问题
Hello I am learning using MSAL but met a wired issue. I totally followed the tutorial, and I am using the sample code. But I still got this exception building the client in App.xaml.cs:
microsoft.identity.client.msalclientexception: the application cannot access the ios keychain for the application publisher (the team id is null). this is needed to enable single sign on between applications of the same publisher. this is an ios configuration issue. see https://aka.ms/msal-net-enable-keychain-access for more details on enabling keychain access.
AuthenticationClient = PublicClientApplicationBuilder.Create(Constants.ClientId)
.WithIosKeychainSecurityGroup(Constants.IosKeychainSecurityGroups)
.WithB2CAuthority(Constants.AuthoritySignin)
.WithRedirectUri($"msal{Constants.ClientId}://auth")
.Build();
Relative Settings are as follows:
info.plist:
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLName</key>
<string>ADB2C Auth</string>
<key>CFBundleURLSchemes</key>
<array>
<string>msal....</string>
</array>
<key>CFBundleTypeRole</key>
<string>None</string>
</dict>
<dict>
<key>CFBundleURLName</key>
<string>URL Type 1</string>
</dict>
</array>
ioskeychain in Contants.cs:
// set to a unique value for your app, such as your bundle identifier. Used on iOS to share keychain access.
static readonly string iosKeychainSecurityGroup = "com.xamarin.adb2cauthorization";
Entitlements.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>keychain-access-groups</key>
<array>
<string>$(AppIdentifierPrefix)com.xamarin.adb2cauthorization</string>
</array>
</dict>
</plist>
AppDelegate:
public override bool OpenUrl(UIApplication app, NSUrl url, NSDictionary options)
{
AuthenticationContinuationHelper.SetAuthenticationContinuationEventArgs(url);
return base.OpenUrl(app, url, options);
}
And I tried to upgrade the Microsoft.Identity.Client to v4.17.1, it is still not working. Since the share code is working for the Android part, I am really not sure what I could be missing. Any help would be appreciated.
回答1:
Go to the ios project properties => iOS Bundle Signing and select your Entitlements.plist.
The Entitlements.plist file should look like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>aps-environment</key>
<string>development</string>
<key>keychain-access-groups</key>
<array>
<string>$(AppIdentifierPrefix)com.microsoft.adalcache</string>
</array>
</dict>
</plist>
来源:https://stackoverflow.com/questions/63272380/the-application-cannot-access-the-ios-keychain-in-xamarin-forms-but-works-in-and