diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 8ee6733c52..c1eebb8ecd 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -109,7 +109,6 @@ body: }, cache: { cacheLocation: "sessionStorage" - storeAuthStateInCookie: false } } validations: diff --git a/change/@azure-msal-browser-6f00d163-ea6e-4461-8d64-f654afaa2e5c.json b/change/@azure-msal-browser-6f00d163-ea6e-4461-8d64-f654afaa2e5c.json new file mode 100644 index 0000000000..b0d6506a2c --- /dev/null +++ b/change/@azure-msal-browser-6f00d163-ea6e-4461-8d64-f654afaa2e5c.json @@ -0,0 +1,7 @@ +{ + "type": "major", + "comment": "Configuration changes to CacheOptions #7697", + "packageName": "@azure/msal-browser", + "email": "joarroyo@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/change/@azure-msal-common-c037e1e0-4f7a-49c5-912a-ce0ea99fcf1e.json b/change/@azure-msal-common-c037e1e0-4f7a-49c5-912a-ce0ea99fcf1e.json new file mode 100644 index 0000000000..9a6b28c4e0 --- /dev/null +++ b/change/@azure-msal-common-c037e1e0-4f7a-49c5-912a-ce0ea99fcf1e.json @@ -0,0 +1,7 @@ +{ + "type": "minor", + "comment": "Deprecate claimsBasedCachingEnabled as part of Configuration change #7697", + "packageName": "@azure/msal-common", + "email": "joarroyo@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/lib/msal-angular/docs/configuration.md b/lib/msal-angular/docs/configuration.md index 0468194f93..f7d8e10102 100644 --- a/lib/msal-angular/docs/configuration.md +++ b/lib/msal-angular/docs/configuration.md @@ -58,7 +58,6 @@ import { PublicClientApplication, InteractionType, BrowserCacheLocation } from " }, cache: { cacheLocation: BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, // set to true for IE 11 }, system: { loggerOptions: { @@ -261,7 +260,6 @@ fetch("/assets/configuration.json") }, "cache": { "cacheLocation": "localStorage", - "storeAuthStateInCookie": true } }, "guard": { @@ -471,7 +469,6 @@ export class AppModule {} }, "cache": { "cacheLocation": "localStorage", - "storeAuthStateInCookie": true } }, "guard": { diff --git a/lib/msal-angular/docs/events.md b/lib/msal-angular/docs/events.md index 91ea4b0ec0..5995c8a07e 100644 --- a/lib/msal-angular/docs/events.md +++ b/lib/msal-angular/docs/events.md @@ -222,7 +222,6 @@ import { PublicClientApplication, InteractionType, BrowserCacheLocation } from " }, cache: { cacheLocation : BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, // set to true for IE 11 }, system: { loggerOptions: { diff --git a/lib/msal-angular/docs/initialization.md b/lib/msal-angular/docs/initialization.md index a8b2f7e1e7..4712b69130 100644 --- a/lib/msal-angular/docs/initialization.md +++ b/lib/msal-angular/docs/initialization.md @@ -31,7 +31,6 @@ import { PublicClientApplication, InteractionType, BrowserCacheLocation } from " }, cache: { cacheLocation : BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, // set to true for IE 11 }, system: { loggerOptions: { @@ -115,7 +114,6 @@ import { PublicClientApplication, InteractionType, BrowserCacheLocation } from " }, cache: { cacheLocation : BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, // set to true for IE 11 }, system: { loggerOptions: { diff --git a/lib/msal-browser/apiReview/msal-browser.api.md b/lib/msal-browser/apiReview/msal-browser.api.md index 761b260cf9..ec7148510b 100644 --- a/lib/msal-browser/apiReview/msal-browser.api.md +++ b/lib/msal-browser/apiReview/msal-browser.api.md @@ -409,8 +409,6 @@ export type CacheLookupPolicy = (typeof CacheLookupPolicy)[keyof typeof CacheLoo export type CacheOptions = { cacheLocation?: BrowserCacheLocation | string; temporaryCacheLocation?: BrowserCacheLocation | string; - storeAuthStateInCookie?: boolean; - cacheMigrationEnabled?: boolean; claimsBasedCachingEnabled?: boolean; }; @@ -1491,7 +1489,7 @@ export type WrapperSKU = (typeof WrapperSKU)[keyof typeof WrapperSKU]; // src/cache/LocalStorage.ts:296:8 - (tsdoc-param-tag-missing-hyphen) The @param block should be followed by a parameter name and then a hyphen // src/cache/LocalStorage.ts:354:8 - (tsdoc-param-tag-missing-hyphen) The @param block should be followed by a parameter name and then a hyphen // src/cache/LocalStorage.ts:385:8 - (tsdoc-param-tag-missing-hyphen) The @param block should be followed by a parameter name and then a hyphen -// src/config/Configuration.ts:227:5 - (ae-forgotten-export) The symbol "InternalAuthOptions" needs to be exported by the entry point index.d.ts +// src/config/Configuration.ts:223:5 - (ae-forgotten-export) The symbol "InternalAuthOptions" needs to be exported by the entry point index.d.ts // src/event/EventHandler.ts:113:8 - (tsdoc-param-tag-missing-hyphen) The @param block should be followed by a parameter name and then a hyphen // src/event/EventHandler.ts:139:8 - (tsdoc-param-tag-missing-hyphen) The @param block should be followed by a parameter name and then a hyphen // src/index.ts:8:12 - (tsdoc-characters-after-block-tag) The token "@azure" looks like a TSDoc tag but contains an invalid character "/"; if it is not a tag, use a backslash to escape the "@" diff --git a/lib/msal-browser/docs/caching.md b/lib/msal-browser/docs/caching.md index 0661f06c5b..c93368fa49 100644 --- a/lib/msal-browser/docs/caching.md +++ b/lib/msal-browser/docs/caching.md @@ -71,6 +71,9 @@ To faciliate efficient token acquisition while maintaining a good UX, MSAL cache > :bulb: The authorization code is only stored in memory and will be discarded after redeeming it for tokens. ## Warning :warning: + +**NOTE: `temporaryCacheLocation` is deprecated as of MSAL v5 and will be removed in a future release.** + Overriding `temporaryCacheLocation` should be done with caution. Specifically when choosing `localStorage`. Interaction in more than one tab/window will not be supported and you may receive `interaction_in_progress` errors unexpectedly. This is an escape hatch, not a fully supported feature. When using MSAL.js with the default configuration in a scenario where the user is redirected after successful authentication in a new window or tab, the OAuth 2.0 Authorization Code with PKCE flow will be interrupted. In this case, the original window or tab where the authentication state (code verifier and challenge) are stored, will be lost, and the authentication flow will fail. diff --git a/lib/msal-browser/docs/configuration.md b/lib/msal-browser/docs/configuration.md index 80cf4d15cd..1bffa20077 100644 --- a/lib/msal-browser/docs/configuration.md +++ b/lib/msal-browser/docs/configuration.md @@ -23,8 +23,6 @@ const msalConfig = { cache: { cacheLocation: "sessionStorage", temporaryCacheLocation: "sessionStorage", - storeAuthStateInCookie: false, - secureCookies: false, claimsBasedCachingEnabled: true, }, system: { @@ -95,11 +93,8 @@ const msalInstance = new PublicClientApplication(msalConfig); | Option | Description | Format | Default Value | | --------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | --------------------------------------------------- | | `cacheLocation` | Location of token cache in browser. | String value that must be one of the following: `"sessionStorage"`, `"localStorage"`, `"memoryStorage"` | `sessionStorage` | -| `temporaryCacheLocation` | Location of temporary cache in browser. This option should only be changed for specific edge cases. Please refer to [caching](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/caching.md#cached-artifacts) for more. | String value that must be one of the following: `"sessionStorage"`, `"localStorage"`, `"memoryStorage"` | `sessionStorage` | -| `storeAuthStateInCookie` | If true, stores cache items in cookies as well as browser cache. Should be set to true for use cases using IE. | boolean | `false` | -| `secureCookies` | If true and `storeAuthStateInCookies` is also enabled, MSAL adds the `Secure` flag to the browser cookie so it can only be sent over HTTPS. | boolean | `false` | -| `cacheMigrationEnabled` | If true, cache entries from older versions of MSAL will be updated to conform to the latest cache schema on startup. If your application has not been recently updated to a new version of MSAL.js you can safely turn this off. In the event old cache entries are not migrated it may result in a cache miss when attempting to retrieve accounts or tokens and affected users may need to re-authenticate to get up to date. | boolean | `true` when using `localStorage`, `false` otherwise | -| `claimsBasedCachingEnabled` | If `true`, access tokens will be cached under a key containing the hash of the requested claims string, resulting in a cache miss and new network token request when the same token request is made with different or missing claims. If set to `false`, tokens will be cached without claims, but all requests containing claims will go to the network and overwrite any previously cached token with the same scopes. | boolean | `false` | +| `temporaryCacheLocation` | Location of temporary cache in browser. This option should only be changed for specific edge cases. Please refer to [caching](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/caching.md#cached-artifacts) for more. **Note: This is deprecated and will be removed in a future release.