Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Resource cache is not cleared on different user login #68

Closed
raghuvaran opened this issue May 24, 2019 · 2 comments
Closed

Resource cache is not cleared on different user login #68

raghuvaran opened this issue May 24, 2019 · 2 comments

Comments

@raghuvaran
Copy link

react-adal library caches a delegated token by resource name (adal.access.token.keyhttps://organization.onmicrosoft.com/hello-world-app/). Usually when using adalFetch the library acquires new resource/delegated token when it doesn't find one in the storage.

When a different user logins in with same state i.e. by going back to the Microsoft login page using browser back button from a logged in app, adal library caches the new "id_token" and "access_token", but doesn't update the resource/delegated token. On every new request adal (the acquireToken method) is using the token from cache (which in this case is stale token).

@salvoravida
Copy link
Owner

salvoravida commented Jun 10, 2019

@raghuvaran

Hi, thank you for your pr.
i suggest to try first to send a pr to official adal.js library (that react-adal use)
https://github.com/AzureAD/azure-activedirectory-library-for-js

otherwise you can check this branch
https://github.com/salvoravida/react-adal/tree/dev-invalidation

and if all is ok, we can release a new react-adal version with this mod
while waiting for official lib integration

salvoravida added a commit that referenced this issue Sep 28, 2019
@salvoravida salvoravida pinned this issue Sep 28, 2019
@salvoravida
Copy link
Owner

@raghuvaran thanks for suggestion. it should be fixed on v0.5.0

let me know your feedback!

@salvoravida salvoravida unpinned this issue Sep 28, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants