Angular-auth-oidc-client: Azure B2C sample: infinite loop between _autologin_ and _?state=_
I downloaded this sample without any B2C config changes and ran it locally, which redirected me to the login page.
https://github.com/damienbod/angular-auth-oidc-client/tree/master/projects/sample-code-flow-azure-b2c
But when I change the configuration to my B2C tenant and sign in flow application started to infinite loop between _autologin_ and _?state=_ URLs.
ailed to load resource: the server responded with a status of 400 (Bad Request)
VM18 vendor.js:74139 OidcService code request https://login.microsoftonline.com/fake.onmicrosoft.com/v2.0 [HttpErrorResponse]
what am I doing wrong?
Here is my config
oidcConfigService.withConfig({
stsServer: 'https://login.microsoftonline.com/fakedev1.onmicrosoft.com/v2.0',
authWellknownEndpoint:
'https://fakedev1.b2clogin.com/fakedev1.onmicrosoft.com/b2c_1_signin/v2.0/.well-known/openid-configuration',
redirectUrl: 'http://localhost:7100',
postLogoutRedirectUri: 'http://localhost:7100',
clientId: '3c1280e1-7d06-4124-b736-245118cffa4f',
scope: 'openid profile offline_access https://fakedev1.onmicrosoft.com/fakeapi/tenant_cars_read https://fakedev1.onmicrosoft.com/fakeapi/tenant_cars_write',
responseType: 'code',
silentRenew: true,
autoUserinfo: false,
silentRenewUrl: window.location.origin + '/silent-renew.html',
logLevel: LogLevel.Debug,
renewTimeBeforeTokenExpiresInSeconds: 60,
// useRefreshToken: true, // for refresh renew, but revocation and one time usage is missing from server impl.
// ignoreNonceAfterRefresh: true,
// disableRefreshIdTokenAuthTimeValidation: true,
});
patolax
All 5 comments
I am getting the same error with latest code.
For Azure B2C, AccessToken is optional for CodeFlow, and the checkauth always fails causing infinte loop.
Looks like code needs to be adjusted from AND to OR. @damienbod, is this an acceptable solution?
private get isAuthorized() {
// Azure B2C AccessToken is optional for CodeFlow
return !!this.storagePersistanceService.getAccessToken() || !!this.storagePersistanceService.getIdToken();
}
mncmeditech
on 23 Sep 2020
Having the same issue, is this in a newer version solved? (edit) Or did you guys manage to get progress on this issue :)?
sdev95
on 7 Jan 2021
Will have a look at this when I can, Azure B2C seems strange... Just wondering, would you not consider using a different IdentityProvider or just use Azure AD?
damienbod
on 8 Jan 2021
Hello Damien,
At first thank you for your reply!
In the meanwhile I looked at @mncmeditech his fork and it seems like the solution @mncmeditech proposed works.
To answer your question,
Azure AD is unfortunately a customer requirement + most importantly Azure B2C seems to allow making applications with authentication based upon my own companies AD (from azure) + opening up the application for external users by giving them a username-password combination. This is nice to have as you don't have to bother explaining external users why they have an account for your AD to access the application ( for example. [email protected] ) with Azure B2C can become be externaluser1. If I'm unclear or wrong, don't hesistate to reply back!
Kind regards,
sdev95
on 8 Jan 2021
fixed in https://github.com/damienbod/angular-auth-oidc-client/pull/987
release 11.6.1
damienbod
on 27 Feb 2021
Related issues
mikeandersun
路
4Comments
xaviergxf
路
3Comments
vit100
路
4Comments
yelhouti
路
4Comments
JohnGalt1717
路
3Comments
Most helpful comment
I am getting the same error with latest code.
For Azure B2C, AccessToken is optional for CodeFlow, and the checkauth always fails causing infinte loop.
Looks like code needs to be adjusted from AND to OR. @damienbod, is this an acceptable solution?
private get isAuthorized() {
// Azure B2C AccessToken is optional for CodeFlow
return !!this.storagePersistanceService.getAccessToken() || !!this.storagePersistanceService.getIdToken();
}