[Feature Request] HttpMessageHandler with automatic token refresh

[xperiandri]

Is your feature request related to a problem? Please describe. I use Azure AD B2C and I want my mobile app to authenticate to Azure Function using GraphQL client. Hence I need to put an access token to HttpClient and somehow refresh it when it expires.

Describe the solution you'd like MsalHttpMessageHandler class that inherits DelegatingHandler and automatically applies access token to request and refreshes token if required

Describe alternatives you've considered Somehow extract refresh token from MSAL.NET and use https://github.com/IdentityModel/IdentityModel.OidcClient/blob/main/src/OidcClient/RefreshTokenDelegatingHandler.cs

[bgavrilMS]

MSAL doesn't currently provide a higher level abstraction like HttpClient integration (CC @jmprieur). Microsoft.Identity.Web does offer a DownstreamApi object that allows this, but we haven't ported it to MSAL.

The alternative you describe is a no go for us, we don't want to expose the refresh token concept. Calling AcquireTokenSilent will do the refresh operation for you. So MSAL will always provide a fresh access token to your app.

[jmprieur]

@xperiandri we have plans to provide higher level APIs, including a delegating handler or an HttpMessageHandler A message handler is available in Microsoft.Identity.Web: https://github.com/AzureAD/microsoft-identity-web/blob/master/src/Microsoft.Identity.Web/DownstreamWebApiSupport/MicrosoftIdentityUserAuthenticationMessageHandler.cs. We plan to extend this to MSAL.