Support for authority TFP format to work with iOS #24
Conversation
There was a problem hiding this comment.
Hi alex-dokienko,
this breaks support to authorities that do not have tfp in the url... it should be placed a check like you placed in other parts.
Moreover, one way to declare to MSAL that an authority is a B2C is to specify it in the configuration json like this:
{
"type": "B2C",
"authority_url": "https://contoso.b2clogin.com/contoso.onmicrosoft.com/PolicyName/",
"default": true
}
|
@chipscal thanks for pointing for missing part, when I did integration for my project I managed to make it work for iOS only if I used tfp format in json file, so didn't test how this will work with original formats. |
There was a problem hiding this comment.
Hi alex-dokienko,
Let's say you almost solved the problem but there is still a problem in the "getAuthorityFromPolicyName" function.
I say to solve the problem you could add a private variable "bool isTFPFormat" to the B2CProvider that could be initialized during the "initMSAL" function... It should be sufficient to check if the authorityURL contains "/tfp/" like you done in other parts. Then modify the aforementioned function to return proper URL with or without "/tfp/" according to that variable.
To work with B2C, MSAL requires a different authority configuration. MSAL recognizes one authority URL format as B2C by itself. The recognized B2C authority format is https:///tfp//, for example https://login.microsoftonline.com/tfp/contoso.onmicrosoft.com/B2C_1_SignInPolicy. However, you can also use any other supported B2C authority URLs by declaring authority as B2C authority explicitly.
More info can be found here
https://learn.microsoft.com/en-us/entra/msal/objc/configure-authority