Comments (11)
Can you please tell us which version of the library you used to use with .NET Core 3.0, and which do you use with .NET Core 3.1. Do you have a full repro project?
from microsoft-authentication-extensions-for-dotnet.
Apologies - the versions were included in the original issue submission, but were invisible since it looks like GitHub markup was hiding the version since there were in XML tags. I removed the surrounding tags so you can see the before/after versions
from microsoft-authentication-extensions-for-dotnet.
Looking at this now.
from microsoft-authentication-extensions-for-dotnet.
Was not able to reproduce this. I tried the exact versions you mentioned. AcquireTokenSilent
always works for me. What is the exact exception that you get from AcquireTokenSilent
?
Is this happening for some users only? Do you have a reliable repro? Feel free to ping me and we can try to debug.
from microsoft-authentication-extensions-for-dotnet.
Debugged with @bgavrilMS - thx!
So it looks there were multiple issues here:
- There was a build file copy issue related to new pkgs with different build dates on dlls that now had different build order/date than before. Our project uses DPAPI System.Security.Cryptography.ProtectedData.dll which this lib uses to save/protect creds on Windows. It seems normally that this "stub" (21KB) dll copied to $(OutDir) (on Windows) has a NotImplementedException for DPAPI but somehow magically redirects to the full dll (33kB) under runtimes\win\lib\netstandard2.0. That is in the standard case so it just works.
But our exe uses AssemblyLoadContext to load potentially different versions of the same named dll, and apparently our implementation made it so this magic doesn't work and the stub with NotImplementedException would be thrown and used instead. We had a workaround which is to copy the real dll in it's place. This workaround broke with the pkg upgrade because now the stub version was newer than the real .dll (xcopy /D) so although the dll copy code was the same, the runtime still broke.
This coupled with (2) below made this silently break w/o any exceptions/warnings. Build Fix To Always copy the .dll even if the one it's replacing is newer
// removed XML tags so GitHub shows the XML :(
FROM:
<Target Name="PostBuild" AfterTargets="PostBuildEvent">
<Exec Command="CALL XCOPY /dickherfy
<Exec Command="CALL XCOPY /dickherfy
</Target>
TO:
<Target Name="PostBuild" AfterTargets="PostBuildEvent">
<Exec Command="CALL XCOPY /ickherfy
<Exec Command="CALL XCOPY /ickherfy
</Target>
- As mentioned above MsalCacheHelper doesn't throw exceptions when trying to use or create saved tokens, thus this silently broken /w no good exceptions stating why. It was suggested we use this API call which does help say what the exact issue is and is helpful - msalCacheHelper.VerifyPersistence(); // If there is an issue with DPAPI System.Security.Cryptography.ProtectedData.dll this will catch it where-as lib use above will silently fail and swallow exceptions
from microsoft-authentication-extensions-for-dotnet.
@jmprieur @henrik-me - the main problem here is that the cache ext does not throw exceptions, because MSAL can just work with in-memory cache. This is making investigations into issues much more complex, as developers just see that AcquireTokenSilent
always fails, but have no idea why.
I think we should take a small breaking change here and make this token cache impl throw exceptions instead of swallowing them. We can have existing customer configure a flag to opt-out of exceptions instead.
from microsoft-authentication-extensions-for-dotnet.
@bgavrilMS not sure we can can make such a breaking change, we can do opt in, and do that in our sample code. Perhaps another job for the analyzer/best practice tool. We can also highlight the importance of using ValidatePersistence() ?
from microsoft-authentication-extensions-for-dotnet.
Which exception do we throw, @bgavrilMS? the one related to the IOs?
from microsoft-authentication-extensions-for-dotnet.
In this particular case, @jmprieur , the problem is on Windows with DPAPI, as the DPAPI.dll used by the program was throwing a NotImplementedException.
from microsoft-authentication-extensions-for-dotnet.
For logging, VS automatically adds a trace listener to its output window
from microsoft-authentication-extensions-for-dotnet.
I spent some time figuring out logging in this library and documented it here
from microsoft-authentication-extensions-for-dotnet.
Related Issues (20)
- [Bug] Null Reference Exception Thrown in RegisterCache on Mac HOT 5
- CrossPlatLock does not work on UWP HOT 1
- Improved error message to steer users to .WithLinuxUnprotectedFile() or host workaround HOT 2
- How to prompt for account selection and then check the cache for a token instead of always requiring a password? HOT 4
- 1st party app using RPS HOT 2
- How to handle the locked default collection of Linux keyring when using msal storage? HOT 2
- LocalMachine-scoped cache serialization HOT 2
- Protect plaintext files with 600 permissions HOT 1
- "Operation is not supported on this platform." When trying to create cache in .NET MAUI in Mac Catalyst HOT 2
- Race condition in setting 600 permissions HOT 1
- Perf issue - Process.GetCurrentProcess() takes a long time
- Cannot build Xamarin.iOS App when Azure.Identity Nugets are installed. If I remove them then it builds and runs fine HOT 31
- When cache file directory does not exist, MsalCacheHelper crashes HOT 2
- Obsolete code in documentation HOT 1
- Non-async methods? HOT 1
- MsalCacheHelper.UserRootDirectory returns empty string when run in Azure function environment HOT 1
- Bug in CrossPlatLock? HOT 2
- Do I need to use this library? HOT 1
- On the encryption problem of AcquireTokenInteractive storage tokens HOT 4
- GitHub Releases Appear Outdated HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from microsoft-authentication-extensions-for-dotnet.