Problem with Azure AD B2C MSAL authentication - authentication

I'm trying to add basic authentication to a Vue.js spa. I'm following the tutorial on https://learn.microsoft.com/en-us/azure/active-directory-b2c/tutorial-single-page-app
In case of the sample SPA provied by MS everything works. When I try to do the same in Vue.js I get the following error:
"ClientAuthError: access_token_entity_null: Access token entity is null, please check logs and cache to ensure a valid access token is present." when doing
.then(handleResponse)
.catch(error => {
console.log(error);
});
However after refreshing the page user seems to be logged in:
myMSALObj.getAllAccounts()
returnes the account used during the login.
What I may be doing wrong? I was unable to find any useful info about it :(

As mentioned in the comments using an older version of the library solved the problem.

This issue seems to have been solved in version 2.14.2
Instead of downgrading you should try upgrading :-)

Related

Auth0 Login is not working with routing strategy { useHash: true } in Angular 12

I am trying to integrate Auth0 Login with Microsoft Office Word Add-in, The issue i'm facing is, I've to use
HashLocationStrategy in order to make my routing work in add-in iframe. But it seems like the auth0 login is not working with given routing strategy as it constantly returning false to my 'IsAuthorized$' Observable.
Also, I've checked with given auth0-angular-samples-Sample-01 auth0 demo on git hub for browser angular application and it seem working fine, But when i tried to apply { useHash: true } in my routing imports it prevents me from getting authenticated, So Please verify this issue and let us know if there any suggestion and solution for the same.
For quick review of my demo code, here is the link: Auth0 sample with HashLocationStrategy
Any small help would be appreciated.
Thank you.

Any luck in using AddMicrosoftIdentityWebApp in combination with IdentityServer4?

I'm trying to get Microsoft configured as an external login provider in Identityserver4.
I succeeded by following identity server's documentation with using AddMicrosoftAccount:
services.AddAuthentication().AddMicrosoftAccount(microsoftOptions =>
{
microsoftOptions.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
microsoftOptions.ClientId = configuration["MicrosoftLoginProvider:ClientId"];
microsoftOptions.ClientSecret = configuration["MicrosoftLoginProvider:ClientSecret"];
});
However, I didn't have luck with getting single sign-out to work. The documentation is in line with Microsoft's documentation at https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/microsoft-logins?view=aspnetcore-5.0.
However, if you follow the instructions to create an app in Microsoft Developer Portal (portal.azure.com), the sample code on that portal suggests a different way. The sample application that the portal generated for me (WebApp-OpenIDConnect-DotNet) is using AddMicrosoftIdentityWebApp:
services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));
Since this application is working out-of-the-box including single sign-out, Iam wondering if this is the way I have to continue.
To my surprise, however, I can't find any doc/blogs about how to integrate this approach in IdentityServer4. I almost got it to work myself, but there are a few weird issues.
Can someone clarify if using AddMicrosoftIdentityWebApp is the way to go to add Microsoft as an external identity provider to Identityserver4?
Has someone succeeded in getting AddMicrosoftIdentityWebApp to work with IdentityServer4?
THanks for your help!
I figured how to get it to work.
Actually, only two things I had to do.
First, I had to remove OpenIdConnectDefaults.AuthenticationScheme in the call to AddAuthentication in the example code that Microsoft generated. So the code becomes:
services.AddAuthentication()
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));
Then, in the code that reads the external identity from a temporary cookie, I had to use CookieAuthenticationDefaults.AuthenticationScheme. So, that code now reads as follows:
var authenticationResult = await HttpContext.AuthenticateAsync(CookieAuthenticationDefaults.AuthenticationScheme);
That was all.
After digging around I found this statement here:
Microsoft.Identity.Web is a simpler way to use Azure AD in ASP.NET Core web apps and web APIs.
It doesn't replace ASP.NET Identity in any way, it doesn't replace AddJwtBearer or AddCookie or any of the lower level primitives, but it does use and configure them correctly for Azure AD.
It doesn't work with non-Azure identity providers. It replaces AzureAD.UI and AzureADB2C.UI which are obsolete in .NET 5.0
So, the conclusion is that Microsoft.Identity.Web does not work outside Azure AD and hence not with IdentityServer.
If you do get it to work then let me know!

401 with pouchdb authentication on put

Using the apache/couchdb:2 docker image. I've added a user in couchdb (bloggs) and a database (notes) and added the user to the database, using Fauxton.
Then using pouchdb-authentication I've tried:
var db = new PouchDB('http://couchdb.korea.lan:5984/notes', {skip_setup: true});
db.logIn('bloggs', 'mypassword').then(function() {
db.put(doc);
});
The login succeeds, I can do a console.log() or logout at that point. But the db.put() call fails with a 401:
{"error":"unauthorized","reason":"You are not authorized to access this db."}
The container log output shows the username if I do a db.logout() but the db.put() says "undefined" where the username appears on the logout.
Any idea what I'm missing?
Nevermind, looks like a bug.
I was just using the latest pouchdb version on a CDN. Rolling back from 7.0.0 to 6.4.3 has fixed it.

firebase with nodejs Error creating user:

I have the below error ... when i try to create a nue user with firebase in nodejs . I was activated de authentication in firebase console but nohting works for me.
i am using this link of docs:
https://www.firebase.com/docs/web/api/firebase/createuser.html
Error creating user: { [Error: The specified authentication provider is not enabled for this Firebase.]
code: 'AUTHENTICATION_DISABLED',
details: 'Projects created at console.firebase.google.com must use the new Firebase Authentication SDKs available from firebase.google.com/docs/auth/' }
Looks like you are using the documentation for 'old' Firebase to set up a connection to a 'new' Firebase environment. I was having the same problem. The answer is in the error message - take a look at the docs at the new Firebase Authentication SDK as things have changed. Or, alternatively, create an environment using the old Firebase (www.firebase.com) and the documentation you are referencing should work. (Not sure how long before the 'old' Firebase is deprecated, though.)
This error was produced becouse we cant authenticate from server side ,
"auth" is only allowed for client side,
i am working with an android app , and i create a new user from android , it works , my server side with node only conects with firebase for listening changes in database (firebase) .
Thanks for the observation.. and best regards

Facebook access token not working in php

I take the access_token in my html page.
function fb_login() {
FB.login(
function(response){
//etc....
},
{scope:'email,user_about_me,user_activities,user_birthday,user_education_history, user_groups,user_hometown,user_likes,user_location,user_subscriptions,user_website, user_events,user_games_activity,user_status,friends_website,publish_actions, user_online_presence,publish_stream,offline_access,status_update,share_item, read_friendlists'}
);
}
Facebook Login...
after that, I want to publish stream with a php page. But this is impossible with access token error.
How to fix it? Why it isnt working?
See the example on github for integrating Facebook JS SDK authorization with PHP SDK authoriziation. Also make sure you are using the latest version of each SDK.