search

AzureAD / microsoft-authentication-library-for-js

Microsoft Authentication Library (MSAL) for JS
http://aka.ms/aadv2
MIT License
3.64k stars 2.65k forks source link

expiresOn recorded inconsistently? #7371

Open sohinik opened 2 days ago

sohinik commented 2 days ago

Core Library

MSAL Node (@azure/msal-node)

Core Library Version

2.13.1

Wrapper Library

MSAL Node Extensions (@azure/msal-node-extensions)

Wrapper Library Version

1.1.0

Public or Confidential Client?

Public

Description

Hi! Why is expiresOn occasionally returned in milliseconds and sometimes in seconds?

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

MSAL Configuration

{
  auth: {
    clientId: "d3590ed6-52b3-4102-aeff-aad2292ab01c",
    authority: "https://login.microsoftonline.com/organizations/",
    clientCapabilities: [
      "CP1",
    ],
  },
  broker: {
    nativeBrokerPlugin: {
      logger: {
        level: 2,
        localCallback: () => {
          // Empty logger callback
        },
        piiLoggingEnabled: false,
        correlationId: "",
        packageName: "@azure/msal-node-extensions",
        packageVersion: "1.1.0",
      },
      isBrokerAvailable: true,
    },
  },
}

Relevant Code Snippets

`expiresOn: new Date(authResult.expiresOn),` - https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/c8e74c3aaa87326ccce36eab041e2b25c600aeea/extensions/msal-node-extensions/src/broker/NativeBrokerPlugin.ts#L571

`expiresOn = new Date(Number(cacheRecord.accessToken.expiresOn) * 1000);` - https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/c8e74c3aaa87326ccce36eab041e2b25c600aeea/lib/msal-common/src/response/ResponseHandler.ts#L636C1-L637C1

Reproduction Steps

It seems like the MSAL functions PublicClientApplication.acquireTokenByUsernamePassword() and PublicClientApplication.acquireTokenInteractive() return tokens with expiry times measured in milliseconds and seconds since Epoch, respectively.

Expected Behavior

expiresOn measured consistently

Identity Provider

Entra ID (formerly Azure AD) / MSA

Browsers Affected (Select all that apply)

None (Server)

Regression

No response

Source

Internal (Microsoft)

tnorling commented 23 hours ago

Thanks for the report. I've marked this as a bug and added to our internal backlog. We'll likely pick this up in our next major version as a change here in either direction could potentially be a breaking change.