Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[Enhancement][L] Enable OBO for SP (ADAL to MSAL Migration Issue)

See original GitHub issue

Work

See https://github.com/Penguinwizzard/microsoft-authentication-library-for-dotnet/commit/de00f6162e85536ff043bf5b0e87dc0c35c23b02 for a solution
Evaluate if solution will work, e.g. token cache
Create an E2E test using PPE env where this is allowed.

Which Version of MSAL are you using ? 4.13.0. I have described the issue in stack overflow. https://stackoverflow.microsoft.com/questions/198842. Generating OBO for SPN fails with “client info is null”

Platform net45

What authentication flow has the issue?

Web API
- OBO for SPNs

Other? - please describe; OBO for users work fine but not for groups.

Is this a new or existing app? YES

Repro

  new UserAssertion(userBearerToken, "urn:ietf:params:oauth:grant-type:jwt-bearer"))
    .WithAuthority(aadAuthenticationAuthority)
    .ExecuteAsync();


==== Complete Stack Trace ===
Microsoft.Identity.Client.MsalClientException: client info is null
   at Microsoft.Identity.Client.Core.ClientInfo.CreateFromJson(String clientInfo)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.<CacheTokenResponseAndCreateAuthenticationResultAsync>d__17.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Identity.Client.Internal.Requests.OnBehalfOfRequest.<ExecuteAsync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Identity.Client.Internal.Requests.RequestBase.<RunAsync>d__14.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
  at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Microsoft.Identity.Client.ApiConfig.Executors.ConfidentialClientExecutor.<ExecuteAsync>d__4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
   at Microsoft.Rdx.GatewayService.Engine.Authentication.AadApplicationAuthenticator.<AcquireTokenAsync>d__7.MoveNext() in E:\CXTLRepos\TSI\Backend\Source\Product\GatewayService\Engine\Authentication\AadApplicationAuthenticator.cs:line 57”

Expected behavior OBO should be generated

Actual behavior Exception. Response comes from token endpoint but fails during deserialization of response.

Possible Solution Fix in the requestBase.cs

Additional context/ Logs / Screenshots Add any other context about the problem here, such as logs and screebshots. Logging is described at https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/logging