Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

InteractiveBrowserCredentialOptions.RedirectURL doesn't work #15632

Closed
chlowell opened this issue Sep 24, 2021 · 2 comments · Fixed by #16243
Closed

InteractiveBrowserCredentialOptions.RedirectURL doesn't work #15632

chlowell opened this issue Sep 24, 2021 · 2 comments · Fixed by #16243
Assignees
@chlowell
Labels
Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library.
Milestone
[2022] January

Comments

@chlowell
Copy link
Member

InteractiveBrowserCredential.GetToken() starts a redirect server only when InteractiveBrowserCredentialOptions.RedirectURL has no value:

azure-sdk-for-go/sdk/azidentity/interactive_browser_credential.go

Lines 128 to 132 in 6ff9912

redirectURL := opts.RedirectURL
if redirectURL == "" {
redirectURL = rs.Start(state.String(), opts.Port)
}
defer rs.Stop()

Acquiring a token is therefore impossible when the option has a value. Fixing this is more complex than simply ensuring the redirect server starts, because the server doesn't work for all valid values of RedirectURL, e.g. https://127.0.0.1. However, MSAL for Go supports RedirectURL, so this should be easy to fix as part of #14920.
@chlowell chlowell added Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library. labels Sep 24, 2021
@chlowell chlowell added this to the [2021] November milestone Sep 24, 2021
@chlowell chlowell self-assigned this Sep 24, 2021
@chlowell chlowell mentioned this issue Sep 24, 2021
Merged
@jhendrixMSFT
Copy link
Member

Affects edge-cases, not a GA-blocker.

@chlowell chlowell mentioned this issue Nov 23, 2021
Merged
@chlowell
Copy link
Member Author

Switching to MSAL's implementation will fix this for the common case. However, an application that has registered https://localhost but not http://localhost for a redirect URI (which is unusual) won't be able to authenticate users until AzureAD/microsoft-authentication-library-for-go#281 is fixed.

@github-actions github-actions bot locked and limited conversation to collaborators Apr 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@chlowell chlowell

Labels
Azure.Identity bug This issue requires a change to an existing behavior in the product in order to be resolved. Client This issue points to a problem in the data-plane of the library.
Projects
None yet
Milestone
[2022] January
Development

Successfully merging a pull request may close this issue.

Adopt msal for non-managed identity credentials Azure/azure-sdk-for-go
3 participants
@RickWinter @jhendrixMSFT @chlowell