Skip to content

[v5] Changes to Configuration - CacheOptions (Config #2) #7697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 28 commits into
base: msal-v5
Choose a base branch
from
Open

[v5] Changes to Configuration - CacheOptions (Config #2) #7697

wants to merge 28 commits into from

Conversation

jo-arroyo
Copy link
Collaborator

@jo-arroyo jo-arroyo commented Apr 12, 2025
edited
Loading

This PR updates the CacheOptions for MSAL Browser v5, including the removal of implementation, tests, and doc references for the following options:

  • temporaryCacheLocation
  • claimsBasedCachingEnabled
  • storeAuthStateInCookie
  • secureCookies
  • cacheMigrationEnabled

Deprecation notices for the above options were added in #7707

@github-actions github-actions bot added documentation Related to documentation. msal-angular Related to @azure/msal-angular package samples Related to the samples apps for the library. msal-browser Related to msal-browser package labels Apr 12, 2025
@github-actions github-actions bot added the msal-common Related to msal-common package label Apr 12, 2025
@jo-arroyo jo-arroyo changed the title [v5] Changes to Configuration - CacheOptions [v5] Changes to Configuration - CacheOptions (Config #2) Apr 14, 2025
@jo-arroyo jo-arroyo marked this pull request as ready for review April 14, 2025 17:03
shylasummers
shylasummers previously approved these changes Apr 15, 2025
View reviewed changes
Copy link
Contributor

@shylasummers shylasummers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but somebody else should weigh in on whether to block redirects with memory storage

hectormmg
hectormmg previously approved these changes Apr 16, 2025
View reviewed changes
@github-actions github-actions bot removed the msal-common Related to msal-common package label Apr 22, 2025
@jo-arroyo jo-arroyo marked this pull request as draft April 22, 2025 22:25
@github-actions github-actions bot added the msal-common Related to msal-common package label Apr 23, 2025
jo-arroyo
jo-arroyo commented Apr 29, 2025
View reviewed changes
lib/msal-browser/test/cache/BrowserCacheManager.spec.ts
@@ -724,7 +720,7 @@ describe("BrowserCacheManager tests", () => {
).toBe(CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME);
});

it("clearTokensWithClaimsInCache clears all access tokens with claims in tokenKeys", async () => {
it("clearTokensAndKeysWithClaims clears all access tokens with claims in tokenKeys", async () => {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed naming, clearTokensWithClaimsInCache is not a function

@jo-arroyo jo-arroyo marked this pull request as ready for review April 30, 2025 15:58
jo-arroyo
jo-arroyo commented May 2, 2025
View reviewed changes
...browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/test/browserMemStorage.spec.ts
@@ -99,19 +99,6 @@ describe("In Memory Storage Tests", function () {
await page.close();
});

it("Performs loginRedirect", async () => {
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This e2e test has been removed as loginRedirect is not supported with memory storage now that storeAuthStateInCookies is removed.

tnorling
tnorling reviewed May 2, 2025
View reviewed changes
lib/msal-browser/src/request/RequestHelpers.ts
if (
config.cache.claimsBasedCachingEnabled &&
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't this change the behavior here? We are effectively defaulting this option to false so this block would never be hit. Do I have that right?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're removing claimsBasedCachingEnabled so this block would be hit as long as request.claims is set. In my discussion with @sameerag, the consensus was that claims still need to be able to be set on request for CAE purposes but we never want to cache claims.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess I'm confused how this works today then when claimsBasedCachingEnabled is false? Do we have a bug today?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It works the way @jo-arroyo described above, claims are added to the request but never cached. The bug is if this is true and user calls claims per request with a high frequency, the cache starts hitting its limit and requests fail post that point.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's chat offline, I think we're conflating 2 related but different things and I think this specific change is incorrect.

tnorling
tnorling reviewed May 2, 2025
View reviewed changes
lib/msal-common/src/config/ClientConfiguration.ts Outdated
*/
claimsBasedCachingEnabled?: boolean;
};
export type CacheOptions = {};
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to remove this altogether since it's empty?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, done.

peterzenz
peterzenz previously approved these changes May 2, 2025
View reviewed changes
sameerag
sameerag previously approved these changes May 2, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tnorling tnorling tnorling left review comments

@hectormmg hectormmg hectormmg left review comments

@sameerag sameerag sameerag left review comments

@shylasummers shylasummers shylasummers left review comments

@peterzenz peterzenz peterzenz left review comments

@Robbie-Microsoft Robbie-Microsoft Awaiting requested review from Robbie-Microsoft Robbie-Microsoft is a code owner

@konstantin-msft konstantin-msft Awaiting requested review from konstantin-msft konstantin-msft is a code owner

@lalimasharda lalimasharda Awaiting requested review from lalimasharda lalimasharda is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
documentation Related to documentation. msal-angular Related to @azure/msal-angular package msal-browser Related to msal-browser package msal-common Related to msal-common package samples Related to the samples apps for the library.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@jo-arroyo @hectormmg @tnorling @sameerag @shylasummers @peterzenz