You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Which version of MSAL.NET are you using?
MSAL.Net v4.35.1
Platform
.Net WPF app
What authentication flow has the issue?
Desktop / Mobile
Interactive
[ x] Integrated Windows Authentication
Username Password
Device code flow (browserless)
Web app
Authorization code
On-Behalf-Of
Daemon app
Service to Service calls
Is this a new or existing app?
new
Repro
This is pure ADFS 2019 environment (no Azure AD involved). I am trying to use MSAL with WAM to do Integrated Windows Authentication to ADFS as suggested in #2771 (comment) but this does not work.
I am getting the following exception calling AcquireTokenInteractive using WAM:
System.ArgumentNullException
HResult=0x80004003
Message=Value cannot be null.
Source=mscorlib
StackTrace:
at System.StubHelpers.HStringMarshaler.ConvertToNativeReference(String managed, HSTRING_HEADER* hstringHeader)
at Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager.FindAccountProviderAsync(String webAccountProviderId, String authority)
at Microsoft.Identity.Client.Platforms.Features.WamBroker.WebAccountProviderFactory.d__0.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Platforms.Features.WamBroker.WamBroker.d__23.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Microsoft.Identity.Client.Platforms.Features.WamBroker.WamBroker.d__13.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Broker.BrokerInteractiveRequestComponent.d__9.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d__10.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d__11.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d__8.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.d__12.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.d__2.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at active_directory_wpf_msgraph_v2.MainWindow.<CallGraphButton_Click>d__3.MoveNext() in C:\Users\bhadmin.AZUREAD\Documents\sample\WAM\active-directory-dotnet-desktop-msgraph-v2\active-directory-wpf-msgraph-v2\MainWindow.xaml.cs:line 78
This exception was originally thrown at this call stack:
[External Code]
active_directory_wpf_msgraph_v2.MainWindow.CallGraphButton_Click(object, System.Windows.RoutedEventArgs) in MainWindow.xaml.cs
try
{
authResult = await app.AcquireTokenSilent(scopes, firstAccount)
.ExecuteAsync();
}
catch (MsalUiRequiredException ex)
{
// A MsalUiRequiredException happened on AcquireTokenSilent.
// This indicates you need to call AcquireTokenInteractive to acquire a token
System.Diagnostics.Debug.WriteLine($"MsalUiRequiredException: {ex.Message}");
try
{
authResult = await app.AcquireTokenInteractive(scopes)
.WithAccount(firstAccount)
.WithParentActivityOrWindow(new WindowInteropHelper(this).Handle) // optional, used to center the browser on the window
.WithPrompt(Prompt.SelectAccount)
.ExecuteAsync();
}
catch (MsalException msalex)
{
ResultText.Text = $"Error Acquiring Token:{System.Environment.NewLine}{msalex}";
}
Expected behavior
no exception and IWA authentication should work
Actual behavior
exception above
Possible solution
none for IWA
Additional context / logs / screenshots
IWA in my environment works fine outside of MSAL. I can use the browser to do IWA to ADFS server correctly.
The text was updated successfully, but these errors were encountered:
bgavrilMS
changed the title
[Bug] Null Reference Exception trying to use MSAL.Net to do Windows Integrated authentication with ADFS 2019 via WAM
[Bug] ADFS 2019 + WAM throws exception
Jan 6, 2022
Which version of MSAL.NET are you using?
MSAL.Net v4.35.1
Platform
.Net WPF app
What authentication flow has the issue?
Is this a new or existing app?
new
Repro
This is pure ADFS 2019 environment (no Azure AD involved). I am trying to use MSAL with WAM to do Integrated Windows Authentication to ADFS as suggested in #2771 (comment) but this does not work.
I am getting the following exception calling AcquireTokenInteractive using WAM:
System.ArgumentNullException
HResult=0x80004003
Message=Value cannot be null.
Source=mscorlib
StackTrace:
at System.StubHelpers.HStringMarshaler.ConvertToNativeReference(String managed, HSTRING_HEADER* hstringHeader)
at Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager.FindAccountProviderAsync(String webAccountProviderId, String authority)
at Microsoft.Identity.Client.Platforms.Features.WamBroker.WebAccountProviderFactory.d__0.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Platforms.Features.WamBroker.WamBroker.d__23.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)
at Microsoft.Identity.Client.Platforms.Features.WamBroker.WamBroker.d__13.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Broker.BrokerInteractiveRequestComponent.d__9.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d__10.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d__11.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.InteractiveRequest.d__8.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.d__12.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Identity.Client.ApiConfig.Executors.PublicClientExecutor.d__2.MoveNext()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at active_directory_wpf_msgraph_v2.MainWindow.<CallGraphButton_Click>d__3.MoveNext() in C:\Users\bhadmin.AZUREAD\Documents\sample\WAM\active-directory-dotnet-desktop-msgraph-v2\active-directory-wpf-msgraph-v2\MainWindow.xaml.cs:line 78
This exception was originally thrown at this call stack:
[External Code]
active_directory_wpf_msgraph_v2.MainWindow.CallGraphButton_Click(object, System.Windows.RoutedEventArgs) in MainWindow.xaml.cs
My code (modified from sample: https://github.com/Azure-Samples/active-directory-dotnet-desktop-msgraph-v2:
registered redirect URI in ADFS 3019 is "ms-appx-web://microsoft.aad.brokerplugin/{client_id}" for Native Desktop app
...
try
{
authResult = await app.AcquireTokenSilent(scopes, firstAccount)
.ExecuteAsync();
}
catch (MsalUiRequiredException ex)
{
// A MsalUiRequiredException happened on AcquireTokenSilent.
// This indicates you need to call AcquireTokenInteractive to acquire a token
System.Diagnostics.Debug.WriteLine($"MsalUiRequiredException: {ex.Message}");
Expected behavior
no exception and IWA authentication should work
Actual behavior
exception above
Possible solution
none for IWA
Additional context / logs / screenshots
IWA in my environment works fine outside of MSAL. I can use the browser to do IWA to ADFS server correctly.
The text was updated successfully, but these errors were encountered: