Open msJinLei opened 1 month ago
I think this is similar to the issue reported by Azure CLI and fixed in MSAL Py, where device code flow doesn't use the broker.
I think this is similar to the issue reported by Azure CLI and fixed in MSAL Py, where device code flow doesn't use the broker.
Indeed. It can be fixed by the accout_source
behavior implemented in this MSAL Python PR.
Hello, do we have someone taking care of this bug ?
Hi, just following up on Alaa's reply. Do we have a contact for this bug or can we get an update? Thanks
I think this is similar to the issue reported by Azure CLI and fixed in MSAL Py, where device code flow doesn't use the broker.
Yeah, except for device code, we also have customers using username+password (ROPC) flow getting impacted. Supposedly all the flows that don't involve in the broker should still be able to acquire token silently.
Hello team, any update on this issue?
Thanks
Hi team; I'm checking to see if there is any update on this issue.
Hi team, just wanted to check if there's an update on this issue, please.
@iulico-1 to comment
It seems to be a behavior that existed for quite some time (since broker integration was enabled). This is a feature ask to support device code flow outside the broker. A change to support ROPC with the broker is also being considered.
It seems to be a behavior that existed for quite some time (since broker integration was enabled). This is a feature ask to support device code flow outside the broker. A change to support ROPC with the broker is also being considered.
@iulico-1 We don't find it earlier the as the issue can be find only on the machine without WAM login but with WAM option enabled. We usually test in the following process and so it is the limitation of the test.
But we don't expect the behavior that we cannot acquire token silent with broker option when there is a valid token in the cache and so we don't test it in the direction.
The issue is a blocking issue for our product. Actually the customers using "ROPC and device code" flows cannot use Azure PowerShell when the issue is not fixed. The only way to workaround is to close WAM option.
@msJinLei - The issue is understood now and we are actively working on the fix. Will update around mid next week on the progress and ETA for the final fix.
@ashok672 Thanks for letting us know! We are waiting for your progress.
@ashok672 Could you update the progress of the item? Thanks
I am actively working on the fix. ETA for the fix to be checked in is by 06/14. I will see if I can release the fix as well within this time. If not, the release might take some more time, probably another 2 or 3 days.
Library version used
version 4.60.3.0
.NET version
.netstandards 2.0
Scenario
PublicClient - desktop app
Is this a new or an existing app?
The app is in production, and I have upgraded to a new version of MSAL
Issue description and reproduction steps
The user never login with a WAM on the machine
Or
Relevant code snippets
No response
Expected behavior
AcquireTokenSilentAsync
returns an access token successfully but acctually returns an errorIdentity provider
Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
Regression
No response
Solution and workarounds
No response
The related issue reported before https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/563