search

AzureAD / microsoft-authentication-library-for-go

The MSAL library for Go is part of the Microsoft identity platform for developers (formerly named Azure AD) v2.0. It enables you to acquire security tokens to call protected APIs. It uses industry standard OAuth2 and OpenID Connect.
MIT License
218 stars 87 forks source link

Fix ADFS token caching #459

Closed chlowell closed 8 months ago

chlowell commented 9 months ago

451 assumed "Bearer" is always the token_type of bearer tokens. It turns out some hosts return "bearer" instead, so that assumption broke token caching in some cases. I went with the easiest solution here--compare token types case-insensitively--but if that isn't safe in general I suppose we'll have to special-case [Bb]earer.

sonarcloud[bot] commented 9 months ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

chlowell commented 9 months ago

@bgavril integration tests fail due to an invalid value of LAB_APP_CLIENT_SECRET (one of this repo's Actions secrets). The debug logs imply value is non-empty so I guess the secret has expired.

bgavrilMS commented 8 months ago

I'm going to merge this, as the failing test is not relevant for this fix.