microsoft-authentication-library-for-js: Intermittent: After trying to log in, login pop-up not closing and inside that pop-up window application is rendering

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.17.0

Wrapper Library

Not Applicable

Wrapper Library Version

None

Public or Confidential Client?

Public

Description

The issue is intermittent. In login pop-up window the user typed valid credentials to log in his Microsoft account. In most cases the user will successfully be logged in and pop-up will close.

However, sometimes login pop-up doesn’t close and inside that pop-up window the user can use the same application. I noticed that app is also running in the parent app window but user is not logged in.

Please could you help me to avoid this unexpected behavior?

Error Message

No error message is displayed.

Msal Logs

No response

MSAL Configuration

const configuration = {
  auth: {
    authority: 'https://login.microsoftonline.com/common',
    redirectUri: `${window.location.origin}/services/ApplicationCenter/blank.html`,
    clientId: process.env.REACT_APP_CLIENT_ID,
  },
  cache: {
    cacheLocation: 'localStorage',
    storeAuthStateInCookie: false,
  },
  clientId: process.env.REACT_APP_CLIENT_ID,
};

Relevant Code Snippets

const configuration = {
  auth: {
    authority: 'https://login.microsoftonline.com/common',
    redirectUri: `${window.location.origin}/services/ApplicationCenter/blank.html`,
    clientId: process.env.REACT_APP_CLIENT_ID,
  },
  cache: {
    cacheLocation: 'localStorage',
    storeAuthStateInCookie: false,
  },
  clientId: process.env.REACT_APP_CLIENT_ID,
};
const requestScope = {
  scopes: ['openid',
    'profile',
    'offline_access',
    'User.Read.All',
    'Contacts.ReadWrite',
    'Presence.Read.All',
    'Team.ReadBasic.All',
    'GroupMember.Read.All',
  ],
};
const clientApp = new PublicClientApplication(configuration);
async function signIn() {
  const res = await clientApp.loginPopup(requestScope);
  // business logic
}

Reproduction Steps

  1. User clicks to log into application with his Microsoft account.
  2. Pop-up window shows up and user enters valid credentials.
  3. The pop-up does not close and inside that pop-up window application is rendering.

Expected Behavior

After giving valid credentials the login pop-up window is always closing and user is logged into application.

Identity Provider

Azure AD / MSA

Browsers Affected (Select all that apply)

Chrome

Regression

No response

Source

External (Customer)

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 24 (2 by maintainers)

Most upvoted comments

So the application you are embedded in controls the routing? You’ll need to work with whoever controls your routing to get a static route set up. The blank page is great but if its still subject to the router it won’t solve the problem.

+1
tnorling on Jan 6, 2023

@bokipantic This means something is removing the hash or auto-redirecting the page to another route. You need to find that something and stop it from doing so. Most commonly it is caused by a router and you should ensure that your router is not acting upon your redirect page.

+1
tnorling on Jan 4, 2023
Read more comments on GitHub
← microsoft-authentication-library-for-js: Intermittent acquireTokenSilent timeout issue
microsoft-authentication-library-for-js: Invalid Issuer (iss: sts.windows.net) when acquiring token →