microsoft-authentication-library-for-dotnet icon indicating copy to clipboard operation
microsoft-authentication-library-for-dotnet copied to clipboard

Published 20 hours ago verified publisher icon AzureAD

[Bug] Requesting a SpaAuthCode for a B2C client results in a null SpaAuthCode response from the token endpoint

Open david-shinn opened this issue 3 years ago • 2 comments

Logs and network traces Screenshot 2022-06-09 145613 )

Which version of MSAL.NET are you using? Microsoft.Identity.Client 4.42.1

Platform .NET Framework 4.8

What authentication flow has the issue?

  • Web app
    • [x ] Authorization code

Other? Requesting a Spa Authorization Code for a B2C client results in a null Spa code response from the token endpoint

Is this a new or existing app? New

Repro

ConfidentialClientApplicationBuilder.Create(_clientId)
                      .WithClientSecret(_clientSecret)
                      .WithRedirectUri(_redirectUri)
                      .WithB2CAuthority($"{_authority}/{policy}")
                      .Build()

confidentialClientApplication.AcquireTokenByAuthorizationCode(scopes, authorizationCode)
                .WithSpaAuthorizationCode(withSpaAuthorizationCode)
                .ExecuteAsync()

Expected behavior The AuthenticationResult response contains a non-null SpaAuthCode property

Actual behavior SpaAuthCode property is null

Possible solution Is it even possible with a B2C authority?

Additional context / logs / screenshots / links to code The normal authorization code requests works fine for the BE, but the SpaAuthCode for the FE is always null.

david-shinn avatar Jun 09 '22 20:06 david-shinn

I don't think that this protocol is supported by B2C.

jmprieur avatar Jun 09 '22 21:06 jmprieur

Thanks for the confirmation. Do you have a recommended alternative for a hybrid ASP.NET sites loading React apps that need auth tokens on some pages?

david-shinn avatar Jun 10 '22 00:06 david-shinn