Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

.NET 8 preview7 Blazor WASM AAD authentication ends with There was an error trying to log you in: '"undefined" is not valid JSON' #49956

Closed
1 task done
markushaslinger opened this issue Aug 9, 2023 · 54 comments · Fixed by #54225
Assignees
Labels
area-blazor Includes: Blazor, Razor Components bug This issue describes a behavior which is not expected - a bug. feature-blazor-wasm This issue is related to and / or impacts Blazor WebAssembly Pillar: Technical Debt
Milestone

Comments

@markushaslinger
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Describe the bug

I am getting the same issue as described in #44981 again: after coming back from login at Azure AD the user sees 'There was an error trying to log you in: '"undefined" is not valid JSON'' at the 'authentication/login-failed' route.

However, after manually navigating around the token is available so it kind-of worked anyway.

Same as with the previous issue, adding the following solves the issue, so I suspect a similar cause:

<ItemGroup>
    <TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" />
</ItemGroup>

Also: error does not appear during development, only after publish also pointing to the linker

Expected Behavior

No error should be displayed after the redirect if the operation was successful.

Steps To Reproduce

Standard Blazor WASM application using Microsoft.Authentication.WebAssembly.Msal (8.0.0-preview.7.23375.9), set up to use 'redirect' and not the 'pop up' auth option.

Exceptions (if any)

No response

.NET Version

8.0.100-preview.7.23376.3

Anything else?

No response

@dotnet-issue-labeler dotnet-issue-labeler bot added the area-blazor Includes: Blazor, Razor Components label Aug 9, 2023
@mkArtakMSFT mkArtakMSFT added the bug This issue describes a behavior which is not expected - a bug. label Aug 9, 2023
@mkArtakMSFT mkArtakMSFT added this to the 8.0-rc2 milestone Aug 9, 2023
@mkArtakMSFT mkArtakMSFT added the feature-blazor-wasm This issue is related to and / or impacts Blazor WebAssembly label Aug 9, 2023
@mkArtakMSFT mkArtakMSFT modified the milestones: 8.0-rc2, 8.0 Sep 20, 2023
@wtgodbe wtgodbe modified the milestones: 8.0, 8.0.0 Oct 3, 2023
@mkArtakMSFT mkArtakMSFT modified the milestones: 8.0.0, .NET 9 Planning Oct 4, 2023
@ghost
Copy link

ghost commented Oct 4, 2023

Thanks for contacting us.

We're moving this issue to the .NET 9 Planning milestone for future evaluation / consideration. We would like to keep this around to collect more feedback, which can help us with prioritizing this work. We will re-evaluate this issue, during our next planning meeting(s).
If we later determine, that the issue has no community involvement, or it's very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues.
To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

@hectorm-bmg
Copy link

hectorm-bmg commented Oct 20, 2023

I'm getting a similar behavior ("undefined" is not valid JSON') but in this case I'm using Azure ADB2C with an IdentityServer4 external provider.
I tried using

<ItemGroup> <TrimmerRootAssembly Include="Microsoft.Authentication.WebAssembly.Msal" /> </ItemGroup>

but the issue is still there. Any suggestions would be appreciated.

@mkArtakMSFT
Copy link
Member

@halter73 isn't this something you've addressed already (your PR to the some AAD library I think) ?

@hakenr
Copy link
Member

hakenr commented Nov 15, 2023

In the 8.0.0 release:

I believe this should not be classified as "technical debt" for future ".NET 9 Planning", but rather recognized as a regression that could potentially cause significant issues for users.

@kyleherzog
Copy link

I experienced the same issue when upgrading to .NET 8.0 with Azure B2C. I had to add the following to get it to work.

  <ItemGroup>
    <TrimmerRootAssembly Include="Microsoft.Authentication.WebAssembly.Msal" />
    <TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" />
  </ItemGroup>

Specifying just Microsoft.Authentication.WebAssembly.Msal alone did not work for me.

@hakenr
Copy link
Member

hakenr commented Nov 16, 2023

@kyleherzog Sorry for the confusion. Actually I do have both the MSAL and WebAssembly.Authentication rooted and it is probably the Microsoft.AspNetCore.Components.WebAssembly.Authentication which is the important one for this symptom.

