Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix expires on bug #7600

Draft
wants to merge 3 commits into
base: dev
Choose a base branch
from
+161 −240
Draft

Fix expires on bug #7600

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
00316ed
Library changes
jo-arroyo Feb 27, 2025
cd6d526
Test changes
jo-arroyo Feb 27, 2025
92ed7eb
Merge branch 'dev' into fix-expiresOn-bug
jo-arroyo Feb 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion extensions/msal-node-extensions/src/broker/NativeBrokerPlugin.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -568,7 +568,7 @@ export class NativeBrokerPlugin implements INativeBrokerPlugin {
idTokenClaims: idTokenClaims,
accessToken: accessToken,
fromCache: fromCache,
expiresOn: new Date(authResult.expiresOn),
expiresOn: authResult.expiresOn,
tokenType: tokenType,
correlationId: request.correlationId,
fromNativeBroker: true,
Expand Down
24 changes: 12 additions & 12 deletions extensions/msal-node-extensions/test/broker/NativeBrokerPlugin.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -298,7 +298,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -351,7 +351,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: true,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -431,7 +431,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -617,7 +617,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -669,7 +669,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: true,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -749,7 +749,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -824,7 +824,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -879,7 +879,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -934,7 +934,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -989,7 +989,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -1044,7 +1044,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {},
Expand Down Expand Up @@ -2000,7 +2000,7 @@ if (process.platform === "win32") {
grantedScopes:
testAuthenticationResult.scopes.join(" "),
expiresOn:
testAuthenticationResult.expiresOn!.getTime(),
testAuthenticationResult.expiresOn!,
isPopAuthorization: false,
account: testMsalRuntimeAccount,
CheckError: () => {
Expand Down
4 changes: 2 additions & 2 deletions extensions/msal-node-extensions/test/util/TestConstants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
* Licensed under the MIT License.
*/

import { AccountInfo, AuthenticationResult } from "@azure/msal-common";
import { AccountInfo, AuthenticationResult, TimeUtils } from "@azure/msal-common";
import {
Account,
ErrorStatus,
Expand Down Expand Up @@ -80,7 +80,7 @@ export const getTestAuthenticationResult = (
idTokenClaims: TEST_ID_TOKEN_CLAIMS,
accessToken: TEST_ACCESS_TOKEN,
fromCache: false,
expiresOn: new Date(Date.now() + 3600 * 1000),
expiresOn: TimeUtils.nowSeconds() + 3600,
tokenType: "Bearer",
correlationId,
fromNativeBroker: true,
Expand Down
6 changes: 3 additions & 3 deletions lib/msal-browser/src/cache/BrowserCacheManager.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1426,7 +1426,7 @@ export class BrowserCacheManager extends CacheManager {
* AuthenticationResult returns expiresOn and extExpiresOn in milliseconds (as a Date object which is in ms)
* We need to map these for the cache when building tokens from AuthenticationResult
*
* The next MSAL VFuture should map these both to same value if possible
* The next MSAL VFuture should map these both to same value if possible //TODO: update note
*/

const accessTokenEntity = CacheHelpers.createAccessTokenEntity(
Expand All @@ -1436,8 +1436,8 @@ export class BrowserCacheManager extends CacheManager {
this.clientId,
result.tenantId,
result.scopes.join(" "),
result.expiresOn ? result.expiresOn.getTime() / 1000 : 0,
result.extExpiresOn ? result.extExpiresOn.getTime() / 1000 : 0,
result.expiresOn ? result.expiresOn : 0,
result.extExpiresOn ? result.extExpiresOn : 0,
base64Decode,
undefined, // refreshOn
result.tokenType as AuthenticationScheme,
Expand Down
17 changes: 7 additions & 10 deletions lib/msal-browser/src/cache/TokenCache.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ import {
TokenClaims,
CacheHelpers,
buildAccountToCache,
TimeUtils,
} from "@azure/msal-common/browser";
import { BrowserConfiguration } from "../config/Configuration.js";
import { SilentRequest } from "../request/SilentRequest.js";
Expand Down Expand Up @@ -300,12 +301,12 @@ export class TokenCache implements ITokenCache {
: new ScopeSet(request.scopes);
const expiresOn =
options.expiresOn ||
response.expires_in + new Date().getTime() / 1000;
response.expires_in + TimeUtils.nowSeconds();

const extendedExpiresOn =
options.extendedExpiresOn ||
(response.ext_expires_in || response.expires_in) +
new Date().getTime() / 1000;
TimeUtils.nowSeconds();

const accessTokenEntity = CacheHelpers.createAccessTokenEntity(
homeAccountId,
Expand Down Expand Up @@ -381,20 +382,16 @@ export class TokenCache implements ITokenCache {
): AuthenticationResult {
let accessToken: string = "";
let responseScopes: Array<string> = [];
let expiresOn: Date | null = null;
let extExpiresOn: Date | undefined;
let expiresOn: number | null = null;
let extExpiresOn: number | undefined;

if (cacheRecord?.accessToken) {
accessToken = cacheRecord.accessToken.secret;
responseScopes = ScopeSet.fromString(
cacheRecord.accessToken.target
).asArray();
expiresOn = new Date(
Number(cacheRecord.accessToken.expiresOn) * 1000
);
extExpiresOn = new Date(
Number(cacheRecord.accessToken.extendedExpiresOn) * 1000
);
expiresOn = Number(cacheRecord.accessToken.expiresOn);
extExpiresOn = Number(cacheRecord.accessToken.extendedExpiresOn);
}

const accountEntity = cacheRecord.account;
Expand Down
1 change: 1 addition & 0 deletions lib/msal-browser/src/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,7 @@ export {
StringUtils,
UrlString,
JsonWebTokenTypes,
TimeUtils,
// AzureCloudInstance enum
AzureCloudInstance,
AzureCloudOptions,
Expand Down
4 changes: 1 addition & 3 deletions lib/msal-browser/src/interaction_client/NativeInteractionClient.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -705,9 +705,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
idTokenClaims: idTokenClaims,
accessToken: responseAccessToken,
fromCache: mats ? this.isResponseFromCache(mats) : false,
expiresOn: new Date(
Number(reqTimestamp + response.expires_in) * 1000
),
expiresOn: reqTimestamp + response.expires_in,
tokenType: tokenType,
correlationId: this.correlationId,
state: response.state,
Expand Down
10 changes: 3 additions & 7 deletions lib/msal-browser/src/naa/mapping/NestedAppAuthAdapter.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,9 +105,7 @@ export class NestedAppAuthAdapter {
throw createClientAuthError(ClientAuthErrorCodes.nullOrEmptyToken);
}

const expiresOn = new Date(
(reqTimestamp + (response.token.expires_in || 0)) * 1000
);
const expiresOn = reqTimestamp + (response.token.expires_in || 0);
const idTokenClaims = AuthToken.extractTokenClaims(
response.token.id_token,
this.crypto.base64Decode
Expand Down Expand Up @@ -304,13 +302,11 @@ export class NestedAppAuthAdapter {
idTokenClaims: idTokenClaims || {},
accessToken: accessToken.secret,
fromCache: true,
expiresOn: new Date(Number(accessToken.expiresOn) * 1000),
expiresOn: Number(accessToken.expiresOn),
tokenType:
request.authenticationScheme || AuthenticationScheme.BEARER,
correlationId,
extExpiresOn: new Date(
Number(accessToken.extendedExpiresOn) * 1000
),
extExpiresOn: Number(accessToken.extendedExpiresOn),
state: request.state,
};

Expand Down
5 changes: 3 additions & 2 deletions lib/msal-browser/test/app/PCANonBrowser.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,12 @@
import { TEST_CONFIG } from "../utils/StringConstants";
import { PublicClientApplication } from "../../src/app/PublicClientApplication";
import { BrowserAuthErrorMessage } from "../../src/error/BrowserAuthError";
import { AccountInfo, AuthenticationScheme, Logger } from "@azure/msal-common";
import { AccountInfo, AuthenticationScheme, Logger, TimeUtils } from "@azure/msal-common";
import {
ID_TOKEN_CLAIMS,
RANDOM_TEST_GUID,
TEST_DATA_CLIENT_INFO,
TEST_TOKEN_LIFETIMES,
TEST_TOKENS,
} from "../utils/StringConstants.js";
import {
Expand Down Expand Up @@ -479,7 +480,7 @@ describe("Non-browser environment", () => {
accessToken: TEST_TOKENS.ACCESS_TOKEN,
fromCache: false,
correlationId: RANDOM_TEST_GUID,
expiresOn: new Date(Date.now() + 3600000),
expiresOn: TimeUtils.nowSeconds() + TEST_TOKEN_LIFETIMES.DEFAULT_EXPIRES_IN,
account: testAccount,
tokenType: AuthenticationScheme.BEARER,
};
Expand Down
Loading
Loading