uno.extensions icon indicating copy to clipboard operation
uno.extensions copied to clipboard

Published 20 hours ago verified publisher icon unoplatform

Enhance MSAL extension to support Azure B2C

Open cconner100 opened this issue 1 year ago • 4 comments

What would you like to be added:

Currently the MSAL extension only seems to work with Azure AD. When I try to use it with AZB2C i have no way to set the user flow logins.

see https://learn.microsoft.com/en-us/entra/msal/dotnet/acquiring-tokens/desktop-mobile/social-identities It seems like the largest gap is the Builder does not accept the WithB2CAuthority which sets the user flows.

Why is this needed:

Our application would like to use the Azure ADB2C as the primary login system.

For which Platform:

  • [ x] iOS
  • [ x] Android
  • [ x] WebAssembly
  • [ ] WebAssembly renders for Xamarin.Forms
  • [ x] Windows
  • [ ] Build tasks

Anything else we need to know?

cconner100 avatar Nov 27 '23 03:11 cconner100

Isn't the internal MSAL builder exposed so you can set additional configuration? see https://github.com/unoplatform/uno.extensions/blob/0e8c152d596a7104e6e6fad5ddc04a10296e719a/testing/TestHarness/TestHarness.Shared/Ext/Authentication/Msal/MsalAuthenticationMultiHostInit.cs#L111 for an example

nickrandolph avatar Dec 07 '23 13:12 nickrandolph

The config is missing information for B2C Auth Flows such as SignupandSignIn, Signin, ChangePassword. Possible but its a hack. In addition it does not support the brokered interfaces. Sure its possible but its not a complete package unless it supports this.

cconner100 avatar Dec 08 '23 02:12 cconner100

@cconner100 just looking to see what we can do to improve support for Azure B2C. Which properties specifically do you require use to expose and is it just a limitation on these not coming from settings, or are you unable to set them in code?

nickrandolph avatar Mar 15 '24 13:03 nickrandolph

So what i have learned so far.

  1. Initialization of the system, you seem to expose all the needed extensions, while it would be nice to have the AzB2C items in the settings file i can work around this e.g. (WithB2CAuthority)
  2. The MacCatalyst need the ability to set the token cache to an custom version how can i access the PublicClientApplicationBuilder object from your interface?
  3. On MSAL you MSAL init you seem to be calling withUnoHelpers for MacCatalyst which throw the exception method not found for WithWindowOrView. This should not be called in mac catalyst
  4. When trying to use MacCatalyst i need to pass in extra paramaters to the .AcquireTokenInteractive. I need to add the WithCustomWebUI. This does not seem possible with your loginasync

Added value Create a login that works with maccatalyst out of the box instead of each developer trying to figure it out, took me a week. And on Winui3 have a standard token caching system since MSAL does not cache the tokens on WinUI3 only mobile (android, ios, uwp).

If you need examples of any of the above more than happy to share my source

cconner100 avatar Mar 18 '24 03:03 cconner100