msal-java-webapp-sample refresh after login gives error page

Azure-Samples / ms-identity-java-webapp

A Java web application calling Microsoft graph that is secured using the Microsoft identity platform

MIT License

118 stars 105 forks source link

msal-java-webapp-sample refresh after login gives error page #72

Closed crottypeter closed 3 years ago

crottypeter commented 3 years ago

Query parameters are not cleared after successful login. Therefore if the page is subsequently refreshed (F5) we take the wrong path here, find ourselves with a new HttpSession with an empty "states" attribute and throw an Exception here.

crottypeter commented 3 years ago

Exception is not thrown with this change https://github.com/Azure-Samples/ms-identity-java-webapp/pull/73

But (unfortunately) I discard all query params should I have been more selective?

idg-sam commented 3 years ago

Thanks Peter. Looks good to me. I don't think the query params should be necessary after that point.