react-aad icon indicating copy to clipboard operation
react-aad copied to clipboard

Published 20 hours ago verified publisher icon syncweek-react-aad

When running as an Azure App Service, Get slammed into a 302.

Open Bluhman opened this issue 5 years ago • 4 comments
trafficstars

Library versions

  • react-aad-msal: ^2.3.4
  • msal: ^1.2.1

Describe the bug When testing my app locally, My application (a SPA hosted on an ASP.Net Core program) will log in the user properly, storing the user information inside the AAD component provided on the page. Granted it forces the app to reload itself for some strange reason when it's done, but it still remains functional throughout usage of the SPA.

When I host the app on Azure however I just get stuck on a blank screen (because the entire app can only be displayed if the user is logged in). The address bar shows the hosted app service's URL with a bunch of URL-Encoded tokens and stuff that should have been sent to the Authority for a log in, but instead it looks like the auth server just immediately threw a 302 and kicked me back to the SPA on azure without it actually taking in the information from the login: image image

Expected behavior The app should log me in successfully both when running it locally and when hosting it on Azure.

To Reproduce Steps to reproduce the behavior:

  1. Make an ASP Net Core SPA with React
  2. Add react-aad-msal to the front end.
  3. Host it on azure
  4. Try and log in.

Desktop (please complete the following information):

  • OS: [Windows]
  • Browser [Chrome]
  • Version [80.0.3987.149 ]

Bluhman avatar Mar 25 '20 21:03 Bluhman

To make matters more confusing, the auth flow will work properly for people who use the Edge Chromium Browser, and apparently also for when one is browsing in Incognito Mode with Chrome. Some people also are able to get it to work with normal Chrome as well, but it seems like the issue might be semi-related to shared AAD logins between different Microsoft pages?

Bluhman avatar Mar 26 '20 16:03 Bluhman

I am having the same issues since a few weeks ago..

Also assuming it is related to being logged in into Azure Portal at the same time.

Also, when using window.location.origin + "/auth.html" as tokenRefreshUri, the framework does seem to pick randomly another of my registered redirect URIs from Azure AD B2C (which may not be available) and then redirects me back to Login. This usually happens when trying to aqcuire an access token for the first time.

Dejiah avatar Apr 21 '20 12:04 Dejiah

Often just a trailing slash difference between allowed hosts setup in the Azure App vs the real apps URL can cause this.

A trace via Developer tools helps. If you see the 302 and examine the parameters to see any differences,

cicorias avatar Apr 21 '20 12:04 cicorias

Hi. I'm seeing the same issue. Any solution or workaround?

KorKiak avatar Oct 26 '20 09:10 KorKiak