none
[UWP] How to set WebAuthenticationBroker to use Edge instead of IE RRS feed

  • Question

  • More and more websites are dropping support for Internet Explorer (IE).

    For example GitHub has this message:

    Please note that GitHub will stop supporting Internet Explorer as of July 2018.

    We recommend Microsoft Edge, which is already installed on your version of Windows 10, Google Chrome, or Firefox.

    It appears on top of the page when trying to obtain the OAuth token using WebAuthenticationBroker.

    So my question is:

    • How can I set WebAuthenticationBroker to use Edge instead?
    • Is WebAuthenticationBroker still the recommended method to implement OAuth in UWP and if not what is the alternative available?

    Both Target and Min versions of my app are "Windows 10 Fall Creators Update (10.0; Build 16299)"

    Thank you.

    Tuesday, April 10, 2018 7:04 PM

Answers

  • Hi meldim,

    Thanks for reporting this.

    Currently the WebAuthenticationBroker API uses the IE Iframe, this is the by design feature. If you want to use the Edge for instead, this is the kind of feature request, and I have seen that you have already submitted a feature request in our UserVoice website: https://wpdev.uservoice.com/forums/110705-universal-windows-platform/suggestions/33906985-webauthenticationbroker-should-use-edge-as-ie-is-g .

    By the way you can implement the oAuth on your own without using the WebAutenticationBroker if you have an immediate need to use Edge rather than IE. This oAuth https://oauth.net website describes the protocol and has links to implementation hints. 

    Thanks,
    Amy Peng

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by meldim Friday, April 27, 2018 5:34 PM
    Friday, April 20, 2018 6:32 AM
    Owner
  • @Dimitrios,

    >> In that respect, can you please clarify that there is no plan at the moment to upgrade WebAuthenticationBrowser before July so that I can look for alternative solutions?

    Currently, my suggestion is that you might need to look for alternative solutions.

    And another thing is that I’m sorry to say is we do not have the solid date for the plan for the WebAuthenticationBrowser.

    Best regards,

    Roy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by meldim Friday, April 27, 2018 5:34 PM
    Thursday, April 26, 2018 6:24 AM
    Moderator

All replies

  • Did you do the relevant research? I don't understand why you are asking this question because regardless of the version of Windows is in use, the UWP WebView control uses Edge. If you developed a UWP application that uses IE then this question is not appropriate for this forum, you need to get help from whoever you got the control from that is using IE.



    Sam Hobbs
    SimpleSamples.Info

    Wednesday, April 11, 2018 12:32 AM
  • Hi Sam,

    Thank you for replying. I am not allowed to post links or screen shots here so it is harder to explain the issue.

    Let me clarify: WebAuthenticationBroker is a Microsoft class under the Windows.Security.Authentication.Web namespace. I used the approach demonstrated in the  Web authentication broker sample (http://code.msdn.microsoft.com/windowsapps/Web-Authentication-d0485122), provided by Microsoft, to allow my app to use OAuth with GitHub.

    From what I can tell this static class is not using the WebView control at the moment (which as you mentioned uses Edge) and hence the problem. The reason I mention the windows version is in case this class is planned to be upgraded to use the WebView in a subsequent release of windows.

    I will try to update the question with a screen shot as soon as my account on this forum is "verified".

    Thanks again for looking into this.

    Wednesday, April 11, 2018 10:56 AM
  • That sample is four years old. You can download all current the UWP samples from Microsoft/Windows-universal-samples: API samples for the Universal Windows Platform. It is possible to download them individually if you need to.









    Sam Hobbs
    SimpleSamples.Info

    Wednesday, April 11, 2018 5:57 PM
  • Hi Sam,

    Thanks again for looking into this. I am afraid I haven't made my problem clear.

    The issue is not with the sample but with the WebAuthenticationBroker (https://docs.microsoft.com/en-us/uwp/api/Windows.Security.Authentication.Web.WebAuthenticationBroker) which is using IE instead of Edge.

    This is the same class in the GitHub samples that you mention. (see https://github.com/Microsoft/Windows-universal-samples/tree/master/Samples/WebAuthenticationBroker)

    What I am trying to establish here is whether Microsoft is going to update that API or if there is an alternative implementation for OAuth in UWP.
    Thursday, April 12, 2018 10:47 AM
  • What I am trying to establish here is whether Microsoft is going to update that API or if there is an alternative implementation for OAuth in UWP.

    What I was trying to say is that Microsoft might have changed the sample in some way that is relevant. If that does not help then I can't help and I hope someone else can.


    Sam Hobbs
    SimpleSamples.Info

    Thursday, April 12, 2018 5:30 PM
  • hi

    i would be surprised if "UWP code would use Internet Explorer instead of Edge" for web requests 

    what's your default system default web browser ?

    br
    Andre

    Thursday, April 12, 2018 5:54 PM
  • Hi Andre,

    Unfortunately, I can't upload a picture here to show you the message that GitHub displays but you can see yourself by simply loading IE and going to github.com. Here is the url to a tweet I sent which shows the pop up: (https://twitter.com/DMelidonis/status/983380820508504064)

    I am using Firefox as my default browser but I also use Edge to access the Windows Dev Center because it has better integration with the "single sign on" feature of Windows 10. I did switch the default browser to Edge from Settings->"Change my Default" if that's what you mean but it didn't make any difference.

    I can understand why Microsoft would not be able to use the "default" option as they need to embed the browser in their pop up window. I would expect them though to (re)use their own WebView control instead of what seems to be a code duplication somewhere in their framework.
    Friday, April 13, 2018 9:15 AM
  • Hi meldim,

    The WebAuthenticationBroker will call a hostpicker.exe during the process of OAuth. It is a win32 process that we could not change.

    Best regards,

    Roy



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.


    Wednesday, April 18, 2018 10:09 AM
    Moderator
  • Hi Roy,

    Thanks for replying first of all.

     

    The name of the "hostpicker.exe" win32 process you mention implies that "it picks a host" for the OAuth process to be executed. If that is the case,  it seems like it is picking IE which is a problem.

     

    When you say "It is a win32 process that we could not change" who are you referring to, .Net, UWP or Windows 10 team? Surely someone is responsible for updating that process in Microsoft?

     

    This is a breaking issue for all UWP apps that are using OAuth and WebAuthenticationBroker. It is already a big problem as it undermines the user's trust in our app when they see a notification from their OAuth provider that we are using an outdated browser right at the moment they are about to enter their credentials!

     

    I understand that keeping all Windows moving parts updated is a massive task and things will be missed, that is why I am trying to bring this issue to your attention. If this is not the right forum please direct me to the team responsible and I will follow up.

     

    In the mean time please let me know if there is an alternative way to implement OAuth in UWP at the moment.

     

    Kind regards,

    Dimitrios

    Wednesday, April 18, 2018 11:31 AM
  • @Dimitrios,

    I'll consult related team about this. There will be some time delay.

    Thank you for your patience.

    Best regards,

    Roy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, April 19, 2018 8:23 AM
    Moderator
  • @Dimitrios,

    Sorry for my last reply.

    I checked the User agent when using WebAuthenticationBroker. It looks like this: 

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MSAuthHost/1.0)

    The WebAuthenticationBroker is using IE. 

    I'll involve expert for this problem.

    Best regards,

    Roy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Thursday, April 19, 2018 9:48 AM
    Moderator
  • @meldim

    great catch

    Thursday, April 19, 2018 9:24 PM
  • Hi meldim,

    Thanks for reporting this.

    Currently the WebAuthenticationBroker API uses the IE Iframe, this is the by design feature. If you want to use the Edge for instead, this is the kind of feature request, and I have seen that you have already submitted a feature request in our UserVoice website: https://wpdev.uservoice.com/forums/110705-universal-windows-platform/suggestions/33906985-webauthenticationbroker-should-use-edge-as-ie-is-g .

    By the way you can implement the oAuth on your own without using the WebAutenticationBroker if you have an immediate need to use Edge rather than IE. This oAuth https://oauth.net website describes the protocol and has links to implementation hints. 

    Thanks,
    Amy Peng

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by meldim Friday, April 27, 2018 5:34 PM
    Friday, April 20, 2018 6:32 AM
    Owner
  • Hi Amy,

    Thanks for replying and @Roy thanks for escalating this.

     

    My app needs to connect to GitHub and they are dropping support for IE this July so unless an update is already in the pipeline, it looks like I have no choice but to re-implement Oauth myself as you suggested.

     

    In that respect, can you please clarify that there is no plan at the moment to upgrade WebAuthenticationBrowser before July so that I can look for alternative solutions?

     

    From the link in your answer:

    "Note that you should never use an embedded web view in your own application, as this provides the user no guarantee that they are actually are entering their password in the service's website rather than a phishing site.

    You should either launch the native mobile browser, or use the new iOS "SafariViewController" to launch an embedded browser in your application. This API was added in iOS 9, and provides a mechanism to launch a browser inside the application that both shows the address bar so the user can confirm they're on the correct website, and also shares cookies with the real Safari browser."

     

    WebAuthenticationBrowser was the equivalent API for windows as far as I know. Redirecting the user to the default browser is not the best UX. That is why I would prefer to keep the existing solution if possible.

     

    Kind regards

    Dimitrios

    Friday, April 20, 2018 1:47 PM
  • i don't think such behavior should be handled via user voice and as feature request

    its Windows 10 and its UWP and one component use Internet Explorer that looks like a bug, not like a feature request

    br
    Andre

    Monday, April 23, 2018 10:57 AM
  • @Dimitrios,

    >> In that respect, can you please clarify that there is no plan at the moment to upgrade WebAuthenticationBrowser before July so that I can look for alternative solutions?

    Currently, my suggestion is that you might need to look for alternative solutions.

    And another thing is that I’m sorry to say is we do not have the solid date for the plan for the WebAuthenticationBrowser.

    Best regards,

    Roy


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    • Marked as answer by meldim Friday, April 27, 2018 5:34 PM
    Thursday, April 26, 2018 6:24 AM
    Moderator
  • Thank you, I will try that.
    Friday, April 27, 2018 5:34 PM
  • yes i am having this problem too.

    oAuth blocked because WebAuthenticationBroker is using IE, site says to use chrome :(

    Is there a fix for this yet?

    Thursday, June 7, 2018 7:26 PM