Description
Library version used
1.15.0
Java version
8
Scenario
PublicClient (AcquireTokenInteractive, AcquireTokenByUsernamePassword)
Is this a new or an existing app?
This is a new app or experiment
Issue description and reproduction steps
Using http://127.0.0.1 as the redirect URI does not work because it is overridden with http://localhost. This override causes the login to fail as http://localhost is not defined in the App Registration. According to Microsoft documentation, 127.0.0.1 should be preferred over localhost.
Workaround:
Using an address with a fixed port like http://127.0.0.1:3490 works because the redirect URI is not overridden.
However, this workaround is not ideal as it introduces the risk of port conflicts.
Relevant Documentation:
According to Microsoft Documentation, 127.0.0.1 should be preferred over localhost.
Relevant code snippets
// Does not work, because redirect url is updated to http://localhost
InteractiveRequestParameters parameters = InteractiveRequestParameters
.builder(new URI("http://127.0.0.1"))
.scopes(scope)
.build();
// Works - redirect url remains http://127.0.0.1:3490
InteractiveRequestParameters parameters = InteractiveRequestParameters
.builder(new URI("http://127.0.0.1:3490"))
.scopes(scope)
.build();Expected behavior
The redirect URI should remain as http://127.0.0.1 .
Identity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
The relevant place in code is:
The URI is hard coded and should be loaded from the interactiveRequestParameters() instead.
private void updateRedirectUrl() {
try {
URI updatedRedirectUrl = new URI("http://localhost:" + httpListener.port());
interactiveRequest.interactiveRequestParameters().redirectUri(updatedRedirectUrl);
LOG.debug("Redirect URI updated to" + updatedRedirectUrl);
} catch (URISyntaxException ex) {
throw new MsalClientException("Error updating redirect URI. Not a valid URI format",
AuthenticationErrorCode.INVALID_REDIRECT_URI);
}
}