[Bug] Broker AcquireTokenInteractive() doesn't cache when it fallbacks
See original GitHub issueLogs and network traces
{MSAL.Xamarin.Android.4.54.1.0.MsalUiRequiredException:
ErrorCode: failed_to_acquire_token_silently_from_broker
Microsoft.Identity.Client.MsalUiRequiredException: Broker could not satisfy the silent request.
at Microsoft.Identity.Client.Internal.Requests.Silent.SilentRequest.ExecuteAsync (System.Threading.CancellationToken cancellationToken) [0x002d7] in <f5e0daf1cb4c43c889fca0f3b0814e85>:0
at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync (System.Threading.CancellationToken cancellationToken) [0x001c5] in <f5e0daf1cb4c43c889fca0f3b0814e85>:0
at Microsoft.Identity.Client.ApiConfig.Executors.ClientApplicationBaseExecutor.ExecuteAsync (Microsoft.Identity.Client.ApiConfig.Parameters.AcquireTokenCommonParameters commonParameters, Microsoft.Identity.Client.ApiConfig.Parameters.AcquireTokenSilentParameters silentParameters, System.Threading.CancellationToken cancellationToken) [0x00144] in <f5e0daf1cb4c43c889fca0f3b0814e85>:0
at WiFiMessenger.Services.Communication.OIDCToken.StartRefreshingTokensAsync () [0x0010a] in F:\Code\Work\Wi-Fi Messenger\Client\Client\WiFiMessenger\Services\Communication\OIDCToken.cs:189
StatusCode: 0
ResponseBody:
Headers: }
Which version of MSAL.NET are you using? 4.54.1
Platform Xamarin.Android
What authentication flow has the issue?
- Desktop / Mobile
- Interactive (broker)
- Interactive (embedded or system browser)
- Integrated Windows Authentication
- Username / Password
- Device code (browserless)
- Web app
- Authorization code
- On-Behalf-Of
- Daemon app
- Client credentials (service-to-service calls)
Is this a new or existing app? new
Actual behavior When I get a token using AcquireTokenInteractive with my PublicClientApplication built WithBroker(), and the device does not have a broker installed, so it should fall back to webview. When I get that token I try to refresh it periodically using AcquireTokenSilent and the account hint that was in the token. The acquire fails and gives above exception. When I try the same with the WithBroker() commented out, so not using broker flow. Everything works as expected.
Expected behavior use the cached token that was gathered seconds ago using the interactive login
Possible solution If i call
.WithBroker( PublicClientApplicationBuilder.Create( applicationId ).IsBrokerAvailable());
I understand this is deprecated but it works for me in the meantime until there is an official fix
Issue Analytics
- State:
- Created 2 months ago
- Comments:7 (3 by maintainers)
Top GitHub Comments
Ack, we will aim to get this fixed.
Please use the IsBrokerAvailable, it should work fine, but we just didn’t want app developers to use it, as MSAL should fallback to browser on its own.
so your repro would be as follows:
WithBroker = true