[Feature Request] Support refreshing Client Assertion

[CodyPolton]

MSAL client type

Confidential

Problem Statement

Our company is starting to look at using SPIFFE/SPIRE to generate short lived tokens that we are using as our client assertion. We are currently needing to write our own implementation to retrieve a new Token when the original client assertion expires.

Proposed solution

It looks like this functionality has been added to the dotnet version as the WithClientAssertion function. Would be useful to have something similar as a callback function whenever the client assertion expires.

Alternatives

Currently we have had to move away from the msal4j library and handling making call to generate a token and caching it as well as handling when the client assertion expires, but seems like this functionality would be useful in the msal4j library.

[CodyPolton]

Any timeline for this enhancement?

[Avery-Dunn]

Sorry for the lack of timeline, however version 1.23.1 has been released containing a fix for this issue: https://github.com/AzureAD/microsoft-authentication-library-for-java/releases/tag/v1.23.1

ClientCredentialFactory.createFromCallback() was intended to match MSAL .NET's behavior of allowing a callback method to provide the assertion. A bug prevented the callback from being called more then once we configured at the app-level, but you could still set the assertion on each request when using ClientCredentialParameters.clientCredential()

The changes in #988 should resolve this problem by fixing the bug and generally improving assertion behavior, so that the callback is called every time the assertion is needed. Let use know if you still have any issues after updating to 1.23.1