Login popup cross domain redirectUri

[likidu]

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.28.1

Wrapper Library

Not Applicable

Wrapper Library Version

0.0.0

Public or Confidential Client?

Public

Description

Hi MSAL,

When tried to use loginPopup with redirectUri on the same domain such as http://localhost:5000/blank.html, the procedure works flawlessly. But can I use redirectUri pointing to a cross domain page, for example here is the blank page I want to use: https://likidu.github.io/kaido-callback/blank.html, while the app is on some other domain or localhost. I tested it, the problem is the popup cannot close which is similar to #5091.

My questions are:

1. Can I use redirectUri with an absolute URI that is different from my main app domain?
2. The configuration doc the location must have the MSAL library available to handle the response. That's why I also include the minified script on the remote blank.html. But not sure if that matters...

I have to use another domain because my app is running in an environment which the app URI will always be http://app_name.localhost:8081 which Azure AD B2C does not support this format as Redirect URIs. I have to consider put it as the external domain starts with https://.

MSAL Configuration

{
  auth: {
    clientId: 'xxxx',
  },
  cache: {
    cacheLocation: 'sessionStorage', // This configures where your cache will be stored
    storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge
  },
  system: {
    loggerOptions: {
      loggerCallback: (level, message, containsPii) => {
        if (containsPii) {
          return
        }
        switch (level) {
          case LogLevel.Error:
            console.error(message)
            return
          case LogLevel.Info:
            console.info(message)
            return
          case LogLevel.Verbose:
            console.debug(message)
            return
          case LogLevel.Warning:
            console.warn(message)
            return
        }
      },
    },
  }
}

Relevant Code Snippets

// loginPopup configurations
this.msalInstance.loginPopup({
      scopes: ["Tasks.Read"],
      redirectUri: 
        process.env.NODE_ENV === 'development'
          ? 'http://localhost:5000/blank.html'
          : 'https://likidu.github.io/kaido-callback/blank.html',
    }
)

Identity Provider

Azure B2C Basic Policy

Source

External (Customer)

[hectormmg]

@likidu cross-domain requests are not supported in MSAL Browser. Is the requirement for different domains a development enviroment issue only?

[likidu]

@hectormmg, thanks for the info. I also found the info in the #2320. No, it's the app created for KaiOS phone, which the app only provides origin as http://app_name.localhost:8081 as this doc specified. It looks a problem cannot easily be solved since the msal package does not support cross origin popup and the Azure AD redirect URI does not support the format above.

KaiOS phone have millions of devices deployed. It will be great Azure AD can find some solutions to make MSA and MS apps available on this platform.

[hectormmg]

@likidu MSAL cannot support cross-origin requests because the browser blocks requests initiated from different domains. Thanks for the input, there are currently no plans to support KaiOS.

Closing the issue, please let us know if there's anything else we can help with.