Active Directory: MSAL (UWP) PublicClientApplication.AcquireTokenAsync(…) returns exception

Deadly 提交于 2019-12-11 08:54:23

问题


I am trying to implement a sign in / login function using Active Directory. I am basing myself in on this b2c-xamarin sample.

Below is the relevant code that I am having issues with. I have made modifications here to simplify readability. I have inserted comments for anything noteworty, particularly AcquireTokenAsync:

string ClientID     = "<application_id_of_b2c_application>"
string Authority    = "https://login.microsoftonline.com/tfp/<b2c_tenant_name>/<signin_policy_name>/oauth2/v2.0/authorize"

PublicClientApplication PCA = new PublicClientApplication(ClientID, Authority);

//  The application says to override this which I do not as I am not sure if its required for actual sign in
PCA.RedirectUri = $"msal{ClientID}://auth";

//  UWP SIGN IN CODE
string Scopes = { "User.Read" };
string PolicySignUpSignIn = "<signin_policy_name>";

//  Arguments #2 and #3 both return null.  This happens also with the unmodified sample that works.
//  I do not know what to put in for argument #1 (scopes) - I have tried numerous combinations to no avail.  currently I have { "User.Read" }
AuthenticationResult ar = await PCA.AcquireTokenAsync(Scopes, GetUserByPolicy(PCA.Users, PolicySignUpSignIn), PCA.UiParent);

The excpetion I get when calling AcquireTokenAsync is the following (truncated for readability purposes - I inserted the beginning and the end)

{Microsoft.Identity.Client.MsalException: WAB authentication failed ---> System.IO.FileNotFoundException: The specified protocol is unknown. (Exception from HRESULT: 0x800C000D) at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) ...(TRUNCATION)... --- End of stack trace from previous location where exception was thrown --- at UserDetailsClient.MainPage.d__2.MoveNext() ErrorCode: authentication_ui_failed}

The way I see it the problem could be any of the following:

  1. PublicClientApplication (PCA) was initialized with incorrect parameters (client id / authority)
  2. I am using the wrong Scopes argument for AcquireTokenAsync - currently its: { "User.Read" }
  3. I need to specify the proper redirect URI and assign it to PCA before calling AcquireTokenAsync in UWP
  4. I am missing something on the Azure end

I have tried many combinations of arguments based on the values I have in Azure AD to no avail. I could really use some help.

来源:https://stackoverflow.com/questions/50059571/active-directory-msal-uwp-publicclientapplication-acquiretokenasync-retu

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!