** | String value that must be one of the following: `"sessionStorage"`, `"localStorage"`, `"memoryStorage"` | `sessionStorage` | +| `claimsBasedCachingEnabled` | If `true`, access tokens will be cached under a key containing the hash of the requested claims string, resulting in a cache miss and new network token request when the same token request is made with different or missing claims. If set to `false`, tokens will be cached without claims, but all requests containing claims will go to the network and overwrite any previously cached token with the same scopes. **Note: This is deprecated and will be removed in a future release.** | boolean | `false` | See [Caching in MSAL](./caching.md) for more. diff --git a/lib/msal-browser/src/cache/BrowserCacheManager.ts b/lib/msal-browser/src/cache/BrowserCacheManager.ts index 7014364435..0c6621738a 100644 --- a/lib/msal-browser/src/cache/BrowserCacheManager.ts +++ b/lib/msal-browser/src/cache/BrowserCacheManager.ts @@ -69,8 +69,6 @@ import { EventHandler } from "../event/EventHandler.js"; /** * This class implements the cache storage interface for MSAL through browser local or session storage. - * Cookies are only used if storeAuthStateInCookie is true, and are only used for - * parameters such as state and nonce, generally. */ export class BrowserCacheManager extends CacheManager { // Cache configuration, either set by user or default values. @@ -889,21 +887,10 @@ export class BrowserCacheManager extends CacheManager { /** * Gets cache item with given key. - * Will retrieve from cookies if storeAuthStateInCookie is set to true. * @param key */ getTemporaryCache(cacheKey: string, generateKey?: boolean): string | null { const key = generateKey ? this.generateCacheKey(cacheKey) : cacheKey; - if (this.cacheConfig.storeAuthStateInCookie) { - const itemCookie = this.cookieStorage.getItem(key); - if (itemCookie) { - this.logger.trace( - "BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies" - ); - return itemCookie; - } - } - const value = this.temporaryCacheStorage.getItem(key); if (!value) { // If temp cache item not found in session/memory, check local storage for items set by old versions @@ -932,8 +919,6 @@ export class BrowserCacheManager extends CacheManager { /** * Sets the cache item with the key and value given. - * Stores in cookie if storeAuthStateInCookie is set to true. - * This can cause cookie overflow if used incorrectly. * @param key * @param value */ @@ -943,14 +928,7 @@ export class BrowserCacheManager extends CacheManager { generateKey?: boolean ): void { const key = generateKey ? this.generateCacheKey(cacheKey) : cacheKey; - this.temporaryCacheStorage.setItem(key, value); - if (this.cacheConfig.storeAuthStateInCookie) { - this.logger.trace( - "BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie" - ); - this.cookieStorage.setItem(key, value, undefined); - } } /** @@ -963,17 +941,10 @@ export class BrowserCacheManager extends CacheManager { /** * Removes the temporary cache item with the given key. - * Will also clear the cookie item if storeAuthStateInCookie is set to true. * @param key */ removeTemporaryItem(key: string): void { this.temporaryCacheStorage.removeItem(key); - if (this.cacheConfig.storeAuthStateInCookie) { - this.logger.trace( - "BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie" - ); - this.cookieStorage.removeItem(key); - } } /** @@ -1374,8 +1345,6 @@ export const DEFAULT_BROWSER_CACHE_MANAGER = ( const cacheOptions: Required = { cacheLocation: BrowserCacheLocation.MemoryStorage, temporaryCacheLocation: BrowserCacheLocation.MemoryStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }; return new BrowserCacheManager( diff --git a/lib/msal-browser/src/config/Configuration.ts