Open kcphila opened 4 days ago
Hi @kcphila , we feel sorry that you run into this known issue.
It appears that upgraded to a MSAL version at or after this point requires an update of
msal_extensions
, upgrading frommsal_extensions-1.0 .0
tomsal_extensions-1.2.0
seems to work correctly, however, it was not obvious
You clearly already did your homework and found the solution, which is upgrading msal_extensions
to 1.2.0+. Quoted from MSAL Extensions 1.2.0's release note: "Switch to MSAL 1.29+'s TokenCache.search()".
msal_extensions understandably is not a requirement for the MSAL package, but I would recommend creating some type of link to ensure the versions are in sync when there are breaking changes
Yes, that is indeed the tricky part. msal_extensions
is not part of msal
's dependency, but I suppose we can introduce a new optional dependency such that pip install msal[extensions]
will install the proper version of Extensions. I discussed that with @jiasli before, but the decision at that time was to avoid a cyclic reference. But perhaps we shall revisit that decision, @jiasli ? I tried it in my local proof-of-concept and it would work.
Thanks, @rayluo. I'll leave it to you all. ButI will way in with an opinion :) - the semantics of msal[extensions]
does make a lot sense to me and would provide an easy way to keep the versions in sync in the requirements files of tools that use msal. I also build a lot of middle-level infrastructure for our data team, and so I think it would be more conceptually obvious for them than having msal and msal_extensions as listed separate.
Describe the bug
I just upgraded the MSAL Python package and all of our silent authentication routines started breaking - these authenticate manually and cache the access token for future calls. Interactive authentication works and the token cache appears to save the the account and token correctly, but when the repeat call is made with silent it does not find an account and fails.
I have diagnosed the error and traced it back to this commit that changes
self.token_cache.find
toself.token_cache.search
in several places.It appears that upgraded to a MSAL version at or after this point requires an update of
msal_extensions
, upgrading frommsal_extensions-1.0 .0
tomsal_extensions-1.2.0
seems to work correctly, however, it was not obvious that this was the issue because bothfind
andsearch
are valid methods on the msal_extensions 1.0.0 token cache, butfind
finds the previously cached accounts andsearch
does not.msal_extensions understandably is not a requirement for the MSAL package, but I would recommend creating some type of link to ensure the versions are in sync when there are breaking changes (especially since the commit history suggests you maintain/contribute to both).
And if that's not doable, perhaps anyone else who runs into this and searches will find this bug report :)
To Reproduce Steps to reproduce the behavior:
pip install msal_extensions==1.0.0
pip install --upgrade msal
msal_extensions.PersistedTokenCache
Expected behavior 4 should succeed
What you see instead
This fails because
{msalapp}.get_accounts()
returns nothing due to thesearch
call.The MSAL Python version you are using
1.31.0
Additional context
Steps above are fixed if (1) is changed to
pip install msal_extensions>=1.2.0