Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug] Fix Date-Time Parsing in Token Expiration Calculation for Multiple Formats #7393

Open
2 tasks
gladjohn opened this issue Oct 22, 2024 · 3 comments
Open
2 tasks
Labels
bug-unconfirmed A reported bug that needs to be investigated and confirmed confidential-client Issues regarding ConfidentialClientApplications more-information-needed Use this label when you are waiting on information from the issue creator msal-node Related to msal-node package question Customer is asking for a clarification, use case or information.

Comments

@gladjohn
Copy link

gladjohn commented Oct 22, 2024

Core Library

MSAL.js (@azure/msal-node)

Core Library Version

latest

Public or Confidential Client?

Confidential

Description

The method responsible for calculating token expiration (expires_on) in MSAL (Managed Identity) is not handling various date-time formats correctly. This leads to errors or incorrect results when processing expiration times in different formats provided by the Managed Identity service.

more info : AzureAD/microsoft-authentication-library-for-dotnet#4963

Error Message

No response

MSAL Logs

No response

Network Trace (Preferrably Fiddler)

  • Sent
  • Pending

MSAL Configuration

Added parsing logic for Unix timestamps, ISO 8601

Relevant Code Snippets

Added parsing logic for Unix timestamps, ISO 8601

Reproduction Steps

Added parsing logic for Unix timestamps, ISO 8601

Expected Behavior

Added parsing logic for Unix timestamps, ISO 8601

Identity Provider

Entra ID (formerly Azure AD) / MSA

Browsers Affected (Select all that apply)

None (Server)

Regression

No response

@gladjohn gladjohn added question Customer is asking for a clarification, use case or information. bug-unconfirmed A reported bug that needs to be investigated and confirmed labels Oct 22, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added the Needs: Attention 👋 Awaiting response from the MSAL.js team label Oct 22, 2024
@github-actions github-actions bot added confidential-client Issues regarding ConfidentialClientApplications msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package labels Oct 22, 2024
@gladjohn gladjohn removed msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package Needs: Attention 👋 Awaiting response from the MSAL.js team labels Oct 22, 2024
@Robbie-Microsoft Robbie-Microsoft added the msal-node Related to msal-node package label Oct 24, 2024
Copy link
Contributor

Invalid Issue Template:
Please update the original issue and make sure to fill out the entire issue template so we can better assist you.

@github-actions github-actions bot added the more-information-needed Use this label when you are waiting on information from the issue creator label Oct 24, 2024
@Robbie-Microsoft
Copy link
Collaborator

Right now, expiresOn is received from the MI as a Unix Timestamp number. I can add functionality to check if expiresOn is a string, and if it is, that means it's in ISO 8601 format and it'll be converted to a Unix timestamp.

@gladjohn Before I add this functionality, I need your assurance that if expiresOn is not received as a unix timestamp number, then it'll be received as a string ISO 8601. It'll be either/or, and will never be a string Unix Timestamp. Can you confirm this?

@gladjohn
Copy link
Author

Right now, expiresOn is received from the MI as a Unix Timestamp number. I can add functionality to check if expiresOn is a string, and if it is, that means it's in ISO 8601 format and it'll be converted to a Unix timestamp.

@gladjohn Before I add this functionality, I need your assurance that if expiresOn is not received as a unix timestamp number, then it'll be received as a string ISO 8601. It'll be either/or, and will never be a string Unix Timestamp. Can you confirm this?

take a look the fix here : https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/ac1cb0522a011e0a6e0802a2535bf03cfd8d9fab/src/client/Microsoft.Identity.Client/Utils/DateTimeHelpers.cs#L77

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug-unconfirmed A reported bug that needs to be investigated and confirmed confidential-client Issues regarding ConfidentialClientApplications more-information-needed Use this label when you are waiting on information from the issue creator msal-node Related to msal-node package question Customer is asking for a clarification, use case or information.
Projects
None yet
Development

No branches or pull requests

2 participants