Azure login not working - Unable to open the Login popup

[ambal1330]

HI,

We have created a Cordova app with Framework 7 version 2. Working on enabling Azure MFA authentication, Installed the Codova-plugin-msal. Given below configuration. Gave the tenent_id, cliend_id & Signature has value during the plugin installation. Still it is not working MSALInit is not working, Please help me on this .

var defaultOptions1 = {
authorities: [
{
type: 'AAD',
audience: 'AzureADMyOrg',
authorityUrl: '',
cloudInstance: 'MSALAzurePublicCloudInstance',
default: true
}
],
authorizationUserAgent: 'DEFAULT',
multipleCloudsSupported: false,
brokerRedirectUri: true,
accountMode: 'SINGLE',
scopes: ['User.Read']
};

window.cordova.plugins.msalPlugin.msalInit(function() {
alert('msalInit');
},
function (err) {
alert('msalInit' + err);

}, defaultOptions1);

window.cordova.plugins.msalPlugin.signInInteractive(
function(resp) {
alert(resp);
},
function(err) {
}
);

[ambal1330]

@wrobins could you please help on this query

[wrobins]

Hi @ambal1330,

Sorry this is giving you trouble! Would you mind sharing what platform you're running (Android or iOS) and any error that MsalInit() is giving you?

Thanks for your patience and hopefully we can figure out what's going on!

[ambal1330]

@wrobins
We have android & IOS . But currently trying in Android.
I am not getting any error in msinit()

But in signInInteractive function getting be low error.

it is giving that "No configuration has been set yet"

[ambal1330]

@wrobins can you help me on this?

[a619sachin]

@wrobins can you help me on this?

Same issue, msalinit just getting skipped and not getting any errors.

[a619sachin]

@ambal1330 can you show the list of plugins used in your cordova project? I think some other plugin is causing the issue.

Edit: @wrobins I tested using a sample app installing plugins one by one, I found issue with deeplink plugin if I add the deeplink <universal-links> host url </universal-links>, msal won't work. Plugin : https://github.com/e-imaxina/cordova-plugin-deeplinks

[ambal1330]

@wrobins I am using plain instance having only below Plugins

[ambal1330]

@wrobins please help on this

[a619sachin]

@ambal1330 can you show the list of plugins used in your cordova project? I think some other plugin is causing the issue.

Edit: @wrobins I tested using a sample app installing plugins one by one, I found issue with deeplink plugin if I add the deeplink <universal-links> host url </universal-links>, msal won't work. Plugin : https://github.com/e-imaxina/cordova-plugin-deeplinks

Hello, does anyone know the workaround for this issue?
@wrobins @@peitschie @kratz00 @ambal1330

[peitschie]

@a619sachin are you using the current master, or the (quite old) package released on NPM?

[a619sachin]

@peitschie I installed using CLI.

[peitschie]

@a619sachin try using master instead: cordova plugin add https://github.com/wrobins/cordova-plugin-msal.git

[a619sachin]

@peitschie Okay, will try it.

[a619sachin]

@peitschie Okay, will try it.

@peitschie tried it, still same issue.

[ambal1330]

HI All, Any update on this issue.

[a619sachin]

HI All, Any update on this issue.

No, I used other plugin. That's the only workaround I found.

[ambal1330]

@a619sachin What is the another plugin?

[peitschie]

@ambal1330 do you have any allowed intents annotated in your config.xml? The SSO pattern that MSAL uses launches an external http request I believe, so you probably need to allow the intent through so cordova enables the external browser to launch.

See https://cordova.apache.org/docs/en/11.x/guide/appdev/allowlist/index.html#intent-allow-list

To test this (do NOT use this in production, as it allows any url to be launched, which is a security risk!!!!) would be to add something like this in your config.xml under the root widget section:

<widget ...>
  ... existing config ...
  <allow-intent href="http://*/*" />
  <allow-intent href="https://*/*" />
</widget>

If this allows the window to open, you're on the right path, and just need to figure out the right URLs to allow to keep your app secure but still allow login via SSO.

[zailleh]

I modified the java to output the error since it wasn't visible to me anywhere prior, the error I am getting is:

com.microsoft.identity.client.exception.MsalClientException: Intent filter for: BrowserTabActivity is missing.  Please make sure you have the following activity in your AndroidManifest.xml


<activity android:name="com.microsoft.identity.client.BrowserTabActivity">
	<intent-filter>
		<action android:name="android.intent.action.VIEW" />
		<category android:name="android.intent.category.DEFAULT" />
		<category android:name="android.intent.category.BROWSABLE" />
		<data
			android:host="app.name"
			android:path="/HASH_KEY"
			android:scheme="msauth" />
	</intent-filter>
</activity>

I can confirm the intent is not there in the generated manifest file and I have the generated config in package.json with the hash key, so something is causing the intent to not be added to the manifest file.

[peitschie]

@zailleh are you using cordova or capacitor?

[zailleh]

@zailleh are you using cordova or capacitor?

@peitschie I'm using cordova.

I confirmed what @a619sachin said about https://github.com/e-imaxina/cordova-plugin-deeplinks.

That plug-in's afterPrepareHook wipes out all <intent> tags (see source here).

Due to another bug in that plugin I discovered recently with a dependancy issue, I've forked it and I'm putting in a fix for it in our version that only removes intents from the mainActivity which solves the issue.