Blazor Web Assembly (Client): Microsoft.Authentication.WebAssembly.Msal Upgrade from 3.2.1 -> 5.0.4

[jaredrakoff]

@Pilchie
Hello, I have built a Blazor Client web assembly application in .net 5 and I'm able to sign in with azure ad. I am trying to upgrade from MSAL 3.2.1 -> 5.0.4 and after I do I am no longer able to sign in.

Before the upgrade, clicking login opens the /authorize with: https://login.microsoftonline.com/9bcaf044-1667-4506-a200-067c204b3ca3/oauth2/v2.0/authorize?response_type=id_token&scope=openid profile&client_id=4618572a-96a4-45da-ad7e-30a457ae69e9&redirect_uri=https://forgedev.cwbgroup.org/authentication/login-callback&state=db6593ef-9989-4329-9996-97c78038d47d|CKcySrCAn4v6-idFwCpSbDwIngZ4Nbai-yvDpd1R274&nonce=b3edec00-d325-4657-8246-f8ca15e5dff7&client_info=1&x-client-SKU=MSAL.JS&x-client-Ver=1.2.1&client-request-id=ad3530b2-e9cc-4262-bb18-d12fefc5042e&response_mode=fragment

After the upgrade of the package, the /authorize looks like this and fails to authenticate due to cors issue:

https://login.microsoftonline.com/9bcaf044-1667-4506-a200-067c204b3ca3/oauth2/v2.0/authorize?client_id=4618572a-96a4-45da-ad7e-30a457ae69e9&scope=openid%20profile&redirect_uri=https%3A%2F%2Flocalhost%3A44308%2Fauthentication%2Flogin-callback&client-request-id=b9998b37-8546-46dd-a492-e9a969b49b39&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.8.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=yDz5SkBF7tGrh1T7iNoU_0Ng-Bs4G_ZWcXAYIzYlRFY&code_challenge_method=S256&nonce=0059fd75-b6f7-4825-be92-29e55063408e&state=eyJpZCI6ImIwNjA2OTY0LWI3MWItNGUzNy1hNjZiLTRmZDI5NmMwOWUzYSIsInRzIjoxNjE3MzcyMTU4LCJtZXRhIjp7ImludGVyYWN0aW9uVHlwZSI6InBvcHVwIn19%7CZ4-2GUoGz2rS_RgDCxEwX4tcS4U2vJx53YBcla_vj0U&sso_reload=true

I can tell that after the upgrade, the response_type=code. Why is that the case? My application is a blazor CLIENT application and has no server!
How can I upgrade the MSAL and keep response_type=id_token? Thanks

[captainsafia]

@jaredrakoff We updated to a new version of MSAL.js in .NET 5 so some of the configurations on the Azure end will need to be updated to account for this.

Have you verified that your application is configured as a SPA on Azure?

Some more instructions are available at https://docs.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-azure-active-directory?view=aspnetcore-5.0.

[jaredrakoff]

Yes, I followed everything. Even those instructions get you to create a new blazor wasm project and the template has MSAL 3.2.1

[captainsafia]

@jaredrakoff Can you share a minimal repro of your project?

Blazor WASM in .NET 5 ships with v2.8.0 of the MSAL.js library (ref).

[jaredrakoff]

Here you go: https://github.com/jaredrakoff/BlazorCannotSignin You'll need to configure your own Azure App Registration. All i get is a CORS error when I sign in. If you rollback to 3.2.1, you can sign in without issue! Thanks

…

On Fri, Apr 2, 2021 at 7:25 PM Safia Abdalla ***@***.***> wrote: @jaredrakoff <https://github.com/jaredrakoff> Can you share a minimal repro of your project? Blazor WASM in .NET 5 ships with v2.8.0 of the MSAL.js library (ref <https://github.com/dotnet/aspnetcore/blob/19785ccdf595772231ee7b93083471ff13bad3de/src/Components/WebAssembly/Authentication.Msal/src/Interop/package.json#L16> ). — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#31485 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADGAE7TOI2TUMMX5POVPTBDTGZG53ANCNFSM42JFJ46A> .

-- Jared Rakoff

This issue has been resolved and has not had any activity for 1 day. It will be closed for housekeeping purposes.

See our Issue Management Policies for more information.

[jaredrakoff]

Please reopen. This is not resolved.

…

On Sat, Apr 3, 2021, 8:00 PM msftbot[bot] ***@***.***> wrote: Closed #31485 <#31485>. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#31485 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ADGAE7TSPEV6V2KUJ5VZNM3TG6TZNANCNFSM42JFJ46A> .