Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MsalContext accounts contains incorrect for authenticated user #7110

Closed
2 tasks
ivi-hamiti opened this issue May 17, 2024 · 1 comment
Closed
2 tasks

MsalContext accounts contains incorrect for authenticated user #7110

ivi-hamiti opened this issue May 17, 2024 · 1 comment
Labels
b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-browser Related to msal-browser package msal-react Related to @azure/msal-react public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.

Comments

@ivi-hamiti
Copy link

Core Library

MSAL.js (@azure/msal-browser)

Core Library Version

3.14.0

Wrapper Library

MSAL React (@azure/msal-react)

Wrapper Library Version

2.0.16

Public or Confidential Client?

Public

Description

During app bootstrap msal is loaded and the msal context is initialized with

...
accounts = instance.getAllAccounts()
...

After you acquire a token, the account is updated in the msal instance, but the context is still returning the old object. This is due the fact that the context is not updated as the utility function accountArraysAreEqual skips this new value as it matches the old account based on homeAccountId, localAccountId and username. My expectation is that this new account is reflected also in the msal context.

Is there a reasoning why this behaves like this, or is this a bug?

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

{
  auth: {
    clientId: "*************",
    authority: "*************",
    knownAuthorities: ["*************"],
    redirectUri: window.location.origin,
    navigateToLoginRequestUrl: true,
  },
  cache: {
    cacheLocation: "localStorage",
  },
}

Relevant Code Snippets

// none

Reproduction Steps

  1. login to app
  2. refresh page
  3. accuire token
  4. const { accounts, instance } = useMsal(); // accounts is different from instance.getAllAccounts()

Expected Behavior

accounts in MsalContext properly reflect the result of msalInstance.getAllAccounts()

Identity Provider

Azure B2C Custom Policy

Browsers Affected (Select all that apply)

Chrome, Firefox, Edge, Safari

Regression

No response

Source

External (Customer)
@ivi-hamiti ivi-hamiti added bug-unconfirmed A reported bug that needs to be investigated and confirmed question Customer is asking for a clarification, use case or information. labels May 17, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label May 17, 2024
@github-actions github-actions bot added b2c Related to Azure B2C library-specific issues msal-browser Related to msal-browser package msal-react Related to @azure/msal-react public-client Issues regarding PublicClientApplications labels May 17, 2024
@tnorling
Copy link
Collaborator

This is expected behavior. The accounts returned by context should only be used if you depend on persistent values such as name, username, etc or for passing into acquireToken APIs. If you need specific claims from the idToken you should invoke the APIs provided by PublicClientApplication to get the most up to date values.

The reason for this is that updating context every time a claim changes would result in far more re-renders than is often necessary.

@microsoft-github-policy-service microsoft-github-policy-service bot removed the Needs: Attention 👋 Awaiting response from the MSAL.js team label May 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
b2c Related to Azure B2C library-specific issues bug-unconfirmed A reported bug that needs to be investigated and confirmed msal-browser Related to msal-browser package msal-react Related to @azure/msal-react public-client Issues regarding PublicClientApplications question Customer is asking for a clarification, use case or information.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ivi-hamiti @tnorling