Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSAL Angular with Angular Elemenets #7359

Open
2 tasks
eyevan opened this issue Oct 4, 2024 · 0 comments
Open
2 tasks

MSAL Angular with Angular Elemenets #7359

eyevan opened this issue Oct 4, 2024 · 0 comments
Labels
b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package Needs: Attention 👋 Awaiting response from the MSAL.js team public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.

Comments

@eyevan
Copy link

eyevan commented Oct 4, 2024

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.14.0

Wrapper Library

MSAL Angular (@azure/msal-angular)

Wrapper Library Version

3.0.17

Public or Confidential Client?

Public

Description

When using MSAL Angular with Angular Elements and Native Federation. Our implementation worked as expected before Angular Elements, but now our solution isn't working.

We found a few things with a few different scenarios:

  1. When implementing HttpClientModule and MsalModule in both shell and micro frontend application, the call is not being made.
  2. When these are removed from the global providers in both apps and replaced with just "provideHttpClient(withInterceptors([]), withFetch())", the call is still not being made.
  3. When these are skipped in the mfe and just the provided in the shell, with provideHttpClient(withInterceptors([]), withFetch()), the call is being made, but without the access token, so we end up with a 401 error.

Last thing worth mentioning is, that his is only a problem from the shell app, when the micro frontend app is opened independently from the shell, everything works without any issues

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

{
 auth: {
    clientId: environment.msalConfig.auth.clientId,
    authority: environment.b2cPolicies.authorities.signUpSignIn.authority,
    knownAuthorities: [b2cPolicies.authorityDomain],
    redirectUri: '/auth/callback',
    postLogoutRedirectUri: '/'
  },
  cache: {
    cacheLocation: BrowserCacheLocation.SessionStorage,
    storeAuthStateInCookie: false
  },
  system: {
    allowRedirectInIframe: false,
    allowNativeBroker: false
  }
}

Relevant Code Snippets

export const MSALInstanceFactory = (): IPublicClientApplication =>
  new PublicClientApplication(msalConfig);

export const MSALGuardConfigFactory = (): MsalGuardConfiguration => ({
  interactionType: InteractionType.Redirect,
  authRequest: {
    scopes: [...environment.apiConfig.scopes]
  }
});

export const MSALInterceptorConfigFactory = (): MsalInterceptorConfiguration => {
  const protectedResourceMap: Map<string, Array<string>> = new Map();
  const resources: Record<string, any> = environment.apiConfig.resources;

  Object.keys(resources).forEach((key: string) =>
    protectedResourceMap.set(resources[key].api, resources[key].scope)
  );

  return {
    interactionType: InteractionType.Redirect,
    protectedResourceMap
  };
};

export const b2cPolicies = {
  names: {
    signUpSignIn: environment.b2cPolicies.names.signUpSignIn
  },
  authorities: {
    signUpSignIn: {
      authority: environment.b2cPolicies.authorities.signUpSignIn
    }
  },
  validateAuthority: false,
  authorityDomain: environment.b2cPolicies.authorityDomain
};

export const msalConfig: Configuration = {
  auth: {
    clientId: environment.msalConfig.auth.clientId,
    authority: environment.b2cPolicies.authorities.signUpSignIn.authority,
    knownAuthorities: [b2cPolicies.authorityDomain],
    redirectUri: '/auth/callback',
    postLogoutRedirectUri: '/'
  },
  cache: {
    cacheLocation: BrowserCacheLocation.SessionStorage,
    storeAuthStateInCookie: false
  },
  system: {
    allowRedirectInIframe: false,
    allowNativeBroker: false
  }
};

Reproduction Steps

From what I can tell, you just need a micro frontends architecture using Angular Elements and msal on both apps, that should do it

Expected Behavior

For the requests to go through as they had before.

Identity Provider

Azure B2C Basic Policy

Browsers Affected (Select all that apply)

Chrome, Firefox, Edge, Safari

Regression

No response

Source

External (Customer)
@eyevan eyevan added bug-unconfirmed A reported bug that needs to be investigated and confirmed question Customer is asking for a clarification, use case or information. labels Oct 4, 2024
@github-actions github-actions bot added b2c Related to Azure B2C library-specific issues msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package public-client Issues regarding PublicClientApplications labels Oct 4, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label Oct 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package Needs: Attention 👋 Awaiting response from the MSAL.js team public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@eyevan