Utilizing the MSAL js library with Azure B2C and the Microsoft Account provider seems to fail with the samples included in the MSAL project.
MSA seems to do a final HTTP POST as the authresp because B2C with MSA uses response mode = form post whereas, Google, Facebook and LinkedIn all authresp return GET requests. This in turn results in MSAL not properly processing the returned bearer token from B2C/MSA.
This is the request made to MSA by B2C, note the response_mode=form_post https://login.live.com/oauth20_authorize.srf?client_id=********-1b08-4d7c-b56d-9076584c3b71&redirect_uri=https:%2f%2flogin.microsoftonline.com%2fte%********-ab1c-4f9d-83b5-899025a2c3ca%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=vkQ0vSBHFfYPydMhYl02ZA%3d%3d&state=eyJTSUQiOiJ4LW1zLWNwaW0tcmM6YTk0ZWYyMzktMDAwZi00YzIxLWE1MTAtOGNkMzk1YTU5NjI5IiwiVElEIjoiMDA4NjFiOTAtMzBhMy00NmZjLWJmMTgtOWE2MWY4Yjk3NTgyIn0
Utilizing the following sample - https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/devApps/VanillaJSTestApp-b2c/index.html
With Google the requests:
With Microsoft Account the requests:
Running clientApplication.acquireTokenSilent(applicationConfig.b2cScopes) with MSA after login results in - Unhandled rejection user_login_error:User login is required
Whereas with Google it returns a proper bearer token.
Implicit grant flow is enabled on Microsoft Account configuration so not sure if there is a configuration missing or this is an issue with B2C/MSA or the MSAL library.
