[Bug] Microsoft.Identity.Client.MsalClientException: User canceled authentication. Xamarin forms

Question

[Bug] Microsoft.Identity.Client.MsalClientException: User canceled authentication. Xamarin forms

Padhy, Niladri 21

Getting issue MSAL Authentication for some users Xamarin Forms.

Original Exception
AuthCodeRequestComponent.VerifyAuthorizationResult (Microsoft.Identity.Client.UI.AuthorizationResult authorizationResult, System.String originalState)
Microsoft.Identity.Client.MsalClientException: User canceled authentication.

I can ensure user has not cancelled the authentication process.

Stack Trace:
icrosoft.Identity.Client.Internal
AuthCodeRequestComponent.VerifyAuthorizationResult (Microsoft.Identity.Client.UI.AuthorizationResult authorizationResult, System.String originalState)
Microsoft.Identity.Client.Internal
AuthCodeRequestComponent.FetchAuthCodeAndPkceInternalAsync (Microsoft.Identity.Client.UI.IWebUI webUi, System.Threading.CancellationToken cancellationToken)
Microsoft.Identity.Client.Internal
AuthCodeRequestComponent.FetchAuthCodeAndPkceVerifierAsync (System.Threading.CancellationToken cancellationToken)
Microsoft.Identity.Client.Internal.Requests
InteractiveRequest.GetTokenResponseAsync (System.Threading.CancellationToken cancellationToken)
Microsoft.Identity.Client.Internal.Requests
InteractiveRequest.ExecuteAsync (System.Threading.CancellationToken cancellationToken)
Microsoft.Identity.Client.Internal.Requests
RequestBase.RunAsync (System.Threading.CancellationToken cancellationToken)
Microsoft.Identity.Client.ApiConfig.Executors
PublicClientExecutor.ExecuteAsync (Microsoft.Identity.Client.ApiConfig.Parameters.AcquireTokenCommonParameters commonParameters, Microsoft.Identity.Client.ApiConfig.Parameters.AcquireTokenInteractiveParameters interactiveParameters, System.Threading.CancellationToken cancellationToken)

Code Snippet:

if (DeviceInfo.Platform == DevicePlatform.iOS)
{
_pca = PublicClientApplicationBuilder.Create(Configurations.ClientID).WithTenantId(Configurations.TenantID)
.WithBroker(false)
.WithRedirectUri(Configurations.IOSRedirectUri)
.WithIosKeychainSecurityGroup(AppConstants.KeyChainSecurityGroup)
.Build();
}
else
{
_pca = PublicClientApplicationBuilder.Create(Configurations.ClientID).WithTenantId(Configurations.TenantID)
.WithBroker(false)
.WithRedirectUri(Configurations.AndroidRedirectUri)
.Build(); }
// Gets the available accounts
var accounts = await _pca.GetAccountsAsync();
// Stores first account available
Common.Account = accounts.FirstOrDefault();
try
{
// This call acquires the access token silently without asking for user credentials
var authResult = await _pca.AcquireTokenSilent(Configurations.Scopes, Common.Account).ExecuteAsync();
// Stores the access token
AppConstants.AccessToken = authResult.AccessToken;
return true;
}
catch (MsalUiRequiredException ex)
{
try
{
// This present a interactive window to user where in user needs to
// enter credentials for acquiring access token
var authResult = await _pca.AcquireTokenInteractive(Configurations.Scopes)
.WithParentActivityOrWindow(App.RootViewController)
.WithUseEmbeddedWebView(true)
.ExecuteAsync();
AppConstants.AccessToken = authResult.AccessToken;
return true;
}
catch (Exception ex2)
{
Crashes.TrackError(ex2);
}
return false;
}

Around 15% of iOS App users facing this issue. Looking for immediate help.

Best Regards
Niladri

Padhy, Niladri 21 Reputation points

2022-04-25T11:51:42.97+00:00

Any Update On this?
Marilee Turscak-MSFT 37,396 Reputation points Microsoft Employee Moderator

2022-05-16T20:01:30.387+00:00

Hi @Padhy, Niladri ,

Would you be able to get a Fiddler trace for successful logins and for unsuccessful logins to be able to compare? Is it the same issue for cloud-only users vs hybrid users?