[Bug] Non-HTTPS Redirect failed Android maui #4994
Labels
needs attention
Delete label after triage
public-client
untriaged
Do not delete. Needed for Automation
Library version used
4.66.2
.NET version
both .net 8 and .net 9.
Scenario
PublicClient - mobile app
Is this a new or an existing app?
This is a new app or experiment
Issue description and reproduction steps
Hello, the company I work for is making an integration to another company's integration to our national authentication broker (MitID (MyID)), and I am having issues getting MSAL to work the same on android as on ios and windows.
The case is that it works on ios but not android because - if my understanding is right - android doesn't allow the embedded msal window to open the app through a redirect.
The flow is that we connect to the broker used by "partner company" and they then redirect us to the national login method, which will ask us to open the app on the same device or another device.
If we open it on another device we will have to scan a qr code on the device we opened the authentication window, meaning the user would effectively need 2 devices on hand.
If we use the option to open on the same device it removes the need to scan (it isn't enough to just open the app manually it has to use the redirect info).
Below is the error:
I have tried various work arounds:
putting the WithUseEmbeddedWebView() option to false so it opens in browser, this allows the browser to open the app and the flow continues fine, until I have to return to the app, as the app is open on what looks like an msal windows without getting the response of data from the window opened in the system browser. - I have tried adding any code i could find that should be need for this workaround, including around 100 questions to github copilot to help generate what i might have forgotten.
I have tried overwritting the maui webviewhandler:
The handler looking like this.
If this is working as intended i'd hope to hear a workaround.
Relevant code snippets
Expected behavior
I expected android and iOS to handle the redirect to the MitID app without issue and then getting the clear in the window and continueing the flow.
Identity provider
Other
Regression
No response
Solution and workarounds
No response
The text was updated successfully, but these errors were encountered: