Microsoft-authentication-library-for-dotnet: Redis caching sample request

Created on 6 Jun 2019 · 6Comments · Source: AzureAD/microsoft-authentication-library-for-dotnet

Documentation Related To Component:

Please check those that apply

[ ] typo
[ ] documentation doesn't exist
[ ] documentation needs clarification
[ ] error(s) in example
[x] needs example

Description Of The Issue

Hi:
My team is currently waiting for the release of MSAL v4.1 that would contain the implementation of ClientAssertion class(we are currently on v3.x)
Knowing that the usage of "proper" caching logic will be enforced starting v4.0, we need to modify our remote caching logic(redis) to used callbacks in ITokenCache.
I see sample codes for Session, InMemory and Sql caching here, but we don't see sample code for redis cache yet.

Could we possibly request for sample using redis?
Thank you in advance.

enhancement move-to-extension

Source

msminski

👍2

All 6 comments

For some reason all the contents I've posted got wiped out. Will edit the issue body rn

msminski on 6 Jun 2019

@msminski : do you want to contribute one?

jmprieur on 6 Jun 2019

👍1

Hi @jmprieur , have you guys considered to use the IDistributedCache interface, so that later you can inject the specific provider? With MSAL 2.0 I implemented the TokenCache using the IDistributedCache, and then in asp.net yu can use the Extension "AddDistributedSqlServerCache" or "AddStackExchangeRedisCache". I took the approach from here>
https://docs.microsoft.com/en-us/azure/architecture/multitenant-identity/token-cache

It worked pretty well, though I haven't tested in a production system. Also haven't had the chance to take a look to MSAL 4, so might be not possible to use the IDistributedCache. I'd love to have time to give it a try, but quite busy these days.

luismanez on 7 Jun 2019

@luismanez : i like the idea. I'll have a look at it.
Meanwhile, I understand you are busy, but if you find time, feel free to propose a PR in https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2 ?

jmprieur on 10 Jun 2019

👍1

I implemented a custom TokenCache serialization using IDistributedCache (Redis Cache). I could see the token in the cache but when I log out I see that the cache still there. If I understand there's no implementation that clears the cache. How the cache is removed?

*I am using ASP.NET MVC 5.

This is my code:

public class ActiveDirectoryDistributedTokenCache : IActiveDirectoryTokenCache
 {
        private readonly IDistributedCache _distributedCache;

        public ActiveDirectoryDistributedTokenCache(IDistributedCache distributedCache)
        {
            _distributedCache = distributedCache;
        }

        public void EnableSerialization(ITokenCache tokenCache)
        {
            tokenCache.SetBeforeAccess(BeforeAccessNotification);
            tokenCache.SetAfterAccess(AfterAccessNotification);
        }

        private string BuildCacheKey(string userId)
        {
            return $"adb2c::userid:{userId}";
        }

        internal void BeforeAccessNotification(TokenCacheNotificationArgs args)
        {
            string cacheKey = BuildCacheKey(args.Account.HomeAccountId.Identifier);

            byte[] cachedItem = _distributedCache.Get(cacheKey);
            if (cachedItem != null)
            {
                args.TokenCache.DeserializeMsalV3(cachedItem);
            }
        }

        internal void AfterAccessNotification(TokenCacheNotificationArgs args)
        {
            if (args.HasStateChanged)
            {
                string cacheKey = BuildCacheKey(args.Account.HomeAccountId.Identifier);

                byte[] cacheItem = args.TokenCache.SerializeMsalV3();
                _distributedCache.Set(cacheKey, cacheItem);
            }
        }
  }