Microsoft-authentication-library-for-js: getAllAccounts() returns an empty array

Created on 30 Oct 2020  路  14Comments  路  Source: AzureAD/microsoft-authentication-library-for-js

Library

Important: Please fill in your exact version number above, e.g. [email protected].

Framework

VueJs

Description

getAllAccounts() returns an empty array when using version 2.4.1 and up, the token request return the user nothing to note, about it. i attached a Gif hopping it describe the issue better
msal

Error Message

No error merssage

Security

  • [ ] Is this issue security related?

Regression

  • [X ] Did this behavior work before?
    Version: 2.4.0

    MSAL Configuration

auth: {
        clientId: XX,
        authority: XXX,
        knownAuthorities: XXX,
        redirectUri: "http://localhost:8081/auth/callback",
        postLogoutRedirectUri: 'http://localhost:8081',
        validateAuthority: false
    }

Reproduction steps

// Provide relevant code snippets here.
// For Azure B2C issues, please include your policies.

Expected behavior

should return an array of logged in users, same that happens on version 2.4.0

Browsers/Environment

  • [x ] Chrome
  • [x ] Firefox
  • [ ] Edge
  • [ ] Safari
  • [ ] IE
  • [ ] Other (Please add browser name here)
bug fix-in-progress msal-browser
Source
picture soufian044

Most helpful comment

2516 should be merged soon. The wait is on unit tests and we have them ready now.

picture sameerag on 4 Nov 2020
🎉2

All 14 comments

@soufian044 Yes, this is a bug . We are working on a patch and will update here once we have something available.

sameerag picture sameerag on 30 Oct 2020

@soufian044 After further testing, we noticed this is not a bug in msal-browser latest (2.5.x) and only seen for msal-node. Can you please test it with the latest build and let us know?

sameerag picture sameerag on 30 Oct 2020

@sameerag I can confirm you that the bug is present on the latest "msal-browser": "2.5.1", including the the "2.5.0" and "2.4.1" , the array is always null.

soufian044 picture soufian044 on 1 Nov 2020

the issue seems to be coming from these check
image

and related to this PR from you #2516

soufian044 picture soufian044 on 2 Nov 2020

Yes. #2516 should fix this. Linking the PR.

sameerag picture sameerag on 2 Nov 2020

@soufian044 Does this issue still occur in 2.5.2?

pkanher617 picture pkanher617 on 4 Nov 2020

issue still present in 2.5.2 and 2.4.1

sai-nagarjuna-t picture sai-nagarjuna-t on 4 Nov 2020
👍1

Hope this gets fixed asap

alandecastros picture alandecastros on 4 Nov 2020

Taking a look at this today, thanks for your patience.

pkanher617 picture pkanher617 on 4 Nov 2020
👍2

2516 should be merged soon. The wait is on unit tests and we have them ready now.

sameerag picture sameerag on 4 Nov 2020
🎉2

@sameerag, @pkanher617 could you please reopen this issue, getAllAccounts on CacheManager always returns an empty array for ADFS
it uses getAccount on child class
https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/src/cache/CacheManager.ts#L243
and in case of BrowserCacheManager it cannot reconstruct AccountEntity, validation fails here
https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/src/cache/BrowserCacheManager.ts#L150
it doesn't have localAccountId, because here
https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-common/src/cache/entities/AccountEntity.ts#L177
when we construct genericAccountEntity we are not setting localAccountId

because of the issue above getAllAccounts
https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/src/app/ClientApplication.ts#L579
also returns an empty array and all methods like getAccountByUsername, getAccountByHomeId, getAccountByLocalId return null

observed in @azure/[email protected]
I can suggest a PR, please let me know if it would help

MariMax picture MariMax on 9 Nov 2020

@MariMax Sorry this is a miss form our end. We calculate homeAccountId for ADFS as oid or sub but missed adding localAccountId as a property. This was there in the draft, looks like when we finally merged this was missing. Putting out a PR soon.

sameerag picture sameerag on 10 Nov 2020
👍1

One question @MariMax. What is the name claim in your ADFS token? There are various versions of ADFS tokens in play, I want to make sure we support that as a part of AccountInfo.

sameerag picture sameerag on 10 Nov 2020

@sameerag we actually don't have name in our claims

appid: string;
apptype: string;
aud: string;
auth_time: number;
authmethod: string;
certsubject: string;
email: string;
exp: number;
given_name: string;
iat: number;
iss: string;
nbf: number
nonce: string;
pwd_exp: string;
scp: string;
sid: string;
sub: string;
unique_name: string;
upn: string;
ver: string;

Thank you for quick PR!

MariMax picture MariMax on 10 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

spottedmahn picture spottedmahn  路  3Comments
sameerag picture sameerag  路  3Comments
atvoid picture atvoid  路  3Comments
ArneMancofi picture ArneMancofi  路  3Comments
jfbloom22 picture jfbloom22  路  3Comments