@czlatea
Copy link

czlatea commented Nov 21, 2023

I can confirm. The issue is solved in our case by mentioning only one root assembly:

<ItemGroup>
    <TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" />
</ItemGroup>

@YingXiaoMing
Copy link

i have same problem,but i don't know how to fix it. nomatter i add

but it doesn't work

@jumulr
Copy link

jumulr commented Dec 12, 2023

Using Net8.0, TrimmerRootAssembly does not fix the issue.
Please help.

@ghost
Copy link

ghost commented Dec 13, 2023

Thanks for contacting us.

We're moving this issue to the .NET 9 Planning milestone for future evaluation / consideration. We would like to keep this around to collect more feedback, which can help us with prioritizing this work. We will re-evaluate this issue, during our next planning meeting(s).
If we later determine, that the issue has no community involvement, or it's very rare and low-impact issue, we will close it - so that the team can focus on more important and high impact issues.
To learn more about what to expect next and how this issue will be handled you can read more about our triage process here.

@martinblampied
Copy link

martinblampied commented Dec 15, 2023

Something that caught me out was I also needed to clear cache after adding

<ItemGroup>
    <TrimmerRootAssembly Include="Microsoft.Authentication.WebAssembly.Msal" />
    <TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" />
  </ItemGroup>

Edit: This actually didn't fix it.

@czlatea
Copy link

czlatea commented Dec 15, 2023

@martinblampied could you please check if you need both assemblies listed ? For me, it worked nicely listing only Microsoft.AspNetCore.Components.WebAssembly.Authentication

@martinblampied
Copy link

@czlatea Doesn't work for me; tried both and just Authentication in both Client and Server projects using .net 8

@SeanLeitzinger
Copy link

Same issue on .NET 8 and I have tried adding both to the trimmer exception. Pushing this to .NET 9 is unacceptable. This has been going on long enough. It's been years now.

@Olsenss
Copy link

Olsenss commented Dec 20, 2023

Had the same issue. Going from .NET 7 -> .NET 8, I had to add the following in the Client csproj:

<ItemGroup>
	<TrimmerRootAssembly Include="Microsoft.Authentication.WebAssembly.Msal" />
	<TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" />
</ItemGroup>

This resolved the issue.

Another thing I noticed was that it was only in Microsoft Edge the problem occured, in Google Chrome there was never an issue.

@halter73 halter73 removed the Needs: Attention 👋 This issue needs the attention of a contributor, typically because the OP has provided an update. label Mar 7, 2024
@mattfrear
Copy link

I see that there are a lot of people have run into this issue, so I'm sure I'm missing something. Can anyone figure out what I may doing wrong?

Hi @halter73. Many of us in this thread only experienced the issue when we deployed to Azure, localhost worked fine.

FWIW (to help reproduce) - I had this issue after following the steps here https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-microsoft-entra-id

Solution runs fine on my localhost but shows the JS error once deployed to Azure.

The same workaround works for me.

<ItemGroup>
    <TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication"/>
</ItemGroup>

@milkyjoe90
Copy link

Is this expected to be folded in to the 8.0.4 release?

@Eddie-Hartman
Copy link

For anyone following along, I had a similar issue here #54515 that I was hoping would be fixed with 8.0.4. I updated and that does not seem to be the case.

Can we stop closing tickets until something is confirmed as fixed AND released? I even asked in my other issue how I'd confirm that this works locally so I don't have to do a full build and deploy, but no dice.

@mcschwa
Copy link

mcschwa commented Apr 10, 2024

pls fix

@DylanLyon
Copy link

Hoping this gets fixed soon. Loading app state from an encoded URL (like in #54514 ) has been broken for months in our app and is a pretty basic/critical feature to be broken for so long.

@ldabrowskiairspan
Copy link

Key functionality (authentication) of a framework (in this case Blazor) being shipped completely broken out of the box in an LTS release when you've known about it since preview builds is completely unacceptable, closing an issue when it is NOT fixed, and expecting users to jump through hoops to find a CLOSED GitHub issue with a workaround is even worse. Doing things like that, alongside other shortcomings of auth in Blazor (like using a deprecated version of oidc-client-js) basically ensures Blazor will never see serious adoption.

@milkyjoe90
Copy link

It looks like the fix might be included in the upcoming 8.0.5, which based on the release cadence so far, I'd guestimate that it'll be out on May 7th

#54655

You're right though, they really need to do something about the underlying oidc-client, there hasn't been a release of it since 2021 and the repo was archived in March 2022, the replacement oidc-client-ts is actively maintained, regularly updated and well supported - they really do need to do something.

