Custom Authorization Plugin for macOS: Issue with MCXSecurityAgent.invoke Error

Privacy & Security General
skappdevloper OP
Created 1d
Replies 2
Boosts 0
Views 72
Participants 2

Hi everyone, I'm currently developing a custom authorization plugin for macOS and have encountered an issue that I need help with. I've modified the auth DB to use my custom plugin instead of the default login window. Although I'm able to set both the name and password as context values, the login process is failing, and I'm seeing the following error in the security agent log:

              <string>builtin:prelogin</string>
    <string>builtin:policy-banner</string>
    <string>MyPlugin:login</string>
    <string>MyPlugin:value</string>
    <string>builtin:login-begin</string>
    <string>builtin:reset-password,privileged</string>
    <string>loginwindow:FDESupport,privileged</string>
    <string>builtin:forward-login,privileged</string>
    <string>builtin:auto-login,privileged</string>
    <string>builtin:authenticate,privileged</string>
    <string>PKINITMechanism:auth,privileged</string>
    <string>builtin:login-success</string>
    <string>loginwindow:success</string>
    <string>HomeDirMechanism:login,privileged</string>
    <string>HomeDirMechanism:status</string>
    <string>MCXMechanism:login</string>
    <string>CryptoTokenKit:login</string>
    <string>PSSOAuthPlugin:login-auth</string>
    <string>loginwindow:done</string>

I am setting name and password in <string>MyPlugin:login</string> and also able to see same in <string>MyPlugin:value</string> mechanics. 2


2024-07-25 06:53:30.813047-0700 0x2e3b     Info        0x0                  822    0    SecurityAgentHelper-x86_64: (MyPlugin) *****The name and password is test and test1234****

But

2024-07-25 02:33:00.777530-0700 0x8772     Debug       0x0                  1527   0    SecurityAgent: (MCXMechanism) [com.apple.ManagedClient:MCXSecurityPlugin] MCXSecurityAgent.invoke kAuthorizationEnvironmentName is NULL
2024-07-25 02:33:00.777530-0700 0x8772     Debug       0x0                  1527   0    SecurityAgent: (MCXMechanism) [com.apple.ManagedClient:MCXSecurityPlugin] MCXSecurityAgent.invoke - user logging in is '(null)'

Has anyone encountered this issue before or have any insights into what might be causing the kAuthorizationEnvironmentName is NULL error and why the user logging in is shown as '(null)'? Any guidance or suggestions on how to resolve this would be greatly appreciated.

Replies  2
Boosts  0
Views  72
Participants  2
DTS Engineer OP
Apple
23h

Is your plug-in based off QAuthPlugins? Or something more… shall we say… retro?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
skappdevloper OP
22h

Sorry, I didn't get you. What is QAuthPlugins?

0
Custom Authorization Plugin for macOS: Issue with MCXSecurityAgent.invoke Error
First post date Last post date
 
 
Q