Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] AcquireTokenSilent redirects to fabrikamb2c.onmicrosoft.com in B2C web app / web API sample #2468

Closed
1 of 2 tasks
MINDoSOFT opened this issue Mar 10, 2021 · 3 comments
Closed
1 of 2 tasks
Labels

Comments

@MINDoSOFT
Copy link

Logs and Network traces

Which Version of MSAL are you using ?
MSAL 4.26.0

Platform
net451

What authentication flow has the issue?

  • Web App
    • Authorization code
    • OBO

Is this a new or existing app?
This is a sample web application part of Azure-Samples.

Repro

Please run the sample application, and login.
Go to the tasks page.
Wait for an hour, for the access token to expire.
Navigate to the tasks page.
You will be redirected to the

/fabrikamb2c.onmicrosoft.com/b2c_1_susi/oauth2/v2.0/authorize?client_id=fdb91ff5-5ce6-41f3-bdbd-8267c817015d&redirect_uri=https%3A%2F%2Flocalhost%3A44316%2F&response_mode=form_post&response_type=code%20id_token&scope=openid%20profile%20offline_access%20https%3A%2F%2Ffabrikamb2c.onmicrosoft.com%2Ftasks%2Fread%20https%3A%2F%2Ffabrikamb2c.onmicrosoft.com%2Ftasks%2Fwrite&state=OpenIdConnect.AuthenticationProperties%3DuSXsJe7x41d0OCr2_UwJI4xEq2ygRjQiJyagTH6fBI8OOQ-SPz1xCrLjXL9QZigI1d1ppXnIIpy5solLdEZWozRI-Yf4gaMgZNQM6B6OU58AKMMK3PGfz1-783GZc9mJSOO_MMZjxFRHgDVGhUB1Lb_JZbP-DbJhHebVouqrdCpo-SW1P9SLbjANG-6AtWWzt_lFmRFxnzZDsWl0lxl2Zg&nonce=637509045992290365.YmYxZGQwNTAtZTBhZS00ODg4LWFjNTktZWM3NTljZDc2NjFiZjUwNGFlZmQtNjIzNy00MmIwLTg1ZDYtNzAwYjNlMWE1NjAy&x-client-SKU=ID_NET451&x-client-ver=5.4.0.0

page.

Expected behavior
Since I have a refresh token which is valid for 14 days, I was expecting AcquireTokenSilent to request a new access token without redirecting anywhere.

Actual behavior
A redirection to /fabrikamb2c.onmicrosoft.com/b2c_1_susi/oauth2/v2.0/authorize occurs (see detailed url above), to retrieve a totally new access token and refresh token.

Possible Solution

Additional context/ Logs / Screenshots
I've also created an issue on the sample application.

Thank you very much for your time and effort,
Sergios.

@jmprieur jmprieur changed the title [Bug] AcquireTokenSilent redirects to fabrikamb2c.onmicrosoft.com in sample web application [Bug] AcquireTokenSilent redirects to fabrikamb2c.onmicrosoft.com in B2C web app / web API sample Mar 10, 2021
@jmprieur
Copy link
Contributor

This is an issue with the sample, @MINDoSOFT. I need to take the time to look at it.
Do you really need to use ASP.NET ? can't you move to ASP.NET Core? In ASP.NET Core everthing is magically handled for your by Microsoft.Identity.Web. See https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2/tree/master/4-WebApp-your-API/4-2-B2C

@MINDoSOFT
Copy link
Author

Thank you for your prompt reply.

Unfortunately moving to ASP.NET Core is not possible. Because we are integrating Azure B2C with an existing project which uses .NET Framework 4.8 and Web Forms.

@bgavrilMS
Copy link
Member

Please open an issue on the sample if it hasn't been fixed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants