Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clear user token from cache and acquire token from AAD in on-behalf-of flow #532

Closed
snehanagendra opened this issue Aug 31, 2020 · 7 comments
Closed

Clear user token from cache and acquire token from AAD in on-behalf-of flow #532

snehanagendra opened this issue Aug 31, 2020 · 7 comments
Assignees
@jennyf19
Labels
enhancement New feature or request fixed
Milestone
GA version

Comments

@snehanagendra
Copy link

Is your feature request related to a problem? Please describe.
We are using MSAL and Microsoft.Identity.Web library for on-behalf-of token acquisition. We have token caching enabled via the Identity.Web library and we are looking for a way to clear the user token cache and acquire a token from AAD in certain flows.

Describe the solution you'd like
We would like to be able to invoke an API, say, on the ITokenAcquisition that would clear the token cache for the current user, and obtain a new token from AAD

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional context
Add any other context or screenshots about the feature request here.
@snehanagendra snehanagendra added the enhancement New feature or request label Aug 31, 2020
@jmprieur
Copy link
Collaborator

jmprieur commented Sep 9, 2020

@jennyf19, @pmaytak, @henrik-me: we could expose an optional delegate (here and in downstreamApi options) to provide more options:

@jmprieur jmprieur mentioned this issue Sep 9, 2020
Closed
@3GDXC
Copy link

3GDXC commented Sep 9, 2020

@jmprieur what is the defaults for caching; is the duration of the token cache based on the token expiry? its not clear what the default behavior of the token cache is? and this would IMHO lead to confusions I feel the token caching needs some work/explanations and considerations around when/what/if hooks are needed and/or the ability to remove/flush/clear tokens added to the cache based on datetime or age is required.

@snehanagendra
Copy link
Author

@jmprieur Yes, a forceRefresh flag would work

@jmprieur jmprieur added the fixed label Sep 21, 2020
@jmprieur
Copy link
Collaborator

Addressed in https://github.com/AzureAD/microsoft-identity-web/pull/596/files

@jmprieur
Copy link
Collaborator

@snehanagendra, the fix is available in Microsoft.Identity.Web 1.0.0
there is a new class named TokenAcquisitionOptions which has a ForceRefresh boolean property. Here is how to use it:
https://github.com/AzureAD/microsoft-identity-web/wiki/customization#customizations-to-acquire-tokens.

Proposing to close this issue. Feel free to reopen if that does not work for you.

@scastria
Copy link

scastria commented May 3, 2022

I have set the ForceRefresh to true and yet when I acuire a token, I still see ForceRefresh: False printed out in the log and I don't get a new token. It is the same one as last time.

@MarcosMusa
Copy link

I have the below configuration but Force Refresh still doesn't work, the token it´s the same one as last time.

public async Task<AuthenticationResult> GetAccessTokenAsync() => await _tokenAcquisition.GetAuthenticationResultForUserAsync(scopes: new string[] { "https://exemple/.default" } , tokenAcquisitionOptions: new TokenAcquisitionOptions() { ForceRefresh = true });

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jennyf19 jennyf19

Labels
enhancement New feature or request fixed
Projects
None yet
Milestone
GA version
Development

No branches or pull requests
6 participants
@scastria @jmprieur @jennyf19 @snehanagendra @3GDXC @MarcosMusa