b/lib/msal-browser/src/config/Configuration.ts index 509ca87890..d87b8c4107 100644 --- a/lib/msal-browser/src/config/Configuration.ts +++ b/lib/msal-browser/src/config/Configuration.ts @@ -114,18 +114,14 @@ export type CacheOptions = { */ cacheLocation?: BrowserCacheLocation | string; /** + * @deprecated + * temporaryCacheLocation is deprecated and will be removed in a future release. * Used to specify the temporaryCacheLocation user wants to set. Valid values are "localStorage", "sessionStorage" and "memoryStorage". */ temporaryCacheLocation?: BrowserCacheLocation | string; /** - * If set, MSAL stores the auth request state required for validation of the auth flows in the browser cookies. By default this flag is set to false. - */ - storeAuthStateInCookie?: boolean; - /** - * If set, MSAL will attempt to migrate cache entries from older versions on initialization. By default this flag is set to true if cacheLocation is localStorage, otherwise false. - */ - cacheMigrationEnabled?: boolean; - /** + * @deprecated + * claimsBasedCachingEnabled is deprecated and will be removed in a future release. * Flag that determines whether access tokens are stored based on requested claims */ claimsBasedCachingEnabled?: boolean; @@ -279,13 +275,6 @@ export function buildConfiguration( const DEFAULT_CACHE_OPTIONS: Required = { cacheLocation: BrowserCacheLocation.SessionStorage, temporaryCacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: false, - // Default cache migration to true if cache location is localStorage since entries are preserved across tabs/windows. Migration has little to no benefit in sessionStorage and memoryStorage - cacheMigrationEnabled: - userInputCache && - userInputCache.cacheLocation === BrowserCacheLocation.LocalStorage - ? true - : false, claimsBasedCachingEnabled: false, }; diff --git a/lib/msal-browser/src/controllers/StandardController.ts b/lib/msal-browser/src/controllers/StandardController.ts index 67987ded3d..0938508c5d 100644 --- a/lib/msal-browser/src/controllers/StandardController.ts +++ b/lib/msal-browser/src/controllers/StandardController.ts @@ -257,8 +257,6 @@ export class StandardController implements IController { const nativeCacheOptions: Required = { cacheLocation: BrowserCacheLocation.MemoryStorage, temporaryCacheLocation: BrowserCacheLocation.MemoryStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }; this.nativeInternalStorage = new BrowserCacheManager( diff --git a/lib/msal-browser/src/error/BrowserConfigurationAuthError.ts b/lib/msal-browser/src/error/BrowserConfigurationAuthError.ts index 1550fa0c51..c6185f0c6a 100644 --- a/lib/msal-browser/src/error/BrowserConfigurationAuthError.ts +++ b/lib/msal-browser/src/error/BrowserConfigurationAuthError.ts @@ -13,7 +13,7 @@ export const BrowserConfigurationAuthErrorMessages = { [BrowserConfigurationAuthErrorCodes.stubbedPublicClientApplicationCalled]: "Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors", [BrowserConfigurationAuthErrorCodes.inMemRedirectUnavailable]: - "Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true.", + "Redirect cannot be supported. In-memory storage was selected, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage.", }; /** diff --git a/lib/msal-browser/src/utils/BrowserUtils.ts b/lib/msal-browser/src/utils/BrowserUtils.ts index ef8c33b5e1..161a63ece0 100644 --- a/lib/msal-browser/src/utils/BrowserUtils.ts +++ b/lib/msal-browser/src/utils/BrowserUtils.ts @@ -175,11 +175,8 @@ export function redirectPreflightCheck( ): void { preflightCheck(initialized); blockRedirectInIframe(config.system.allowRedirectInIframe); - // Block redirects if memory storage is enabled but storeAuthStateInCookie is not - if ( - config.cache.cacheLocation === BrowserCacheLocation.MemoryStorage && - !config.cache.storeAuthStateInCookie - ) { + // Block redirects if memory storage is enabled + if (config.cache.cacheLocation === BrowserCacheLocation.MemoryStorage) { throw createBrowserConfigurationAuthError( BrowserConfigurationAuthErrorCodes.inMemRedirectUnavailable ); diff --git a/lib/msal-browser/test/app/PublicClientApplication.spec.ts b/lib/msal-browser/test/app/PublicClientApplication.spec.ts index cdc6f94243..3c2d0772d9 100644 --- a/lib/msal-browser/test/app/PublicClientApplication.spec.ts +++ b/lib/msal-browser/test/app/PublicClientApplication.spec.ts @@ -120,8 +120,6 @@ import { INTERACTION_TYPE } from "../../src/utils/BrowserConstants.js"; const cacheConfig = { temporaryCacheLocation: BrowserCacheLocation.SessionStorage, cacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }; @@ -1934,14 +1932,13 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { } }); - it("throws error if cacheLocation is Memory Storage and storeAuthStateInCookie is false", async () => { + it("throws error if cacheLocation is Memory Storage", async () => { pca = new PublicClientApplication({ auth: { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, cache: { cacheLocation: BrowserCacheLocation.MemoryStorage, - storeAuthStateInCookie: false, }, system: { allowPlatformBroker: false, @@ -7290,8 +7287,6 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { { cacheLocation: BrowserCacheLocation.LocalStorage, temporaryCacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }, new CryptoOps(new Logger({})), diff --git a/lib/msal-browser/test/cache/BrowserCacheManager.spec.ts b/lib/msal-browser/test/cache/BrowserCacheManager.spec.ts index 55bad7f5a6..52fbdcb435 100644 --- a/lib/msal-browser/test/cache/BrowserCacheManager.spec.ts +++ b/lib/msal-browser/test/cache/BrowserCacheManager.spec.ts @@ -61,8 +61,6 @@ describe("BrowserCacheManager tests", () => { cacheConfig = { temporaryCacheLocation: BrowserCacheLocation.SessionStorage, cacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }; logger = new Logger({ @@ -2398,318 +2396,6 @@ describe("BrowserCacheManager tests", () => { }); }); - describe("Interface functions with storeAuthStateInCookie=true", () => { - let browserSessionStorage: BrowserCacheManager; - let browserLocalStorage: BrowserCacheManager; - let browserMemoryStorage: BrowserCacheManager; - let cacheVal: string; - let msalCacheKey: string; - beforeEach(async () => { - browserSessionStorage = new BrowserCacheManager( - TEST_CONFIG.MSAL_CLIENT_ID, - { - ...cacheConfig, - cacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: true, - }, - browserCrypto, - logger, - new StubPerformanceClient(), - new EventHandler() - ); - await browserSessionStorage.initialize(TEST_CONFIG.CORRELATION_ID); - browserLocalStorage = new BrowserCacheManager( - TEST_CONFIG.MSAL_CLIENT_ID, - { - ...cacheConfig, - cacheLocation: BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, - }, - browserCrypto, - logger, - new StubPerformanceClient(), - new EventHandler() - ); - await browserLocalStorage.initialize(TEST_CONFIG.CORRELATION_ID); - browserMemoryStorage = new BrowserCacheManager( - TEST_CONFIG.MSAL_CLIENT_ID, - { - ...cacheConfig, - cacheLocation: BrowserCacheLocation.MemoryStorage, - storeAuthStateInCookie: true, - }, - browserCrypto, - logger, - new StubPerformanceClient(), - new EventHandler() - ); - await browserMemoryStorage.initialize(TEST_CONFIG.CORRELATION_ID); - cacheVal = "cacheVal"; - msalCacheKey = browserSessionStorage.generateCacheKey("cacheKey"); - }); - - afterEach(async () => { - await browserSessionStorage.clear(); - await browserLocalStorage.clear(); - }); - - it("setTempCache()", () => { - // sessionStorage - browserSessionStorage.setTemporaryCache( - msalCacheKey, - cacheVal, - true - ); - expect(window.sessionStorage.getItem(msalCacheKey)).toBe(cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - // @ts-ignore - browserSessionStorage.cookieStorage.removeItem(msalCacheKey); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal, true); - expect(window.sessionStorage.getItem(msalCacheKey)).toBe(cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - // @ts-ignore - browserLocalStorage.cookieStorage.removeItem(msalCacheKey); - // browser memory - browserMemoryStorage.setTemporaryCache( - msalCacheKey, - cacheVal, - true - ); - expect(browserMemoryStorage.getTemporaryCache(msalCacheKey)).toBe( - cacheVal - ); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - // @ts-ignore - browserMemoryStorage.cookieStorage.removeItem(msalCacheKey); - }); - - it("getTempCache()", () => { - // sessionStorage - browserSessionStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect( - browserSessionStorage.getTemporaryCache(msalCacheKey, true) - ).toBe(cacheVal); - expect( - // @ts-ignore - browserSessionStorage.cookieStorage.getItem(msalCacheKey) - ).toEqual(cacheVal); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect( - browserLocalStorage.getTemporaryCache(msalCacheKey, true) - ).toBe(cacheVal); - expect( - // @ts-ignore - browserLocalStorage.cookieStorage.getItem(msalCacheKey) - ).toEqual(cacheVal); - // @ts-ignore - browserMemoryStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect( - browserMemoryStorage.getTemporaryCache(msalCacheKey, true) - ).toBe(cacheVal); - expect( - // @ts-ignore - browserMemoryStorage.cookieStorage.getItem(msalCacheKey) - ).toEqual(cacheVal); - }); - - it("removeTemporaryItem()", () => { - const clearCookieSpy = jest.spyOn( - CookieStorage.prototype, - "removeItem" - ); - // sessionStorage - browserSessionStorage.setTemporaryCache( - msalCacheKey, - cacheVal, - true - ); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - browserSessionStorage.removeTemporaryItem(msalCacheKey); - expect(window.sessionStorage.getItem(msalCacheKey)).toBeNull(); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - expect(clearCookieSpy).toHaveBeenCalledTimes(1); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal, true); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - browserLocalStorage.removeTemporaryItem(msalCacheKey); - expect(window.localStorage.getItem(msalCacheKey)).toBeNull(); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - expect(clearCookieSpy).toHaveBeenCalledTimes(2); - // browser memory - browserMemoryStorage.setTemporaryCache( - msalCacheKey, - cacheVal, - true - ); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - browserMemoryStorage.removeTemporaryItem(msalCacheKey); - expect( - // @ts-ignore - browserMemoryStorage.temporaryCacheStorage.getItem(msalCacheKey) - ).toBeNull(); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - expect(clearCookieSpy).toHaveBeenCalledTimes(3); - }); - - it("clear()", async () => { - // sessionStorage - browserSessionStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - await browserSessionStorage.clear(); - expect(browserSessionStorage.getKeys()).toHaveLength(0); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - await browserLocalStorage.clear(); - expect(browserLocalStorage.getKeys()).toHaveLength(0); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - // browser memory - browserMemoryStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - await browserMemoryStorage.clear(); - expect(browserMemoryStorage.getKeys()).toHaveLength(0); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - }); - - it("setTempCache() with item that contains ==", () => { - msalCacheKey = `${Constants.CACHE_PREFIX}.${TEST_STATE_VALUES.ENCODED_LIB_STATE}`; - // sessionStorage - browserSessionStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(window.sessionStorage.getItem(msalCacheKey)).toBe(cacheVal); - expect(document.cookie).toContain( - `${encodeURIComponent(msalCacheKey)}=${cacheVal}` - ); - // @ts-ignore - browserSessionStorage.cookieStorage.removeItem(msalCacheKey); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(window.sessionStorage.getItem(msalCacheKey)).toBe(cacheVal); - expect(document.cookie).toContain( - `${encodeURIComponent(msalCacheKey)}=${cacheVal}` - ); - // @ts-ignore - browserLocalStorage.cookieStorage.removeItem(msalCacheKey); - // browser memory - browserMemoryStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(browserMemoryStorage.getTemporaryCache(msalCacheKey)).toBe( - cacheVal - ); - expect(document.cookie).toContain( - `${encodeURIComponent(msalCacheKey)}=${cacheVal}` - ); - // @ts-ignore - browserMemoryStorage.cookieStorage.removeItem(msalCacheKey); - }); - - it("getTempCache() with item that contains ==", () => { - msalCacheKey = `${Constants.CACHE_PREFIX}.${TEST_STATE_VALUES.ENCODED_LIB_STATE}`; - const getCookieSpy = jest.spyOn(CookieStorage.prototype, "getItem"); - // sessionStorage - browserSessionStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(browserSessionStorage.getTemporaryCache(msalCacheKey)).toBe( - cacheVal - ); - expect(getCookieSpy.mock.results[0].value).toEqual(cacheVal); - expect(getCookieSpy).toHaveBeenCalledTimes(1); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(browserLocalStorage.getTemporaryCache(msalCacheKey)).toBe( - cacheVal - ); - expect(getCookieSpy.mock.results[1].value).toEqual(cacheVal); - expect(getCookieSpy).toHaveBeenCalledTimes(2); - // @ts-ignore - browserMemoryStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(browserLocalStorage.getTemporaryCache(msalCacheKey)).toBe( - cacheVal - ); - expect(getCookieSpy.mock.results[2].value).toEqual(cacheVal); - expect(getCookieSpy).toHaveBeenCalledTimes(3); - }); - - it("removeTemporaryItem() with item that contains ==", () => { - msalCacheKey = `${Constants.CACHE_PREFIX}.