Skip to content

Take home account from request, if not available elsewhere.#6064

Closed
bgavrilMS wants to merge 3 commits into
mainfrom
bgavrilMS/ping-identity-home-account-refresh
Closed

Take home account from request, if not available elsewhere.#6064
bgavrilMS wants to merge 3 commits into
mainfrom
bgavrilMS/ping-identity-home-account-refresh

Conversation

@bgavrilMS

Copy link
Copy Markdown
Member

CI evaluation for fork PR #5657 (by @yowl). Fork PRs don't trigger CI pipelines, so re-creating here to validate.

Original PR: #5657
Fixes #5618

Changes proposed in this request
When refreshing a token, PingIdentity does not return the home account. This change takes the home account from the request if existing places do not supply it.

Testing
Added a test for the TokenCache for the PingIdentity scenario.

Copilot AI review requested due to automatic review settings June 12, 2026 13:41
@bgavrilMS bgavrilMS requested a review from a team as a code owner June 12, 2026 13:41

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses a token refresh scenario for non-Azure OIDC providers (e.g., PingIdentity) where refresh token responses can omit both client_info and id_token, previously leading to an inability to derive a home_account_id for caching. The change adds a safe fallback to use the home_account_id from the original request’s account when the response doesn’t provide enough information, and adds a unit test covering this behavior.

Changes:

  • Update TokenResponseHelper.GetHomeAccountId to fall back to requestParams.Account.HomeAccountId.Identifier when both client_info and id_token subject are unavailable.
  • Add a TokenCacheTests unit test validating token cache save behavior when refresh responses have neither client_info nor id_token.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
tests/Microsoft.Identity.Test.Unit/CacheTests/TokenCacheTests.cs Adds coverage for saving refreshed tokens when the token response lacks client_info and id_token.
src/client/Microsoft.Identity.Client/TokenResponseHelper.cs Adds fallback logic to derive home_account_id from the request account when response fields are missing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Bug] ArgumentNullException when attempting to obtain a refresh token with Ping Identity.

2 participants