Fix mac broker MAUI issues (#5328)

* For mac broker flows, limit the "start new message loop to guarantee go back to main thread" logic to console app only. Maui app should not start a new message loop since it already has one running.

* Fix mac test app warnings

* tmp

* Try to fix pipeline build issue

* Update NativeInterop version to 0.19.1

* Update mac console app version to 0.19.1

* Still use NativeInterop 0.18.1

* Add some logs

Author: fengga

src/client/Microsoft.Identity.Client.Broker/RuntimeBroker.cs

@@ -186,8 +186,9 @@ public async Task<MsalTokenResponse> AcquireTokenInteractiveAsync(
                     {
                         if (readAccountResult.IsSuccess)
                         {
-                            if (DesktopOsHelper.IsMac())
+                            if (DesktopOsHelper.IsMacConsoleApp())
                             {
+                                _logger?.Verbose(() => "Mac console app calling AcquireTokenInteractivelyAsync from the main thread.");
                                 AuthResult result = null;
                                 await MacMainThreadScheduler.Instance().RunOnMainThreadAsync(async () =>
                                 {
@@ -201,7 +202,7 @@ await MacMainThreadScheduler.Instance().RunOnMainThreadAsync(async () =>
                                 var errorMessage = "Could not acquire token interactively.";
                                 msalTokenResponse = WamAdapters.HandleResponse(result, authenticationRequestParameters, _logger, errorMessage);
                             }
-                            else // Non macOS
+                            else // Not mac console app scenaro
                             {
                                 using (var result = await s_lazyCore.Value.AcquireTokenInteractivelyAsync(
                                     _parentHandle,
@@ -256,8 +257,9 @@ private async Task<MsalTokenResponse> SignInInteractivelyAsync(
                 string loginHint = authenticationRequestParameters.LoginHint ?? authenticationRequestParameters?.Account?.Username;
                 _logger?.Verbose(() => "[RuntimeBroker] AcquireTokenInteractive - login hint provided? " + !string.IsNullOrEmpty(loginHint));
 
-                if (DesktopOsHelper.IsMac())
+                if (DesktopOsHelper.IsMacConsoleApp())
                 {
+                    _logger?.Verbose(() => "Mac console app calling SignInInteractivelyAsync from the main thread.");
                     AuthResult result = null;
                     await MacMainThreadScheduler.Instance().RunOnMainThreadAsync(async () =>
                     {
@@ -271,7 +273,7 @@ await MacMainThreadScheduler.Instance().RunOnMainThreadAsync(async () =>
                     var errorMessage = "Could not sign in interactively.";
                     msalTokenResponse = WamAdapters.HandleResponse(result, authenticationRequestParameters, _logger, errorMessage);
                 }
-                else // Non macOS
+                else // Not mac console app scenaro
                 {
                     using (var result = await s_lazyCore.Value.SignInInteractivelyAsync(
                         _parentHandle,
@@ -304,8 +306,9 @@ private async Task<MsalTokenResponse> AcquireTokenInteractiveDefaultUserAsync(
                 _brokerOptions,
                 _logger))
             {
-                if (DesktopOsHelper.IsMac())
+                if (DesktopOsHelper.IsMacConsoleApp())
                 {
+                    _logger?.Verbose(() => "Mac console app calling SignInAsync from the main thread.");
                     AuthResult result = null;
                     await MacMainThreadScheduler.Instance().RunOnMainThreadAsync(async () =>
                     {
@@ -318,7 +321,7 @@ await MacMainThreadScheduler.Instance().RunOnMainThreadAsync(async () =>
                     var errorMessage = "Could not sign in interactively with the default OS account.";
                     msalTokenResponse = WamAdapters.HandleResponse(result, authenticationRequestParameters, _logger, errorMessage);
                 }
-                else // Non macOS
+                else // Not mac console app scenaro
                 {
                     using (NativeInterop.AuthResult result = await s_lazyCore.Value.SignInAsync(
                         _parentHandle,

src/client/Microsoft.Identity.Client/Internal/Requests/Interactive/InteractiveRequest.cs

