Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Removed Account reappears after application restart

See original GitHub issue

(Not sure if there is a bug in MSAL, a glitch on my Android device, or a bug in my code)

On Android, Is there a manual way of clearing all accounts at the OS level? I seem to have got an Account that is “stuck” in the cache on my testing device.

I’m using the standard pattern from the samples: I call PCA.GetAccounts(), and if there is only one account, I attempt to use that with PCA.AcquireTokenSilent(). If I catch a MsalUiRequiredException, I try again with PCA.AcquireTokenInteractive(). To log the user out, I make a call to PCA.RemoveAsync() with the logged in Account.

Given two users, “User1@company.com” and “User2@company.com”. User1 is my account, that I normally test and debug with. This all works fine with account User1. After logging out and restarting the app, User1 is not returned from the call PCA.GetAccounts().

Here’s the problem: At some point, I used another account (User2) to log on, as I wanted to test it with more than one account. Now User2 is always returned in the call from PCA.GetAccounts(). If I call PCA.GetAccounts() before restarting the app, User2 is gone. But when I restart the app, it’s back. Doing the same method with User1 works perfectly: if I log out User1, it is gone until I acquire a token for it again. It also works perfectly on UWP. I have not tested iOS.

This is a corporate app and all my users have orders not to share passwords or phones, so it’s not a huge problem yet. But I’d really like to know what to do if this happens to one of their devices, and it would be nice to clear my testing device. This problem causes the app to log on with the wrong Account when all other accounts have been logged out.

What I’ve tried:

  • Logged on as User2 again, and log out
  • Restarted the device
  • Cleared all users via RemoveAsync()
  • Uninstalled Brave browser
  • Cleared history/cookies of all installed browsers (System browser - simply called “Internet”, Chrome, FireFox)
  • Used calls to ISharedPreferencesEditor to clear all preferences listed in AndroidTokenCacheAccessor: AccessTokenSharedPreferenceName, RefreshTokenSharedPreferenceName, IdTokenSharedPreferenceName, and AccountSharedPreferenceName. These Shared Preferences disappear, then when I restart the app, they are back.

Particulars:

  • Microsoft.Identify.Client 3.0.8, from Nuget, and later built from latest source, 6e60685c88ebf60ce805e58c2b549444870b70be (Updated to latest because I was having the problem with I think 3.0.1-preview)
  • Android 9 Device (Galaxy Note 9)
    • Kernel: 4.9.112-15119493
    • Build PPR1.180610.011.N960USQS1CSD1
  • Visual Studio 2017, 15.9.11
    • Target Android Version 9.0 (API Level 28 - Pie)
    • Minimum Android Version 6.0 (API level 23 - Marshmallow)
    • Xamarin.Forms 4.0.0.425677
    • Xamarin.Android.* 28.0.0.1
  • Using Azure AD accounts, sync’d to our domain with Azure AD Connect

If you need any more info, I’m happy to provide it.

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:9

github_iconTop GitHub Comments

1reaction
ericcoxcommented, May 31, 2019

@jennyf19 Oops, I forgot to capture logs during the RemoveAsync() call. Here they are:


05-31 16:23:18.324 I/        (11979): (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Removing user from cache..
[0:] === MSAL ===     (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Removing user from cache..
05-31 16:23:18.360 I/        (11979): (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Deleted refresh token count - 1
[0:] === MSAL ===     (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Deleted refresh token count - 1
05-31 16:23:18.382 I/        (11979): (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Deleted access token count - 1[0:] === MSAL ===     (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Deleted access token count - 1
05-31 16:23:18.438 I/        (11979): (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Deleted Id token count - 1
[0:] === MSAL ===     (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18 - 436de1c1-d51b-4db4-8edb-c35ea9bb766c] Deleted Id token count - 1
05-31 16:23:18.471 I/        (11979): (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18] Deserialized 1 items to token cache.
[0:] === MSAL ===     (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18] Deserialized 1 items to token cache.
05-31 16:23:18.493 I/        (11979): (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18] Serializing token cache with 0 items.
[0:] === MSAL ===     (False) MSAL 3.0.8.0 MSAL.Xamarin.Android 28 [05/31/2019 23:23:18] Serializing token cache with 0 items.

Have a great weekend!

1reaction
ericcoxcommented, May 31, 2019

@jennyf19 Thanks for the response.

