nehaagrawal
commented
5 years ago @vinodsunkara adal-ts is not supported by us. If customer is looking for support for angular 2+, I would recommend trying MSAL https://github.com/AzureAD/microsoft-authentication-library-for-js MSAL provides support for both angular 4.3+ and angularjs.
Issue:
I have one Customer, He has an Angular5 app that is authenticating to Azure AD and then after authenticating he is calling a secured azure function and authenticating also the request to azure ad. He has 2 app registrations. 1 that secured the function application and 1 to use for securing the angular application. The client app registration has been granted delegated permission to access the function app.
He is trying to silently acquire an access token after sign in to use as a bearer token for accessing a secured azure function app that has been secured with a different AD app registration under the same tenant. The issue occurs when access tokens are requested or when an expired token is silently refreshed. He can get the tokens but doing so sends the app into a redirect/refresh loop. He had tried several ADAL libraries with the same result.
Customer Solution:
The customer has managed to get a solution working with some workarounds:
• The library he has used is adal-ts – he made some changes to this library to allow for the checking of token expiry. It is a pure Typescript library with no dependencies • When requesting the initial id_token he used the resource id for the secured function application and not the Angular client, this means he don’t need to make a second request to acquire a token for the API • He has moved the interaction with the Microsoft Graph to an Azure Function which means he doesn’t need to acquire a token client side, avoiding a 3rd re-direct when acquiring it
He is looking for a solution that is Angular 2+ client library that does not have the issues present in the existing client libraries.