As pointed out in this comment on the PR adding custom authority support, it is a bad practice to make HTTP calls during app creation. If there is no internet connection, then a program that creates an app on startup can confusingly fail before it actually tries to use MSAL for anything.
Unfortunately, unlike similar calls the sort of information this HTTP call provides doesn't only happen in one place after app creation: it's needed for token calls, certificate helpers, URL builders, and more, all of which are public APIs that can be called in any order.
Some refactoring is needed to ensure that no HTTP calls occur during app creation, and that the HTTP calls are made in a way that doesn't lead to missing info/null pointers/etc.
As pointed out in this comment on the PR adding custom authority support, it is a bad practice to make HTTP calls during app creation. If there is no internet connection, then a program that creates an app on startup can confusingly fail before it actually tries to use MSAL for anything.
Unfortunately, unlike similar calls the sort of information this HTTP call provides doesn't only happen in one place after app creation: it's needed for token calls, certificate helpers, URL builders, and more, all of which are public APIs that can be called in any order.
Some refactoring is needed to ensure that no HTTP calls occur during app creation, and that the HTTP calls are made in a way that doesn't lead to missing info/null pointers/etc.