Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

msalInstance.getAllAccounts() empty array when using loadExternalTokens() & acquireTokenSilent() #7369

Open
2 tasks
dimitriospapoutsakis opened this issue Oct 9, 2024 · 0 comments
Open
2 tasks

msalInstance.getAllAccounts() empty array when using loadExternalTokens() & acquireTokenSilent() #7369

dimitriospapoutsakis opened this issue Oct 9, 2024 · 0 comments
Labels
bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-browser Related to msal-browser package msal-react Related to @azure/msal-react Needs: Attention 👋 Awaiting response from the MSAL.js team public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.

Comments

@dimitriospapoutsakis
Copy link

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.24.0

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

2.1.0

Public or Confidential Client?

Public

Description

Hi. I have an MSAL account object ( typescript interface is AccountInfo ), with details decoded from the access token that i received after login.

What i'm trying to achieve

Inform MSAL about that account.

What i've used

loadExternalTokens() , acquireTokenSilent(), setActiveAccount()

Actual Result

  1. msalInstance.getAllAccounts() returns empty array
  2. When calling msalInstance.logoutRedirect() it redirects but there is no account to logout.

Expected Result

  1. msalInstance.getAllAccounts() returns array with the added account
  2. When calling msalInstance.logoutRedirect() it redirects but there should be an account to logout.

My Code

const informMsalAboutNewUserAccount = useCallback(async(msalUserToken, decodedMsalAccessToken: API.DecodedMsalAccessToken) => {
		await msalInstance.initialize();

		const msalUserAccount: AccountInfo = {
			homeAccountId: `${decodedMsalAccessToken.oid}.${decodedMsalAccessToken.tid}`,
			localAccountId: decodedMsalAccessToken.oid,
			environment: microsoftAuthLibTenant,
			tenantId: decodedMsalAccessToken.tid, 
			username: decodedMsalAccessToken.preferred_username,
			idToken: idToken,
			idTokenClaims: idTokenClaims,
		};
		
		const silentLoginRequest: SilentRequest = {
			authority: `https://${microsoftAuthLibTenant}/${microsoftAuthLibTenantId}`,
			account: accountTest,
			scopes: microsoftAuthLibLoginRequest.scopes, 
		};

		const externalTokenResponse: ExternalTokenResponse = {
			access_token: msalUserToken,
			expires_in: decodedMsalAccessToken.exp,
			id_token: idToken,
			scope: microsoftAuthLibLoginRequest.scopes.join(' '),
		};

		const clientInfo = {
			uid: decodedMsalAccessToken.oid, // User's Object ID
			utid: decodedMsalAccessToken.tid  // Tenant ID
		};
	
		const parsedClientInfo = btoa(JSON.stringify(clientInfo));
		
		const loadTokenOptions: LoadTokenOptions = {
			clientInfo: parsedClientInfo,
			extendedExpiresOn: decodedMsalAccessToken.exp
		};

		const tokenCache = msalInstance.getTokenCache();
		
		// load the tokens into MSAL
		const authenticatedMsalAccount = await tokenCache.loadExternalTokens(silentLoginRequest, externalTokenResponse, loadTokenOptions)
		
		await msalInstance.acquireTokenSilent(silentLoginRequest);

		msalInstance.setActiveAccount(accountTest);

		const accounts = msalInstance.getAllAccounts();
		// console.log("🚀  accounts:", accounts) // RETURNS EMPTY ARRAY
	}, []);

Thanks! :)

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

export const microsoftAuthLibTenant =
  "b5fbc908-cfdf-4710-8d97-9b6840e3fafc.ciamlogin.com";
export const microsoftAuthLibTenantId = "b5fbc908-cfdf-4710-8d97-9b6840e3fafc";

export const microsoftAuthLibConfig = {
  auth: {
    clientId: "c0fe30fc-7141-4305-8c29-3539cd9ec99d", // From Azure AD App Registration
    authority: `https://${microsoftAuthLibTenant}/${microsoftAuthLibTenantId}`,
    redirectUri: process.env.NEXT_PUBLIC_REDIRECT_URI,
    postLogoutRedirectUri: process.env.NEXT_PUBLIC_LOGOUT_REDIRECT_URI,
  },
  cache: {
    cacheLocation: "sessionStorage", // or localStorage
    storeAuthStateInCookie: false,
  },
  /* todo Eventually comment the logger out.. */
  system: {
    loggerOptions: {
      loggerCallback: (level: any, message: any) => {
        console.log(`[${level}] ${message}`);
      },
      logLevel: LogLevel.Verbose,
      piiLoggingEnabled: false,
    },
  },
};

Relevant Code Snippets

loadExternalTokens(), acquireTokenSilent(), setActiveAccount()

Reproduction Steps

  1. Create an account ( typescript interface is AccountInfo )
  2. Create silent request ( typescript interface is SilentRequest )
  3. Create an external token response ( typescript interface is ExternalTokenResponse )
  4. Create a load token options object ( typescript interface is LoadTokenOptions )
  5. Use msalInstance.acquireTokenSilent with the created objects.
  6. Use msalInstance.setActiveAccount with the create account object.
  7. Check the msalInstance.getAllAccounts, it is empty.

Expected Behavior

  1. msalInstance.getAllAccounts() should return array with the added account
  2. When calling msalInstance.logoutRedirect() it redirects but there should be an account to logout.

Identity Provider

Entra ID (formerly Azure AD) / MSA

Browsers Affected (Select all that apply)

Chrome, Firefox, Edge, Safari

Regression

No response

Source

Internal (Microsoft)
@dimitriospapoutsakis dimitriospapoutsakis added bug-unconfirmed A reported bug that needs to be investigated and confirmed question Customer is asking for a clarification, use case or information. labels Oct 9, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label Oct 9, 2024
@github-actions github-actions bot added msal-browser Related to msal-browser package msal-react Related to @azure/msal-react public-client Issues regarding PublicClientApplications labels Oct 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-browser Related to msal-browser package msal-react Related to @azure/msal-react Needs: Attention 👋 Awaiting response from the MSAL.js team public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dimitriospapoutsakis