mydeployedapp.azurewebsites.net

On Sun, Sep 29, 2024 at 12:31 AM Mark Evans @.***> wrote:

I've been stuck on this problem for a week and I have no idea what to try next. I've checked all the configuration. It works fine on my local machine but when deployed to Azure I get the error:

MSAL.NetCore.4.64.1.0.MsalClientException: ErrorCode: http_listener_error Microsoft.Identity.Client.MsalClientException: An HttpListenerException occurred while listening on http://localhost:52140/ for the system browser to complete the login. Possible cause and mitigation: the app is unable to listen on the specified URL; run 'netsh http add iplisten 127.0.0.1' from the Admin command prompt. ---> System.Net.HttpListenerException (5): Access is denied.

The error is raised on this line of code:

PCA = PublicClientApplicationBuilder .Create(_settings?.ClientId) .WithB2CAuthority(_settings?.Authority) .WithRedirectUri("http://localhost") .Build();

Help!!!!!!!

— Reply to this email directly, view it on GitHub https://github.com/carlfranklin/MsalAuthInBlazor/issues/3, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALK4DC57PG2CJYMW5ESBFTZY57B7AVCNFSM6AAAAABPBHTP3OVHI2DSMVQWIX3LMV43ASLTON2WKOZSGU2TINRZHE3TKMA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

MarkEvans8 commented 1 week ago

Thanks for the help Carl. I really appreciate it. And also thanks for all your help over the last 20 years or so. I started my career with DotNetRocks at the beginning of DotNet and you've been a huge inspiration all these years.

I really don't know what I'm doing wrong here. I changed the above code to: 

.WithRedirectUri("https://msalauthinmauikae.azurewebsites.net")

I also tried putting this URI in the "Single Page Application Redirect URIs" and also the "Web Redirect URIs".

When running the app either locally or remotely I get:

MsalClientException: ErrorCode: loopback_redirect_uri
Microsoft.Identity.Client.MsalClientException: 
Only loopback redirect uri is supported, but https://msalauthinmauikae.azurewebsites.net/ was found. 
Configure http://localhost or http://localhost:port both during app registration 
and when you create the PublicClientApplication object. 
See https://aka.ms/msal-net-os-browser for details

I've tried setting http://localhost:1234 in the app and in the AD settings but that doesn't seem to work either. Tomorrow I'll start all over and download your code and configure AD from scratch. Then I'll try your suggestion again. I've messed around with so much stuff in the last week that maybe I've changed up some other setting.

Thanks again Carl. Love your work!

MarkEvans8 commented 1 week ago

I've just gone through this again and the result was the same. I followed these steps:

  1. I cloned this repo and went through the video (https://www.youtube.com/watch?v=AlRxwIOq4jQ) to set up Azure. I was very careful to get everything right. I didn't upgrade the code to .NET 8 or update any of the NuGet packages.

  2. It worked locally but failed when deployed to Azure.

  3. I added error handling to MainLayout.razor so it displays exceptions.

  4. The error was: 

    An HttpListenerException occurred while listening on 
http://localhost:50215/ for the system browser to complete the login.

  5. In my AD configuration I had entered "http://localhost" in the Single-page application Redirect URIs as instructed in the video. I added this URI: https://msalauthinblazoroct1.azurewebsites.net

  6. I tested the app and the same error occurred.

  7. I changed the code in PCAWrapper.cs from this:

    .WithRedirectUri("http://localhost")

    to this:

    .WithRedirectUri("https://msalauthinblazoroct1.azurewebsites.net")

  8. I tested the app and got this error:

    MsalClientException: Only loopback redirect uri is supported, 
but https://msalauthinblazoroct1.azurewebsites.net/ was found. 
Configure http://localhost or http://localhost:port both during app 
registration and when you create the PublicClientApplication object. 
See https://aka.ms/msal-net-os-browser for details.

  9. I also tried entering "https://msalauthinblazoroct1.azurewebsites.net" in the Web Redirect URIs but that didn't make any difference.

I'm completely out of ideas now :(

Please help me.