microsoft-authentication-library-for-dotnet
microsoft-authentication-library-for-dotnet copied to clipboard
AzureAD
[Feature Request] Make MSAL.NET compatible with MAUI
Initial PR to add support: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/pull/3262
- [x] Add Android and iOS support first
- [x] Fix the CI build as well
- [x] Manual testing Android and iOS scenarios (embedded, system and broker)
- [x] Update xamarin sample
At this point it we should be able to do a partial release with MAUI support for mobile.
- ~[ ] MacCatalyst support (embedded, system and broker (?) scenario)~ CUT.
MSAL ObjC does not have MacCatalyst support, we will need to coordinate with them on this. Should not block GA of MAUI mobile targets.
- [x] Net6 (WinUI) support (embedded, system, broker)
- [x] Update sample ~with MacCatalyst and~ WinUI
- [ ] Automation tests for ios and android
Maui Status can be found here: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/main/MauiStatus.md
Could you release a preview package targeting net6.0-android/net6.0-ios/net6.0-macos/net6.0-maccatalyst?
Just add that targets and create an appropriate package
.net6.0-android should be compatible with our current target. .net6.0-ios is undergoing breaking changes and we will need to fix later on. Currently broken. We have not yet tested with mac, but should work.
using this package into MAUI project, can't deploy to remote mac because of this
PR out with some changes, needs review and following changes:
- no net6-windows10.xyz target is needed
- Update MacCatalyst KeyChain access (see action item on PR)
- Build changes
- Optional: Drop older monoandroid 9 support.
- More testing with embedded / system browser and broker.
- Update our Xamarin samples.
Yes, there is PR out which provides some support. We've got some trouble on MacCatalyst and also we need to do more testing.
@bgavrilMS If this is possible, could you please help me to build the dll from the PR? Our project really need's iOS. Thanks!
@ViktorArbuzov - if you pull this branch, then edit Microsoft.Identity.Client.csproj and comment out any targets you do not care about (I'd leave at least 2 though), it should build fine. I can get it to build with VS 2022 Preview or via the command line. I recommend you build only Microsoft.Identity.Client.csproj, as the solution files have a ton of tests and sample apps that you don't care about.
If you want to pack this into a nuget and use it, you may want to change the version property in the same file. Then dotnet pack.
We're hoping to release mobile support soon. Problem we're facing is that ecosystem (VS, AzureDevOps agents etc.) do not support it natively, need to do some build work.
@nickrandolph @lnaie @Jeremywhiteley if you need it right now, you can build it from the PR, using dotnet pack.
yeh but we're building libraries for other people that depend on MSAL. Not having net6 support is a bit of an oversight but I get why it was overlooked/delayed given the rushed nature of net6 mobile.
We found some problems (missing API) on mobile, which would prevent system browser and broker scenarios. We are discussing this with Maui team.
On a positive note, I tested WinUI and it works well with MSAL 4.44 (already released). No changes needed.
@SameerK-MSFT - please keep this thread updated with progress / blockers etc. Some of the folks here might be able to help.
@bgavrilMS could you tell which API is missing? Is it an API specific to MAUI or to net6.0-ios or net6.0-android ?
Following API is missing from AppDelegate on iOS.
public override bool OpenUrl(UIApplication app, NSUrl url, string sourceApplication, NSObject annotation)
This hook is implemeted by the app developer like here. MSAL uses to this to know if the broker was used or not - see here. We haven't looked into this too much, as this sourceApplication param isn't anyway supported on iOS 13+ (it's empty), so maybe it's not an issue to always ignore it?
The Maui team recommended we use https://gist.github.com/Redth/5be697ac7e75e8d47c26deea83fbc3d0
@SameerK-MSFT is working on this, so pls take my words with a grain of salt...
@bgavrilMS Thanks. To clarify, are your new changes still going to be including a non-maui net6.0-ios package?
What do you mean by non-maui "net6-ios" package? I thought MAUI means net6-ios, net6-android, net6-maccatalyst
Note that MSAL fully supports the vanilla net6 target, e.g. confidential client scenarios and public client desktop scenarios (including WinUI).
MAUI is a layer on top of the Android/iOS/Catalyst bindings (net6.0-android, net6.0-ios and others). Making a "native" (non-MAUI) app is possible (e.g. Uno Platform uses that specific part) and if you add an explicit dependency to MAUI nuget packages in MSAL, this will become breaking for those frameworks and apps.
Following API is missing from AppDelegate on iOS.
public override bool OpenUrl(UIApplication app, NSUrl url, string sourceApplication, NSObject annotation)This hook is implemeted by the app developer like here. MSAL uses to this to know if the broker was used or not - see here. We haven't looked into this too much, as this
sourceApplicationparam isn't anyway supported on iOS 13+ (it's empty), so maybe it's not an issue to always ignore it?The Maui team recommended we use https://gist.github.com/Redth/5be697ac7e75e8d47c26deea83fbc3d0
@SameerK-MSFT is working on this, so pls take my words with a grain of salt...
it exists: https://github.com/dotnet/maui/blob/0872cbc326ea8230c24c075d2f98b3195df69765/src/Core/src/Platform/iOS/MauiUIApplicationDelegate.cs#L80
MAUI is a layer on top of the Android/iOS/Catalyst bindings (
net6.0-android,net6.0-iosand others). Making a "native" (non-MAUI) app is possible (e.g. Uno Platform uses that specific part) and if you add an explicit dependency to MAUI nuget packages in MSAL, this will become breaking for those frameworks and apps.
MAUI != net6 for iOS/Android/Catalyst
just like
Blazor != net6 for WebAssembly
I really wish naming/marketing would support this narrative to bring clarity to developers.
Following API is missing from AppDelegate on iOS.
public override bool OpenUrl(UIApplication app, NSUrl url, string sourceApplication, NSObject annotation)This hook is implemeted by the app developer like here. MSAL uses to this to know if the broker was used or not - see here. We haven't looked into this too much, as this
sourceApplicationparam isn't anyway supported on iOS 13+ (it's empty), so maybe it's not an issue to always ignore it? The Maui team recommended we use https://gist.github.com/Redth/5be697ac7e75e8d47c26deea83fbc3d0 @SameerK-MSFT is working on this, so pls take my words with a grain of salt...it exists: https://github.com/dotnet/maui/blob/0872cbc326ea8230c24c075d2f98b3195df69765/src/Core/src/Platform/iOS/MauiUIApplicationDelegate.cs#L80
Notice how it does not have the string sourceApplication param (which was deprecated by Apple in ios 13)
MAUI is a layer on top of the Android/iOS/Catalyst bindings (
net6.0-android,net6.0-iosand others). Making a "native" (non-MAUI) app is possible (e.g. Uno Platform uses that specific part) and if you add an explicit dependency to MAUI nuget packages in MSAL, this will become breaking for those frameworks and apps.
The only dependencies I see are:
<PackageReference Include="System.Security.SecureString" Version="4.3.0" />
<PackageReference Include="Xamarin.AndroidX.Browser" Version="1.4.0" PrivateAssets="All" />
(not sure why we depdend on SecureString, I think it needs to go)
The only dependencies I see are:
<PackageReference Include="System.Security.SecureString" Version="4.3.0" /> <PackageReference Include="Xamarin.AndroidX.Browser" Version="1.4.0" PrivateAssets="All" />(not sure why we depdend on SecureString, I think it needs to go)
This should be good then, thank you! I was mentioning this because of the changes that would be required for the appdelegate, but those are likely to be documentation changes.
@bgavrilMS
Is it working in iOS by using the MauiBuilder extension method as recommended by the MAUI team.
This comment is a follow-up to changes I observed after upgrading the package to 4.45 for my net6-ios application (non-MAUI).
I used to have a hard crash when I used 4.43 as described in the issue 3272.
Now I get a surprising exception related to the redirect URI parameter:
MSAL.NetCore.4.45.0.0.MsalClientException:
ErrorCode: loopback_redirect_uri
Microsoft.Identity.Client.MsalClientException: Only loopback redirect uri is supported, but **msal<app_id>//auth/** was found. Configure http://localhost or http://localhost:port both during app registration and when you create the PublicClientApplication object. See https://aka.ms/msal-net-os-browser for details
at Microsoft.Identity.Client.Platforms.Shared.Desktop.OsBrowser.DefaultOsBrowserWebUi.UpdateRedirectUri(Uri )
at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync(IWebUI , CancellationToken )
at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync(CancellationToken )
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.GetTokenResponseAsync(CancellationToken )
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.ExecuteAsync(CancellationToken )
at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken )
at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.ExecuteAsync(AcquireTokenCommonParameters , AcquireTokenInteractiveParameters , CancellationToken )
Since I am using Azure B2C, I can't use localhost as it is not supported.
But, what makes this error even more suspicious is that the static class AuthenticationContinuationHelper can't be found even though the Microsoft.Identity.Client NuGet package is referenced:
With the current state of things related to the issue and the changes made, is that expected?
And to make it clear like others did, I am not using MAUI. It is a xamarin.ios application that been migrated to .net6-ios :)
