search

syncweek-react-aad / react-aad

A React wrapper for Azure AD using the Microsoft Authentication Library (MSAL). The easiest way to integrate AzureAD with your React for authentication.
MIT License
344 stars 94 forks source link

Redirect Login not working on Safari IOS due Third Party Cookie Policy #267

Open alexsilvar opened 4 years ago

alexsilvar commented 4 years ago

Solve the Intelligent Tracking Prevention from IOS Safari.

This issue is for a:

- [ ] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [X] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Try the login redirect on Safari latest version.

Any log messages given by the failure

The token is not acquired

Expected/desired behavior

Login Redirect retrieves token

OS and Version?

IOS 13.x

Library versions

Mention any other details that might be useful

Probably we need to use the @msal-browser library instead of msal

yogeshpathade commented 4 years ago

The similar behavior exists with Chrome incognito mode. The workaround is to enable third party cookies in the incognito mode which Chrome has started setting to Block by default with the new releases rolling out to the Users.

There is a issue raised by Users of MSAL Angular library https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/2042

GraemeF commented 4 years ago

This problem and the solution are documented here: https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-third-party-cookies-spas

In short, react-aad needs to update to MSAL 2.0 and switch to use the authorization code flow. According to the README this was being kicked off at the end of July but there have been no updates since then.

GraemeF commented 4 years ago

Should be resolved by #238