Contrib.social

Custom domains and v2 incompatibility

Open on Drupal.org β†’
Created on 20 March 2024, 3 months ago

Problem/Motivation

If using custom domains in Azure B2C, the logic in WindowsAad::__construct() for v2 fails as it's checking for `.b2clogin.com` in the endpoint URL.

Steps to reproduce

- Set up a B2C client as usual
- Set up Azure front door to be able to use a custom domain
- Ensure this custom domain is set the endpoints on the client & the endpoints are the v2 version (I think the only available ones now)
- Try to sign up/log in
- The login will fail and you'll be sent to a 403 with this error in the logs `No e-mail address provided by CLIENT_ID`

Proposed resolution

- Remove the `str_contains($endpoint, '.b2clogin.com/')` part of the check
- Alternatively, we could add a setting to select that it's v2 but I can't see why we need any more than the `/oauth2/v2.0/authorize` check

Remaining tasks

- Review and test

User interface changes

None

API changes

None

Data model changes

None

πŸ› Bug report
Status

Needs review

Version

2.0

Component

Code

Created by

πŸ‡¬πŸ‡§United Kingdom kimberleycgm

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024