Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Issues with handling the azure B2C user flows
See original GitHub issueExpected Behavior
Let the user handle the query params that are inside the Url for configuration discovery with attached query params
[REQUIRED] Describe expected behavior
Given an URL with a query params (ex. https://login.microsofonline.com/{tenant}/v2.0?p=B2C_1_nfwSignIn) make the URL formulated to construct a valid URL (ex. https://login.microsofonline.com/{tenant}/v2.0/.well-known/openid-configuration?p=B2C_1_nfwSignIn)
Describe the problem
The Issue comes when you pass the URL as stated above the formulated URL is not a valid one given the concatenation that occurs on the file authorization_service_configuration.ts
Also see this reference from Azure documentation
[REQUIRED] Actual Behavior
On function fetchFromIssuer
Input https://login.microsofonline.com/{tenant}/v2.0?p=B2C_1_nfwSignIn
Returns https://login.microsofonline.com/{tenant}/v2.0?p=B2C_1_nfwSignIn/.well-known/openid-configuration
[REQUIRED] Steps to reproduce the behavior
Just place the URL https://login.microsofonline.com/{tenant}/v2.0?p=B2C_1_nfwSignIn in the fetchFromIssuer function, I’m using a 3rd party plugin that has a dependency on this repo ionic-appauth
[REQUIRED] Environment
- AppAuth-JS version: 1.3.1
- AppAuth-JS Environment (Node, Browser (UserAgent), …): Ionic which I assume would be browser____
- Source code snippts (inline or JSBin)
This code resolves my issue but I’m not sure how to make a pull request
static fetchFromIssuer(openIdIssuerUrl: string, requestor?: Requestor):
Promise<AuthorizationServiceConfiguration> {
const searchForQueryParams = function(url: string) {
let result;
let queryOr: any = url.split('/');
let query = queryOr[queryOr.length - 1].split('?');
if (query.length > 1) {
queryOr.splice(queryOr.length - 1, 1);
queryOr = queryOr.join('/');
result = [queryOr, `?${query[query.lenght - 1]}`];
} else {
result = [url, ''];
}
return result;
};
const newUrl = searchForQueryParams(openIdIssuerUrl);
const fullUrl = `${newUrl[0]}/${WELL_KNOWN_PATH}/${OPENID_CONFIGURATION}${newUrl[1]}`;
const requestorToUse = requestor || new JQueryRequestor();
return requestorToUse
.xhr<AuthorizationServiceConfigurationJson>({url: fullUrl, dataType: 'json', method: 'GET'})
.then(json => new AuthorizationServiceConfiguration(json));
}
Issue Analytics
- State:
- Created 2 years ago
- Comments:6
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
That is a bug. Will look into it.
Sure, but some configurations inside enterprises flow cant be changed for some reason (bureaucracy or legacy) that are available inside azure b2c, therefore the need for this change.
Is not like maintaining an old way of doing this, but unless Azure removes completely this option it should be able to handle them as mentioned in the request and MR