-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Clear claims cache for apps that switched their cache preferences [LT…
…S] (#6356) Some apps fetch tokens with high frequency and changing claims (new claim per request). Prior to #6187, these tokens over flowed the local cache. However, there is still the issue of stale tokens to be cleared when the `claimsBasedCachingEnabled` feature is set to false, which is not addressed. This PR adds a new utility function `clearTokensAndKeysWithClaims()` which will be triggered when the application is `initialized` to clear any old tokens cached with claims. The initial choice is to clear the cache at token acquisition. However apps facing this issue will not be able to fetch tokens since the `tokenKeys` cache entry is already large and freezes the app. Hence the choice of adding this when the app is initialized and the extra requirement of any application on the msal v2 to specifically call `msal.initialize()` as a pre-requisite. Applications are mandated to call `initialize()` for `msal v3` and we are defaulting to `claimsBasedCachingEnabled: false` in v3. Hoping both these settings will mitigate this issue from day one in the new version. So here is the guidance: `msal-browser v2`: App needs to explicitly set `claimsBasedCachingEnabled: false` and call `initialize()` to use msal to mitigate this issue. `msal-browser v3`: MSAL JS should handle this in the back ground. P.S: Currently this approach is in test and once approved will push the changes to v3. --------- Co-authored-by: Thomas Norling <thomas.norling@microsoft.com>
- Loading branch information
Showing
6 changed files
with
150 additions
and
0 deletions.
There are no files selected for viewing
7 changes: 7 additions & 0 deletions
7
change/@azure-msal-browser-ed90fec9-e683-48e6-96db-249be8f4d921.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"type": "patch", | ||
"comment": "Clear tokens and token keys for claims based ATs when `claimsBasedCachingEnabled` is set to `false` #6356", | ||
"packageName": "@azure/msal-browser", | ||
"email": "sameera.gajjarapu@microsoft.com", | ||
"dependentChangeType": "patch" | ||
} |
7 changes: 7 additions & 0 deletions
7
change/@azure-msal-common-36e9a23e-db9f-459d-86f4-02d265994ee3.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
{ | ||
"type": "minor", | ||
"comment": "Clean up claims cached in tokens when claimsclaimsBasedCachingEnabled is set to false #6356", | ||
"packageName": "@azure/msal-common", | ||
"email": "sameera.gajjarapu@microsoft.com", | ||
"dependentChangeType": "patch" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters