-
Notifications
You must be signed in to change notification settings - Fork 345
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Microsoft.Identity.Client references System.Windows.Forms #4468
Comments
What's the actual problem @pedrolupin ? The dependency will not be used in headless scenarios. Also, if you target pure .NET, the dependency is not present. MSAL.NET always had a dependency on Windows.Forms on .NET Fwk (not Core). |
The problem is that in the web server running IIS we don't have .net
desktop runtime because it is not needed.
So the update made the web app stop working.
The project is compiled for .net 7.0 pure.
El mié, 13 dic 2023 17:11, Bogdan Gavril ***@***.***>
escribió:
… What's the actual problem @pedrolupin <https://github.com/pedrolupin> ?
The dependency will not be used in headless scenarios.
Also, if you target pure .NET, the dependency is not present.
—
Reply to this email directly, view it on GitHub
<#4468 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABA7CDG4XEJ65EGDPAMFMXLYJHHSZAVCNFSM6AAAAABATKNZOKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNJUGIZTCOJYHA>
.
You are receiving this because you were mentioned.Message ID:
<AzureAD/microsoft-authentication-library-for-dotnet/issues/4468/1854231988
@github.com>
|
Microsoft.Identity.Client adds Windows Forms reference only on |
I dug a bit more to see what happens here.
We have a project that accesses Azure Keyvault and hence requires
Azure.Identity -> Microsoft.Identity.Client...
This project uses net7.0 as the target framework.
But the startup project that references our keyvault project is an ASP.NET
Core application that uses net7.0-windows as the target framework.
It has to use the Windows OS target since it uses APIs only available for
that target.
Before the update of Azure.Identity from 1.9.0 to 1.10.4, there was no
reference to System.Windows.Forms.
Just because the target is net7.0-windows that doesn't necessarily imply
that it's a desktop application.
This must be a common usage for ASP.NET users that want to use Azure
Identity... and the IIS servers use ASP.NET Core Shared Framework , .NET
Runtime and Windows Server Hosting packages, but there was no dependency to
the .NET Desktop Runtime and it makes no sense to require it in a web
server.
Thanks for looking into this, I appreciate the effort to answer and
hopefully solve our use case.
Regards,
Pedro
…On Wed, 13 Dec 2023 at 23:30, Peter ***@***.***> wrote:
Microsoft.Identity.Client adds Windows Forms reference only on
net6.0-windows and net462 platforms. So net7.0 app should pick up net6.0
MSAL binary without the Forms. What's the exception that you get?
—
Reply to this email directly, view it on GitHub
<#4468 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABA7CDHGMLAZGBPCO7KWB6TYJIT7TAVCNFSM6AAAAABATKNZOKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQNJUG44TQOJRGQ>
.
You are receiving this because you were mentioned.Message ID:
<AzureAD/microsoft-authentication-library-for-dotnet/issues/4468/1854798914
@github.com>
|
Indeed. This is a known gap. We don't really have a good solution at the moment, but exploring some options. Some of the workarounds are to deploy the app as self-contained or have a post-build script which removes the Windows Forms reference from the runtime config JSON. |
@pmaytak that this bit us this week. updated to a the security hotfix patch for sql client nuget. and our web apps would no longer run |
given this prevents apps from starting. perhaps it should be a p1? |
Thanks @SimonCropp , we will discuss this in the next few days and make a decisions. Bumping the major version of MSAL from version 4 (it's been this way for 4+ years) to version 5 is really big deal and we are not ready for it. We are evaluating if we can introduce this change in a non-breaking way (well, similar to [Obsolete]-ing some API at least), maybe with some decent msbuild warning. |
@bgavrilMS i dont see a way of doing this in a non-breaking way. even if we have the API as Obsolete with warning, it means it still needs to work if people ignore the warning. WindowsFormsWebAuthenticationDialog is exposed as a public type that inherits from System.Windows.Forms.Form. so that means System.Windows.Forms must continue to be referenced IMO we should bite the bullet and make a breaking change to fix this. it would be relatively low impact in terms of scale for a breaking change. the winforms bit could be moved to a diff nuget and people add a reference to that nuget. |
We were able to work around it in our usage by abandoning |
I am using Microsoft.Identity.Client in my Windows services, but they are now failing to start with the .NET runtime. Installing the desktop runtime is not an acceptable solution for me. Would it be possible to have a solution that is not reliant on these unnecessary components for my services? |
Yes, we will drop support for net6-windows from MSAL. The extra logic lives in MSAL.Desktop. I do not have an ETA for this, but hope we'll get it done in a few weeks. |
@bgavrilMS Any updates/ETAs on this one? |
We just ran into this issue with an ASP.NET Core REST API app built for |
Others might be able to chime in with other options, or clarification on how to do number 4, but there are 4 options that I have seen mentioned to work around this issue.
|
thats the workaround we went with. had to suppress some warnings about "please use |
@rarowston @SimonCropp Ah, thank you soooo much. I did not realize that this was just a warning that can be safely ignored, so I disabled it, switched OS platform from
|
@alekdavis yeah the warning can be interpreted as "if you deploy this to non windows, it wont work" |
I just got bit by this. Sucks. Any update on the status of the fix? |
This was added to the 4.60.0 Milestone · GitHub
<https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/milestone/124>,
then pushed to 4.61.0 Milestone · GitHub
<https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/milestone/127>
which is due on May, 2.
Fingers crossed :)
El mié, 17 abr 2024, 15:50, Ron Clabo ***@***.***> escribió:
… I just got bit by this. Sucks. Any update on the status of the fix?
—
Reply to this email directly, view it on GitHub
<#4468 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABA7CDCGSHV42QRLQIU6B5TY5Z4ZVAVCNFSM6AAAAABATKNZOKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANRRGMYTCMRRGY>
.
You are receiving this because you were mentioned.Message ID:
<AzureAD/microsoft-authentication-library-for-dotnet/issues/4468/2061311216
@github.com>
|
It's been mentioned that one workaround is to remove the "Microsoft.WindowsDesktop.App" dependency from the runtimeconfig.json file. However this approach did not work for us. Changing the file from
to
for us did help to allow the website to start up but as soon as the code attempted to use
Has anyone managed to make that workaround actually work? |
Hey folks - we're currently working on mitigating this. @bgavrilMS has been working on this in #4567 |
@localden - Your work on this is very important to the community. Thanks you for the update. I did manage to work around the issue by doing a self contained deployment of our website so at least we are up and running again. We look forward to getting back to non-self-contained deployments as usual once the bug is fixed. Again, much appreciate the update and the fact that this is actively being worked on. |
Thanks Bogdan looking forward to the release :) |
The team aims to release around the end of April. |
@bgavrilMS - does this mean that the with 4.61.0 release, it will also work with |
Hello. We've released MSAL 4.61.0 which removes For confidential client apps targeting For public client apps targeting @pedrolupin @SimonCropp @nblumhardt @robertmuehsig @bjornbouetsmith @nicolascotton @alekdavis @rarowston @rclabo @gautamdsheth @Kavya-Gogula @ayrton97 |
This update addresses a breaking change in the `Microsoft.Identity.Client` library, which has removed support for the `net6.0-windows7.0` binary. To maintain compatibility for desktop applications targeting `net6.0-windows`, the `Microsoft.Identity.Client.Desktop` dependency has been added. This change ensures that authentication using a browser, with the method `WithWindowsEmbeddedBrowserSupport()`, continues to work seamlessly. See AzureAD/microsoft-authentication-library-for-dotnet#4468 Additionally, this update allows us to remove the dependency on the `Microsoft.Windows.SDK` framework, which has resulted in a reduction of installed binary sizes by approximately 20%.
This update addresses a breaking change in the `Microsoft.Identity.Client` library, which has removed support for the `net6.0-windows7.0` binary. To maintain compatibility for desktop applications targeting `net6.0-windows`, the `Microsoft.Identity.Client.Desktop` dependency has been added. This change ensures that authentication using a browser, with the method `WithWindowsEmbeddedBrowserSupport()`, continues to work seamlessly. See AzureAD/microsoft-authentication-library-for-dotnet#4468 Additionally, this update allows us to remove the dependency on the `Microsoft.Windows.SDK` framework, which has resulted in a reduction of installed binary sizes by approximately 20%.
…819) This update addresses a breaking change in the `Microsoft.Identity.Client` library, which has removed support for the `net6.0-windows7.0` binary. To maintain compatibility for desktop applications targeting `net6.0-windows`, the `Microsoft.Identity.Client.Desktop` dependency has been added. This change ensures that authentication using a browser, with the method `WithWindowsEmbeddedBrowserSupport()`, continues to work seamlessly. See AzureAD/microsoft-authentication-library-for-dotnet#4468 Additionally, this update allows us to remove the dependency on the `Microsoft.Windows.SDK` framework, which has resulted in a reduction of installed binary sizes.
Library version used
4.56.0
.NET version
.net 7.0.14
Scenario
ManagedIdentityClient - managed identity
Is this a new or an existing app?
The app is in production, and I have upgraded to a new version of MSAL
Issue description and reproduction steps
Azure.Identity 1.9.0 -> Microsoft.Identity.Client 4.49.1 did not have a dependency on System.Windows.Forms, but when updating to newer Azure.Identity 1.10.4 -> Microsoft.Identity.Client 4.56.0 the dependency to Windows.Forms appeared, this is a problem.
Azure.Identity should be able to run headless, on servers and many situations that don't have access to System.Windows.Forms because the .NET desktop runtime is not present.
Relevant code snippets
No response
Expected behavior
No response
Identity provider
Azure B2C Basic Policy
Regression
4.49.1
Solution and workarounds
No response
The text was updated successfully, but these errors were encountered: