[Feature Request] Include a win-arm runtime library in the Microsoft.Identity.Client.NativeInterop NuGet package

[austinbhale]

MSAL client type

Public, Managed identity

Problem statement

Which version of MSAL.NET are you using?

• Microsoft.Identity.Client, Version="4.63.0"
• Microsoft.Identity.Client.Broker, Version="4.63.0"
• Microsoft.Identity.Client.NativeInterop, Version="0.16.1"

Scenario: Silently acquiring a token via AcquireTokenSilent in a HoloLens 2 application that targets ARM, not ARM64. Microsoft.Identity.Client.NativeInterop includes runtimes for win-arm64, win-x64, and win-x86. My request is to include the win-arm binary as well.

You cannot rename msalruntime_arm64.dll to msalruntime_arm.dll, as that'd be a bad image format, and I don't believe you can tell the API to look for the arm64 dependency as well. So, I think the ARM32 build would be required here.

Exception Message: System.DllNotFoundException: 'Unable to load DLL 'msalruntime_arm' or one of its dependencies: The specified module could not be found.

Example Code

IPublicClientApplication app;
IAccount account;
BrokerOptions options = new(BrokerOptions.OperatingSystems.Windows)
{
#if WINDOWS_UWP || WINDOWS
    ListOperatingSystemAccounts = true,
#endif
    Title = "Azure Sample"
};

try
{
    // Authority URL is a defined start with addition of the tenant which can be 'common', 'organizations' or a tenant Id.
    string authority = string.Format(CultureInfo.InvariantCulture, AuthorityTemplate, tenantId);

    // Create the auth client using the broker of the OS to get the current user.
    app = PublicClientApplicationBuilder
        .Create(clientId)
        .WithAuthority(authority)
        .WithBroker(options)
        .Build();
}
catch (MsalClientException ex)
{
    Log.Err($"Unable to build the public client application! {ex.Message}");
    return null;
}

try
{
    // Get the logged in user account from the OS.
    account = PublicClientApplication.OperatingSystemAccount;
    string[] scopesList = scopes.Split(' ');

    // Acquire the access token silently.
    AuthenticationResult result =
        await app.AcquireTokenSilent(scopesList, account)
                  .ExecuteAsync(cancellationToken)
                  .ConfigureAwait(false);
    return result;
}
catch (Exception ex)
{
    Log.Err($"AuthenticateSilentAsync: {ex.Message}");
    return null;
}

Proposed solution

I'd be happy to build the native source code, but it seems the project is missing at https://github.com/AzureAD/microsoft-authentication-library-for-cpp. If the native code is proprietary, then including the ARM runtime in the next release would be perfect. Thanks for your time!

Alternatives

No response

[austinbhale]

The latest non-vulnerable implementation of the silent token acquisition on UWP is version 4.47.2, before the new brokers were introduced. It seems UWP has lost support via #4427 (comment). When reverting the package version, this issue was resolved.

For anyone else facing this issue, I hope this code can help out: https://github.com/Nakamir-Code/SKAzureCloud/blob/master/Nakamir.Azure.Security/AuthenticationHelper.cs#L140-L189

[bgavrilMS]

I'm going to mark this as a bug, as Windows on ARM is becoming more popular now and the SDKs should not block on CPU arch

[bgavrilMS]

Note that arm64 is supported. I think this is a request for arm32. Removing the priority.

[austinbhale]

Seems Arm32 support is deprecated org-wide, so definitely no big deal on my end. Glad I can use the older package version! As I wait for a non-UWP mixed reality headset 😄