How to handle access_denied: AADB2C90091: The user has cancelled entering self-asserted information.

[patolax]

If we initiate a password reset from the application and at the b2c reset page user clicks on cancel and subsequently gets redirected to the app, at that point, it seems to be user is not authenticated anymore. "@azure/msal-angular@2.4.2 : Error - Guard - error while logging in, unable to activate". None of the routes works, nor API calls.

this error is also logged.

[patolax]

I was able to handle it like this. Not sure if it's correct.

this.msalBroadcastService.msalSubject$
      .pipe(
        takeUntil(this._destroying$)
      )
      .subscribe((result: EventMessage) => {
        if (result.eventType === EventType.ACQUIRE_TOKEN_FAILURE && result.error.message &&
          result.error.message.includes("access_denied")) {
          this.logger.debug("access_denied ask to login");
          let signUpSignInFlowRequest = this.getLoginRequest();
          this.login(signUpSignInFlowRequest);
        }
        if (result.eventType === EventType.LOGIN_SUCCESS) {
          const payload = result.payload as AuthenticationResult;
          this.logger.debug("msalSubject$", payload);
          let idtoken = payload.idTokenClaims as IdTokenClaimsWithPolicyId;

          if (idtoken.acr === b2cPolicies.names.signUpSignIn || idtoken.tfp === b2cPolicies.names.signUpSignIn) {
            this.authService.instance.setActiveAccount(payload.account);
          }

          if (idtoken.acr === b2cPolicies.names.resetPassword || idtoken.tfp === b2cPolicies.names.resetPassword) {
            let signUpSignInFlowRequest = this.getLoginRequest();
            this.login(signUpSignInFlowRequest);
          }
        }
      });

[salman90]

Hi @patolax, thanks for raising this. I managed to reproduce the issue. There's no issue with the way that you're handling the error in the code that you shared, but we will need further debugging to figure out what is causing this behavior.

[github-actions]

This issue has not seen activity in 14 days. If your issue has not been resolved please leave a comment to keep this open. It will be closed in 7 days if it remains stale.

[github-actions]

This issue has been closed due to inactivity. If this has not been resolved please open a new issue. Thanks!