You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 26, 2021. It is now read-only.
@Injectable({provideIn: 'root'})exportclassAuthService{privatereadonly_user$: BehaviourSubject<Account>;constructor(privatereadonly_msalService: MsalService){this._user$=newBehaviorSubject(_msalService.getAccount());this._msalService.handleRedirectCallback((authError,response)=>{if(authError){this._msalService.loginRedirect({scopes: ['openid']});return;}// window.location is always 'https://localhost:4200/#', looks like the other part of the #state=123&scope=456 is missing in the Angularthis._msalService.acquireTokenRedirect({scopes: ['https://***.partner.onmschina.cn/api/write','https://***.partner.onmschina.cn/api/read']});});this._user$.next(_msalService.getAccount());}publiclogin(){this._msalService.loginRedirect();}}
Token. Have a look at the aud - it's for the UI application. azp and scp are missing.
{
"iss": "https://***.b2clogin.cn/0b5***865/v2.0/",
"exp": 1595754060,
"nbf": 1595750460,
"aud": "706***cae", <-- Audience is for the UI application, not for the API applications"oid": "cf2***062",
"sub": "cf2***062",
"given_name": "Vlad",
"family_name": "Kasianenko",
"name": "Vlad Kasianenko",
"emails": [
"Vladyslav_Kasianenko@companyemail.com"
],
"tfp": "B2C_1_signin",
"nonce": "8ef200db-c7ed-4506-a780-f65e6671e827",
"ver": "1.0",
"iat": 1595750460,
"auth_time": 1595750460,
}
Azure AD B2C setup:
When I call acquireTokenSilent({ scopes: ['https://***.partner.onmschina.cn/api/write','https://***.partner.onmschina.cn/api/read'] }), I actually got right token in the accessToken property. But how do I apply it to the Bearer?
The text was updated successfully, but these errors were encountered:
vladkasianenko
changed the title
After migrating from 0.x to 1.x I get different aud in the token
After migrating from 0.x to 1.x msal can't get token from URL
Jul 27, 2020
After migrating from
msal@0.2.2
to themsal@1.3.3
I have different tokens.There were no changes at the Azure portal.
After
_msalService.login()
I have this URL:However, with
acquireTokenRedirect
in the URL I have something like this:As you can see, this URL contains both scopes and valid token. But how can I grab it in the
handreRedirectCallback
?I also use
MsalGuard
, might it affect somehow?Am I missing something?
OLD configuration:
auth.service.ts
:NEW configuration:
MSAL_CONFIG
token:MSAL_CONFIG_ANGULAR
:auth.service.ts
:Token. Have a look at the
aud
- it's for the UI application.azp
andscp
are missing.Azure AD B2C setup:
![image](https://user-images.githubusercontent.com/14053728/88477304-a66cd780-cf47-11ea-9e35-534cb7c0028a.png)
![image](https://user-images.githubusercontent.com/14053728/88477364-0794ab00-cf48-11ea-83c4-49f2b28bb982.png)
![image](https://user-images.githubusercontent.com/14053728/88477390-3a3ea380-cf48-11ea-87d3-f7b388ffdf3d.png)
When I call
acquireTokenSilent({ scopes: ['https://***.partner.onmschina.cn/api/write','https://***.partner.onmschina.cn/api/read'] })
, I actually got right token in theaccessToken
property. But how do I apply it to the Bearer?The text was updated successfully, but these errors were encountered: