Chromium Embedded Framework Forum

[natonicfp]

I am trying to build an application that needs to authenticate to Azure AD using Microsoft's MSAL.js library (https://github.com/AzureAD/microsoft-au ... al-browser). I have been using the cefclient example as my starting point. I have a very basic page that successfully redirects to my Azure AD authentication server on a regular browser. When I include that page in my cefclient resources and visit it from there, the redirect fails with

Code: Select all

"The PKCE code challenge and verifier could not be generated.  Detail: TypeError: Cannot read property 'digest' of undefined..."

.

In researching this further it appears the issue is that this part of the MSAL auth process needs to use WebCrypto to generate the PKCE code, and is not able to because Chromium only allows WebCrypto calls from a secure origin: https://chromium.googlesource.com/chrom ... page_loads. A potentially easy fix would be to use the file:/// scheme to load my page, but unfortunately, MSAL doesn't allow tokens to be returned to file:/// pages. I've also tried using file:/// to initiate the auth request, and having MSAL redirect to my http page, but MSAL doesn't like that either.

Is anyone successfully loading CEF3 resources with the https:// scheme? Any examples you can point me to?

[magreenblatt]

Yes, you can use the HTTPS scheme. See https://bitbucket.org/chromiumembedded/ ... t-handling

[natonicfp]

Thanks! I tried searching for something like that. Not sure how I missed it. I'll play with this. I appreciate the quick reply.