Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Custom state leads to error after upgrading to 3.14.0 #7122

Open
1 of 2 tasks
MichdeJong opened this issue May 24, 2024 · 0 comments
Open
1 of 2 tasks

Custom state leads to error after upgrading to 3.14.0 #7122

MichdeJong opened this issue May 24, 2024 · 0 comments
Labels
bug A problem that needs to be fixed for the feature to function as intended. msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package public-client Issues regarding PublicClientApplications

Comments

@MichdeJong
Copy link

MichdeJong commented May 24, 2024
edited
Loading

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.14.0

Wrapper Library

MSAL Angular (@azure/msal-angular)

Wrapper Library Version

3.0.4

Public or Confidential Client?

Public

Description

We have an Angular application connected to Azure B2C. We have some instances where we pass a custom state parameter on our requests.
Since upgrading from msal-browser 3.1.0 to 3.14.0 (msal-angular 3.0.4 to 3.0.17) we are getting errors handling the redirect:
Error - Interaction type validation failed due to invalid_state: State was not the expected format

Error Message

[018faafb-8d9f-70a4-b219-89d5655425bf] : msal.js.browser@3.14.0 : Error - Interaction type validation failed due to invalid_state: State was not the expected format

  log @ msal-instance.factory.ts:44
  executeCallback @ Logger.mjs:83
  logMessage @ Logger.mjs:76
  error @ Logger.mjs:90
  getRedirectResponse @ RedirectClient.mjs:188
  (anonymous) @ RedirectClient.mjs:88
  (anonymous) @ chunk-Y6Q6HMFU.js?v=e8ea7555:78
  ZoneAwarePromise @ zone.js:2611
  __async @ chunk-Y6Q6HMFU.js?v=e8ea7555:62
  handleRedirectPromise @ RedirectClient.mjs:81
  (anonymous) @ FunctionWrappers.mjs:74
  (anonymous) @ StandardController.mjs:211
  (anonymous) @ chunk-Y6Q6HMFU.js?v=e8ea7555:78
  ZoneAwarePromise @ zone.js:2611
  __async @ chunk-Y6Q6HMFU.js?v=e8ea7555:62
  handleRedirectPromiseInternal @ StandardController.mjs:190
  (anonymous) @ StandardController.mjs:173
  (anonymous) @ chunk-Y6Q6HMFU.js?v=e8ea7555:78
  ZoneAwarePromise @ zone.js:2611
  __async @ chunk-Y6Q6HMFU.js?v=e8ea7555:62
  handleRedirectPromise @ StandardController.mjs:160
  handleRedirectPromise @ PublicClientApplication.mjs:204
  (anonymous) @ azure-msal-angular.mjs:50
  invoke @ zone.js:365
  onInvoke @ core.mjs:14882
  invoke @ zone.js:364
  run @ zone.js:111
  (anonymous) @ zone.js:2447

MSAL Logs

msal-issue-1716561570583.log

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

auth: {
            clientId: "xxxxxx",
            authority: "https://login-dev.xxx.nl/xxxxx/B2C_1A_XXX",
            knownAuthorities: ["login-dev.xxx.nl"]
            redirectUri: "https://localhost:4201/auth",
            postLogoutRedirectUri: "https://mijn-dev.xxx.nl/afgemeld",
            navigateToLoginRequestUrl: true
        },
        cache: {
            cacheLocation: BrowserCacheLocation.SessionStorage,
            storeAuthStateInCookie: isIE, // set to true for IE 11
        },
        system: {
            loggerOptions: {
                loggerCallback,
                logLevel: LogLevel.Info,
                piiLoggingEnabled: false
            }
        }

Relevant Code Snippets

const endSessionRequest: EndSessionRequest = {
            postLogoutRedirectUri: "https://localhost:4201/",
            state: "myState",
            extraQueryParameters: { "ui_locales": "nl-NL"}
        };

this.msalService.logoutRedirect(endSessionRequest);

Reproduction Steps

Log in
Execute the logoutRedirect with and EndSessionRequest with a custom value for state
Observe the error when handling the redirect back to the application

Expected Behavior

No error is shown and the state can be read from the query parameter

Identity Provider

Azure B2C Custom Policy

Browsers Affected (Select all that apply)

Chrome

Regression

@azure/msal-browser 3.1.0

Source

External (Customer)
@MichdeJong MichdeJong added bug-unconfirmed A reported bug that needs to be investigated and confirmed question Customer is asking for a clarification, use case or information. labels May 24, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label May 24, 2024
@github-actions github-actions bot added b2c Related to Azure B2C library-specific issues msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package public-client Issues regarding PublicClientApplications labels May 24, 2024
@tnorling tnorling added bug A problem that needs to be fixed for the feature to function as intended. and removed b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed labels Jun 4, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot removed question Customer is asking for a clarification, use case or information. Needs: Attention 👋 Awaiting response from the MSAL.js team labels Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug A problem that needs to be fixed for the feature to function as intended. msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package public-client Issues regarding PublicClientApplications
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tnorling @MichdeJong