I am trying to add Microsoft Azure OAuth capabilities to my iOS app. I've tried following the instructions here as best I can, but after successful login, the in-app browser gets stuck in a loop where it constantly tries to redirect to localhost instead of the callback URI defined in MSAL and on the Microsoft EntraID portal. Any help would be appreciated.
private func getMSALConfiguration() -> MSALPublicClientApplicationConfig {
let kClientID = "********-****-****-****-********ea7a5"
let kRedirectUri = "https://********************.supabase.co/auth/v1/callback"
let kAuthority = ";
let clientId = kClientID
let authority = kAuthority
guard let authorityURL = URL(string: authority) else {
fatalError("Unable to create authority URL")
}
do {
// Create authority object
let msalAuthority = try MSALAADAuthority(url: authorityURL)
// Create configuration
let config = MSALPublicClientApplicationConfig(
clientId: clientId,
redirectUri: kRedirectUri,
authority: msalAuthority
)
return config
} catch {
fatalError("Unable to create MSAL configuration: \(error)")
}
}
func signInWithAzure() async {
do {
// Get your MSALPublicClientApplication instance
guard let applicationContext = try? MSALPublicClientApplication(configuration: getMSALConfiguration()) else {
print("Unable to create MSAL application")
return
}
let kScopes: [String] = ["email"]
let webViewParameters = MSALWebviewParameters(authPresentationViewController: getRootViewController())
webViewParameters.webviewType = .authenticationSession
let parameters = MSALInteractiveTokenParameters(scopes: kScopes, webviewParameters: webViewParameters)
parameters.promptType = .login
let result = try await applicationContext.acquireToken(with: parameters)
print(result)
guard let idToken = result.idToken else {
print("No ID token found")
return
}
print(idToken)
let accessToken = result.accessToken
print(accessToken)
await supabaseSignIn(provider: .azure, idToken: idToken, accessToken: accessToken)
} catch {
// TODO: Handle error
dump(error)
}
}
On the Microsoft Entra side of things I've defined the web redirect URI as follows, and have configured everything accordingly in the Supabase portal (except for Azure Tenant URL which is marked as optional) . When pressing the login button defined as:
Button(action: {
Task {
await authManager.signInWithAzure()
}
}, label: {
Text("Sign in with Azure")
})
I am able to go through the login flow, grant permissions, then when the in-app browser is supposed to redirect to the app, it gets caught in the loop trying to continuously redirect to localhost instead of my redirect URI.
@main
struct MyApp: App {
@State private var authManager = AuthViewModel()
var body: some Scene {
WindowGroup {
ContentView()
.environment(authManager)
.onOpenURL { url in
client.auth.handle(url)
}
}
}
}
I've also tried the mobile deep liking approach where the config redirect URI is msauth.BUNDLEID.APPNAME://auth, but the configuration errors out after pressing the button. I've added the URL types for this approach to my Info.plist, as well as the LSApplicationQueriesSchemes to no effect.