Azure AD B2C 集成在 SwiftUI 應用程序錯誤“不支持權限驗證...”

Question

我目前嘗試將 Azure AD B2C（通過 Apple 發送電子郵件和登錄）集成到我的應用程序中。 當我從 Azure 門戶預覽登錄頁面時，一切看起來都很好並且工作正常。

但是當我從我的應用程序打開登錄頁面時，我收到以下錯誤：

Error Domain=MSALErrorDomain Code=-50000 "(null)" UserInfo={MSALErrorDescriptionKey=Authority validation is not supported for this type of authority, MSALInternalErrorCodeKey=-42008, MSALCorrelationIDKey=2EFF58A4-24F2-4ABC-8D80-BC96EDD26AB7}

這是我的 AD B2C 部分代碼：

import SwiftUI
import MSAL

class MicrosoftLoginCotroller: UIViewController {
    override func viewDidLoad() {
        super.viewDidLoad()
    }
    
    override func viewWillAppear(_ animated: Bool) {
        super.viewWillAppear(animated)
        
        let btn = UIButton(frame: CGRect(x: 20, y: self.view.frame.height - 100, width: self.view.frame.width - 40, height: 52))
        btn.backgroundColor = .green
        btn.setTitle("Lass uns starten!", for: .normal)
        btn.setTitleColor(.white, for: .normal)
        btn.addTarget(self, action: #selector(buttonTapped), for: .touchUpInside)
        
        self.view.addSubview(btn)
    }
    
    @objc func buttonTapped(_ sender: UIButton) {
        do {
            let authority = try MSALB2CAuthority(url: URL(string: "https://<tenant>.b2clogin.com/tfp/<tenant>.onmicrosoft.com/<policy>")!)
            let pcaConfig = MSALPublicClientApplicationConfig(clientId: "my_correct_client_id_from_the_azure_b2c_ad", redirectUri: nil, authority: authority)
            let application = try MSALPublicClientApplication(configuration: pcaConfig)
            let webViewParameters = MSALWebviewParameters(authPresentationViewController: self)
            let interactiveParameters = MSALInteractiveTokenParameters(scopes: ["user.read"], webviewParameters: webViewParameters)

            application.acquireToken(with: interactiveParameters) { (result, error) in
                guard let result = result else {
                    print("Error MSAL Token")
                    print(error!)
                    return
                }

                if let account = result.account.identifier {
                    print(account)
                    UIApplication.shared.windows.first { $0.isKeyWindow }!.rootViewController = UIHostingController(rootView: SignupProcessView())
                }
            }
        } catch {
            print("Error MSAL")
            print(error)
        }
    }
}

struct MicrosoftLoginView: UIViewControllerRepresentable {
    typealias UIViewControllerType = MicrosoftLoginCotroller
    
    func makeUIViewController(context: UIViewControllerRepresentableContext<MicrosoftLoginView>) -> MicrosoftLoginCotroller {
        return MicrosoftLoginCotroller()
    }
    
    func updateUIViewController(_ uiViewController: MicrosoftLoginCotroller, context: Context) {
        
    }
}

你知道我的錯誤在哪里嗎？

非常感謝！

Answer 1

在查看了 100+ Github 問題后，我發現了問題。 SDK 默認不信任 B2C MS 域。 因此，您需要將您的授權人添加為受信任的域：

pcaConfig.knownAuthorities = [authority]

功能代碼如下所示：

import SwiftUI
import MSAL

class MicrosoftLoginCotroller: UIViewController {
    override func viewDidLoad() {
        super.viewDidLoad()
    }
    
    override func viewWillAppear(_ animated: Bool) {
        super.viewWillAppear(animated)
        
        let btn = UIButton(frame: CGRect(x: 20, y: self.view.frame.height - 100, width: self.view.frame.width - 40, height: 52))
        btn.backgroundColor = .green
        btn.setTitle("Lass uns starten!", for: .normal)
        btn.setTitleColor(.white, for: .normal)
        btn.addTarget(self, action: #selector(buttonTapped), for: .touchUpInside)
        
        self.view.addSubview(btn)
    }
    
    @objc func buttonTapped(_ sender: UIButton) {
        do {
            let authority = try MSALB2CAuthority(url: URL(string: "https://<tenant>.b2clogin.com/tfp/<tenant>.onmicrosoft.com/<policy>")!)
            let pcaConfig = MSALPublicClientApplicationConfig(clientId: "my_correct_client_id_from_the_azure_b2c_ad", redirectUri: nil, authority: authority)
            pcaConfig.knownAuthorities = [authority]
            let application = try MSALPublicClientApplication(configuration: pcaConfig)
            let webViewParameters = MSALWebviewParameters(authPresentationViewController: self)
            let interactiveParameters = MSALInteractiveTokenParameters(scopes: ["user.read"], webviewParameters: webViewParameters)

            application.acquireToken(with: interactiveParameters) { (result, error) in
                guard let result = result else {
                    print("Error MSAL Token")
                    print(error!)
                    return
                }

                if let account = result.account.identifier {
                    print(account)
                    UIApplication.shared.windows.first { $0.isKeyWindow }!.rootViewController = UIHostingController(rootView: SignupProcessView())
                }
            }
        } catch {
            print("Error MSAL")
            print(error)
        }
    }
}

struct MicrosoftLoginView: UIViewControllerRepresentable {
    typealias UIViewControllerType = MicrosoftLoginCotroller
    
    func makeUIViewController(context: UIViewControllerRepresentableContext<MicrosoftLoginView>) -> MicrosoftLoginCotroller {
        return MicrosoftLoginCotroller()
    }
    
    func updateUIViewController(_ uiViewController: MicrosoftLoginCotroller, context: Context) {
        
    }
}