I completely forgot I had debug logging on. There is voluminous amounts of Android logging going on so I don’t have MSAL logs by themselves at the moment, but here are all the lines with “MSAL” in them. (I can add the logging code to isolate the MSAL logs if neccessary - let me know.):

[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:30] (UnknownClient: 0.0.0.0) Deserialized 1 items to token cache.
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:30 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) MSAL MSAL.Xamarin.Android with assembly version '3.0.4.0', file version '3.0.4.0' and informational version '3.0.4-localbuild+6e60685c88ebf60ce805e58c2b549444870b70be'. TelemetryCorrelationId(eaa614d2-ee8b-4c21-9117-b5f3182cb4d0)
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:30 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) === OnBehalfOfParameters ===
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:30 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) 
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:30 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) === Token Acquisition (SilentRequest) started:
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Looking up access token in the cache.
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Filtering by home account id item count before 1 after 1
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Tenant id: [company].com
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Filtering by tenant id item count before 1 after 1
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Matching entry count -1
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Matching entry count after filtering by scopes - 1
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Access token has expired or about to expire. [Current time (05/31/2019 16:24:31) - Expiration Time (05/24/2019 21:33:01 +00:00) - Extended Expiration Time (05/24/2019 21:33:01 +00:00)]
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Looking up refresh token in the cache..
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Refresh token found in the cache? - True
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Resolving authority endpoints... Already resolved? - FALSE
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Is Authority tenantless? - False
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Checking client info returned from the server..
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Saving Token Response to cache..
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Looking for scopes for the authority in the cache which intersect with api://[AppID]/Read
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Intersecting scope entries count - 1
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Matching entries after filtering by user - 1
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31 - eaa614d2-ee8b-4c21-9117-b5f3182cb4d0] (UnknownClient: 0.0.0.0) Saving RT in cache...
[0:] Info: (False) MSAL 3.0.4.0 MSAL.Xamarin.Android 28 [05/31/2019 16:24:31] (UnknownClient: 0.0.0.0) Deserialized 1 items to token cache.

Here is the code for creating the PCA:

                    PublicClientApplicationBuilder.Create(ClientId)
                        .WithAuthority(AzureCloudInstance.AzurePublic, Tenant)
                        .WithDebugLoggingCallback()
                        .Build()

The code for acquiring a token follows. Note that WithUseEmbeddedWebView(true) was added in trying to work this problem - didn’t seem to make a difference. Also, _msalUiWrapper.MsalUIObject contains a reference to my MainActivity (Xamarin.Forms.Platform.Android.FormsAppCompatActivity) on Android, or my Window.Current (Windows.UI.Xaml.Window) on UWP. It contains null on iOS (which may be a problem later but I’m not testing on iOS yet).


                try
                {
                    var accounts = await _publicClientApplication.GetAccountsAsync();
                    var account = await ChooseAccount(accounts);

                    AuthResult = await _publicClientApplication.AcquireTokenSilent(App.Scopes, account)
                            .ExecuteAsync();
                }
                catch (MsalUiRequiredException ex)
                {
                    try
                    {
                        AuthResult = await _publicClientApplication.AcquireTokenInteractive(App.Scopes)
                            .WithUseEmbeddedWebView(true)
                            .WithParentActivityOrWindow(_msalUiWrapper.MsalUIObject)
                            .ExecuteAsync();
                    }
                    catch (MsalException msalex)
                    {
                        throw new AuthenticationException(msalex);
                    }
                }

Here’s the code for signing out:

            if (IsSignedIn)
            {
                await _publicClientApplication.RemoveAsync(AuthResult?.Account);
                AuthResult = null;
                NotifyOfPropertyChange(() => IsSignedIn);
            }
Read more comments on GitHub >

github_iconTop Results From Across the Web

Deleted user account reappears every reboot
Deleted user account reappears every reboot. So I'm running Windows Vista. I have a couple of accounts, all with administrator rights.
Read more >
Deleted User Account Keeps Reappearing [Windows 10/11]
Press the Windows key + R , type netplwiz, and click OK. · Now, select the account you want to delete. · Finally,...
Read more >
App keeps reappearing after being deleted
So I am trying to delete an app but every time I restart the phone it keeps coming back. If i click on...
Read more >
Deleting account still showing up
Go to Settings > Google / Backup / Backup & Reset> Select Backup Account. ... Restart device.
Read more >
Deleted user account reappears at login
I tried deleting the account through both the control panel and command prompt in the built in admin account but both times it...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Add .WithClientAssertion to support client assertions

Next page

MSAL running on HoloLens Unity app generates deserialization error: No set method for property 'Claims' in type 'Microsoft.Identity.Client.OAuth2.OAuth2ResponseBase'