CODEWITHSUNDEEP
oauth-2.0windows-phone-8.1adalazure-ad-b2c
Kai Walter
Kai Walter

Reputation: 4031

ADAL 4 (experimental) behaves differently for Windows Desktop/Native and Windows Phone with B2C

I want to create a Windows Phone 8.1 app with Azure AD B2C authentication. As basis I used the B2C Windows Desktop/Native Client sample.

The desktop app works pretty fine. In my WP8.1 adoption I run into the first problem at the point, where I want to acquire the token:

result = await authContext.AcquireTokenAsync(new string[] { Globals.clientId },
                null, Globals.clientId, new Uri(Globals.redirectUri),
                platformParams, Globals.signInPolicy);

While I get a nice and shiny token for the desktop app, for the WP8.1 app (after coming back from the WebAuthenticationBroker) I only get a ...?code=...... response.

I'm not sure but for me it seems that the WP8.1 library works in a kind of OIDC model where the 1st call goes to the authorize and the 2nd to the token endpoint.

Picking up from there I tried to continue with the authorization code received with a 

var result = await authContext.AcquireTokenByAuthorizationCodeAsync(authCode, new Uri(Globals.redirectUri),
                credApp, new string[] { "" }, Globals.signInPolicy );

but no matter how I try to pass in the ClientCredential or ClientAssertion I always end up with a plain 400 Bad request (no more details are returned).

Someone please tell me where I'm wrong and/or point me into the right direction.

Upvotes: 3

Views: 400

Answers (2)

Kai Walter
Kai Walter

Reputation: 4031

I created a complete running sample Windows Phone 8.1 app with Azure AD B2C authentication here...

Findings (compared to a ADAL v2 Azure AD authentication):

  • ContinuationManager is not needed - this is covered by SetWebAuthenticationBrokerContinuationEventArgs in ADAL v4
  • with this approach code continues execution directly after AcquireTokenAsync

Upvotes: 1

Kanishk Panwar
Kanishk Panwar

Reputation: 1105

Windows Phone 8.1 uses a continuation model where WAB invokes the calling app back. Check out the sample at https://github.com/Azure-Samples/active-directory-dotnet-windowsphone-8.1/ to demo the flow or you can directly look at https://github.com/Azure-Samples/active-directory-dotnet-windowsphone-8.1/blob/master/TodoListClient/MainPage.xaml.cs

You need to implemented IWebAuthenticationContinuable interface on your page. }

    #region IWebAuthenticationContinuable implementation

    // This method is automatically invoked when the application is reactivated after an authentication interaction through WebAuthenticationBroker.        
    public async void ContinueWebAuthentication(WebAuthenticationBrokerContinuationEventArgs args)
    {
        // pass the authentication interaction results to ADAL, which will conclude the token acquisition operation and invoke the callback specified in AcquireTokenAndContinue.
        await authContext.ContinueAcquireTokenAsync(args);
    }
    #endregion

------------------------------------------------------------------

UPDATE

I created a new windows phone app and referenced ADAL v4. I checked that continuation model does not apply to v4. It is only used by ADAL v2. Make sure that you are using adal-v4. I still had to add the following code 

 protected override void OnActivated(IActivatedEventArgs args)
    {

        if (args is IWebAuthenticationBrokerContinuationEventArgs)
        {
            Microsoft.Experimental.IdentityModel.Clients.ActiveDirectory.WebAuthenticationBrokerContinuationHelper.SetWebAuthenticationBrokerContinuationEventArgs(args as IWebAuthenticationBrokerContinuationEventArgs);
        }

        base.OnActivated(args);
    }

This will resume the token acquisition process and return an access token

Upvotes: 2

Related Questions