microsoft-authentication-library-for-java icon indicating copy to clipboard operation
microsoft-authentication-library-for-java copied to clipboard
verified publisher icon AzureAD

[Bug] Tokens returned from the WAM broker do not have an expiration time set

Open billwert opened this issue 1 year ago • 2 comments

Library version used

1.14.0

Java version

8+

Scenario

Other - please specify

Is this a new or an existing app?

None

Issue description and reproduction steps

Tokens returned from the WAM authentication broker do not have an expiration time set.

This is the IAuthenticationResult I got back from PublicClientApplication#acquireTokenSilently:

image

Relevant code snippets

No response

Expected behavior

No response

Identity provider

Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)

Regression

No response

Solution and workarounds

No response

billwert avatar Feb 20 '24 19:02 billwert

@billwert - is this an adoption blocker @billwert ? Note that you shouldn't rely on the ID token's exp claim for this, as id token a and access tokens have different lifetimes.

bgavrilMS avatar Feb 26 '24 14:02 bgavrilMS

@bgavrilMS sorry, I missed this question. It's not a blocker, I suppose, but it's going to cause us to request tokens way more often than we should. Note we're not relying on anything inside the token's claims ever: we don't parse those in Identity. We rely on MSAL when that is necessary, or like the response from IMDS has it directly without parsing the token.

billwert avatar Apr 30 '24 17:04 billwert