-
Notifications
You must be signed in to change notification settings - Fork 329
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] [M] MSAL.NET fails if B2C user flows/policies have a name containing a dot (.) #2444
Comments
An alternative could be to unseal "Account". |
Looks more like a bug to me @jmprieur |
See if we can use better parsing on AccountId. Otherwise, we can disallow dots. |
@bgavrilMS : did we decide to close issues instead of adding the "Fixed" label? |
Yes, I did not hear any objections. |
Which Version of MSAL are you using ?
MSAL 4.27
Platform
Xamarin/UWP
What authentication flow has the issue?
Other? - please describe;
AcquireTokenSilent/Identity Token Cache
Is this a new or existing app?
c. This is a new app or experiment
Repro
Create a B2C flow called {a}.signupsignin
AcquireTokenInteractive using that flow - works.
... later ...
GetAccountsAsync, which returns a valid Account
call IPublicClientApplication.AcquireTokenSilent with that account
Expected behavior
A user token is acquired from the token cache for the account.
Actual behavior
throws Microsoft.Identity.Client.MsalClientException: 'Returned user identifier does not match the sent user identifier when saving the token to the cache. '
Possible Solution
I assume the problem is the extra '.' in the homeAccountId.Identifier which looks like: {uid}-{a}.signupsignin.{tenantId}
I notice that in various places in the library, for example AccountId.ParseFromString, there is code such as
string[] elements = str.Split('.');
And then an assumption that there will only be 2 elements...
Rather than changing the split character (in many places) - which would probably cause other problems, or trying to deal with an array of length 'n', I would suggest:
The text was updated successfully, but these errors were encountered: