Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] "TokenBroker" service keeps WinUI 3 app's process running after window is closed #4967

Open
aries-zhang opened this issue Oct 22, 2024 · 0 comments
Labels
needs attention Delete label after triage public-client untriaged Do not delete. Needed for Automation

Comments

@aries-zhang
Copy link

aries-zhang commented Oct 22, 2024

Library version used

4.64.0

.NET version

.NET 8

Scenario

PublicClient - desktop app

Is this a new or an existing app?

The app is in production, I haven't upgraded MSAL, but started seeing this issue

Issue description and reproduction steps

We have a WinUI 3 + .NET 8 based app which uses MSAL .Net for authentication. We came to notice that after an interactive login (account picker window shown) the app process will not exit after it is closed. With the "Analyze wait chain" option in Task Manager, it shows an svchost process is holding the app process, and this svchost process points to the "TokenBroker" service, which belongs to "Web Account Manager".

image
image

I've managed to reproduce it with the minimum code below. This issue seems to only reproduce when both of the following 2 conditions are met:

  1. There is a WebView2 control with a Source property (no matter set via XAML or code-behind).
  2. The WAM's interactive login window (account picker) is shown.
<Window
    x:Class="App2.MainWindow"
    xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"
    xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"
    xmlns:local="using:App2"
    xmlns:d="http://schemas.microsoft.com/expression/blend/2008"
    xmlns:mc="http://schemas.openxmlformats.org/markup-compatibility/2006"
    mc:Ignorable="d">

    <Grid>
        <Grid.RowDefinitions>
            <RowDefinition Height="80" />
            <RowDefinition />
        </Grid.RowDefinitions>

        <StackPanel Grid.Row="0" HorizontalAlignment="Center" VerticalAlignment="Center" Orientation="Horizontal">
            <Button Click="SignInButton_Click" Content="Sign in" />
        </StackPanel>

        <Grid Grid.Row="1" HorizontalAlignment="Stretch" VerticalAlignment="Stretch">
            <WebView2 x:Name="MyWebView" Source="https://bing.com" />
        </Grid>
    </Grid>
</Window>
private void SignInButton_Click(object sender, RoutedEventArgs e)
{
    if (client == null)
    {
        client = PublicClientApplicationBuilder.Create(clientId: AppId)
            .WithAuthority(authorityUri: "https://login.microsoftonline.com/common")
            .WithBroker(brokerOptions: new BrokerOptions(BrokerOptions.OperatingSystems.Windows))
            .Build();
    }

    IntPtr handle = WinRT.Interop.WindowNative.GetWindowHandle(this);

    DispatcherQueue.TryEnqueue(async () =>
    {
        try
        {
            AcquireTokenInteractiveParameterBuilder tokenBuilder = client.AcquireTokenInteractive(["https://graph.microsoft.com/.default"])
                .WithParentActivityOrWindow(handle)
                .WithUseEmbeddedWebView(false);

            AuthenticationResult result = await tokenBuilder.ExecuteAsync().ConfigureAwait(false);

            Debug.WriteLine("Signed in.");
        }
        catch (MsalException ex) when (ex.ErrorCode == "authentication_canceled")
        {
            Debug.WriteLine($"Sign in canceled.");
        }
        catch (Exception ex)
        {
            Debug.WriteLine($"Sign in failed: {ex.Message}.");
            throw;
        }
    });
}

The code is also posted in this repo: aries-zhang/WinUI3-MSAL-Demo. Please follow these steps to reproduce:

  1. Clone the code.
  2. Build and run the app.
  3. The app should show bing.com and a "Sign in" button in the top (now if you close the app, the process shuts down normally).
    image
  4. Click "Sign in", when account picker pops up, close the account picker window to cancel login (or sign in with an account. It does not matter as long as the sign in window is shown).
  5. Close the app.
  6. Open Task Manager, search App2.exe in the "Details" tab, the process is still running.
  7. Right click App2.exe, select "analyze wait chain", it shows the svchost process.
    image
    image
  8. Search with the svchost process's id, right click, select "go to services", it shows the "TokenBroker" service.
    image
    image

This issue is really strange since it does not repro when there is not a WebView2 control in the app or the WebView2 control does not have a "Source" property set. I've also noticed with the same code it does not repro on Windows 10 (22H2).

It does not repro with silent login. It seems to have something to do with WAM + WebView2.
Also tried the older versions of MSAL .Net up to 4.52.0 and it still repros.

Relevant code snippets

See the code snippets in issue description.

Expected behavior

Expecting the app process should exit normally when closed.

Identity provider

Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)

Regression

No response

Solution and workarounds

No response

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needs attention Delete label after triage public-client untriaged Do not delete. Needed for Automation
Projects
None yet
Development

No branches or pull requests

1 participant