Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] MSAL Logs are not clear when regional is enabled and tokens are acquired from the cache #3073

Closed
1 of 7 tasks
trwalke opened this issue Dec 14, 2021 · 3 comments · Fixed by #3072
Closed
1 of 7 tasks

[Bug] MSAL Logs are not clear when regional is enabled and tokens are acquired from the cache #3073

trwalke opened this issue Dec 14, 2021 · 3 comments · Fixed by #3072
Assignees
@trwalke
Labels
bug Migration: ADAL to MSAL P2 Supportability
Milestone
4.40.0

Comments

@trwalke
Copy link
Member

trwalke commented Dec 14, 2021

When performing AcquireTokenForClient() and the region is configured, if MSAL has no tokens in the cache, MSAL will properly log the following message when acquiring the token from the identity provider:

"Fetched access token from host region.r.login.microsoftonline.com. Endpoint https://eastus.r.login.microsoftonline.com/Some Id/"

if MSAL already has a token in the cache, MSAL will log the following when returning the token from the cache:

"Fetched access token from host login.microsoftonline.com. Endpoint https://login.microsoftonline.com/Some Id/"

This can be very confusing for customers who expect all token acquisition traffic to go to the regional endpoint.

Which version of MSAL.NET are you using?
MSAL.NET 4.39.0

Platform
.NET FWK, .NET Core,

What authentication flow has the issue?

  • Desktop / Mobile
    • Interactive
    • Integrated Windows Authentication
    • Username Password
    • Device code flow (browserless)
  • Web app
    • Authorization code
    • On-Behalf-Of
  • Daemon app
    • Service to Service calls

Other?

Is this a new or existing app?

Repro

            IConfidentialClientApplication app = ConfidentialClientApplicationBuilder.Create(clientId)
                .WithAzureRegion("SomeRegion")
                .WithCertificate(Cert)
                .Build();

            app.AcquireTokenForClient(scopes).ExecuteAsync(); //Logs are correct
            app.AcquireTokenForClient(scopes).ExecuteAsync(); //Logs are misleading

Expected behavior
It should be clear that MSAL is acquiring the token from the cache and not from the global endpoint

Actual behavior
"Fetched access token from host login.microsoftonline.com. Endpoint https://login.microsoftonline.com/Some Id/"

Additional context / logs / screenshots / links to code
Relevant migration conversation: Conversation
@trwalke trwalke added this to the 4.40.0 milestone Dec 14, 2021
@trwalke trwalke self-assigned this Dec 14, 2021
@trwalke trwalke linked a pull request Dec 14, 2021 that will close this issue
Modified cache logging to be more clear #3072
Merged
@trwalke trwalke mentioned this issue Dec 14, 2021
Merged
@bgavrilMS
Copy link
Member

For issues that are known to be bugs please tag as "Bug" and assign a priority.

P0 = high impact, many users affected (e.g. a common scenario is blocked)
P1 = low impact x many users OR high impact x few users (e.g. a scenario is blocked but it is not very common)
P2 = P1 but workaround exists, supportability issues etc.
P3 = nice to have

@pmaytak
Copy link
Contributor

pmaytak commented Dec 14, 2021

For issues that are known to be bugs please tag as "Bug" and assign a priority.

P0 = high impact, many users affected (e.g. a common scenario is blocked)
P1 = low impact x many users OR high impact x few users (e.g. a scenario is blocked but it is not very common)
P2 = P1 but workaround exists, supportability issues etc.
P3 = nice to have

@bgavrilMS This is good. Added to our OneNote.

@SameerK-MSFT
Copy link
Contributor

Fixed in MSAL 4.40.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trwalke trwalke

Labels
bug Migration: ADAL to MSAL P2 Supportability
Projects
None yet
Milestone
4.40.0
Development

Successfully merging a pull request may close this issue.

Modified cache logging to be more clear AzureAD/microsoft-authentication-library-for-dotnet
5 participants
@bgavrilMS @jennyf19 @trwalke @pmaytak @SameerK-MSFT