Reputation: 5038
Azure B2C UWP: WebAuthenticationBroker Callback URL not firing
We are integrating Azure B2C with IdentityModel.OidcClient plugin in Universal Windows application
IdentityModel.OidcClient has written sample for UWP application where it will open WebView for login.
The WebView has written using WebAuthenticationBroker class.
We able to integrate Azure B2C endpoints with the IdentityModel plugin and it is opening Azure B2C STS page inside webview using WebAuthenticationBroker.
wabResult = await WebAuthenticationBroker.AuthenticateAsync(
WebAuthenticationOptions.None, new Uri(startURL), new Uri(options.EndUrl));
startURL points to Azure B2C and EndUrl points to callback URL (Redirect URI at Azure B2C)
When we enter credentials Azure B2C returning Authorization code along with state and id_token to redirecturi(callback URL). But WebAuthenticationBroker not able to recognize the redirected URL. Below is the sample fragment Azure B2C returning.
#state=922d93b9c7935175dd17fee724b97cbe950feb28770b8d4c03e7cb18f92acf1f663d61139c8d063876f7206e4a67a826a092d69940ea20616c1336560ec3cd65&code=eyJraWQiOiJjcGltY29yZV8wOTI1MjAxNSIsInZlciI6IjEuMCJ9..UCwZR2rMfKUdD1tA.w_BzDy32MTa31vBEmOhvG-KB2UnY8qhIVRcDVXZFyULaqh7qMzk8G0ZeTnba6JEbJ7ww6jZ4uTl6trS6yPQKjP0ZxSQZZuKEDDy31jhQqFEaql___KTfPQymVbJyJSI6ctHeT823-Ziv4dz9I3NGcPmBgqu2yJxwTPOKTlPB_RCbaoj3oLrRqY26YKU4H61LpaMndsP95eIGmIrKClPGc8ntvrmijJymUpJiuUQRqYMkviC2gh2lVlereDWUUcfJG3QIlpAEyh2kIA7EAblcGZj55Yp0LDe4xpbDuW-oks1jhKnvE_eApjIlSstaOObKvQiKjBuds_qbQXCcY5hKktRxBklN3teF7LRhJdH0Yb22ks7PFA9JrB2gbsCJWk-PuUslep7eiX4WXFJ3MYn_t8j2djkUDeOzNw6vNgHxLTKSkClhLrFgONLKsZeh76W12D0YOXZ0Pxf8ceA7it2gxnW_1WqOUPtSaN2VSLDWejcJH2XJaalaLUGkHEe7iyp95BtYCSGe5HS-694nH1oqhJKIRDGOWg7eRKHVg92Mp1mcN0J2GL1Yocjk8LrYvT0ZKNZjQFZveA4bw3Ab4h71NWlN38_eaP0FLnuRG5Ed9zrDcuywf0BaxBVqJWFr1JX4KaM0clpbMDFUh44TjkD0nofRo2XKFQxRgjUBP2W3FYtSFL9EGKszws0wxgfW7KhrBiQJdFqZ7f7sBZDBFVDkhB__oilxamSAQZ3qtTdYlNRI44WQp33hNaHr55ju7DiJ_bu4VuuNDnGlityeV2ABXHHihS6e4mKoPUeBPEbZzhIHIphZ1zG--1_H7kjIIgJvVxdK6m3ll1BcuGSypg9UTR0ViKGZrG552UlE1OJYZK_dYJw9-vbs71eJ6Q3FDU-DFNCLKlai01UmOObO3VvFVvowV7pSFcdlBO1-MJNySzrHRLzE2sBOF3L-vaLwJufbkxSI_4KLNPHFvhxVICxe9QWz8mP6xiDvcpTp0ojNdwpuxDpGriO6F_oJw90HraOAQQGRbqxrLC7n8lh1rB22F99efEy3XebAZ3GY6Ass5ka-gdjT38ffX9ihJ9Ed2EBUxESWyn92MBZV70Ud2mcsqEEvw2NlXTNumUSWyDyo3WtVDJSBG0VZFWVfjhenQ0fODw_R1pENJ48bLJv8ky9VesMQC_IKfN3kip9THYAsrr5bp__LTLJoFOsMvEYkcSA0cRI9MyhDI6v_55e0wjqJAQlkiXs2CRhIvCpoUnNDG6fte7g8xV_rgtjkUvCMYJRVy0K75qYqWo817wT6X6m4m7ssMs0s9rvu_pCBuB2JkKzelUPTHpOAKRny-QZHoJN9e1S6EaZpdPXgeJh7-qv0k_6k3U6o4VHy1yQE2tHQsQOJgiPAX8peT4aXtB8ntRLD5GLkeKBbWvhMdqqzPPiTZ8iq9L3lMK2adwhnLc0ZJy_UbDW91ktpzLFbZZKWvhczoPg8vsuminJ3-DH7pqdN0dJrZfs_aPTWQ8jRyIDgEYPRH7zu78BN0wEjO9-kBE6suMxFl9R9JZ-_1TxiYSyfPyXCOqGXuSIkm3ubRGO6SzyvOYY8uwEUyV88SNypyS-K78p-270Y5SOIj9p1F0JTCMdqn7Z5oqX74tkGl8VDrx-G1s8QCmJCq6500pZIyXbXvQZIg7uU6dOtc1kEKKOxpFN0aA9Hu1EIq3d9cDREyxUqo-HxI_SDghmzDJG7xoi6eY53oQeYOS--PwL_VNQrKp6Vwu-_IKc4Soq9UTz8wjEuMAKgij