mgt-electron-provider - Authentication against Azure Device Conditional Access Policy

[deanlongstaff]

Describe the bug mgt-electron-provider does not allow signing in when there is a conditional access policy that requires a compliant device.

To Reproduce Steps to reproduce the behavior:

1. Setup up MGT-Electron-Provider as per sample
2. Sign in using the mgt-login component
3. When the browser window appears to sign-in, it will say, "You can't get there from here". The Azure Sign-In logs will contain no device information.

Expected behaviour Using the mgt-login component, a login window appears, user logs in and login window closes. Mgt components authorised.

Screenshots

Environment (please complete the following information):

• OS: Windows 11
• Browser Electron.js 24.1.2
• Framework Node.js
• Version 2.10.0
• Provider mgt-electron-provider

Renderer.ts

import {Providers} from '@microsoft/mgt-element';
import {ElectronProvider} from '@microsoft/mgt-electron-provider/dist/Provider';

// initialize the auth provider globally
Providers.globalProvider = new ElectronProvider();

Main.ts

import { ElectronAuthenticator, MsalElectronConfig } from '@microsoft/mgt-electron-provider/dist/Authenticator'; 
...
let mainWindow =  new BrowserWindow({
  width: 800,
  height: 800,
  webPreferences: {
    nodeIntegration: true //Make sure this is true
  }
});
let config: MsalElectronConfig = {
  clientId: '<my_client_id>',
  authority: 'https://login.microsoftonline.com/<my_tenant_id>',
  mainWindow: mainWindow,
  scopes: [
    'user.read', 
  ],
};
ElectronAuthenticator.initialize(config);

Other Information When running the 'ms-identity-javascript-nodejs-desktop' sample app, authentication works fine, both inside an electron browser and also in the device's native browser (using shell to call an external URL)

[ghost]

Hello deanlongstaff, thank you for opening an issue with us!

I have automatically added a "needs triage" label to help get things started. Our team will analyze and investigate the issue, and escalate it to the relevant team if possible. Other community members may also look into the issue and provide feedback 🙌

[musale]

@deanlongstaff do you happen to be running this application in a Windows Subsystem for Linux(WSL) on Windows?

[deanlongstaff]

@deanlongstaff do you happen to be running this application in a Windows Subsystem for Linux(WSL) on Windows?

No, running in a native windows Node.js environment and also tried on macOS. Also tried with a compiled application with the same result.

[musale]

@deanlongstaff okay. Allow me some time to triage this and I'll inform you of my findings here.

[deanlongstaff]

@musale Any update on your findings?

[musale]

Hello @deanlongstaff no update yet. Please, let me swing back to this next week and update you.

[musale]

@deanlongstaff sorry for the late update. We've updated to v3.0.0 and you can test now to see if this is fixed. I tried reproducing on my end but I could not see the issue.

[microsoft-github-policy-service[bot]]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.

[microsoft-github-policy-service[bot]]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.

[deanlongstaff]

Hi, still an issue i'm afraid:

Testing with these dependencies "dependencies": { "@microsoft/mgt-components": "^3.1.3", "@microsoft/mgt-electron-provider": "^3.1.3", "@microsoft/mgt-element": "^3.1.3" }

Following the following demo as a test: https://learn.microsoft.com/en-us/graph/toolkit/get-started/build-an-electron-app