All geek questions in one place

Azure AD auth redirect does not use a custom response URL

I registered an angular app with Azure AD for authentication. After authorization, Azure redirects back to my application, as indicated by "Reply Url" in the Azure configuration.

Reply Url = http://myapp.com/#/?

The application expects fragments of the url parameter (such as authentication code, token, status, etc.) added to the redirect URL, which are checked if user auth succeeds.

 Redirect Url = http://myapp.com/#/?code=<some code>&id_token=<id token>&...

This worked before, but as of yesterday, the redirect URL now looks like this:

 Redirect Url = http://myapp.com/#code=<some code>&id_token=<id token>&...

No changes were made to the application configuration in the Azure Management Portal.

This new format breaks the angular routing in the application, and auth parameters are not captured / not parsed. Everything after the "#" in the response URL seems to be ignored.

Any idea as to what causes the redirect URL to not use the full response URL configured in Azure AD?

+6
source share
2 answers

As I know, Reply Url configured on Azure AD should just confirm the redirected URL location.origin .

This redirected URL can be configured using the redirectUri parameter in the adalAuthenticationServiceProvider.init method (since you are creating an Angular application).

Back to your question, do I have the same redirect URL format #id_token=... without a character ? . But all is well for me, because I can access all the necessary values ​​by accessing the adalAuthenticationService.userInfo object.

Read more about here for more details.

Hope this helps in your case.

0
source

What I did was use HTML5 mode on the Angular side.

You can see how I configured ADAL and routing:

 $locationProvider.html5Mode(true).hashPrefix("!"); var endpoints = { "/api": "https://app-id-uri" }; adalAuthenticationServiceProvider.init( { clientId: "12345678-1234-1234-1234-123456789012", endpoints: endpoints }, $httpProvider );

On the server side, it was important to return the index page no matter which route was deleted, as routing is done on the client side. Now AAD returns the code in the fragment, as usual, and all routing also works.

0
source

Source: https://habr.com/ru/post/971992/

More articles:


All Articles