Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issues in Handling Callback back from Azure AD B2C #319

Open
kevinlin opened this issue May 10, 2024 · 1 comment
Open

Issues in Handling Callback back from Azure AD B2C #319

kevinlin opened this issue May 10, 2024 · 1 comment
Labels
stale

Comments

@kevinlin
Copy link

kevinlin commented May 10, 2024
edited
Loading

Background
We are building a Flutter web app. The login service provider is a standard Azure AD B2C service). The web app is deployed as a nginx container in Azure Container App.
We use a dedicated route in the Flutter to initiate the login to AAD B2C and handle the callback (it's configured as the redirection URL)

Challenges

  1. We initially used URL redirection for login flow and it worked well locally. However, it is completely broken on the deployed environment with the error on callback from : no_cached_authority_error: No cached authority found
    • I researched intensively on the error, and couldn't find anything useful.
    • As a workaround, we switch the login flow to use pop-ups: webUseRedirect: false
  2. While pop-ups window works well with desktop browsers, it works poorly on mobile browsers. There are some differences between iPhone/Android and the browser used, but in general:
    • The mobile phone always prompts the user when the pop-up window is opened, otherwise, it won't work
    • There are intermittent errors that happen on handling callback from AAD B2C, which seem to be caused by a race condition of MSAL library. The following errors are observed in the browser when they happen:
      • hash_empty_error: Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash.
      • empty_window_error: window.open returned null or undefined window object
    • In such cases, the user is redirected to the Login screen. While the user can kick off the login sequence again, the user experience is certainly subpar
    • A retry mechanism helps to mitigate the errors and achieve a better success rate, but can't completely get rid of the issue, and having multiple pop-up windows gives the user the impression the app is flaky

Appreciate it if anyone could provide guidance on Issue #1 or #2 above
@github-actions GitHub Actions
Copy link

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. If you still think this issue is needed, reopen it again.

@github-actions github-actions bot added the stale label Jul 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kevinlin