Closed ashnygaard closed 4 years ago
@sameerag Can you please take a look?
@ashnygaard Is this a new issue?
Also is there a specific reason you are using ADAL JS for your authentication needs? We are currently focused on msal js
which is a more enhanced version of ADAL with better support and more features. Is it is a possibility to try out that instead?
@sameerag No I don't think this is new, I have seen other people have the same issue. It appears during the token renewal it responds with a 'invalid_state' error.
I can take a look at Msal
@sameerag I have confirmed that we cannot use the MSAL solution because of architecture. We have to stay with ADAL
@ashnygaard Thanks for the follow up. Can you please help us understand why the architecture blocks MSAL's usage? If you are not comfortable in a public forum, you can email us.
What email address should I use?
cc @pkanher617
Please email sameera.gajjarapu@microsoft.com;
any progress on this?
Hello I have the same problem. I'm using adal.js because I'm on Windows Server 2016.
Any update?
Thank you
I had the same problem and #290 gave me the solution. For me, token was not updated because there was no need to update it, it was not expired. After setting expireOffsetSeconds config option acquireToken works as expected and token is renewed.
Closing due to inactivity.
I'm submitting a...
Browser:
Library Name
Library version
Library version:1.0.17 Angular: 4.4 @types/adal-angular: "^1.0.1"
Current behavior
When the token expires, adal service calls acquireToken(). An iframe is opened to get the renewal token via implict flow. The iframe is a simple page that needs no authentication. The authorize redirect 302 occurs and the redirect page is run. The token is never returned and the adal.idtoken value is now empty in localStorage. The url brings the user back to the root of the application and displays a white page.
This issue does happen on the first login. Only during the token refresh.
Expected behavior
After the iframe is opened and receives the new token, the application should be updated with the new token value. The user should remain on the page where the token refresh started, and should not know an iframe was loaded.
Minimal reproduction of the problem with instructions
Service calls acquireToken
redirect.html