microsoft-authentication-library-for-dotnet: [Bug] Cannot use `.WithUseEmbeddedWebView` on `net6-windows` TFW
Which version of MSAL.NET are you using? MSAL.NET 4.42.0.0
Platform
net6-windows
Microsoft Visual Studio Community 2022 (64-bit) - Current Version 17.1.0
Windows 10 Pro 21H1 19043.1526
What authentication flow has the issue?
- Desktop / Mobile
- Interactive
Other?
Is this a new or existing app?
c. This is a new app or experiment.
Repro
string[] scopes = new string[] {"user.read"};
var app = PublicClientApplicationBuilder.Create(clientId).Build();
AuthenticationResult result = await app.AcquireTokenInteractive(scopes)
.WithUseEmbeddedWebView(true)
.ExecuteAsync();
Expected behavior I would expect the embedded login prompt to pop up.
Actual behavior
I get an unhandled Microsoft.Identity.Client.MsalClientException details below.
Possible solution
The error says that this feature is supported in net5-windows10.0.17763.0 so I would expect this same feature to exist in net6-windows
Additional context / logs / screenshots / links to code
Microsoft.Identity.Client.MsalClientException
HResult=0x80131500
Message=If you have a Windows application which targets net5 or net5-windows, please change the target to net5-windows10.0.17763.0, which provides support from Win7 to Win10. For details, see https://github.com/dotnet/designs/blob/main/accepted/2020/platform-checks/platform-checks.mdIf you have a cross-platform (Windows, Mac, Linux) application which targets net5, please dual target net5 and net5-windows10.0.17763.0.Your installer should deploy the net5 version on Mac and Linux and the net5-window10.0.17763.0 on Win7 - Win10.For details, see https://github.com/dotnet/designs/blob/main/accepted/2020/platform-checks/platform-checks.mdIf you have a .NET Core 3.1 app, please reference the NuGet package Microsoft.Identity.Client.Desktop and call the extension method .WithDesktopFeatures() first.For details, see https://aka.ms/msal-net-webview2 or use the system WebView - see https://aka.ms/msal-net-os-browser
Source=Microsoft.Identity.Client
StackTrace:
at Microsoft.Identity.Client.Platforms.Shared.NetStdCore.NetCoreWebUIFactory.CreateAuthenticationDialog(CoreUIParent coreUIParent, WebViewPreference webViewPreference, RequestContext requestContext)
at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.CreateWebAuthenticationDialog()
at Microsoft.Identity.Client.Internal.AuthCodeRequestComponent.<FetchAuthCodeAndPkceVerifierAsync>d__4.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.<GetTokenResponseAsync>d__11.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.<ExecuteAsync>d__9.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Identity.Client.Internal.Requests.RequestBase.<RunAsync>d__12.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.<ExecuteAsync>d__2.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Reactions: 1
- Comments: 24 (12 by maintainers)
The recommendation is to use WAM, not embedded browser. Please see https://aka.ms/msal-net-wam
The issue seems to be here: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/001a6b33b8ba466652a1f6b1d0d4e02cc6a8ed01/src/client/Microsoft.Identity.Client/Platforms/Features/WebView2WebUi/WinFormsPanelWithWebView2.cs#L236
because CoreWebView2 is null.
The WebView2 docs states that settings the
Sourceproperty should be enough to setCoreWebView2to something, but I see other people on stackoverflow stating that they needed to call EnsureCoreWebView2Async(CoreWebView2Environment).I’ll try to see if using that fixes the problem.
I’ve tried the suggested solution but I’ve got to the same point as @A9G-Data-Droid .
The only thing I can see more is that I logged an Exception after the
ExecuteAsync()but before the blank window get shown:I’m using
net6-windows10.0.17763.0as suggestedYou need to use
net6-windows10.0.177763.0. This does not mean that you restrict your app to running only on Win10. You can add<SupportedOSPlatformVersion>7</SupportedOSPlatformVersion>to support all the way down to Win7. MSAL will do the right thing.@A9G-Data-Droid - my bad- please edit your .csproj file and change the target framework from
net6ornet6-windowstonet6-windows10.0.17763.0. Do not referenceMicrosoft.identity.Client.DesktopThanks @bgavrilMS My project is a (.net6) library that can be called from any other project so that I can quickly add AAD authentication to any tool that may need it in the future. When running my unit tests, I guess that’s a console app? (WAM is working silently and I never see the UI)
I’m using it from a NET 6 WinForms app. I was calling it by a UI Thread, in Winforms control events.
I’ve now transitioned to using WAM and it works better than before!
Sent from Mailhttps://go.microsoft.com/fwlink/?LinkId=550986 for Windows
From: Bogdan @.> Sent: 15 April 2022 12:24 To: @.> Cc: Alessandro @.>; @.> Subject: Re: [AzureAD/microsoft-authentication-library-for-dotnet] [Bug] Cannot use
.WithUseEmbeddedWebViewonnet6-windowsTFW (Issue #3206)MSAL now uses WebView1 for AAD authority, but continues to use WebView2 for B2C.
For the null ref exception, this would happen if WebView2 isn’t initialized properly (by MSAL). Are you using it from a console app, a WinForms app or a WPF app? Are you calling AcquireTokenInteractive from UI thread or from background thread?
— Reply to this email directly, view it on GitHubhttps://github.com/AzureAD/microsoft-authentication-library-for-dotnet/issues/3206#issuecomment-1100023284, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AACG7N5JCWO5VAW2VU6WQFTVFE7UNANCNFSM5P4C65MQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>
@A9G-Data-Droid - I’m not advising you to use WebView1, I’m advising you to use WAM https://aka.ms/msal-net-wam which provides better security and has fewer such issues.
Feel free to use WebView2 in your own projects, the API is much better and HTML support are much better than WebView1.
But still, we need to fix this null reference exception. If WebView2 cannot be initialized, we should fallback to WV1. Or remove WV2 support completely.
My main issue is that I could use the system browser, but if I fail to authenticate, or even just close the browser, the authentication process hangs without giving me any error, while the embedded view returns an exception that I can handle (like it did on .net framework 4.7.2).