Search code examples
xamarin.formsxamarin.androidazure-active-directoryadaldevice-orientation

Azure AD (ADAL) Login Screen Loses Entered User Email on Device Orientation in Android Only-XamarinForms.Android

I have Xamarin.Forms application that authenticates user against Azure AAD using ADAL (Microsoft.IdentityModel.Clients.ActiveDirectory). That all works fine but on Android, device orientation looses user email on the Microsoft authentication screen.

Here I am in Portrait mode and I have entered user email:

enter image description here

Clicking on Next lands on screen asking to enter password. If I now rotate device on Android, it will return me back to blank screen above, user email I entered above is lost:

enter image description here

Device rotation should not return user back and re-prompt for user email again. It should stay on password prompt.

How do I prevent the rotation from re-prompting for user email? I dont want to disable rotation, I just want to prevent it from returning me back to screen that prompts for user email again.

This is Xamarin.Forms application and my MainActivity has already ConfigChages.Orientation attribute like below; however, this is not solving the issue:

[Activity(Name = "my.mainactivity"
, Label = "MyApp"
, Icon = "@drawable/icon"
, ConfigurationChanges = ConfigChanges.ScreenSize 
    | ConfigChanges.SmallestScreenSize 
    | ConfigChanges.ScreenLayout 
    | ConfigChanges.Orientation)]
public class MainActivity : Xamarin.Forms.Platform.Android.FormsAppCompatActivity
{
   ...
}

UPDATE

Even if I freeze orientation to Portrait before call to AcquireTokenAsync and unfreeze it after the call receives response, it still behaves same - it will still rotate the Microsoft sign in page even though I freeze its parent (MainActivity) to Portrait (which is the owner passed in PlatformParameters to the call to AcquireTokenAsync. So, my activity stays in portrait but that sign-in page still rotates and looses data. It appears that the WebView Microsoft uses internally in AcquireTokenAsync is not following orientation settings on the activity passed inside PlatformParameters to AcquireTokenAsync.

Confirmed by Microsoft that this is their internal issues. If you are also running into this issue on Android where device rotation returns you back to prompt for user email, you can follow up progress of fixes for both ADAL and MSAL here:

https://github.com/AzureAD/azure-activedirectory-library-for-dotnet/issues/1622 https://github.com/xamarin/xamarin-android/issues/3326

Solution

  • This issue is caused by Microsoft's ADAL component Microsoft.IdentityModel.Clients.ActiveDirectory and it has been fixed in 5.1.0 version released just couple of weeks ago (current version is 5.2.0).

    What I had to do in order to fix this issue is: 1. Update ADAL from 3.19.8 to 5.2.0 (everything below 5.1.0 has this problem) 2. Then modified AuthorityURL passed to AuthenticationContext c-tor from something like https://login.microsoftonline.com/my-tenant-id/oauth2/authorize to https://login.microsoftonline.com/my-tenant-id

    Number 2 was necessary even though Microsoft claims in most places that the change is non-breaking change (they confirmed this is necessary).

    After this, I was able to authenticate just like before but rotation on Android would not loose already provided user id and/or password.