3

I am updating MSAL version 1.x to MSAL-browser in angular.So I am trying to migrate from version 1.x to 2.X.I was able to replace code successfully and it is working fine. but I am getting issue with acquireTokenSilent but its working fine by using acquireTokenPopup. I am following this link: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/v1-migration.md. This is latest library published 11 days ago only and not much inputs i am able to get from internet other then basic documentation. The thing is when i am using acquireTokenSilent its giving error as: getTokenerror BrowserAuthError: no_account_error: No account object provided to acquireTokenSilent and no active account has been set but if i am using acquireTokenPopup at the same place, my application is working. Sample:

public Tokenfunction(): void {
    this.MSALobject.acquireTokenSilent(request).then(response => {
       this.tokenSubject.next(response.idToken);
    })
    .catch((error: msal.AuthError) => {
      if (error) {
        return this.login();
      }
       somefunction();
      
    });
  }

but instead of acquireTokenSilent if i use acquireTokenPopup, its working fine i am not getting what is the issue.

user3420561
  • 188
  • 1
  • 2
  • 20
  • `acquireTokenSilent` should be used with `acquireTokenPopup` or `acquireTokenRedirect` together. If you have signed in interactively, the user active account will be set and `acquireTokenSilent` can sign you in. If there is no user active account, you need to call `acquireTokenRedirect` or `acquireTokenPopup` to sign in interactively. See the sample code in the link you shared. – Allen Wu May 05 '21 at 01:05
  • I have changed scopes parameter then it was working fine thanks and one question , i want to implement refresh token concept , what should be the approach. – user3420561 May 10 '21 at 08:28
  • A refresh token is automatically supplied when the `offline_access` scope is provided. `acquireTokenSilent` can handle the refresh token. Please see this part: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/token-lifetimes.md#token-renewal. Let me know if there is anything unclear. – Allen Wu May 10 '21 at 08:42
  • BTW, what changes did you make on `scopes` to make the code work? – Allen Wu May 10 '21 at 08:49
  • I gave account object in my request. earlier was giving like this: request= { scopes: ['profile'] }; but now i added one more line with my user account as account : msalobj.getAllAccounts()[0] – user3420561 May 10 '21 at 09:14
  • I am adding offline_access to scopes and in the token object returned from acquiretokensilent ,should we able to see the refresh token along with access token and other info of the object? – user3420561 May 10 '21 at 09:24
  • I'm not sure but I think you don't need to handle it by yourself because `acquireTokenSilent` can handle the refresh token. – Allen Wu May 11 '21 at 02:08
  • ok thanks for your point, one more question, in console after one hour , would i be able to see new access tokens without refreshing in console as i am printing access token objects and suppose once it is expired do i would be able to see updated object? – user3420561 May 11 '21 at 10:17
  • Not sure about that. You can have a test in an hour to see what the result is. – Allen Wu May 14 '21 at 02:35

1 Answers1

2

Summarize the comments into the answer in order to archive this question:

Giving account object in the request can resolve this issue.

Earlier was giving like this: request= { scopes: ['profile'] }; Add one more line with user account as account : msalobj.getAllAccounts()[0].

I think you don't need to handle it by yourself because acquireTokenSilent can handle the refresh token.

Allen Wu
  • 15,529
  • 1
  • 9
  • 20