Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Pop token does not rotate properly for CCA #3003

Closed
7 tasks
trwalke opened this issue Nov 11, 2021 · 2 comments · Fixed by #2994
Closed
7 tasks

[Bug] Pop token does not rotate properly for CCA #3003

trwalke opened this issue Nov 11, 2021 · 2 comments · Fixed by #2994
Assignees
@trwalke
Labels
bug P3
Milestone
4.40.0

Comments

@trwalke
Copy link
Member

trwalke commented Nov 11, 2021

When using a CCA and enabling POP, MSAL will not rotate the key for the default POP provider after 7 hours if the CCA has not been recreated.

Which version of MSAL.NET are you using?
Latest

Platform
.NET FWK/.NET Core

What authentication flow has the issue?

  • Desktop / Mobile
    • Interactive
    • Integrated Windows Authentication
    • Username Password
    • Device code flow (browserless)
  • Web app
    • Authorization code
    • On-Behalf-Of
  • Daemon app
    • Service to Service calls

Other?

Repro

Create a CCA and enable POP.
Acquire a POP token
acquire another POP token after 8 hours and notice the token is retrieved from the cache

Expected behavior
MSAL should rotate the key when default crypto provider is used.

Actual behavior
The same key is used for the lifetime of the app
@trwalke trwalke self-assigned this Nov 11, 2021
@trwalke trwalke added this to the 4.38.0 milestone Nov 11, 2021
@pmaytak pmaytak mentioned this issue Nov 17, 2021
Merged
@trwalke trwalke modified the milestones: 4.38.0, 4.39.0 Nov 19, 2021
@pmaytak pmaytak modified the milestones: 4.39.0, 4.40.0 Nov 29, 2021
@bgavrilMS
Copy link
Member

was fixed

@SameerK-MSFT
Copy link
Contributor

Fixed in MSAL 4.40.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trwalke trwalke

Labels
bug P3
Projects
None yet
Milestone
4.40.0
Development

Successfully merging a pull request may close this issue.

Fix PoP token rotation and fix PoP Token Test AzureAD/microsoft-authentication-library-for-dotnet
4 participants
@bgavrilMS @trwalke @pmaytak @SameerK-MSFT