@@ -66,7 +66,7 @@ protected override async Task<AuthenticationResult> ExecuteAsync(
             await ResolveAuthorityAsync().ConfigureAwait(false);
             cancellationToken.ThrowIfCancellationRequested();
             MsalTokenResponse tokenResponse = null;
-            if (DesktopOsHelper.IsMac() && ServiceBundle.Config.IsBrokerEnabled)
+            if (ServiceBundle.Config.IsBrokerEnabled && DesktopOsHelper.IsMacConsoleApp())
             {
                 var macMainThreadScheduler = MacMainThreadScheduler.Instance();
                 if (!macMainThreadScheduler.IsCurrentlyOnMainThread())
@@ -96,7 +96,10 @@ protected override async Task<AuthenticationResult> ExecuteAsync(
                     }
                 });
                 if (!messageLoopStarted)
+                {
+                    _logger?.Verbose(() => "Mac broker console app scenario needs to start a message loop internally.");
                     macMainThreadScheduler.StartMessageLoop();
+                }
                 tokenResponse = await tcs.Task.ConfigureAwait(false);
             }
             else

src/client/Microsoft.Identity.Client/Platforms/Features/DesktopOS/MacNativeMethods.cs

@@ -205,4 +205,64 @@ public static IntPtr GetGlobal(IntPtr handle, string symbol)
             return Marshal.PtrToStructure<IntPtr>(ptr);
         }
     }
+
+    internal static class LibObjc
+    {
+        private const string LibObjcLib = "/usr/lib/libobjc.dylib";
+
+        public static bool IsNsApplicationRunning()
+        {
+            // This function equals to calling objc code: `[[NSApplication sharedApplication] isRunning]`
+            // The result indicates if there is an official Apple message loop running, we can use it as
+            // whether it is UI-based app (MAUI) or console app.
+            try
+            {
+                IntPtr nsApplicationClass = objc_getClass("NSApplication");
+                if (nsApplicationClass == IntPtr.Zero)
+                {
+                    return false;
+                }
+
+                IntPtr sharedApplicationSelector = sel_registerName("sharedApplication");
+                if (sharedApplicationSelector == IntPtr.Zero)
+                {
+                    return false;
+                }
+
+                IntPtr sharedApplication = objc_msgSend(nsApplicationClass, sharedApplicationSelector);
+                if (sharedApplication == IntPtr.Zero)
+                {
+                    return false;
+                }
+
+                IntPtr isRunningSelector = sel_registerName("isRunning");
+                if (isRunningSelector == IntPtr.Zero)
+                {
+                    return false;
+                }
+
+                IntPtr isRunningResult = objc_msgSend(sharedApplication, isRunningSelector);
+                bool isRunning = isRunningResult != IntPtr.Zero;
+                return isRunning;
+            }
+            catch (Exception)
+            {
+                return false;
+            }
+        }
+
+        [DllImport(LibObjcLib, CharSet = CharSet.Ansi, CallingConvention = CallingConvention.Cdecl)]
+        private static extern IntPtr objc_getClass(string name);
+
+        [DllImport(LibObjcLib, CharSet = CharSet.Ansi, CallingConvention = CallingConvention.Cdecl)]
+        private static extern IntPtr sel_registerName(string name);
+
+        [DllImport(LibObjcLib, CharSet = CharSet.Ansi, CallingConvention = CallingConvention.Cdecl)]
+        private static extern IntPtr objc_msgSend(IntPtr receiver, IntPtr selector);
+
+        [DllImport(LibObjcLib, CharSet = CharSet.Ansi, CallingConvention = CallingConvention.Cdecl)]
+        private static extern bool objc_msgSend_bool(IntPtr receiver, IntPtr selector);
+
+    }
+
 }

src/client/Microsoft.Identity.Client/PlatformsCommon/Shared/DesktopOsHelper.cs

@@ -202,5 +202,21 @@ private static bool IsInteractiveSessionLinux()
             return !string.IsNullOrWhiteSpace(Environment.GetEnvironmentVariable("DISPLAY"));
         }
 #endif
+
+        private static readonly Lazy<bool> _isMacConsoleApp = new Lazy<bool>(() => {
+#if SUPPORTS_WIN32
+            return !LibObjc.IsNsApplicationRunning();
+#else
+            return true;
+#endif
+        });
+
+        public static bool IsMacConsoleApp()
+        {
+            if (!DesktopOsHelper.IsMac())
+                return false;
+            // Checking if NsApplication is running for one time would be enough.
+            return _isMacConsoleApp.Value;
+        }
     }
 }

tests/devapps/MacConsoleAppWithBroker/MacConsoleAppWithBroker.csproj

@@ -19,7 +19,7 @@
       <TargetPath>msalruntime_arm64.dylib</TargetPath>
     </None> -->
 
-		<PackageReference Include="Microsoft.Identity.Client.NativeInterop" Version="0.19.0" />
+		<PackageReference Include="Microsoft.Identity.Client.NativeInterop" Version="0.19.1" />
 
 	</ItemGroup>
 

tests/devapps/MacMauiAppWithBroker/MacMauiAppWithBroker.csproj

@@ -20,6 +20,9 @@
 		<ImplicitUsings>enable</ImplicitUsings>
 		<Nullable>enable</Nullable>
 
+		<!-- Disable strong naming for MAUI app -->
+		<SignAssembly>false</SignAssembly>
+
 		<!-- Display name -->
 		<ApplicationTitle>MacMauiAppWithBroker</ApplicationTitle>
 
@@ -74,10 +77,6 @@
 		<PackageReference Include="Microsoft.Maui.Controls" Version="$(MauiVersion)" />
 		<PackageReference Include="Microsoft.Maui.Controls.Compatibility" Version="$(MauiVersion)" />
 		<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="8.0.1" />
-
-		<PackageReference Include="Microsoft.Maui.Controls" Version="$(MauiVersion)" />
-		<PackageReference Include="Microsoft.Maui.Controls.Compatibility" Version="$(MauiVersion)" />
-		<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="8.0.1" />
 	</ItemGroup>
 
 	<!-- <ItemGroup>
@@ -90,11 +89,7 @@
     </ItemGroup> -->
 
 	<ItemGroup Condition="$([MSBuild]::IsOSPlatform('OSX'))">
-		<PackageReference Include="Microsoft.Identity.Client.NativeInterop" Version="0.18.2" />
-		<NativeReference Include="$(HOME)/.nuget/packages/microsoft.identity.client.nativeinterop/0.18.2/runtimes/macos-arm64/native/msalruntime_arm64.dylib">
-			<Kind>Dynamic</Kind>
-			<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
-		</NativeReference>
+		<PackageReference Include="Microsoft.Identity.Client.NativeInterop" Version="0.19.1" />
 	</ItemGroup>
 
 	<ItemGroup Condition="$([MSBuild]::IsOSPlatform('OSX'))">

tests/devapps/MacMauiAppWithBroker/MainPage.xaml.cs

@@ -17,7 +17,12 @@ public MainPage()
 	private void AppendLog(string message)
 	{
 		string newEntry = $"{DateTime.Now:yyyy-MM-dd HH:mm:ss}: {message}{Environment.NewLine}";
-		MainThread.BeginInvokeOnMainThread(async () =>
+		MainThread.BeginInvokeOnMainThread(() => _ = AppendLogAsync(newEntry));
+	}
+
+	private async Task AppendLogAsync(string newEntry)
+	{
+		try
 		{
 			if (LogTextView.Text == null)
 			{
@@ -43,43 +48,48 @@ private void AppendLog(string message)
 			await Task.Delay(50).ConfigureAwait(false);
 
 			await LogScrollView.ScrollToAsync(0, LogTextView.Height, true).ConfigureAwait(false);
-		});
+		}
+		catch (Exception ex)
+		{
+			// Log any exceptions to prevent crashes
+			Console.WriteLine($"Error in AppendLogAsync: {ex.Message}");
+		}
 	}
 
 	private async void OnACIACSClicked(object sender, EventArgs e)
 	{
 		// Disable button to prevent multiple clicks
 		SetButtonEnabled(CACIACSBtn, false);
-		
+
 		SemanticScreenReader.Announce(CACIACSBtn.Text);
 
-        PublicClientApplicationBuilder builder = PublicClientApplicationBuilder
+		PublicClientApplicationBuilder builder = PublicClientApplicationBuilder
 			.Create("04b07795-8ddb-461a-bbee-02f9e1bf7b46") // Azure CLI client id
 			.WithRedirectUri("msauth.com.msauth.unsignedapp://auth")
 			.WithAuthority("https://login.microsoftonline.com/organizations");
-		
+
 		builder = builder.WithLogging(SampleLogging);
 
 		builder = builder.WithBroker(new BrokerOptions(BrokerOptions.OperatingSystems.OSX)
-			{
-				ListOperatingSystemAccounts = false,
-				MsaPassthrough = false,
-				Title = "MSAL Dev App .NET FX"
-			}
+		{
+			ListOperatingSystemAccounts = false,
+			MsaPassthrough = false,
+			Title = "MSAL Dev App .NET FX"
+		}
 		);
 
-        IPublicClientApplication pca = builder.Build();
-		
-		try 
+		IPublicClientApplication pca = builder.Build();
+
+		try
 		{
 			AppendLog("Starting interactive authentication...");
-			AcquireTokenInteractiveParameterBuilder interactiveBuilder = pca.AcquireTokenInteractive(new string[]{"https://graph.microsoft.com/.default"});
+			AcquireTokenInteractiveParameterBuilder interactiveBuilder = pca.AcquireTokenInteractive(new string[] { "https://graph.microsoft.com/.default" });
 			AuthenticationResult result = await interactiveBuilder.ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
 			AppendLog($"Interactive auth successful. User: {result.Account.Username}");
 
 			IAccount account = result.Account;
 			AppendLog("Starting silent authentication...");
-			AcquireTokenSilentParameterBuilder silentBuilder = pca.AcquireTokenSilent(new string[]{"https://graph.microsoft.com/.default"}, account);
+			AcquireTokenSilentParameterBuilder silentBuilder = pca.AcquireTokenSilent(new string[] { "https://graph.microsoft.com/.default" }, account);
 			// AcquireTokenSilentParameterBuilder silentBuilder = pca.AcquireTokenSilent(new string[]{"service::ssl.live.com::MBI_SSL"}, account);
 			result = await silentBuilder.ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
 			AppendLog($"Silent auth successful. Access token length: {result.AccessToken.Length}");
@@ -144,7 +154,12 @@ private void OnClearLogClicked(object sender, EventArgs e)
 		// Disable the button temporarily
 		SetButtonEnabled(ClearLogBtn, false);
 
-		MainThread.BeginInvokeOnMainThread(async () =>
+		MainThread.BeginInvokeOnMainThread(() => _ = ClearLogAsync());
+	}
+
+	private async Task ClearLogAsync()
+	{
+		try
 		{
 			LogTextView.Text = string.Empty;
 			AppendLog("Log cleared");
@@ -154,13 +169,19 @@ private void OnClearLogClicked(object sender, EventArgs e)
 
 			// Re-enable the button
 			SetButtonEnabled(ClearLogBtn, true);
-		});
+		}
+		catch (Exception ex)
+		{
+			// Log any exceptions and ensure button is re-enabled
+			Console.WriteLine($"Error in ClearLogAsync: {ex.Message}");
+			SetButtonEnabled(ClearLogBtn, true);
+		}
 	}
 
 	// Helper method to enable or disable a button on the UI thread
 	private void SetButtonEnabled(Button button, bool enabled)
 	{
-		MainThread.BeginInvokeOnMainThread(() => 
+		MainThread.BeginInvokeOnMainThread(() =>
 		{
 			button.IsEnabled = enabled;
 		});
@@ -170,8 +191,8 @@ private static void SampleLogging(LogLevel level, string message, bool containsP
 	{
 		try
         {
-			string homeDirectory = Environment.GetEnvironmentVariable("HOME");
-            string filePath = Path.Combine(homeDirectory, "msalnet.log");
+			string? homeDirectory = Environment.GetEnvironmentVariable("HOME");
+			string filePath = Path.Combine(homeDirectory ?? Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), "msalnet.log");
 			// An example log path could be: /Users/fengga/Library/Containers/com.microsoft.MacMauiAppWithBroker/Data/msalnet.log
 			using (StreamWriter writer = new StreamWriter(filePath, append: true))
 			{