Open REALSTEVEIG opened 5 months ago
+1
MSAL doesn't expose the concept of refresh token. It handles it internally. This API is only for exotic migration scenario where you might have a refresh token.
Otherwise, in a website scenario, you are supposed to use AcquireTokenByDeviceCode + AcquireTokenSilent. In a web api scenario, AcquireTokenOnBehalf of (RT is not supported there yet).
Core Library
MSAL.js (@azure/msal-browser)
Core Library Version
"@azure/msal-node": "^2.6.6",
Wrapper Library
MSAL Angular (@azure/msal-angular)
Wrapper Library Version
None
Public or Confidential Client?
Confidential
Description
So I am trying to update my tokens whenever they expire (Both access tokens and refresh tokens) However, It seems my token cache is always empty even this method: "acquireTokenByRefreshToken" returns a successfull response with new accessTokens. The token cache is always empty.
Error Message
tokenCache {"Account":{},"IdToken":{},"AccessToken":{},"RefreshToken":{},"AppMetadata":{}}
MSAL Logs
[Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Info - acquireTokenByRefreshToken called [Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Verbose - initializeRequestScopes called [Mon, 01 Apr 2024 22:21:16 GMT] : [0dbed1f3-ff5e-44e5-a9b3-2d9aab270d3d] : @azure/msal-node@2.6.6 : Verbose - buildOauthClientConfiguration called [Mon, 01 Apr 2024 22:21:16 GMT] : [0dbed1f3-ff5e-44e5-a9b3-2d9aab270d3d] : @azure/msal-node@2.6.6 : Verbose - createAuthority called
[Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Verbose - Attempting to get cloud discovery metadata from authority configuration [Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Verbose - Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values. [Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Verbose - Found cloud discovery metadata from hardcoded values.
[Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Verbose - Attempting to get endpoint metadata from authority configuration [Mon, 01 Apr 2024 22:21:16 GMT] : [] : @azure/msal-node@2.6.6 : Verbose - Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values. [Mon, 01 Apr 2024 22:21:16 GMT] : [0dbed1f3-ff5e-44e5-a9b3-2d9aab270d3d] : @azure/msal-node@2.6.6 : Info - Building oauth client configuration with the following authority: https://login.microsoftonline.com/common/oauth2/v2.0/token. [Mon, 01 Apr 2024 22:21:16 GMT] : [0dbed1f3-ff5e-44e5-a9b3-2d9aab270d3d] : @azure/msal-node@2.6.6 : Verbose - Refresh token client created [Mon, 01 Apr 2024 22:21:17 GMT] : [0dbed1f3-ff5e-44e5-a9b3-2d9aab270d3d] : @azure/msal-common@14.8.1 : Verbose - setCachedAccount called [Mon, 01 Apr 2024 22:21:17 GMT] : [0dbed1f3-ff5e-44e5-a9b3-2d9aab270d3d] : @azure/msal-common@14.8.1 : Warning - Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache
Network Trace (Preferrably Fiddler)
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Here is a link to the sample code on github: SAMPLE OF CODE ON GITHUB
How to run the code.
Expected Behavior
I expect that the refreshAccessToken function should not only generate new accessTokens but should also store this access token in the cache along with the refresh token in the token cache.
Identity Provider
Entra ID (formerly Azure AD) / MSA
Browsers Affected (Select all that apply)
Chrome
Regression
No response
Source
External (Customer)