search

AzureAD / microsoft-authentication-library-for-js

Microsoft Authentication Library (MSAL) for JS
http://aka.ms/aadv2
MIT License
3.64k stars 2.65k forks source link

acquireTokenSilent fails with "Failed to execute 'setItem' on 'Storage'" #5333

Closed izikl closed 1 year ago

izikl commented 1 year ago

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.19.0

Wrapper Library

Not Applicable

Wrapper Library Version

None

Public or Confidential Client?

Public

Description

We have got some users getting error: 

Failed to execute 'setItem' on 'Storage': Setting the value of 'msal.f9818e52-50bd-463e-8932-a1650bd3fad2.request.state.9a5d23a5-e9b1-4d1f-bf84-ced2a6cbef32' exceeded the quota

This is the traces, we are seeing in the app: image

So looks like sometime setRequestState is called with a state long enough that it exceeds the localStorage limits.

Error Message

Error: Failed to execute 'setItem' on 'Storage': Setting the value of 'msal.f9818e52-50bd-463e-8932-a1650bd3fad2.request.state.ce0f222d-22f1-45ca-a3ad-bdef428e3abb' exceeded the quota. at e.setItem (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:72074) at t.setTemporaryCache (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:83609) at t.updateCacheEntries (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:86836) at t.initializeAuthorizationRequest (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:146724) at t. (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:171676) at https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:2804 at Object.next (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:2909) at https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:1845 at new Promise () at a (https://dataexplorer.azure.com/static/js/main.deb8eff0.js:2:1590)

Msal Logs

No response

MSAL Configuration

auth: {
        clientId: "f9818e52-50bd-463e-8932-a1650bd3fad2",
        redirectUri: redirectUri,
    },
    cache: {
        cacheLocation: 'localStorage',
        // Fix for auth loop issues https://aka.ms/known-issues-on-Microsoft-Browsers-due-to-security-zones
        storeAuthStateInCookie: true,
    },
    system: {
        loggerOptions: {
            loggerCallback: (level: LogLevel, message: string): void => {
                trackTrace(message, levelToSeverity(level), { flow: 'msalv2' });
            },
            logLevel: LogLevel.Info,
            piiLoggingEnabled: false,
        },
        // Allow more time before a token renewal response from Azure AD should be considered timed out
        loadFrameTimeout: 30000,
    },

Relevant Code Snippets

This method triggers the error:

await this.application.acquireTokenSilent({ authority, scopes, account });

Reproduction Steps

There are no clear repro steps since it happens in production to our users, and we can't repro it locally.

Expected Behavior

Don't throw. A long state value should not cause an exception.

Identity Provider

Azure AD / MSA

Browsers Affected (Select all that apply)

Chrome, Edge

Regression

No response

Source

Internal (Microsoft)

bmahall commented 1 year ago

@izikl Thanks for opening this issue. How many users are currently impacted by this error? Can you try to reproduce this error with the latest version of msal-browser?

izikl commented 1 year ago

Only 4 users were affected, but those 4 users were hitting it hundreds of times.

Can you try to reproduce this error with the latest version of msal-browser?

~I am blocked from upgrading due to this bug: https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/5340~

We will deploy 2.30.0 next Wednesday, so I will reply to your comment about the deployment a week after our deployment (to allow enough telemetry to be collected) on Nov 9th, 2022.

ghost commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @bmahall please follow up.

ghost commented 1 year ago

This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @bmahall please follow up.

tnorling commented 1 year ago

This isn't due to a long state value but rather localStorage or sessionStorage is already full when MSAL attempts to add a new value. You'll need to clear space in browser storage when this happens and probably do some investigation into why your app is reaching the storage quota

ghost commented 1 year ago

@izikl This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 5 days. If your issue has been resolved please let us know by closing the issue. If your issue has not been resolved please leave a comment to keep this open. It will be closed automatically in 7 days if it remains stale.