Redirect Login not working on Safari IOS due Third Party Cookie Policy

[alexsilvar]

Solve the Intelligent Tracking Prevention from IOS Safari.

This issue is for a:

- [ ] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [X] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Try the login redirect on Safari latest version.

Any log messages given by the failure

The token is not acquired

Expected/desired behavior

Login Redirect retrieves token

OS and Version?

IOS 13.x

Library versions

• react-aad-msal:latest
• msal: latest

Mention any other details that might be useful

Probably we need to use the @msal-browser library instead of msal

[yogeshpathade]

The similar behavior exists with Chrome incognito mode. The workaround is to enable third party cookies in the incognito mode which Chrome has started setting to Block by default with the new releases rolling out to the Users.

There is a issue raised by Users of MSAL Angular library AzureAD/microsoft-authentication-library-for-js#2042

[GraemeF]

This problem and the solution are documented here: https://docs.microsoft.com/en-us/azure/active-directory/develop/reference-third-party-cookies-spas

In short, react-aad needs to update to MSAL 2.0 and switch to use the authorization code flow. According to the README this was being kicked off at the end of July but there have been no updates since then.

[GraemeF]

Should be resolved by #238