Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unable to login with a Cordova / InAppBrowser redirect on iOS

See original GitHub issue

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.26.0

Wrapper Library

Not Applicable

Wrapper Library Version

None

Description

We have a Cordova app (using a slightly older but proven Ionic/Angular stack and codebase) and we seem to have succeeded in integrating msal-browser but it’s working only on Android and in the desktop browser (development and testing). The Redirect API/calls work just fine on Android, and in the desktop browser the popup API is also performing as expected.

The redirect sign-and-dance flow was solved using the Cordova InAppBrowser plugin, where the solution is similar to the one presented here: https://stackoverflow.com/a/70337594

The problem on iOS (latest / 15.x) is that we get stuck right after entering (correct) user password - seeing an AADSTS900561 (The endpoint only accepts POST requests. Received a GET request.)

I understand there might an issue (or no support?) for InAppBrowser / WKWebView / iOS and the redirect flow, but is the above error and indication for that or is it something else?

Is there any working solution at all for msal-browser and Cordova that also covers iOS?

iOS screenshots

MSAL Configuration

{
      auth: {
        protocolMode: 'OIDC',
        clientId: 'OUR CLIENT ID',
        authority: 'https://login.microsoftonline.com/OUR TENANT ID',
        redirectUri: 'http://localhost:8100'
      },
      cache: {
        cacheLocation: 'localStorage'
      }
}

Relevant Code Snippets

No response

Identity Provider

Azure AD / MSA

Source

External (Customer)

Issue Analytics

State:
Created a year ago
Comments:9 (2 by maintainers)

Top GitHub Comments

2reactions

aleon0103commented, Sep 15, 2022

I got it working on iOS using Capacitor with the Cordova InAppBrowser plugin on IOS 16 I use this approach https://stackoverflow.com/a/73729743/20002757

instead of use _msalInstance.loginPopup(); try to use LoginRedirect

After some cumbersome attempts I can conclude that one should not even bother to use InAppBrowser / WKWebView. The only likely solution is to launch the external browser and do redirection(s) back to the app using deep links (via Firebase for example). It doesn’t seem like the best UX compared to showing/using an embedded browser (InAppBrowser / WKWebView) within the Cordova app but at least login is possible.

Thanks for having a look @hectormmg!

1reaction

zarko-tgcommented, Jun 15, 2022

Here’s a demo project demonstrating the problem, see README.md inside: msal-gh-4910.zip