-
Notifications
You must be signed in to change notification settings - Fork 214
TokenCache.Count triggers cache notifications [was AcquireTokenByAuthorizationCodeAsync looks up cache] #1186
Comments
Hi @jmprieur When calling AcquireTokenByAuthorizationCodeAsync it goes to an infinite loop calling the AfterAccessNotification again and again. When debugging, in the AfterAccessNotification method, when doing:
I´m getting a Timeout As far as I see in TokenCache class, the count method is also calling OnBeforeAccess and OnAfterAccess (this is not the case in 3.19.8 version)
so in the DistributedTokenCache.AfterAccessNotification (see all code here: https://github.com/mspnp/multitenant-saas-guidance/blob/master/src/Tailspin.Surveys.TokenStorage/DistributedTokenCache.cs), we are using the Count property, and this is causing the infinite loop. All was working fine with version 3.19.8, and works fine again when downgrading to that version. In 3.19.8 TokenCache version, is not launching the Before/After methods. Any help would be much appreciate it. Many thanks! |
Thanks for the detailed repros, @luismanez |
@savbace @jmprieur : We will take a look. Assigning to @bgavrilMS |
hey guys, is there any update here? this is kind of a stopper for us moving to latest version (also thinking to move to msal). Thanks! |
Apologies for the delay, will look at this today. |
@savbace - the docs says "This method does not lookup token cache, but stores the result in it". When storing the result, it means we store the access token, refresh token, id token and account in the cache, which implies accessing the cache. What is your concern - are we accessing the cache too often? |
@luismanez - I am having trouble getting the sample to run because it was intended for netcore 1.1 and the EF tools are different nowadays. I'm trying some more, if you have this project converted to netcore 2+, please let me know. |
@bgavrilMS my project is too big to send it through. I think is much easier if you try a new netcore 2+ project and just re-uses the DistributedTokenCache. Just note that the code in Line 92 AfterAccessNotification method is calling the Count property of the base TokenCache (note I'm in latest ADAL version, not MSAL), as Count property, internally is again calling AfterAccessNotification, we get the infinite loop. So, or the Count property should not call again AfterAccessNotification, or the DistributedTokenCache should be implemented in a different way, but not sure how. |
Yes, I see the problem by looking at the code. I think Count should either not trigger AfterAccessNotification or HasStateChanged should be reset. Would you have time for a quick call on this? I am on the same timezone as you. |
Workaround: set this.HasStateChanged to false before calling Count - we don't actually read this flag anywhere, so this should be safe. |
@luismanez - Here's what I'm thinking in terms of a fix, please feel free to comment: Context:
Here are some proposals for dealing with this:
|
Hi @bgavrilMS |
No problem, thank you for your input. Let me know if the workaround works, we'll implement a more durable solution after we have a team discussion about the options above. |
Added a fix for ADAL - no longer triggering the notifications when calling Count (this was the behaviour from ADALv3). Fix will be avaiable on next release, probably ADAL 4.5.0. Otherwise you can keep the workaround, I don't think it has side effects. |
That's so great @bgavrilMS THANK you very much. Looking forward to have the new release. Haven't had the chance to test the workaround yet, and I think I will wait the new release. Thanks again!! |
Version:
Microsoft.Identity.Client.1.1.2-preview0008
Platform:
.NET
Calling
ConfidentialClientApplication.AcquireTokenByAuthorizationCodeAsync
results into execution ofbeforeAccess
notification inuserCache
implementation.From docs:
Is it expected behavior or am I misunderstanding something?
Thanks!
The text was updated successfully, but these errors were encountered: