Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Msal-browser: AuthenticationResult.expiresOn !== AuthenticationResult.accessToken's expiration

See original GitHub issue

Library

  • msal@1.x.x or @azure/msal@1.x.x
  • @azure/msal-browser@2.6.1
  • @azure/msal-node@1.x.x
  • @azure/msal-react@1.x.x
  • @azure/msal-angular@0.x.x
  • @azure/msal-angular@1.x.x
  • @azure/msal-angular@2.x.x
  • @azure/msal-angularjs@1.x.x

Description

I was investigating some api errors in our app, where the service is responding with 401: ExpiredAuthenticationToken. It is saying that the token has expired. In our logs, we also log the tokenExpiry from AuthenticationResult.expiresOn. When I compare this with AuthenticationResult.accessToken’s “exp” field, I find the two values are different

When going through the method call chain, I noticed this: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/9976fa5e0e514f1429b08c83334ad810c2db87da/lib/msal-common/src/response/ResponseHandler.ts#L322, where expiresOn is not based on the returned accessTokenproperty.

Is it expected that the AuthenticationResult.expiresOn is not equal to AuthenticationResult.accessToken’s “exp” field? I feel they should be equal

Source

  • Internal (Microsoft)
  • Customer request

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:11 (6 by maintainers)

github_iconTop GitHub Comments

1reaction
jessemartincommented, Jan 21, 2021

After more digging, it seems there is a problem with how MSAL calculates cache entry expiration, which can cause this issue.

I’ve surfaced a ticket that describes the problem in more depth and outlines two potential solutions.

0reactions
thoo1commented, Jan 22, 2021

thanks all! makes sense

Read more comments on GitHub >

github_iconTop Results From Across the Web

MSAL token expires after 1 hour - Stack Overflow
The validity of the token is 1 day (seen using the value of ExpiresOn of AuthenticationResult). My problem is that, after 1 hour, ......
Read more >
@azure/msal-browser | microsoft-authentication-libraries-for-js
SilentRequest: Request object passed by user to retrieve tokens from the cache, renew an expired token with a refresh token, or retrieve a...
Read more >
MSAL Token Expires after a day - Microsoft Q&A
Followed by an empty access token. I've been stuck on for 9 months. Please help. azure-ad-msalmicrosoft-graph-authentication. Comment.
Read more >
angular msal refresh token | The AI Search Engine You Control
AuthenticationResult result = null; var accounts = await app. ... You (user) must restart Outlook to get a new access token (not expired)....
Read more >
MSAL Access token expires immediately
MSAL Access token expires immediately RRS feed ... I find the ExpiresOn property(DateTimeOffset) of the AuthenticationResult contains the ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Making multiple calls to acquireTokenSilent, may result in multiple requests to service POST /token, is there a way to use whichever request succeeded?

Next page

When can AccountInfo be null after login resolves?