-
Notifications
You must be signed in to change notification settings - Fork 141
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Serialization failed for IAuthenticationResult #292
Comments
Hello @abhijeetsaxena7 : Unfortunately, I don't think there's a quick way to serialize IAuthenticationResult/AuthenticationResult objects themselves. We plan on discussing this issue, and make serialization of these objects more straightforward in a future update. For now though, the best workaround I can suggest is to extract the data you need from the IAuthenticationResult into a custom object, and serialize that. |
Maybe we should add a demonstration in our samples for this. |
I created my own class for storing auth details and stored tokenCache and account details and then serialized that class. |
Hello @abhijeetsaxena7 : Glad you were able to work around this issue. We plan on making IAccount serializable in the next update, to help with things like setting up .acquireTokenSilently() calls and searching through the results of .getAccounts(). However, we don't recommend serializing/storing the IAuthenticationResult, as we don't think there is a good use-case for that: all of the token info they contain can be found in the token cache (which is serializable), and once IAccount is serializable there'll be no reason to store the IAuthenticationResult instead of the IAccount and the token cache. Could you share a bit of your use case here? Was there some specific need/convenience to store IAuthenticationResult objects in session rather than the token cache, and would the ability to serialize/store the IAccount from an auth result along with the token cache solve that issue? |
The msal java Web app sample stored the entire IauthenticationResult object in the session. After carefully studying the code, I realised it was misleading and corrected my storage options. I am now only storing IAccount and Token cache. |
1) pom.xml use msal4j > 1.8.0 because IAccount is serializable then, see https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/dev/changelog.txt and AzureAD/microsoft-authentication-library-for-java#292 2) AuthHelper.java and authentication.properties: add a configuration property app.prompt: the value might be login, select_account (was/is the default), consent, admin_consent or not set/empty (none), see https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-prompt-behavior 3) AuthHelper.java: remove one unnecessary variable initialization (line 35/36) and check (line 228/238) causing a warning 4) AuthHelper.java: improve exception, if state is null or doesn't match or TTL expired (this will happen, if different session e.g. caused by different domains used as URL (used in the browser), app.redirectUri and app.homePage do not match!) 5) index.jsp: enable call / (e.g. http://localhost:8080/ms-identity-b2c-java-servlet-webapp-authentication/ - no need to call /index )
…erializable then, see https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/dev/changelog.txt and AzureAD/microsoft-authentication-library-for-java#292 Co-authored-by: Sam <66391663+idg-sam@users.noreply.github.com>
I am trying to use spring jdbc session and I want to store the IAuthenticationResult object returned on calling ClientConfidentialParamter.acquireToken() method. However, I keep getting the error that IAuthenticationResult cannot be serialized. I looked into it and realized that IAuthenticationResult is an interface. AuthenticationResult is the subclass but I cannot use it as its visibility is default in the package and I dont have access to it. Is there anyother way to serialize/deserialize IAuthenticationResult data?
The text was updated successfully, but these errors were encountered: