Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Bug] Xamarin Forms iOS broker authentication doesn't work in combination with Microsoft Authenticator

See original GitHub issue

Logs and network traces I added to files as attachment to this item on of the contains all log registerd on iOS tablet, the second one contains only the errors

Which version of MSAL.NET are you using? MSAL.NET 4.47.0, 4.47.1, 4.47.2

Platform Xamarin Forms iOS project

What authentication flow has the issue?

Desktop / Mobile
- Interactive
- Integrated Windows Authentication
- Username Password
- Device code flow (browserless)
Web app
- Authorization code
- On-Behalf-Of
Daemon app
- Service to Service calls

Other? The issue is appearing on iOS tablet OS version 15.7 when using MSAL for acquiring token with broker and on device is installed Microsoft Authenticator.

When trying to get the token MS authenticator is opened, after selecting account the authenticator will be close and the application will be restarted

Is this a new or existing app? The app is in production, and I have upgraded to a new version of MSAL.

Repro

var your = (code) => var pca = PublicClientApplicationBuilder.Create(authenticationService.ClientApplicationId)
                    .WithIosKeychainSecurityGroup("com.microsoft.adalcache")
                    .WithBroker()
                    .WithRedirectUri("...")
                    .Build();

Expected behavior After selecting the account in authenticator then application should use the account to generate a token and authenticate the user

Actual behavior Application is restarted and you should take the login process from beginning, in this way you’re in a infinite loop and the login process will never end
If MS authenticator is not installed, then the authentication with Brocker is working without no issue

Possible solution

Additional context / logs / screenshots / links to code

I attached here a screen recording with issue reproduction, device logfiles, test project source code

Device logs

UserDetailsClientLogs.txt UserDetailsClientFaults.txt

Reproduction Steps

https://user-images.githubusercontent.com/20532118/199480498-40a64f94-3cdf-4c77-8440-76dedc4ee1a3.mp4

Source Code The source code can be found at bellow link or download the archive attached to this item https://github.com/Azure-Samples/active-directory-xamarin-native-v2

2-With-broker.zip

Issue Analytics

State:
Created a year ago
Reactions:1
Comments:14 (8 by maintainers)

Top GitHub Comments

2reactions

bgavrilMScommented, Nov 15, 2022

@SameerK-MSFT - can you pls provide a suggestion on how to unblock the folks here? The logs show that AcquireTokenInteractive with broker is happening but then failing. Is this a regression?

default 12:47:37.356192+0200 UserDetailsClientiOS True MSAL 4.47.0.0 MSAL.Xamarin.iOS Mono 6.12.0 (2020-02/dffa5ab9224) 15.7 [2022-11-02 10:47:37Z] Valid MSAL style redirect Uri detected.

default 12:47:37.356230+0200 UserDetailsClientiOS True MSAL 4.47.0.0 MSAL.Xamarin.iOS Mono 6.12.0 (2020-02/dffa5ab9224) 15.7 [2022-11-02 10:47:37Z] Starting iOSBroker:AcquireTokenInteractiveAsync

default 12:47:37.363951+0200 UserDetailsClientiOS True MSAL 4.47.0.0 MSAL.Xamarin.iOS Mono 6.12.0 (2020-02/dffa5ab9224) 15.7 [2022-11-02 10:47:37Z] GetOrCreateBrokerKey - found an existing key

default 12:47:37.369546+0200 UserDetailsClientiOS True MSAL 4.47.0.0 MSAL.Xamarin.iOS Mono 6.12.0 (2020-02/dffa5ab9224) 15.7 [2022-11-02 10:47:37Z] The SecStatusCode from trying to get the broker application token is: SecStatusCode: ItemNotFound

default 12:47:37.370373+0200 UserDetailsClientiOS True MSAL 4.47.0.0 MSAL.Xamarin.iOS Mono 6.12.0 (2020-02/dffa5ab9224) 15.7 [2022-11-02 10:47:37Z] Invoking the iOS broker

default 12:47:37.370560+0200 UserDetailsClientiOS True MSAL 4.47.0.0 MSAL.Xamarin.iOS Mono 6.12.0 (2020-02/dffa5ab9224) 15.7 [2022-11-02 10:47:37Z] iOS Broker Payload: authority=https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2F&scope=User.Read&client_id=4a1aa1d5-c567-49d0-ad0b-cd957a47f842&correlation_id=312242e4-e0df-4fa3-8d59-62a1bab71deb&client_version=4.47.0.0&intune_enrollment_ids=&intune_mam_resource=&redirect_uri=msauth.com.yourcompany.UserDetailsClient%3A%2F%2Fauth&username=&extra_oidc_scopes=openid+offline_access+profile&prompt=select_account&broker_key=KE67XU1bRjRONt5Agt_yrdIsVKl4WKkv_U7Fwz0pxvQ&msg_protocol_ver=3&broker_nonce=204d99e3-d1a7-405c-b2cb-94d2c12c6bdc

1reaction

z0merocommented, Nov 15, 2022

I also have this problem on my iOS project… 😦