New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
msal-browser testing sample using msal-node to obtain tokens #2771
Conversation
@@ -88,6 +88,10 @@ export class TokenCache implements ISerializableTokenCache { | |||
} | |||
} | |||
|
|||
getKVStore(): CacheKVStore { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you think we should add tests for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One question, otherwise looks good!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Exposing ROPC to users should strictly go with warnings to discourage this for any other authentication purposes except for testing.
I agree, I think we should make it clear that this should only be done for tests, not in a production app. |
I also agree. I've added a warning to the top of the sample readme |
This PR has not seen activity in 14 days. It may be closed if it remains stale. |
SPAs using
msal-browser
to obtain tokens don't have an easy way to test their protected pages or APIs without using something like puppeteer to navigate through the AAD sign-in pages. This PR demonstrates how someone could use msal-node's ROPC flow to obtain tokens on the backend and pre-populate local/session storage with tokens.One new API is exposed on the msal-node
TokenCache
to retrieve the Key Value store to make this easier.