This repository has been archived by the owner on Jun 26, 2021. It is now read-only.
Fix issue that ADAL mistakenly set token expiration time in local storage #898
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Releasing 1.0.13
Releasing 1.0.14
Release 1.0.15
Release 1.0.16
Release version 1.0.17
fixed issue with interceptor
Moving usage and details to wiki
fixed issue with responseType id_token token
Add sample links to Readme
fixed minor iframe border issue
fixed callback issue with acquireTokenRedirect api
Ronaru/issue 799
fixed circular reference error in JSON.stringify
set user to null in clear cache
Cache the values of _supportsLocalStorage and _supportsSessionStorage
Adal release 1.0.18
updated dist file for adal release 1.0.18
updated atob version
Reverse the AzureAD#839 Circular Reference Error Fix - currently customer reported a scope error
Fix markdown syntax
Fixes AzureAD#862 . This updates the library's CDN links so that they use the latest available release (at the time of committing). These links were changed in 0239b40, which appears to have been copied/cherry-picked from the dev branch where 1.0.18 is being worked on (PR AzureAD#839 ). Since this release is not out yet, and these links 404, they have been updated to use the latest release of the library (1.0.17).
While I'm at it, rollback the current version number to be 1.0.17 in the readme.
Fix AzureAD#862, use CDN links for latest release
No new features, only security fixes for ADAL for JavaScript
Added ADAL announcement
…rage What: ADAL has this issue that it will update 'adal.expiration.key' based on current local time + expires_in info from AAD, however, if the callback is not executed on time due to all kinds of reasons, such as browser tabs are inactive or computer is sleeping, then it may get into this state that token expiration time is mistakenly set. How: To fix the issue, when ADAL requests AAD access token, it will pass its current local time in the "state" query parameter, which will be returned by AAD on success, and we will use the passed in local time in "state" to calculate the correct token expiration time and set it to "adal.expiration.key" inside local storage.
|
|
jasonnutter
reviewed
Feb 28, 2020
|
Thanks @Gang-Peng, this is a great fix! |
…to be current local time, which simplifies logic inside _expiresIn function
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What:
ADAL has this issue that it will update 'adal.expiration.key' based on current local time + expires_in info from AAD, however, if the callback is not executed on time due to all kinds of reasons, such as browser tabs are inactive or computer is sleeping, then it may get into this state that token expiration time is mistakenly set.
How:
To fix the issue, when ADAL requests AAD access token, it will pass its current local time in the "state" query parameter, which will be returned by AAD on success, and we will use the passed in local time in "state" to calculate the correct token expiration time and set it to "adal.expiration.key" inside local storage.