A React wrapper for Azure AD using the Microsoft Authentication Library (MSAL). The easiest way to integrate AzureAD with your React for authentication.
MIT License
344
stars
94
forks
source link
Cannot use MSAL's state/userState with react-aad-msal #249
Is your feature request related to a problem? Please describe.
MSAL supports a state parameter for the redirect login flows. For MSAL.js you provide a state parameter in the AuthenticationParameters, MSAL.js wraps this in its own state putting it in a userState key in a base64 encoded object, and then in the AuthResponse the value of the state parameter you provided is available as accountState on the response.
react-aad-msal provides its own redirect callback handler authenticationRedirectCallback. However this implementation ignores the AuthResponse argument to that callback entirely and as a result the response data (and thus the accountState) is completely inaccessible to the application using react-aad-msal.
Describe the solution you'd like
handleRedirectCallback should take the AuthRequest argument (the second arg) instead of ignoring it
The AuthRequest (or at least accountState) should be made available. Either via callback provided to the provider, a registrable handler so a callback can be provided to AzureAD, or set on the provider so something like provider.getAccountState() can be written.
To support input the login function AzureAD provides should accept parameters instead of ignoring them.
Describe alternatives you've considered
I considered adding my own login handler. However react-add-msal uses the internal handler to update the auth state and can't simply be replaced or wrapped.
Is your feature request related to a problem? Please describe. MSAL supports a state parameter for the redirect login flows. For MSAL.js you provide a
stateparameter in the AuthenticationParameters, MSAL.js wraps this in its own state putting it in auserStatekey in a base64 encoded object, and then in the AuthResponse the value of thestateparameter you provided is available asaccountStateon the response.react-aad-msal provides its own redirect callback handler
authenticationRedirectCallback. However this implementation ignores the AuthResponse argument to that callback entirely and as a result the response data (and thus the accountState) is completely inaccessible to the application using react-aad-msal.Describe the solution you'd like
provider.getAccountState()can be written.loginfunction AzureAD provides should accept parameters instead of ignoring them.Describe alternatives you've considered
I considered adding my own login handler. However react-add-msal uses the internal handler to update the auth state and can't simply be replaced or wrapped.