microsoft-identity-web icon indicating copy to clipboard operation
microsoft-identity-web copied to clipboard

Published 20 hours ago verified publisher icon AzureAD

[Feature Request] Persist tokens cache between app restart for local development with `dotnet watch`

Open sergey-tihon opened this issue 3 years ago • 4 comments

Is your feature request related to a problem? Please describe.

Default template come with AddInMemoryTokenCaches, that throw exception every time when server restart and browser with old cookies tries to load the page (in my case it is Blazor Server application)

Describe the solution you'd like I would like to have a simple solution to persist cache between app restart for local development. It should be included in default template and just works.

Maybe it is possible with cross platform lightweight DB like (like LocalDB or SQLite) and AddDistributedSqlServerCache.

Describe alternatives you've considered I wrote a post how to implement custom IDistributedCachethat persist cache in local json file and how to register it for development environment only. https://sergeytihon.com/2021/04/05/dotnet-watch-with-microsoft-identity-web-or-custom-idistributedcache/

Additional context The error after app restart looks like this Internal_Server_Error

sergey-tihon avatar Apr 05 '21 08:04 sergey-tihon

@sergey-tihon : @jennyf19 also authored an article on how to use a redis cache hosted locally in Docker. This is a very simple solution too: https://github.com/AzureAD/microsoft-identity-web/wiki/Set-up-a-Redis-cache-in-Docker

jmprieur avatar Apr 05 '21 08:04 jmprieur

Thank you @jmprieur. Redis + Docker looks completed for default solution (in terms of dependencies)

I think that if developers start from Microsoft.Identity.Web.ProjectTemplates it should just works.

Quickstart manuals like Quickstart: ASP.NET Core web app that signs in users and calls Microsoft Graph on their behalf should clearly say that in-memory cache break dotnet watch and provide steps for workaround.

dotnet watch will be default dev mode for ASP.NET Core. With hot reload app restart should less frequent, but also possible.

sergey-tihon avatar Apr 05 '21 08:04 sergey-tihon

What is the reason for not having a fix for production environments? I can't be the only one who doesn't want the user to have to reauthenticate after a server restart. Why can't the DownstreamAPI or the Microsoft Graph get their tokens from cookies?

If we would do multiple automated deploys per day of our web application to production, and the clients have to reauthenticate each time, then that would be considered very disruptive behavior.

casually-creative avatar Jun 03 '22 15:06 casually-creative

@casually-creative : you can use the session token cache provider if that works for you (instead of the in-memory token cache or distributed caches)

https://github.com/AzureAD/microsoft-identity-web/blob/bb1b65fb4e3cc40080e2a61ed6554bef31767983/src/Microsoft.Identity.Web/TokenCacheProviders/Session/SessionTokenCacheProviderExtension.cs#L38

jmprieur avatar Jun 03 '22 16:06 jmprieur

answered.

jennyf19 avatar Feb 27 '23 20:02 jennyf19