Search code examples
oauth-2.0azure-ad-msalazure-authentication

AcquireTokenInteractive: What Do I do when a user abandons the login process?

I am writing a console app using some code I found on GitHub. The code below works fine.

If the token is cached, it is retrieved and the application continues. (AcquireTokenSilent)

If no token is found then I prompt the user for their credentials. They're taken to the company login site. They login, and the application continues. (AcquireTokenInteractive)

However, let's say the user simply changes their mind and abandons the login process by closing web the browser. Now, my code is just sitting there. All you see is a command window doing nothing.

It's clearly waiting for some response, that will never come since the Web Browser will no longer be communicating with my Console App.

How would I receive a message from the closing Web Browser, so my Console App knows to throw an exception or process the abandoned login somehow?

namespace PublicClientAuthentication
{
    class AuthenticationProvider : IAuthenticationProvider
    {
        IPublicClientApplication _clientApp;
        private string[] _scopes;
        public AuthenticationProvider(IPublicClientApplication app, string[] scopes)
        {
            _clientApp = app;
            _scopes = scopes;

        }

        public async Task AuthenticateRequestAsync(HttpRequestMessage request)
        {
            AuthenticationResult authResult = null;


            try
            {
                var accounts = await _clientApp.GetAccountsAsync();

                authResult = await _clientApp.AcquireTokenSilent(_scopes.ToArray(), accounts.FirstOrDefault()).ExecuteAsync().ConfigureAwait(false);


            }
            catch (MsalUiRequiredException ex)
            {
               System.Diagnostics.Debug.WriteLine(ex);

                authResult = await _clientApp.AcquireTokenInteractive(_scopes)
                    .WithPrompt(Microsoft.Identity.Client.Prompt.ForceLogin)
                    .ExecuteAsync().ConfigureAwait(false);
            }
            catch (MsalServiceException ex)
            {
                System.Diagnostics.Debug.WriteLine(ex);

            }
            catch (MsalClientException ex)
            {
                System.Diagnostics.Debug.WriteLine(ex);

                authResult = await _clientApp.AcquireTokenInteractive(_scopes).ExecuteAsync();
            }
            catch (Exception e)
            {
                System.Diagnostics.Debug.Write(e);
            }

            request.Headers.Add("Authorization", authResult.CreateAuthorizationHeader());

        }


    }
}
Solution

  • Adding WithUseEmbeddedWebView did the trick.

    This code works in the .NET Framework. It does not work with .NET Core

    authResult = await _clientApp.AcquireTokenInteractive(_scopes)
                        .WithUseEmbeddedWebView(true)
                        .WithPrompt(Prompt.ForceLogin)
                        .ExecuteAsync().ConfigureAwait(false);