I am developing an Ionic 2 project (built on Cordova) using the Azure Active Directory ADAL plugin for Cordova:
https://github.com/AzureAD/azure-activedirectory-library-for-cordova
It authenticates properly on Android and IOS but fails on Windows Phone 10. I have debugged the problem all the way until the part where it goes into native code and it all seems fine.
I am internal at Microsoft and doing the authentication flow and I am actually first sent to one login screen for our mobile application before being redirected to the org sign-in page which does the two factor authentication flow. After the 2FA flow is accepted it redirects back to our application but then fails because it does a string comparison to compare the login request text to what was returned but fails because the login text is of format [email protected] and the returned identifier is my user GUID. I have verified that this is indeed my unique user GUID but it should not be compared to my email address.
Is there any work around for this issue?
UPDATE: Here is the JWT. Got it from Fiddler. I saved and anonymized some of the request/responses too, let me know if you need them.
{
typ:"JWT",
alg:"RS256",
x5t:"RrQqu9rydBVRWmcocuXUb2*****",
kid:"RrQqu9rydBVRWmcocuXUb2*****",
}
{
aud:"5712d3fd-8e22-4040-afbf-********",
iss:"https://sts.windows.net/72f988bf-86f1-41af-91ab-********/",
iat:1482954230,
nbf:1482954230,
exp:1482958130,
acr:"1",
amr:[
"pwd",
"mfa"
],
appid:"197e6baa-c9ed-4354-a561-***********",
appidacr:"0",
e_exp:10800,
family_name:"****",
given_name:"*******",
ipaddr:"167.***.***.***",
name:"****** ******",
oid:"e9a9b8a5-46e5-4c78-9593-***********",
onprem_sid:"S-1-5-21-2127521184-1604012920-1887927527-**********",
platf:"14",
puid:"10037FFE814B****",
scp:"Directory.Read.All Users.Read.All",
sub:"Jd7cxiEcj-7uVvBc-O0b8VYsT0GdXz1KDD-*******",
tid:"72f988bf-86f1-41af-91ab-********",
unique_name:"******@microsoft.com",
upn:"******@microsoft.com",
ver:"1.0"
}