bug: Login Loop when user is unauthorised
See original GitHub issueLibrary versions
react-aad-msal
: 2.3.4msal
: 1.2.1
Describe the bug
We are using the implicit login flow, using redirect
for the user to authenticate. When a user with valid credentials in our organisation tries to authenticate they get into an indefinite loop from our app back to Microsoft authentication page and back again when they are not in the App user pool that we have specified in Azure AD.
I can see in the url that we get back from authenticating with Microsoft having an error in there. I have seen similar issue somewhere before where msal
was not checking if we have failed to authenticate before sending us back again to the authenticated page
Expected behaviour
- I would expect if we have a failed authentication attempt because the user hasn’t got permissions to have an error and not be stuck in a loop.
To Reproduce Steps to reproduce the behaviour: let’s set up the context context as you having two environments - QA and Dev. In dev env, you have user credentials that are not valid in QA and vice versa.
- Log into Dev
- Go to your app in QA that is forcing authentication with a redirect
- You can see the constant redirect loop
Desktop (please complete the following information):
- OS: Mojave 10.14.6
- Browser Chrome
- Version 80.0.3987.122
Issue Analytics
- State:
- Created 4 years ago
- Comments:5
Top GitHub Comments
This is the error I get in the url
http://localhost:3000/login#error=interaction_required&error_description=AADSTS50105%3a+The+signed+in+user+%27%7bEmailHidden%7d%27+is+not+assigned+to+a+role+for+the+application
We have captured MSAL logs of the loop (starting at monitorWindowForHash, but could be anywhere as it loops…)