search

AzureAD / azure-activedirectory-library-for-js

The code for ADAL.js and ADAL Angular has been moved to the MSAL.js repo. Please open any issues or PRs at the link below.
https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/maintenance/adal-angular
Apache License 2.0
626 stars 373 forks source link

Fix issue that ADAL mistakenly set token expiration time in local storage #898

Closed Gang-Peng closed 3 years ago

Gang-Peng commented 4 years ago

What: ADAL has this issue that it will update 'adal.expiration.key' based on current local time + expires_in info from AAD, however, if the callback is not executed on time due to all kinds of reasons, such as browser tabs are inactive or computer is sleeping, then it may get into this state that token expiration time is mistakenly set.

How: To fix the issue, when ADAL requests AAD access token, it will pass its current local time in the "state" query parameter, which will be returned by AAD on success, and we will use the passed in local time in "state" to calculate the correct token expiration time and set it to "adal.expiration.key" inside local storage.

msftclas commented 4 years ago

CLA assistant check
All CLA requirements met.

jasonnutter commented 4 years ago

Thanks @Gang-Peng, this is a great fix!