search

unoplatform / uno.extensions

Libraries to ease common developer tasks associated with building multi-platform mobile, desktop and web applications using Uno Platform or WinAppSDK.
https://platform.uno/
Other
73 stars 45 forks source link

[Authentication] Enhance MSAL extension to support Azure B2C #2069

Open cconner100 opened 9 months ago

cconner100 commented 9 months ago

What would you like to be added:

Currently the MSAL extension only seems to work with Azure AD. When I try to use it with AZB2C i have no way to set the user flow logins.

see https://learn.microsoft.com/en-us/entra/msal/dotnet/acquiring-tokens/desktop-mobile/social-identities It seems like the largest gap is the Builder does not accept the WithB2CAuthority which sets the user flows.

Why is this needed:

Our application would like to use the Azure ADB2C as the primary login system.

For which Platform:

Anything else we need to know?

nickrandolph commented 9 months ago

Isn't the internal MSAL builder exposed so you can set additional configuration? see https://github.com/unoplatform/uno.extensions/blob/0e8c152d596a7104e6e6fad5ddc04a10296e719a/testing/TestHarness/TestHarness.Shared/Ext/Authentication/Msal/MsalAuthenticationMultiHostInit.cs#L111 for an example

cconner100 commented 9 months ago

The config is missing information for B2C Auth Flows such as SignupandSignIn, Signin, ChangePassword. Possible but its a hack. In addition it does not support the brokered interfaces. Sure its possible but its not a complete package unless it supports this.

nickrandolph commented 6 months ago

@cconner100 just looking to see what we can do to improve support for Azure B2C. Which properties specifically do you require use to expose and is it just a limitation on these not coming from settings, or are you unable to set them in code?

cconner100 commented 6 months ago

So what i have learned so far.

  1. Initialization of the system, you seem to expose all the needed extensions, while it would be nice to have the AzB2C items in the settings file i can work around this e.g. (WithB2CAuthority)
  2. The MacCatalyst need the ability to set the token cache to an custom version how can i access the PublicClientApplicationBuilder object from your interface?
  3. On MSAL you MSAL init you seem to be calling withUnoHelpers for MacCatalyst which throw the exception method not found for WithWindowOrView. This should not be called in mac catalyst
  4. When trying to use MacCatalyst i need to pass in extra paramaters to the .AcquireTokenInteractive. I need to add the WithCustomWebUI. This does not seem possible with your loginasync

Added value Create a login that works with maccatalyst out of the box instead of each developer trying to figure it out, took me a week. And on Winui3 have a standard token caching system since MSAL does not cache the tokens on WinUI3 only mobile (android, ios, uwp).

If you need examples of any of the above more than happy to share my source