Не могу использовать режим брокера с авторитетом ADFS

Не могу использовать режим брокера с авторитетом ADFS ⇐ Android

1 сообщение • Страница 1 из 1

Anonymous

Не могу использовать режим брокера с авторитетом ADFS

Цитата

Сообщение Anonymous » 05 июн 2025, 17:55

I want to achieve cross-app SSO so that my Outlook Android app is automatically logged in with my ADFS account.
I use Exchange 2019, ADFS 2019, and Windows Server 2022.
Here are the errors fromthe debug output in VS 2022:

ERROR => Msal.xamarin.android.4.66.2.0.msalserviceexception:
errorcode: inknown_error
microsoft.identity.client.masalserviceexception: ответный брокер
returned error:
comm.microsoft.identy.common.javairtiestoriestoritiesfortiestoritiesfortiestoritiesfortiestoritiesfortiestorities быть внедренным в
com.microsoft.identity.common.java.authorities.azureactivedirectoryatority
at
microsoft.identity.client.internal.broker.brokerinterAtequestComponent.validateResponseFrombroker(msaltokensesponse pressalsesonsesonsespone.validateResponsefrombroker(msaltofonsesponsesesonsesponse. />microsoft.identity.client.Internal.Broker.BrokerInterActiveRequestComponent.fetchTokenSasync(CancellationToken
uncellationToken) на
microsoft.identity.client.internal.requests.InterActiveRequest.getTokenResponseAsync(CancellationToken
CancellationTOKENTOKENTOKEN) AT
MicRosoft.Identity.Client.IntertainteAscelSeAscelySeAscelySeScelyNeaseScuteAscelynationsAceLynationsAceLynationsAceLynationsAceLyn /> CancellationToken) at
microsoft.identity.client.internal.requests.requestbase.c__displayclass11_1. Dd.movenext()
end of Stack Trace из предыдущего местоположения --- AT
microsoft.identity.client.utils.stopwatchservice.measurecodeblockasync(func`1
codeblock) на
microsoft.identity.client.internal.requests.requestbase.runasync(cancellationtokenkoken
ancellationtokentken) /> microsoft.identity.client.apiconfig.executors.publicClientExecutor.executeasync(acquiretokencommonparameters
commonparameters, acpireTokenInteractiveParameters
InteractiveParameters, DecellationTokentokentoken) у
/>RecipesApp.MainPage.OnLoginClicked(Object sender, EventArgs e) in
C:\MyApp\MainPage.xaml.cs:line 28 StatusCode: 0 ResponseBody:

Headers:

My code:

Код: Выделить всё

try
{
var publicClientApplicationBuilder = PublicClientApplicationBuilder
.Create("my_client_id_generated_from_adfs")
#if ANDROID || IOS
.WithBroker()
#endif
.WithAdfsAuthority("https://adfs.mydomain.com/adfs)
.WithRedirectUri($"msauth://com.test.app/my_encoded_base_64")
.Build();

var authResult = await publicClientApplicationBuilder.AcquireTokenInteractive({"email"})
.WithParentActivityOrWindow(EntraConfig.ParentWindow)
.ExecuteAsync().ConfigureAwait(false);

Debug.WriteLine($"SUCCESS => {authResult.AccessToken}");
Debug.WriteLine($"SUCCESS => {authResult}");

}
catch (Exception ex)
{
Debug.WriteLine($"====\nERROR => {ex}\n====");
}

уже попробовал без .withbroker () , но в приложении Microsoft Authenticator и Outlook нет никакой учетной записи. Возможн ли сценарий SSO Cross-App с учетной записью ADFS в PREM?

Подробнее здесь: https://stackoverflow.com/questions/792 ... -authority

1749135306

Anonymous

I want to achieve cross-app SSO so that my Outlook Android app is automatically logged in with my ADFS account.
I use Exchange 2019, ADFS 2019, and Windows Server 2022.
Here are the errors fromthe  debug output in VS 2022:

ERROR => Msal.xamarin.android.4.66.2.0.msalserviceexception:
errorcode: inknown_error
microsoft.identity.client.masalserviceexception: ответный брокер
returned error:
comm.microsoft.identy.common.javairtiestoriestoritiesfortiestoritiesfortiestoritiesfortiestoritiesfortiestorities быть внедренным в
com.microsoft.identity.common.java.authorities.azureactivedirectoryatority
at
microsoft.identity.client.internal.broker.brokerinterAtequestComponent.validateResponseFrombroker(msaltokensesponse pressalsesonsesonsespone.validateResponsefrombroker(msaltofonsesponsesesonsesponse. />microsoft.identity.client.Internal.Broker.BrokerInterActiveRequestComponent.fetchTokenSasync(CancellationToken
uncellationToken) на
microsoft.identity.client.internal.requests.InterActiveRequest.getTokenResponseAsync(CancellationToken
CancellationTOKENTOKENTOKEN) AT
MicRosoft.Identity.Client.IntertainteAscelSeAscelySeAscelySeScelyNeaseScuteAscelynationsAceLynationsAceLynationsAceLynationsAceLyn /> CancellationToken) at
microsoft.identity.client.internal.requests.requestbase.c__displayclass11_1. Dd.movenext()
end of Stack Trace из предыдущего местоположения --- AT
microsoft.identity.client.utils.stopwatchservice.measurecodeblockasync(func`1
codeblock) на
microsoft.identity.client.internal.requests.requestbase.runasync(cancellationtokenkoken
ancellationtokentken) /> microsoft.identity.client.apiconfig.executors.publicClientExecutor.executeasync(acquiretokencommonparameters
commonparameters, acpireTokenInteractiveParameters
InteractiveParameters, DecellationTokentokentoken) у
/>RecipesApp.MainPage.OnLoginClicked(Object sender, EventArgs e) in
C:\MyApp\MainPage.xaml.cs:line 28 StatusCode: 0  ResponseBody:

Headers:

My code:
[code]try
{
var publicClientApplicationBuilder = PublicClientApplicationBuilder
.Create("my_client_id_generated_from_adfs")
#if ANDROID || IOS
.WithBroker()
#endif
.WithAdfsAuthority("https://adfs.mydomain.com/adfs)
.WithRedirectUri($"msauth://com.test.app/my_encoded_base_64")
.Build();

var authResult = await publicClientApplicationBuilder.AcquireTokenInteractive({"email"})
.WithParentActivityOrWindow(EntraConfig.ParentWindow)
.ExecuteAsync().ConfigureAwait(false);

Debug.WriteLine($"SUCCESS => {authResult.AccessToken}");
Debug.WriteLine($"SUCCESS => {authResult}");

}
catch (Exception ex)
{
Debug.WriteLine($"====\nERROR => {ex}\n====");
}
[/code]
уже попробовал без .withbroker () , но в приложении Microsoft Authenticator и Outlook нет никакой учетной записи. Возможн ли сценарий SSO Cross-App с учетной записью ADFS в PREM?  

Подробнее здесь: [url]https://stackoverflow.com/questions/79274026/cant-use-broker-mode-with-adfs-authority[/url]