-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Login reloop issue when using msal-angular wrapper #5132
Comments
@supriyaGannvi Are you able to provide verbose logs of this behavior? |
@jo-arroyo this is what we get console |
@supriyaGannvi Please send verbose logs. You can turn on verbose logging by changing the auth: {
clientId: clientid
authority: authority,
},
cache: {
cacheLocation: BrowserCacheLocation.LocalStorage,
storeAuthStateInCookie: isIE
},
system: {
loggerOptions: {
loggerCallback,
logLevel: LogLevel.Verbose, // Change to Verbose here
piiLoggingEnabled: false
}
} |
I can confirm this. After the refresh token is expired (I have this issue that logs out the user even if the user has conditional access policies, 24 hours refresh token for SPA) and I try to log in the another user: redirects to the first user asking for password. You either have to delete the cookie or sign out the first user. |
@ionut-gheorghe Did u got any solution for this issue |
None for my 2 issues: mandatory interactive login after 24 hours and the loop when sign in a new user. |
@jo-arroyo could u help us how can we reslove this issue |
@ionut-gheorghe Needing to login interactively after 24 hours is expected behavior. Refresh tokens used in single page apps and with the authorization code flow are limited to 24 hours. Once outside the 24 hour window, it is supposed to fail and require interactive login. While we recognize that this is not the best user experience, the 24 hour limit was chosen for security reasons for single-page apps. Please see this document about refresh tokens lifetimes and this document about refresh tokens and the auth code flow. @supriyaGannvi Please provide verbose logs, per above. |
@bmahall still the issue persist |
@bmahall We have added the $Inprogress and handle the active account as suggest by you still we could see the login redirect issue |
@bmahall could u please helps us out |
@supriyaGannvi Can you please share the fiddler trace and verbose logs on the email on my Git profile? Thanks |
@supriyaGannvi Meanwhile , please refer to a couple of points : -
Kindly share your source code wherein you are calling loginRedirect on my email. |
this is snipped code this.msalBrodcastService.msalSubject$
} /**
/**
|
@supriyaGannvi Please use the following code in place of ` setLoginDisplay() { checkAndSetActiveAccount(){
} |
@bmahall we cannot add the $destory for the service |
This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @bmahall please follow up. |
1 similar comment
This issue requires attention from the MSAL.js team and has not seen activity in 5 days. @bmahall please follow up. |
@supriyaGannvi This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 5 days. If your issue has been resolved please let us know by closing the issue. If your issue has not been resolved please leave a comment to keep this open. It will be closed automatically in 7 days if it remains stale. |
Core Library
MSAL.js v2 (@azure/msal-browser)
Core Library Version
2.14.1
Wrapper Library
MSAL Angular (@azure/msal-angular)
Wrapper Library Version
2.0.5
Public or Confidential Client?
Public
Description
@jasonnutter Using Angular Wrapper, after sometime when accessing the application, loginRedirect goes into loop then I have to delete cookies to make it work. What's the trick to make it work. it works fine for the first time. Appreciate your help.
Error Message
No response
Msal Logs
No response
MSAL Configuration
Relevant Code Snippets
Reproduction Steps
Expected Behavior
once user logs in after token expiry then it should navigate to authentication screen and once he logs in the user should be login with new token
Identity Provider
Azure AD / MSA
Browsers Affected (Select all that apply)
Edge
Regression
@azure/msal-browser: "2.19.0"
Source
Internal (Microsoft)
The text was updated successfully, but these errors were encountered: