microsoft-authentication-library-for-dotnet: [Bug] HoloLens 2 device code flow does not work

Logs and Network traces Error setting value to 'TenantDiscoveryEndpoint' on 'Microsoft.Identity.Client.Instance.Discovery.InstanceDiscoveryResponse'. at Microsoft.Identity.Json.Serialization.ExpressionValueProvider.SetValue (System.Object target, System.Object value) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue (Microsoft.Identity.Json.Serialization.JsonProperty property, Microsoft.Identity.Json.JsonConverter propertyConverter, Microsoft.Identity.Json.Serialization.JsonContainerContract containerContract, Microsoft.Identity.Json.Serialization.JsonProperty containerProperty, Microsoft.Identity.Json.JsonReader reader, System.Object target) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.Serialization.JsonSerializerInternalReader.PopulateObject (System.Object newObject, Microsoft.Identity.Json.JsonReader reader, Microsoft.Identity.Json.Serialization.JsonObjectContract contract, Microsoft.Identity.Json.Serialization.JsonProperty member, System.String id) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.Serialization.JsonSerializerInternalReader.CreateObject (Microsoft.Identity.Json.JsonReader reader, System.Type objectType, Microsoft.Identity.Json.Serialization.JsonContract contract, Microsoft.Identity.Json.Serialization.JsonProperty member, Microsoft.Identity.Json.Serialization.JsonContainerContract containerContract, Microsoft.Identity.Json.Serialization.JsonProperty containerMember, System.Object existingValue) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal (Microsoft.Identity.Json.JsonReader reader, System.Type objectType, Microsoft.Identity.Json.Serialization.JsonContract contract, Microsoft.Identity.Json.Serialization.JsonProperty member, Microsoft.Identity.Json.Serialization.JsonContainerContract containerContract, Microsoft.Identity.Json.Serialization.JsonProperty containerMember, System.Object existingValue) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.Serialization.JsonSerializerInternalReader.Deserialize (Microsoft.Identity.Json.JsonReader reader, System.Type objectType, System.Boolean checkAdditionalContent) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.JsonSerializer.DeserializeInternal (Microsoft.Identity.Json.JsonReader reader, System.Type objectType) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.JsonConvert.DeserializeObject (System.String value, System.Type type, Microsoft.Identity.Json.JsonSerializerSettings settings) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.JsonConvert.DeserializeObject[T] (System.String value, Microsoft.Identity.Json.JsonSerializerSettings settings) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.JsonConvert.DeserializeObject[T] (System.String value) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Client.Utils.JsonHelper.DeserializeFromJson[T] (System.String json) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Client.OAuth2.OAuth2Client.CreateResponse[T] (Microsoft.Identity.Client.Http.HttpResponse response, Microsoft.Identity.Client.Internal.RequestContext requestContext) [0x00000] in <00000000000000000000000000000000>:0 \r\n at Microsoft.Identity.Json.Linq.Extensions+<Convert>d__142[T,U].<>m__Finally1 () [0x00000] in <00000000000000000000000000000000>:0 \r\n at System.Runtime.CompilerServices.AsyncMethodBuilderCore+MoveNextRunner.InvokeMoveNext (System.Object stateMachine) [0x00000]`

Which Version of MSAL are you using ? 4.22, built from the current MSAL master branch.

Platform Unity 2019.4.0f1, UWP, IL2CPP, ARM for HoloLens 2

What authentication flow has the issue?

  • Desktop / Mobile
    • Interactive
    • Integrated Windows Auth
    • Username Password
    • Device code flow (browserless)
  • Web App
    • Authorization code
    • OBO
  • Daemon App
    • Service to Service calls

Other? - please describe;

Is this a new or existing app? We were using some version of MSAL v3, but application in production started having issues with authenticating private accounts. After long support session we learned that we should change a little our flow, this required update to MSAL v4. Unfortunately, while everything works fine in the editor, version deployed on the HoloLens does not.

Repro

I am attaching whole script that contains our logic for device code. Controller script only calls SignInWithDeviceFlow() method and this method fails on AcquireToken.

DeviceCodeAuthenticator.txt

Expected behavior Using AcquireTokenWithDeviceCode should give code to authenticate user.

Actual behavior Exception is being thrown and no code is given.

Possible Solution This issue appeared in MSAL v3 we were using previously and link.xml fixed it. In the new version of MSAL, this fix does not work. I have turned panic mode on and basically put all possible options in link.xml, still does not work. Here is the content:

<linker>    
<assembly fullname="Microsoft.Identity.Client" preserve="all"/>
	<assembly fullname="Microsoft.Identity" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Json" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Json.Serialization" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Json.JsonConvert" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Json.Serialization.JsonProperty " preserve="all"/>
	<assembly fullname="Microsoft.Identity.Json.Serialization.JsonSerializerInternalReader" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Instance.Discovery.InstanceDiscoveryResponse" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Utils" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Instance.Discovery" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Utils.JsonHelper" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.OAuth2" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.OAuth2.OAuth2Client" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Internal" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Json.Linq" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Cache" preserve="all"/>
	<assembly fullname="Microsoft.Identity.Client.Cache.TokenCacheJsonSerializer" preserve="all"/>
</linker>

Additional context/ Logs / Screenshots I have tried to cheat Unity bytestripping, by pasting the library into the build directory and then deploying it to the HoloLens, but it changes nothing. I have tried using several versions of MSAL:

  • 4.7.1
  • 4.22 built from master branch
  • 4.22 downloaded from NuGet and then copied over to Unity (only ARM version)

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 20 (8 by maintainers)

Most upvoted comments

I’ve found a work around for this issue. The clue was in Unity Issue Tracker - [IL2CPP] NotSupportedExceptions exception is thrown in build with Newtonsoft.Json plugin (unity3d.com).

I needed to add to link.xml:

<assembly fullname="System" preserve="all" />
<assembly fullname="System.Core" preserve="all" />

Additionally and what the Unity docs are inaccurate about is that this must be in the root Assets/link.xml. Lower or package link.xml inclusions don’t work.

Thanks for the update, @najadojo I’ve updated the wiki page.

@rfurmaniak

Can you reproduce this issue on the HoloLens 2 emulator? If so, what steps do you take to verify the issue using the emulator?

I managed to deploy the solution I’ve sent previously to emulator. The issue can be reproduced there, all there is to do is to deploy the app and run it in the emulator. After the startup, error appears in log and message about not being able to login is displayed on the screen. Expected behavior is for the device code to appear in front of the user.