${TEST_STATE_VALUES.ENCODED_LIB_STATE}`; - const clearCookieSpy = jest.spyOn( - CookieStorage.prototype, - "removeItem" - ); - // sessionStorage - browserSessionStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(window.sessionStorage.getItem(msalCacheKey)).toBe(cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - browserSessionStorage.removeTemporaryItem(msalCacheKey); - expect(window.sessionStorage.getItem(msalCacheKey)).toBeNull(); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - expect(clearCookieSpy).toHaveBeenCalledTimes(1); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - browserLocalStorage.removeTemporaryItem(msalCacheKey); - expect(window.sessionStorage.getItem(msalCacheKey)).toBeNull(); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - expect(clearCookieSpy).toHaveBeenCalledTimes(2); - // browser memory - browserMemoryStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - browserMemoryStorage.removeTemporaryItem(msalCacheKey); - // @ts-ignore - expect( - browserMemoryStorage.getTemporaryCache(msalCacheKey) - ).toBeNull(); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - expect(clearCookieSpy).toHaveBeenCalledTimes(3); - }); - - it("clear() with item that contains ==", async () => { - msalCacheKey = `${Constants.CACHE_PREFIX}.${TEST_STATE_VALUES.ENCODED_LIB_STATE}`; - // sessionStorage - browserSessionStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - await browserSessionStorage.clear(); - expect(browserSessionStorage.getKeys()).toHaveLength(0); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - // localStorage - browserLocalStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - await browserLocalStorage.clear(); - expect(browserLocalStorage.getKeys()).toHaveLength(0); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - // browser memory - browserMemoryStorage.setTemporaryCache(msalCacheKey, cacheVal); - expect(document.cookie).toContain(`${msalCacheKey}=${cacheVal}`); - await browserMemoryStorage.clear(); - expect(browserMemoryStorage.getKeys()).toHaveLength(0); - expect(document.cookie).not.toContain( - `${msalCacheKey}=${cacheVal}` - ); - }); - }); - describe("Helpers", () => { it("resetTempCacheItems() resets all temporary cache items with the given state", () => { const browserStorage = new BrowserCacheManager( diff --git a/lib/msal-browser/test/cache/TokenCache.spec.ts b/lib/msal-browser/test/cache/TokenCache.spec.ts index d646f6d061..c2c6314648 100644 --- a/lib/msal-browser/test/cache/TokenCache.spec.ts +++ b/lib/msal-browser/test/cache/TokenCache.spec.ts @@ -64,8 +64,6 @@ describe("TokenCache tests", () => { cacheConfig = { temporaryCacheLocation: BrowserCacheLocation.SessionStorage, cacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }; logger = new Logger({ diff --git a/lib/msal-browser/test/config/Configuration.spec.ts b/lib/msal-browser/test/config/Configuration.spec.ts index 1bceb556f2..d7b9b93db1 100644 --- a/lib/msal-browser/test/config/Configuration.spec.ts +++ b/lib/msal-browser/test/config/Configuration.spec.ts @@ -52,8 +52,6 @@ describe("Configuration.ts Class Unit Tests", () => { expect(emptyConfig.cache).toBeDefined(); expect(emptyConfig.cache?.cacheLocation).toBeDefined(); expect(emptyConfig.cache?.cacheLocation).toBe("sessionStorage"); - expect(emptyConfig.cache?.storeAuthStateInCookie).toBeDefined(); - expect(emptyConfig.cache?.storeAuthStateInCookie).toBe(false); expect(emptyConfig.cache?.claimsBasedCachingEnabled).toBe(false); // System config checks expect(emptyConfig.system).toBeDefined(); @@ -242,7 +240,6 @@ describe("Configuration.ts Class Unit Tests", () => { }, cache: { cacheLocation: BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, claimsBasedCachingEnabled: true, }, system: { @@ -272,8 +269,6 @@ describe("Configuration.ts Class Unit