[Bug]: DeviceCode parameter not populated
Closed this issue · 2 comments
What happened?
Using the Device code option in Monkey365 and then set the Analysis to multiple services, such as ExchangeOnline and SharePointOnline, the first request will correctly obtain a token through a two-step process (Print an access code and then log in through a browser). The subsequent login requests will fail with a 401 Unauthorized response because DeviceCode parameter is not populated.
Device code authentication flow is a flow that is widely used in systems with no desktop/browser, such a docker container or server core.
How to reproduce it
- Set the Analysis to ExchangeOnline and SharePointOnline in Monkey365 and ensure that -DeviceCode authentication flow is used
- Complete login on first authentication
- Subsequent login requests will fail with a 401 Unauthorized response
VERBOSE: [08:28:35:979] - [Get-MonkeyMSALToken] - No account was found on public application - verbose - 4d507d001fe7 -
WARNING: Acquire token failed. Unable to open a web page using xdg-open, gnome-open, kfmclient or wslview tools. See inner exception for details. Possible causes for this error are: tools are not installed or they cannot open a URL. Make sure you can open a web page by invoking from a terminal: xdg-openExpected behavior
Authentication parameters must be populated for all selected services
From where are you running Monkey365?
Please, complete the following information:
- Resource: Docker container
- OS: Windows
- PowerShell Version 7.3.6
- Monkey365 Version: 0.85-beta
There is also a similar issue. Best option would be to re-design the authentication in Monkey365 to cover all flows.
It's now fixed on dev branch. It will be merged to main branch asap