popup flow broken in full-screen macOS

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.26.0

Wrapper Library

Not Applicable

Wrapper Library Version

None

Description

It seems that using the loginPopup function does not work properly on full-screen mode on macOS. The popup never get closed and the flow fails silently. When the browser is not in full-screen mode, it always works as expected.

This issue has already been reported in #4839 but even with the library version 2.26.0, it’s still not working. We also tried to follow those instructions but without success.

This example also fails in the same way.

Error Message

We don’t get any error neither in the parent window nor the popup.

Msal Logs

Navigated to https://login.live.com/oauth20_authorize.srf?client_id=bbeb7747-ff22-4d91-b4d1-5847e7986bf4&scope=User.Read+email+profile+openid+offline_access&redirect_uri=https%3A%2F%2Fadmin.getcontrast.dev&response_type=code&state=eyJpZCI6IjNkOGJjNWY3LTY0ODQtNGJlNi04ZDkwLTRlOTE4MTM5NmQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicG9wdXAifX0%3D&response_mode=fragment&nonce=ea4795fd-61eb-414b-a359-d8797cf6ca74&code_challenge=HFjlKBs7AmsVWArHURPcLy7_h8kqv2hK903oVH1-4aw&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=2.26.0&uaid=3dc3690e4b194502b9c13592b9c43424&msproxy=1&issuer=mso&tenant=common&ui_locales=fr-FR&client_info=1&epct=AQABAAAAAAD--DLA3VO7QrddgJg7WevrprbipdRja0-Eq_g8YusVTfzTyimTvpxSMoW2-CWXSL24udMbi7Mf6u_TWzCXQ1gTfvZuGOoQbDjWI1SGJI3KRmn2Q6u0CECf1cy9iuKzql5cOJI75-LL7Qbwnn1R2nWDefsP29mr-FKqFZcgzOJdUD4myTGfCbp6H1n-Z2UeKani_mArk6IIhJjDDSXMcx5oWCKDGDTyFN-mqWvyPV96LyAA&jshs=0&username=xxxxxxx%40outlook.com&login_hint=xxxxxxx%40outlook.com Navigated to https://login.live.com/ppsecure/post.srf?client_id=bbeb7747-ff22-4d91-b4d1-5847e7986bf4&scope=User.Read+email+profile+openid+offline_access&redirect_uri=https%3A%2F%2Fadmin.getcontrast.dev&response_type=code&state=eyJpZCI6IjNkOGJjNWY3LTY0ODQtNGJlNi04ZDkwLTRlOTE4MTM5NmQ0ZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicG9wdXAifX0%3D&response_mode=fragment&nonce=ea4795fd-61eb-414b-a359-d8797cf6ca74&code_challenge=HFjlKBs7AmsVWArHURPcLy7_h8kqv2hK903oVH1-4aw&code_challenge_method=S256&x-client-SKU=msal.js.browser&x-client-Ver=2.26.0&msproxy=1&issuer=mso&tenant=common&ui_locales=fr-FR&client_info=1&epct=AQABAAAAAAD--DLA3VO7QrddgJg7WevrprbipdRja0-Eq_g8YusVTfzTyimTvpxSMoW2-CWXSL24udMbi7Mf6u_TWzCXQ1gTfvZuGOoQbDjWI1SGJI3KRmn2Q6u0CECf1cy9iuKzql5cOJI75-LL7Qbwnn1R2nWDefsP29mr-FKqFZcgzOJdUD4myTGfCbp6H1n-Z2UeKani_mArk6IIhJjDDSXMcx5oWCKDGDTyFN-mqWvyPV96LyAA&jshs=0&username=xxxxxxx%40outlook.com&login_hint=xxxxxxx%40outlook.com&contextid=A224BC714EFD7E88&bk=1655913753&uaid=3dc3690e4b194502b9c13592b9c43424&pid=15216 Navigated to https://example.com

MSAL Configuration

const msalConfig = {
  auth: {
    clientId: 'bbeb7747-ff22-4d91-b4d1-5847e7986bf4',
    authority: 'https://login.microsoftonline.com/common',
    redirectUri: 'https://example.com',
  },
};

Relevant Code Snippets

const loginRequest = {
  scopes: ['User.Read', 'email', 'profile', 'openid'],
};

const msalInstance = new PublicClientApplication(msalConfig);
const loginResponse = await msalInstance.loginPopup(loginRequest);
msalInstance.setActiveAccount(loginResponse.account);
const tokenResponse = await msalInstance.acquireTokenSilent(loginRequest);

Reproduction Steps

1. Open the application in full-screen browser
2. Click the Sign in button
3. After being redirected to new tab, log in into Microsoft and accept the permission requested by the app

Expected Behavior

After the authentication, the popup is closed and the control is yield back to the parent window.

Identity Provider

Azure AD / MSA

Browsers Affected (Select all that apply)

Chrome, Firefox, Edge, Safari

Regression

No response

Source

External (Customer)