_65Qo1hF_ENnGRrEqe0YfnKb82nTc0JnJNPX8PzLre6l7omIhRdKti17lbNLX35v24-MqVjBOfMeQbinAtvBWFamnmD_I-NNW7CQz6oClPdVSvT4ItVSeHg3YYqmhPvPI_MDt5vjkdDdoTEMaS8cQACO3g6iGGhZK_K9zrYV10ccoxbHOeuua6uSHQ_ZyUM2VP5uqbEhaNJXwlbgWJ5lKX6aS0QdikHOE9ha4YO7oWIPW5303skCQeFkufaGsVh3rIhcteS6qvH-GCWyelGh7AgpTZRmSkr54epnLXn62fwBpodXmDXVkbn8oRT6MhKqj4V8Dw9izdQM5PAwzRTLmt8cEfeySqo8IoUqOjDT8DE0HTtd8YVg.KscnUebV48D6-DkbvA95xQ&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImdmSUtJSC15WjNwaFJIUnlqbnNISXFaTWFlUExHQUVMelBhdDBDTlk0c0EifQ.eyJleHAiOjE0ODExMTAyMjMsIm5iZiI6MTQ4MTEwOTkyMywidmVyIjoiMS4wIiwiaXNzIjoiaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2I5NTQ1YzQ2LWFjNWItNDI0NS1iOTQ3LTYzNmJjZTUzODVlYS92Mi4wLyIsInN1YiI6Ik5vdCBzdXBwb3J0ZWQgY3VycmVudGx5LiBVc2Ugb2lkIGNsYWltLiIsImF1ZCI6IjJlYTEwY2NlLTU4ZjItNGIyNi04YjVhLTY1ZDc1NTUzYWFjMSIsIm5vbmNlIjoiYTQ5OGNmYjdjMTIyYzRmOTI2OTZmOGMxOTgyODlkNTg5OGFkZmQ2NjM0NDAwYzg4ZTc5NWRkMzVkOTc2MDZmYTYzYzdhZWFlYTU2NTRiMTdjYjhmOTQ0MTVhNTgxNTc5OTZlZmQxNDVlNjgzYmExZWI0ODVjNTRmZTMyOTUyZDYiLCJpYXQiOjE0ODExMDk5MjMsImF1dGhfdGltZSI6MTQ4MTEwOTkyMywib2lkIjoiNDg4YTZlMDQtNjhhYi00OGZkLWExMGItMDIzMWIwOGEwYWYxIiwibmFtZSI6IlJhbWFrcmlzaG5hIFNDaGFrcmEiLCJleHRlbnNpb25fRGVmYXVsdEZlZWRUYWIiOiJUZWNoIE5ld3MiLCJ0ZnAiOiJCMkNfMV9iMmNfMV9zaWduX2luX3NpZ25fdXAiLCJjX2hhc2giOiJQd1hQYUpvenVORGpqWkZuZVMtMlFRIn0.AfTaIf_ax2uBBp5vnJH6khMyhvSsoRBzdgyi80tabcMCqFTq-SxwnivuEFrn-08Y3jihEj49Vhp5PUKMKMJ0JDgWUA-CrndGIFRJoZlwV9QglwAy7QqEJpelxiYKHrhfbmCLHwun80saII_KHMZAyUSHfJLkxBiRPxuIcnOeN9NtQi1N1AiPwihBC-dfNQDHzxqvUqfJmnwBMjb8ct-7pyPpy28GfyTpkHLqm4X-qKhS3LM9W9eR6zw4hkZKcW0Lny9tgstAYh9pjbaG0VME-9nyfs-zT7Z1Refs5tR1AlKfTL-bPoihTQTSQh5Zz9y-TSGSL1Bm2wp9i5e3Aa0U9Q
The length of the fragment alone more than 3K
When we interrupt the Azure B2C returned fragment and sends the interrupted fragment back to callbackurl, WebAuthenticationBroker able to recorgnize the URL and closing the webview and sending databack.
Interrupted fragment like:
#state=nostate&code=nocode&id_token=noidtoken
Now fragment lenth not morethan 100 characters and WebAuthenticationBroker easily recorgnize the URL and fragment also closing webview when it reaches callbackurl.
Can anyone give workaround for this.
Upvotes: 0
Views: 241
Answers (1)
Reputation: 973
You can reduce the number of claims and it should work with possibly no code change
Upvotes: 0
Related Questions
- Cannot get a Blazor Server App to call a secure downstream Web API using Azure AD B2C
- Azure B2C authentication screen does not show up
- Pass Return URL in Callback MFA using Microsoft B2c
- Azure B2C : Asp.Net Web API calling Asp.Net Web.API
- Xamarin forms with Azure AD B2C getting 401 Unauthorized while calling web api
- AAD B2C:Unable to Authenticate web api after changing Authority URL from login.microsoftonline.com to xyz.b2clogin.com
- Not Returning from B2C Login
- Azure AD B2C Authentication with Xamarin.Forms Not working
- Web authentication not working correctly for Azure B2C
- Azure AD B2C - Wrong URL