search

AzureAD / azure-activedirectory-library-for-js

The code for ADAL.js and ADAL Angular has been moved to the MSAL.js repo. Please open any issues or PRs at the link below.
https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/adal-angular
Apache License 2.0
627 stars 372 forks source link

Calling acquireToken() always leads to "Loading frame has timed out after: 6 seconds for resource" in console #736

Closed thijskuipers closed 6 years ago

thijskuipers commented 6 years ago

I noticed that calling acquireToken() with login_hint (for silent token acquisition) always leads to the message "Loading frame has timed out after: 6 seconds for resource ".

I think the root cause is in method saveTokenFromHash(). Because the response contains both an access_token and id_token. The resource in this method is first derived from the stateResponse: https://github.com/AzureAD/azure-activedirectory-library-for-js/blob/f20a0ddde2faef87f87aae8e6aafe4de2c6b7a50/lib/adal.js#L1169

But, when the response also contains an id_token, the resource is changed to the audience of the id_token, which is the Client Application and no longer the intended Resource Server: https://github.com/AzureAD/azure-activedirectory-library-for-js/blob/f20a0ddde2faef87f87aae8e6aafe4de2c6b7a50/lib/adal.js#L1218

When at the end of the method the RENEW_STATUS for the resource is set to COMPLETED, this is done for the clientId, not for the resourceUri.

This leads to the method _loadFrameTimeout() concluding that the token acquisition has timed out. https://github.com/AzureAD/azure-activedirectory-library-for-js/blob/f20a0ddde2faef87f87aae8e6aafe4de2c6b7a50/lib/adal.js#L590-L592

Luckily, the callback was already executed and removed, so the error is not propagated. https://github.com/AzureAD/azure-activedirectory-library-for-js/blob/f20a0ddde2faef87f87aae8e6aafe4de2c6b7a50/lib/adal.js#L595-L597

I think the best solution would be to capture the resource of the id_token in a separate variable and not re-use the existing resource variable in the method saveTokenFromHash().

meng-han commented 6 years ago

Is there anyone looking into this issue? acquireToken is not working. To make it work we have to go back to version 1.0.15.

rohitnarula7176 commented 6 years ago

@thijskuipers @meng-han I apologize for the delayed response. I was busy working on the next generation of adal. Thank you for pointing out this issue. I have fixed it in the dev branch. Can you guys please take a look and confirm. I will plan on releasing a new version next week with this fix.

rjwijnen commented 6 years ago

@rohitnarula7176 when will the fix be released?

jesiuu commented 6 years ago

@rohitnarula7176 Any news?

ichibanbrew commented 5 years ago

The issue still exists with 1.0.17.