Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Incorrect HomeAccount details populated in AuthenticationResult of AcquireTokenByRefreshToken #3736

Closed
palakkapoor opened this issue Oct 6, 2022 · 1 comment · Fixed by #3756
Closed

[Bug] Incorrect HomeAccount details populated in AuthenticationResult of AcquireTokenByRefreshToken #3736

palakkapoor opened this issue Oct 6, 2022 · 1 comment · Fixed by #3756
Assignees
@trwalke
Labels
bug P1
Milestone
4.48.0

Comments

@palakkapoor
Copy link

Obtain Refresh token invoking oauth2 endpoint directly and using AcquireTokenByRefreshToken

  1. Obtain ID token, access token, refresh token for the user using [https://login.microsoftonline.com/organizations/oauth2/v2.0/token endpoint using a Public Client App.

  2. Use the above refresh token to call AcquireTokenByRefresh token method to obtain a new refresh token using MSAL.
    AcquireTokenByRefreshTokenParameterBuilder acquireTokenByRefreshTokenParameterBuilder = (app as IByRefreshToken).AcquireTokenByRefreshToken(
    scopes,
    refreshTokenHttp);
    AuthenticationResult authenticationResult = await acquireTokenByRefreshTokenParameterBuilder.ExecuteAsync(CancellationToken.None)
    .ConfigureAwait(false);

Note that HomeAccountId details (Identifier, TenantId, ObjectId) in AuthenticationResult is completely incorrect.

Discussed this issue with @bgavrilMS @trwalke and they confirmed that the cause of the issue is that they don't send "client_info" = 1 with this request, so MSAL isn't able to cache the user properly.
@bgavrilMS bgavrilMS changed the title [Bug] ROPC - Incorrect HomeAccount details populated in AuthenticationResult of AcquireTokenByRefreshToken [Bug] Incorrect HomeAccount details populated in AuthenticationResult of AcquireTokenByRefreshToken Oct 7, 2022
@bgavrilMS bgavrilMS added this to the 4.48.0 milestone Oct 7, 2022
@bgavrilMS bgavrilMS moved this from Triage to Estimated/Committed in MSAL Customer Trust / QM Oct 7, 2022
@trwalke trwalke moved this from Estimated/Committed to In Progress in MSAL Customer Trust / QM Oct 19, 2022
@trwalke trwalke self-assigned this Oct 19, 2022
@trwalke trwalke mentioned this issue Oct 20, 2022
Merged
1 task
@trwalke trwalke moved this from In Progress to Blocked/Waiting for reply in MSAL Customer Trust / QM Oct 25, 2022
@trwalke trwalke moved this from Blocked/Waiting for reply to Waiting for Code Review in MSAL Customer Trust / QM Oct 25, 2022
Repository owner moved this from Waiting for Code Review to Fixed in MSAL Customer Trust / QM Oct 31, 2022
@gladjohn
Copy link
Contributor

gladjohn commented Nov 3, 2022

@palakkapoor this is fixed in MSAL 4.48.0

@gerrit-amagno gerrit-amagno mentioned this issue Nov 22, 2022
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trwalke trwalke

Labels
bug P1
Projects
MSAL Customer Trust / QM
Archived in project
Milestone
4.48.0
Development

Successfully merging a pull request may close this issue.

Resolving issue with IByRefreshToken AzureAD/microsoft-authentication-library-for-dotnet
4 participants
@bgavrilMS @palakkapoor @trwalke @gladjohn