Entra login hangs on https://#.microsoftonline.com/common/reprocess

[iMicknl]

When logging in with an Entra ID, the page keeps loading indefinitely and no auth token is provided to the CLI. Not sure if this is an issue with the DevTunnels CLI, but AZ CLI auth does work in the same environment. GitHub login does work for DevTunnels CLI in same environment as well.

You can contact me internally (mivleesh) if necessary as well.

Version

Tunnel CLI version: 1.0.1401+3d725ee539

Tunnel service URI : https://global.rel.tunnels.api.visualstudio.com/
Tunnel service version : 1.0.1401.29245 (3d725ee539; 2024-11-12 17:31:21Z)
Tunnel service cluster : euw

Steps

1. Run devtunnel user login -e -v
2. Log-in with Entra ID
3. Page redirects to https://#.microsoftonline.com/common/reprocess?ctx=, but this page keeps loading indefinitely (white page)

Logs

Using token cache file: DevTunnels/devtunnels-tokens-github
MSAL-Cache: Initialized 'Storage'
MSAL-Cache: Reading Data
MSAL-Cache: Reading from file
MSAL-Cache: Cache file exists? 'False'
MSAL-Cache: Got '0' bytes from file storage
Using client AppId: c0df98ca-23b4-4bce-bb9f-72039b28d3a5
Using token cache file: DevTunnels/devtunnels-tokens-microsoft
MSAL-Cache: Initialized 'Storage'
MSAL-Cache: Registering token cache with on disk storage
MSAL-Cache: Done initializing
MSAL: [Cache Session Manager] Entering the cache semaphore. Real semaphore: True. Count: 1
MSAL: [Cache Session Manager] Entered cache semaphore
MSAL-Cache: Before access
MSAL-Cache: Acquiring lock for token cache
MSAL-Cache: Before access, the store has changed
MSAL-Cache: Reading Data
MSAL-Cache: Reading from file
MSAL-Cache: Cache file exists? 'True'
MSAL-Cache: Read '0' bytes from the file
MSAL-Cache: Got '0' bytes from file storage
MSAL-Cache: Read '0' bytes from storage
MSAL-Cache: Deserializing the store
MSAL: [Internal cache] Clearing user token cache accessor.
MSAL-Cache: After access
MSAL-Cache: Released lock
MSAL: [Cache Session Manager] Released cache semaphore
MSAL: [Internal cache] Total number of cache partitions found while getting refresh tokens: 0
MSAL: [GetAccounts] Found 0 RTs and 0 accounts in MSAL cache. 
MSAL: IsLegacyAdalCacheEnabled: yes
MSAL: [Region discovery] Not using a regional authority. 
MSAL: [Instance Discovery] Tried to use network cache provider for login.microsoftonline.com. Success? False. 
MSAL: [Instance Discovery] Tried to use known metadata provider for login.microsoftonline.com. Success? True. 
MSAL: [GetAccounts] Found 0 RTs and 0 accounts in MSAL cache after environment filtering. 
MSAL: IsLegacyAdalCacheEnabled: yes
MSAL: IsLegacyAdalCacheEnabled: yes
MSAL: Found 0 cache accounts and 0 broker accounts
MSAL: Returning 0 accounts
Using token cache file: DevTunnels/devtunnels-tokens-msi
MSAL-Cache: Initialized 'Storage'
MSAL-Cache: Reading Data
MSAL-Cache: Reading from file
MSAL-Cache: Cache file exists? 'False'
MSAL-Cache: Got '0' bytes from file storage
MSAL-Cache: Got '0' bytes to write to storage
MSAL-Cache: Writing cache file
MSAL-Cache: Writing file with chmod 600
Using client AppId: c0df98ca-23b4-4bce-bb9f-72039b28d3a5
Using token cache file: DevTunnels/devtunnels-tokens-microsoft
MSAL-Cache: Initialized 'Storage'
MSAL-Cache: Registering token cache with on disk storage
MSAL-Cache: Done initializing
MSAL: MSAL MSAL.NetCore with assembly version '4.61.3.0'. CorrelationId(e9730c4b-b7e0-425a-a262-dc94d66488d8)
MSAL: DefaultBrowserOptions configured. HidePrivacyPrompt False
MSAL: HtmlMessageSuccess? True
MSAL: HtmlMessageError? True
MSAL: BrowserRedirectSuccess? False
MSAL: BrowserRedirectError? False
MSAL: === InteractiveParameters Data ===
LoginHint provided: False
User provided: False
UseEmbeddedWebView: System
ExtraScopesToConsent: 
Prompt: not_specified
HasCustomWebUi: False
MSAL: 
=== Request Data ===
Authority Provided? - True
Scopes - 46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2/.default
Extra Query Params Keys (space separated) - 
ApiId - AcquireTokenInteractive
IsConfidentialClient - False
SendX5C - False
LoginHint ? False
IsBrokerConfigured - False
HomeAccountId - False
CorrelationId - e9730c4b-b7e0-425a-a262-dc94d66488d8
UserAssertion set: False
LongRunningOboCacheKey set: False
Region configured: 

MSAL: === Token Acquisition (InteractiveRequest) started:
         Scopes: 46da2f7e-b5ef-422a-88d4-2a7f9de6a0b2/.default
        Authority Host: login.microsoftonline.com
MSAL: [Instance Discovery] Instance discovery is enabled and will be performed
MSAL: [Region discovery] Not using a regional authority. 
MSAL: [Instance Discovery] Tried to use network cache provider for login.microsoftonline.com. Success? False. 
MSAL: Fetching instance discovery from the network from host login.microsoftonline.com. 
MSAL: Starting [Oauth2Client] Sending GET request 
MSAL: Starting [HttpManager] ExecuteAsync
MSAL: [HttpManager] Sending request. Method: GET. Host: https://#.microsoftonline.com. 
MSAL: [HttpManager] Received response. Status code: OK. 
MSAL: Finished [HttpManager] ExecuteAsync in 464 ms
MSAL: Finished [Oauth2Client] Sending GET request  in 465 ms
MSAL: Starting [OAuth2Client] Deserializing response
MSAL: Finished [OAuth2Client] Deserializing response in 19 ms
MSAL: [Instance Discovery] Tried to use network cache provider for login.microsoftonline.com. Success? True. 
MSAL: [Instance Discovery] After hitting the discovery endpoint, the network provider found an entry for login.microsoftonline.com ? True. 
MSAL: Using system browser.
MSAL: Listening for authorization code on http://localhost:43353/

[iMicknl]

Workaround was to use device login via devtunnel user login -d, but the original issue is still present.