Add error handling for token acquisition in getUser and fix state retrieval #28498
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
captainsafia
requested review from
SteveSandersonMS and
a team
as code owners
ghost
added
the
captainsafia
commented
Dec 8, 2020
src/Components/WebAssembly/Authentication.Msal/src/Interop/AuthenticationService.ts
Outdated
Show resolved
Hide resolved
javiercn
reviewed
Dec 9, 2020
src/Components/WebAssembly/Authentication.Msal/src/Interop/AuthenticationService.ts
Outdated
Show resolved
Hide resolved
captainsafia
force-pushed
the
safia/fix-auth-issue
branch
from
d4ed264 to
6ac8695
Compare
captainsafia
force-pushed
the
safia/fix-auth-issue
branch
from
6ac8695 to
50ebff1
Compare
captainsafia
added
the
Servicing-consider
|
Hello human! Please make sure you've included the Shiproom Template in a comment or (preferably) the PR description. Also, make sure this PR is not marked as a draft and is ready-to-merge. |
javiercn
approved these changes
Dec 9, 2020
mkArtakMSFT
added
Servicing-approved
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR fixes bugs that prevented users from being redirected back to the page they were on after logging in and from successfully signing in again after their refresh tokens expire.
Technical Description
If retrieving the users tokens fails (for example, due to an expired refresh token), then trigger sign-in again:
aspnetcore/src/Components/WebAssembly/Authentication.Msal/src/Interop/AuthenticationService.ts
Lines 104 to 110 in 1489438
Pass the state containing the redirect URL when completing sign-in. Return this state from the
redirectCallback:aspnetcore/src/Components/WebAssembly/Authentication.Msal/src/Interop/AuthenticationService.ts
Lines 231 to 234 in 1489438
Process state in
redirectCallbackafter sign-in or sign-out:aspnetcore/src/Components/WebAssembly/Authentication.Msal/src/Interop/AuthenticationService.ts
Lines 327 to 331 in 1489438
Customer Impact
This PR addresses user-reported issues in the JavaScript client for MS Identity-based authentication in Blazor WebAssembly.
These bugs prevent users from completely integrating authentication into their Blazor WASM apps.
There are no viable workarounds or acceptable alternatives to these bugs.
Regression?
Yes, the changes are a regression from 3.1.
Risk
Low, because this covers a well-defined area (MSAL-based authentication in Blazor WebAssembly) and the following test scenarios were manually validated. The changes made for handling refresh token expiration are those recommended by MS Identity.
Validation
Addresses #28151, #28330