@Eddie-Hartman
Copy link

@milkyjoe90 afaik patches come out the second Tuesday of each month (but are not guaranteed), so that would be May 14th. Takes a bit for things to propagate (like packages getting posted to NuGet and what not), so I'd just check the 15th.

@milkyjoe90
Copy link

@milkyjoe90 afaik patches come out the second Tuesday of each month (but are not guaranteed), so that would be May 14th. Takes a bit for things to propagate (like packages getting posted to NuGet and what not), so I'd just check the 15th.

Ahhh Patch Tuesday, of course! Can’t believe I missed that! Lines up perfectly with all the other MS patches that get released!

@michaelhannes
Copy link

michaelhannes commented May 13, 2024

Steps:

  1. login page redirects to B2C login when user clicks "Login" button.
  2. B2C login page, everything as expected
  3. on "return" to our login page, we check "if (B2Cuser.Identity.IsAuthenticated)" and then Navigate to "/user)

when running locally it runs fast and no refresh issues or anything.

when deployed to Azure - after B2C login redirect, we are returned to index.razor ("/") and the user is authenticated but does not Navigate to "/user"

however, if we manually refresh the page it successfully checks (B2Cuser.Identity.IsAuthenticated) and Navigates to "/user"

I am in process of adding...
<ItemGroup> <TrimmerRootAssembly Include="Microsoft.Authentication.WebAssembly.Msal" /> <TrimmerRootAssembly Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" /> </ItemGroup>

UPDATE 13 May 2024

I also updated all the relevant nuget packages ( we use Blazor ) to 8.0.4

AND it works fine now on our deployed Azure WebApp.

maxreb added a commit to Muddi-Markt/ShiftPlanner that referenced this issue May 13, 2024
@stian-bay
Copy link

stian-bay commented May 15, 2024

Did not work for me on 8.0.4 but it works now after updating to 8.0.5 packages 🎉

Also tested if the returnUrl is fixed but this does not redirect to the return Url (RedirectToLogin.razor)

#@inject NavigationManager Navigation

@code {
    protected override void OnInitialized()
    {
        Navigation.NavigateTo($"authentication/login?returnUrl={Uri.EscapeDataString(Navigation.Uri)}");
    }
}

So I still have to have this workaround in RedirectToLogin.razor for preserving the returnUrl and redirecting on login

@using Microsoft.Extensions.Options
@using Microsoft.AspNetCore.Components.WebAssembly.Authentication

@inject NavigationManager Navigation

@inject IOptionsSnapshot<RemoteAuthenticationOptions<ApiAuthorizationProviderOptions>> Options

@code {
    protected override void OnInitialized()
    {
        Navigation.NavigateToLogin(Options.Get(Microsoft.Extensions.Options.Options.DefaultName).AuthenticationPaths.LogInPath);
    }
}

@mattfrear
Copy link

Cool, fixed for me using Microsoft.Authentication.WebAssembly.Msal 8.0.7, I've removed the TrimmerRootAssembly workaround.

@imsam67
Copy link

imsam67 commented Sep 15, 2024

I created a new Blazor WASM app that uses Azure AD B2C using dotnet new blazorwasm -au IndividualB2C --aad-b2c-instance "{AAD B2C INSTANCE}" --client-id "{CLIENT ID}" --domain "{TENANT DOMAIN}" -o {PROJECT NAME} -ssp "{SIGN UP OR SIGN IN POLICY}" command as suggested in this article: https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-azure-active-directory-b2c?view=aspnetcore-8.0

Everything works fine locally. I'm hosting the app on Azure using Static Web App service and clicking the Login link does nothing, except for throwing this error:

Screenshot 2024-09-15 151832

If basic login doesn't work, this is a show stopper for us to use Blazor WASM! I'd appreciate any suggestions. Thanks!

@mattfrear
Copy link

@imsam67 have you upgraded Microsoft.Authentication.WebAssembly.Msal NuGet package to the latest version?

@imsam67
Copy link

imsam67 commented Sep 15, 2024

I'm using version 8.0.8, same as the WebAssembly package version.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area-blazor Includes: Blazor, Razor Components bug This issue describes a behavior which is not expected - a bug. feature-blazor-wasm This issue is related to and / or impacts Blazor WebAssembly Pillar: Technical Debt
Projects
Status: Done
Development

Successfully merging a pull request may close this issue.