Blazor WebAssembly Msal TryAddAdditionalParameter("prompt", "select_account") does nothing

[juho-hanhimaki]

Description

I am using the MSAL authentication with Azure AD trying to add prompt parameter to the sign in. It does not work as expected.

The observed request https://login.microsoftonline.com/common/oauth2/v2.0/authorize?... doesn't contain the prompt parameter and the request just completes with SSO.

Reproduction Steps

RedirectToLoginSelectAccount.razor

@using Microsoft.AspNetCore.Components.WebAssembly.Authentication;
@inject NavigationManager Navigation

@code {
    protected override void OnInitialized()
    {
        var requestOptions = new InteractiveRequestOptions()
            {
                Interaction = InteractionType.SignIn,
                ReturnUrl = Navigation.Uri,
            };

        requestOptions.TryAddAdditionalParameter("prompt", "select_account");

        Navigation.NavigateToLogin("authentication/login", requestOptions);
    }
}

The following weird version works on development build in VS, but doesn't work in published release build.

        var extraQueryParametersDictionary = new Dictionary<string, string> { ["prompt"] = "select_account" };
        requestOptions.TryAddAdditionalParameter("extraQueryParameters",
            JsonSerializer.Deserialize<JsonElement>(JsonSerializer.Serialize(extraQueryParametersDictionary)));

Expected behavior

Authentication to include the prompt parameter.

Actual behavior

Prompt parameter missing.

Regression?

No response

Known Workarounds

No response

Configuration

7.0.101 [C:\Program Files\dotnet\sdk]

<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly" Version="7.0.0-rtm.22512.1" />
<PackageReference Include="Microsoft.AspNetCore.Components.WebAssembly.DevServer" Version="7.0.0-rtm.22512.1" PrivateAssets="all" />
<PackageReference Include="Microsoft.Authentication.WebAssembly.Msal" Version="7.0.0-rtm.22512.1" />
<PackageReference Include="Microsoft.Extensions.Http" Version="7.0.0-rtm.22511.4" />

Other information

No response

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

[juho-hanhimaki]

Wrong repo, perhaps somebody can transfer to aspnetcore?

[juho-hanhimaki]

I am pretty sure this is a bug. Hopefully someone can take a look and reproduce. I don't think I am able to test using the newer rtm.22513.3 packages as they complain about downgrades from 7.0.0 (which isn't out yet).

#42580

https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/additional-scenarios?view=aspnetcore-7.0#customize-the-login-process

[TanayParikh]

We're also using that workaround in the test code:

aspnetcore/src/Components/WebAssembly/WebAssembly.Authentication/test/RemoteAuthenticationServiceTests.cs

Line 419 in 2e29720

["CoolName"] = JsonSerializer.Deserialize<JsonElement>(JsonSerializer.Serialize("Alfred"))

This appears to be a known issue, @javiercn do you have a tracking issue for this, or is the workaround (also mentioned here) the recommended resolution for now? Note for the workaround, @juho-hanhimaki mentioned:

The following weird version works on development build in VS, but doesn't work in published release build.

[TanayParikh]

@javiercn just to confirm the next steps here, were there any changes made following the community standup which may not have flowed through / may not have been comprehensive? Or are we just initially investigating?