Microsoft-authentication-library-for-js: Error when trying to aquireTokenSilent
Library
- [x]
@azure/[email protected]
Important: Please fill in your exact version number above, e.g. [email protected].
Framework
React - Create React App
Description
When the app first loads I attempt to perform a acquireTokenSilent with an accountInfo object stored in localStorage.
The msal storage is using session storage.
Error Message
index.es.js:3892 Uncaught (in promise) TypeError: Cannot read property 'homeAccountId' of null
Security
- [ ] Is this issue security related?
Regression
- [ ] Did this behavior work before?
Version:
MSAL Configuration
const msalConfig = {
auth: {
clientId: 'xxxxx',
authority: 'xxxxx',
redirectUri: 'xxxxx',
postLogoutRedirectUri: 'xxxxx',
navigateToLoginRequestUrl: false,
},
cache: {
cacheLocation: 'sessionStorage',
storeAuthStateInCookie: false,
},
system: {
windowHashTimeout: 60000,
iframeHashTimeout: 6000,
loadFrameTimeout: 0,
},
};
// Create an instance of PublicClientApplication
export const msalInstance = new PublicClientApplication(msalConfig);
Reproduction steps
# Where accountInfo is the `AccountInfo` object stored in local storage. authInProgress checks if we are on the login or oauth success screen
React.useEffect(() => {
async function authenticate() {
if (!authInProgress && accountInfo) {
try {
msalInstance.acquireTokenSilent({
account: accountInfo,
scopes,
});
history.push('/home');
} catch (ex) {
if (ex instanceof InteractionRequiredAuthError) {
history.push('/login');
} else {
throw ex;
}
}
}
}
// Attempt to acquire token atleast once with all scopes
authenticate();
}, [authInProgress, accountInfo, history]);
Expected behavior
Browsers/Environment
- [x] Chrome
- [ ] Firefox
- [ ] Edge
- [ ] Safari
- [ ] IE
- [ ] Other (Please add browser name here)
cliedeman
All 15 comments
Hi, @cliedeman . Could you please provide some more of the stack trace? It's not immediately clear where the error is originating. Thanks.
hectormmg
on 5 Aug 2020
Here is the full stack trace
Uncaught (in promise) TypeError: Cannot read property 'homeAccountId' of null
at t.<anonymous> (index.es.js:3892) #1
at index.es.js:74
at Object.next (index.es.js:55)
at index.es.js:48
at new Promise (<anonymous>)
at d (index.es.js:44)
at t.acquireToken (index.es.js:3878)
at e.<anonymous> (PublicClientApplication.ts:427) #2
at 2.6ae5e83f.chunk.js:2
at Object.next (2.6ae5e83f.chunk.js:2)
1
2
cliedeman
on 5 Aug 2020
Slightly better stacktrace from dev environment
Uncaught (in promise) TypeError: Cannot read property 'homeAccountId' of null
at SilentFlowClient.<anonymous> (index.es.js:3892)
at step (index.es.js:74)
at Object.next (index.es.js:55)
at index.es.js:48
at new Promise (<anonymous>)
at __awaiter$1 (index.es.js:44)
at SilentFlowClient.acquireToken (index.es.js:3878)
at PublicClientApplication.<anonymous> (PublicClientApplication.ts:427)
at step (0.chunk.js:198)
at Object.next (0.chunk.js:129)
at fulfilled (0.chunk.js:81)
When the app first loads I attempt to perform a acquireTokenSilent with an accountInfo object stored in localStorage.
The msal storage is using session storage.
I think that is your answer? If the PublicClientApplication object is configured to use "sessionStorage" it will look in sessionStorage for the full account object. Set the cacheLocation to "localStorage".
pkanher617
on 6 Aug 2020
Maybe. But either way a hard crash is probably a bug
cliedeman
on 6 Aug 2020
Added a reproduction here: https://github.com/cliedeman/msal-browser-crash
yarn install
yarn start
@pkanher617 I have already worked around the issue/know how to avoid it. This bug is more about catching a corner case and warning the developer. I would also like to know if this makes sense? I didnt see anywhere in the documentation that you cannot use an account object sourced from somewhere else
cliedeman
on 7 Aug 2020
@cliedeman Sorry I think I misunderstood what you were trying to do. You are storing the AccountInfo object from the response in localStorage, but msal is using sessionStorage for its own cache.
This should be possible. Are you parsing the string that is retrieved from the localStorage cache as an AccountInfo object before passing to the request?
pkanher617
on 10 Aug 2020
@pkanher617 thanks for the reply. I just verified the accountInfo object is decoded correctly.
I believe the issue is this line: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/84a5f5aed0ad1626e6d918fb2ef0393837aac3c6/lib/msal-common/src/cache/CacheManager.ts#L162
The return type should be nullable. The current library makes the assumption that the cacheManager.getAccount can never return null
cliedeman
on 10 Aug 2020
This issue has not seen activity in 14 days. It may be closed if it remains stale.
![github-actions[bot] picture](https://avatars.githubusercontent.com/in/15368?v=4&s=40)
github-actions[bot]
on 25 Aug 2020
Still an issue
cliedeman
on 25 Aug 2020
@cliedeman This may be fixed by #2189. We'll update when the next release of msal-common goes out.
If you're able to build msal locally please try that branch and let us know if it does or does not solve the issue and we can take another look.
If this branch does not solve the issue a workaround in the interim would be to first call getAccountByHomeId and pass the homeAccountIdentifier from your AccountInfo object to verify that the account you are trying to use exists in sessionStorage before trying to pass it to acquireTokenSilent
tnorling
on 31 Aug 2020
This issue has not seen activity in 14 days. It will be closed in 7 days if it remains stale.
github-actions[bot]
on 15 Sep 2020
This issue has not seen activity in 14 days. It will be closed in 7 days if it remains stale.
github-actions[bot]
on 30 Sep 2020
@cliedeman Can you try [email protected] and let us know if this has been resolved?
tnorling
on 30 Sep 2020
This issue has been closed due to inactivity. If this has not been resolved please open a new issue. Thanks!
github-actions[bot]
on 8 Oct 2020
Related issues
Calamari
路
3Comments
jviney
路
3Comments
spottedmahn
路
4Comments
ssuvorov
路
3Comments
atvoid
路
3Comments