Current https-proxy-agent dependency causes issues with unrelated code #3448
Labels
enhancement
Enhancement to an existing feature or behavior.
internal
Issues created by MSAL.js team for internal tracking.
passport-azure-ad
Related to the passport-azure-ad library
Version: 4.3.0
Behavior: Unrelated code breaks because requests are being redirected to localhost
The issue I'm seeing is panva/node-openid-client#301 (I'm trying to refresh tokens originally obtained via passport-azure-ad). Requests made via openid-client are categorically redirected to localhost instead of the intended address. This is a bug in an upstream dependency of passport-azure-ad that directly patches core node functionality when loaded.
The source of the problem is documented at TooTallNate/node-agent-base#35. Basically, the mere existence of an old version of
agent-base
may break other libraries by redirecting https requests to localhost instead of where they were meant to go.Unfortunately the upstream fix was released in a major version upgrade, so in order to get the fix, it seems necessary to upgrade the
https-proxy-agent
dependency used by passport-azure-ad.Here is the dependency tree, for reference:
The text was updated successfully, but these errors were encountered: