-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RedirectURI not working as expected in error states. #6410
Comments
@kmalone-thescore Yes, this is by design. There are some errors from the server that are not sent back to the client for security reasons. The Service throws these errors in their UX and does not return them to MSAL to send them back to the client. As long as we catch an error, we send it back to you (MSAL JS) as a ServerAuthError from our end. Can you talk to the B2C folks regarding what type of errors are not thrown back to the client? Their support channel is here. Now regarding the error you mentioned above, it does state Also curious, why is there a |
Bumps [axios](https://github.com/axios/axios) from 0.21.4 to 1.7.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>Release v1.7.2</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> enhance fetch API detection; (<a href="https://redirect.github.com/axios/axios/issues/6413">#6413</a>) (<a href="https://github.com/axios/axios/commit/4f79aef81b7c4644328365bfc33acf0a9ef595bc">4f79aef</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+3/-3 ([#6413](axios/axios#6413) )">Dmitriy Mozgovoy</a></li> </ul> <h2>Release v1.7.1</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> fixed ReferenceError issue when TextEncoder is not available in the environment; (<a href="https://redirect.github.com/axios/axios/issues/6410">#6410</a>) (<a href="https://github.com/axios/axios/commit/733f15fe5bd2d67e1fadaee82e7913b70d45dc5e">733f15f</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+14/-9 ([#6410](axios/axios#6410) )">Dmitriy Mozgovoy</a></li> </ul> <h2>Release v1.7.0</h2> <h2>Release notes:</h2> <h3>Features</h3> <ul> <li><strong>adapter:</strong> add fetch adapter; (<a href="https://redirect.github.com/axios/axios/issues/6371">#6371</a>) (<a href="https://github.com/axios/axios/commit/a3ff99b59d8ec2ab5dd049e68c043617a4072e42">a3ff99b</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>core/axios:</strong> handle un-writable error stack (<a href="https://redirect.github.com/axios/axios/issues/6362">#6362</a>) (<a href="https://github.com/axios/axios/commit/81e0455b7b57fbaf2be16a73ebe0e6591cc6d8f9">81e0455</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+1015/-127 ([#6371](axios/axios#6371) )">Dmitriy Mozgovoy</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+30/-14 ()">Jay</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/alexandre-abrioux" title="+56/-6 ([#6362](axios/axios#6362) )">Alexandre ABRIOUX</a></li> </ul> <h2>Release v1.7.0-beta.2</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> capitalize HTTP method names; (<a href="https://redirect.github.com/axios/axios/issues/6395">#6395</a>) (<a href="https://github.com/axios/axios/commit/ad3174a3515c3c2573f4bcb94818d582826f3914">ad3174a</a>)</li> <li><strong>fetch:</strong> fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (<a href="https://redirect.github.com/axios/axios/issues/6400">#6400</a>) (<a href="https://github.com/axios/axios/commit/95a3e8e346cfd6a5548e171f2341df3235d0e26b">95a3e8e</a>)</li> <li><strong>fetch:</strong> fix headers getting from a stream response; (<a href="https://redirect.github.com/axios/axios/issues/6401">#6401</a>) (<a href="https://github.com/axios/axios/commit/870e0a76f60d0094774a6a63fa606eec52a381af">870e0a7</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+99/-46 ([#6405](axios/axios#6405) [#6404](axios/axios#6404) [#6401](axios/axios#6401) [#6400](axios/axios#6400) [#6395](axios/axios#6395) )">Dmitriy Mozgovoy</a></li> </ul> <h2>Release v1.7.0-beta.1</h2> <h2>Release notes:</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/axios/axios/compare/v1.7.1...v1.7.2">1.7.2</a> (2024-05-21)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> enhance fetch API detection; (<a href="https://redirect.github.com/axios/axios/issues/6413">#6413</a>) (<a href="https://github.com/axios/axios/commit/4f79aef81b7c4644328365bfc33acf0a9ef595bc">4f79aef</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+3/-3 ([#6413](axios/axios#6413) )">Dmitriy Mozgovoy</a></li> </ul> <h2><a href="https://github.com/axios/axios/compare/v1.7.0...v1.7.1">1.7.1</a> (2024-05-20)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> fixed ReferenceError issue when TextEncoder is not available in the environment; (<a href="https://redirect.github.com/axios/axios/issues/6410">#6410</a>) (<a href="https://github.com/axios/axios/commit/733f15fe5bd2d67e1fadaee82e7913b70d45dc5e">733f15f</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+14/-9 ([#6410](axios/axios#6410) )">Dmitriy Mozgovoy</a></li> </ul> <h1><a href="https://github.com/axios/axios/compare/v1.7.0-beta.2...v1.7.0">1.7.0</a> (2024-05-19)</h1> <h3>Features</h3> <ul> <li><strong>adapter:</strong> add fetch adapter; (<a href="https://redirect.github.com/axios/axios/issues/6371">#6371</a>) (<a href="https://github.com/axios/axios/commit/a3ff99b59d8ec2ab5dd049e68c043617a4072e42">a3ff99b</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>core/axios:</strong> handle un-writable error stack (<a href="https://redirect.github.com/axios/axios/issues/6362">#6362</a>) (<a href="https://github.com/axios/axios/commit/81e0455b7b57fbaf2be16a73ebe0e6591cc6d8f9">81e0455</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+1015/-127 ([#6371](axios/axios#6371) )">Dmitriy Mozgovoy</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+30/-14 ()">Jay</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/alexandre-abrioux" title="+56/-6 ([#6362](axios/axios#6362) )">Alexandre ABRIOUX</a></li> </ul> <h1><a href="https://github.com/axios/axios/compare/v1.7.0-beta.1...v1.7.0-beta.2">1.7.0-beta.2</a> (2024-05-19)</h1> <h3>Bug Fixes</h3> <ul> <li><strong>fetch:</strong> capitalize HTTP method names; (<a href="https://redirect.github.com/axios/axios/issues/6395">#6395</a>) (<a href="https://github.com/axios/axios/commit/ad3174a3515c3c2573f4bcb94818d582826f3914">ad3174a</a>)</li> <li><strong>fetch:</strong> fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (<a href="https://redirect.github.com/axios/axios/issues/6400">#6400</a>) (<a href="https://github.com/axios/axios/commit/95a3e8e346cfd6a5548e171f2341df3235d0e26b">95a3e8e</a>)</li> <li><strong>fetch:</strong> fix headers getting from a stream response; (<a href="https://redirect.github.com/axios/axios/issues/6401">#6401</a>) (<a href="https://github.com/axios/axios/commit/870e0a76f60d0094774a6a63fa606eec52a381af">870e0a7</a>)</li> </ul> <h3>Contributors to this release</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/axios/axios/commit/0e4f9fa29077ebee4499facea6be1492b42e8a26"><code>0e4f9fa</code></a> chore(release): v1.7.2 (<a href="https://redirect.github.com/axios/axios/issues/6414">#6414</a>)</li> <li><a href="https://github.com/axios/axios/commit/4f79aef81b7c4644328365bfc33acf0a9ef595bc"><code>4f79aef</code></a> fix(fetch): enhance fetch API detection; (<a href="https://redirect.github.com/axios/axios/issues/6413">#6413</a>)</li> <li><a href="https://github.com/axios/axios/commit/67d1373131962d1f1f5b8d91f9a2f80ed3923bc8"><code>67d1373</code></a> chore(release): v1.7.1 (<a href="https://redirect.github.com/axios/axios/issues/6411">#6411</a>)</li> <li><a href="https://github.com/axios/axios/commit/733f15fe5bd2d67e1fadaee82e7913b70d45dc5e"><code>733f15f</code></a> fix(fetch): fixed ReferenceError issue when TextEncoder is not available in t...</li> <li><a href="https://github.com/axios/axios/commit/3041c61adaaac6d2c43eba28c134e7f4d43ab012"><code>3041c61</code></a> [Release] v1.7.0 (<a href="https://redirect.github.com/axios/axios/issues/6408">#6408</a>)</li> <li><a href="https://github.com/axios/axios/commit/18b13cbaef66d8c266cf681165afe31787420100"><code>18b13cb</code></a> chore(docs): add fetch adapter docs; (<a href="https://redirect.github.com/axios/axios/issues/6407">#6407</a>)</li> <li><a href="https://github.com/axios/axios/commit/e62099bc8b640acf47fba639366bbcd3bf87f831"><code>e62099b</code></a> fix(fetch): fixed a possible memory leak in the AbortController for the strea...</li> <li><a href="https://github.com/axios/axios/commit/b49aa8e3d837c36e4728a9fa8a5e23a1162e96ec"><code>b49aa8e</code></a> chore(release): v1.7.0-beta.2 (<a href="https://redirect.github.com/axios/axios/issues/6403">#6403</a>)</li> <li><a href="https://github.com/axios/axios/commit/d57f03a77fef1eb3cd9a17e2973c4305e105a42e"><code>d57f03a</code></a> chore(ci): bump create-pull-request version to fix a bug; (<a href="https://redirect.github.com/axios/axios/issues/6405">#6405</a>)</li> <li><a href="https://github.com/axios/axios/commit/097b0d18e93d12c53b77741d6bfdc8a1fc11828b"><code>097b0d1</code></a> chore(ci): add tag resolution for npm releases based on package version; (<a href="https://redirect.github.com/axios/axios/issues/6404">#6404</a>)</li> <li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v0.21.4...v1.7.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=0.21.4&new-version=1.7.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AzureAD/microsoft-authentication-library-for-js/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Core Library
MSAL.js (@azure/msal-browser)
Core Library Version
2.38.0
Wrapper Library
MSAL React (@azure/msal-react)
Wrapper Library Version
1.5.9
Public or Confidential Client?
Public
Description
I'm running into an issue with an MSAL-react implementation where when I enter certain error states, Azure does not redirect back to the application. This has the potential to leave users trapped in this state.
I can see the redirect*URI set in the response object in the network tab:
"redirectUri": "http://localhost:3000/?error=interaction_required\u0026error_description=Seamless+single+sign+on+failed+for+the+user.+This+can+happen+if+the+user+is+unable+to+access+on+premises+AD+or+intranet+zone+is+not+configured+correctly%0d%0aTrace+ID%3a+56ba717b-e126-42f1-b5b6-50914c019500%0d%0aCorrelation+ID%3a+46fcf593-1c77-4212-9062-610c82e3b16d%0d%0aTimestamp%3a+2023-08-29+19%3a41%3a30Z",
I'm not sure how helpful that is because it doesn't seem to be used in these sorts of scenarios (in this case, using an email/pw that are not a member of the tenant)
redirect works correctly on success, but these fail states are causing me grief. Is this the expected behaviour? Looking for feedback if possible, thanks!
MSAL Configuration
Relevant Code Snippets
Identity Provider
Azure B2C Basic Policy
Source
External (Customer)
The text was updated successfully, but these errors were encountered: