Token renewal operation failed due to timeout

[Kurren123]

I am using plain javascript. The token is not being refreshed correctly using the invisible iframe method (currently in chrome). Fiddler says that a request and response to/from login.microsoftonline.com is successful. When I edit adal.js to have the iframe visible at 300px by 300px I can see that the iframe has loaded correctly and redirected to the current page with the correct hash appended to the url.

The callback is clearly not working. As far as I can tell, TOKEN_RENEW_STATUS_COMPLETED is only set from saveTokenFromHash which is only called from handleWindowCallback which is only called from _loginPopup which is only called from login and acquireTokenPopup.

As login and acquireTokenPopup are public methods it seems that TOKEN_RENEW_STATUS_COMPLETED is not being set from anywhere when the invisible iframe method is used.

I can look into adding a correct callback somewhere.

[Kurren123]

Edit: Found the issue. Adal js relies on the js in the iframe itself to call the adal instance in window.parent. Problem is that my page doesn't try to log in as soon as you load it, the login starts on a button click.

Why are we having the JS execute in the iframe rather than wait for the correct url to load in the iframe and just take that url and process it in the parent?

[sliekens]

Why are we having the JS execute in the iframe rather than wait for the correct url to load in the iframe and just take that url and process it in the parent?

Even better would be using window.top.postMessage in the iframe to signal the top window when the callback has happened. See #752

[jmckennon]

This is one of the pitfalls of adal js. Referencing #752 again as this is a similar situation. These things are all fixed in msal@1.2.0. All current authentication work from Microsoft is delivered through the msal js library here. adal js is still supported only for security fixes. We recommend moving to msal js for any advanced feature requests and bugfixes.