msal-angular icon indicating copy to clipboard operation
msal-angular copied to clipboard
verified publisher icon benbaran

While using MSAL-Angular and requesting an access_token for Azure Active Directory graph api, it gives token with aud of Microsoft graph api

Open ghost opened this issue 6 years ago • 1 comments

When set the protectedResourceMap as Azure Active Directory graph api, it should give token with aud 'https://graph.windows.net/', but instead it gives token with aud 'https://graph.microsoft.com'.

Actual behavior When set the protectedResourceMap as Azure Active Directory graph api, it should give token with aud 'https://graph.windows.net/', but instead it gives token with aud 'https://graph.microsoft.com'.

Also when i use this token with actual Azure Active Directory graph api call, it gives error of Token expired.

using below typescript code to get the token ;

public async getAccessToken(endpointUri: string): Promise {

this.accessToken = ''; const scopes = this.msalService.getScopesForEndpoint(endpointUri);

return new Promise((resolve, reject) => { this.msalService.acquireTokenSilent(scopes)

.then(accessToken => {
  this.accessToken = accessToken;
  resolve(true);
  // tslint:disable-next-line: promise-function-async
}).catch(() => {

  return this.msalService.acquireTokenPopup(scopes)
    .then(token => {

      this.accessToken = token;
      resolve(true);

    })
    .catch((error) => {
      reject(new Error(error));
    });
});

}); }

ghost avatar Mar 13 '19 14:03 ghost

I would suggest you migrate to the official Microsoft library. I’m no longer maintaining this project since the released that.

Sent from my iPhone

On Mar 13, 2019, at 9:30 AM, komal-allscripts [email protected] wrote:

When set the protectedResourceMap as Azure Active Directory graph api, it should give token with aud 'https://graph.windows.net/', but instead it gives token with aud 'https://graph.microsoft.com'.

Actual behavior When set the protectedResourceMap as Azure Active Directory graph api, it should give token with aud 'https://graph.windows.net/', but instead it gives token with aud 'https://graph.microsoft.com'.

Also when i use this token with actual Azure Active Directory graph api call, it gives error of Token expired.

using below typescript code to get the token ;

public async getAccessToken(endpointUri: string): Promise {

this.accessToken = ''; const scopes = this.msalService.getScopesForEndpoint(endpointUri);

return new Promise((resolve, reject) => { this.msalService.acquireTokenSilent(scopes)

.then(accessToken => { this.accessToken = accessToken; resolve(true); // tslint:disable-next-line: promise-function-async }).catch(() => {

return this.msalService.acquireTokenPopup(scopes) .then(token => {

  this.accessToken = token;
  resolve(true);

})
.catch((error) => {
  reject(new Error(error));
});

}); }); }

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

benbaran avatar Mar 15 '19 01:03 benbaran