Msal-browser: AuthenticationResult.expiresOn !== AuthenticationResult.accessToken's expiration
See original GitHub issueLibrary
-
msal@1.x.x
or@azure/msal@1.x.x
-
@azure/msal-browser@2.6.1
-
@azure/msal-node@1.x.x
-
@azure/msal-react@1.x.x
-
@azure/msal-angular@0.x.x
-
@azure/msal-angular@1.x.x
-
@azure/msal-angular@2.x.x
-
@azure/msal-angularjs@1.x.x
Description
I was investigating some api errors in our app, where the service is responding with 401: ExpiredAuthenticationToken. It is saying that the token has expired. In our logs, we also log the tokenExpiry from AuthenticationResult.expiresOn
. When I compare this with AuthenticationResult.accessToken
’s “exp” field, I find the two values are different
When going through the method call chain, I noticed this: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/9976fa5e0e514f1429b08c83334ad810c2db87da/lib/msal-common/src/response/ResponseHandler.ts#L322, where expiresOn
is not based on the returned accessToken
property.
Is it expected that the AuthenticationResult.expiresOn
is not equal to AuthenticationResult.accessToken
’s “exp” field? I feel they should be equal
Source
- Internal (Microsoft)
- Customer request
Issue Analytics
- State:
- Created 3 years ago
- Comments:11 (6 by maintainers)
Top GitHub Comments
After more digging, it seems there is a problem with how MSAL calculates cache entry expiration, which can cause this issue.
I’ve surfaced a ticket that describes the problem in more depth and outlines two potential solutions.
thanks all! makes sense