Tests", () => { expect(newConfig.cache).not.toBeNull(); expect(newConfig.cache?.cacheLocation).not.toBeNull(); expect(newConfig.cache?.cacheLocation).toBe("localStorage"); - expect(newConfig.cache?.storeAuthStateInCookie).not.toBeNull(); - expect(newConfig.cache?.storeAuthStateInCookie).toBe(true); expect(newConfig.cache?.claimsBasedCachingEnabled).toBe(true); // System config checks expect(newConfig.system).not.toBeNull(); diff --git a/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts b/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts index 0b4bffd3f9..bf009f6ea9 100644 --- a/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts +++ b/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts @@ -93,8 +93,6 @@ import { BrowserPerformanceClient } from "../../src/telemetry/BrowserPerformance const cacheConfig = { cacheLocation: BrowserCacheLocation.SessionStorage, temporaryCacheLocation: BrowserCacheLocation.SessionStorage, - storeAuthStateInCookie: false, - cacheMigrationEnabled: false, claimsBasedCachingEnabled: false, }; diff --git a/lib/msal-common/src/config/ClientConfiguration.ts b/lib/msal-common/src/config/ClientConfiguration.ts index 881c08bb92..d7df334d23 100644 --- a/lib/msal-common/src/config/ClientConfiguration.ts +++ b/lib/msal-common/src/config/ClientConfiguration.ts @@ -124,6 +124,10 @@ export type LoggerOptions = { * - claimsBasedCachingEnabled - Sets whether tokens should be cached based on the claims hash. Default is false. */ export type CacheOptions = { + /** + * @deprecated + * claimsBasedCachingEnabled is deprecated and will be removed in a future release. + */ claimsBasedCachingEnabled?: boolean; }; diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json index 90ec1944b5..5c7795cd33 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json @@ -5,14 +5,15 @@ "authority": "https://login.microsoftonline.com/common" }, "cache": { - "cacheLocation": "sessionStorage", - "storeAuthStateInCookie": false + "cacheLocation": "sessionStorage" }, "system": { "allowPlatformBroker": false } }, "request": { - "scopes": ["User.Read"] + "scopes": [ + "User.Read" + ] } -} +} \ No newline at end of file diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json index 5b8a7aec68..c63d83c02c 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json @@ -5,24 +5,25 @@ "authority": "https://login.microsoftonline.com/f645ad92-e38d-4d1a-b510-d1b09a74a8ca" }, "cache": { - "cacheLocation": "sessionStorage", - "storeAuthStateInCookie": false + "cacheLocation": "sessionStorage" }, "system": { "allowPlatformBroker": false } }, "request": { - "scopes": ["User.Read"] + "scopes": [ + "User.Read" + ] }, "tenants": { - "home": { + "home": { "tenantId": "f645ad92-e38d-4d1a-b510-d1b09a74a8ca", "authority": "https://login.microsoftonline.com/f645ad92-e38d-4d1a-b510-d1b09a74a8ca" - }, + }, "guest": { "tenantId": "8e44f19d-bbab-4a82-b76b-4cd0a6fbc97a", "authority": "https://login.microsoftonline.com/8e44f19d-bbab-4a82-b76b-4cd0a6fbc97a" } } -} +} \ No newline at end of file diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json index 01141aec79..bd2a17cd71 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json @@ -5,14 +5,15 @@ "authority": "https://login.microsoftonline.com/f645ad92-e38d-4d1a-b510-d1b09a74a8ca" }, "cache": { - "cacheLocation": "sessionStorage", - "storeAuthStateInCookie": false + "cacheLocation": "sessionStorage" }, "system": { "allowPlatformBroker": false } }, "request": { - "scopes": ["User.Read"] + "scopes": [ + "User.Read" + ] } -} +} \ No newline at end of file diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json index e7755bd5d0..5eb872a9bc 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json @@ -3,17 +3,20 @@ "auth": { "clientId": "4c837770-7a2b-471e-aafa-3328d04a23b1", "authority": "https://msidlabb2c.b2clogin.com/msidlabb2c.onmicrosoft.com/B2C_1_SISOPolicy/", - "knownAuthorities": ["msidlabb2c.b2clogin.com"] + "knownAuthorities": [ + "msidlabb2c.b2clogin.com" + ] }, "cache": { - "cacheLocation": "sessionStorage", - "storeAuthStateInCookie": false + "cacheLocation": "sessionStorage" }, "system": { "allowPlatformBroker": false } }, "request": { - "scopes": ["https://msidlabb2c.onmicrosoft.com/4c837770-7a2b-471e-aafa-3328d04a23b1/read"] + "scopes": [ + "https://msidlabb2c.onmicrosoft.com/4c837770-7a2b-471e-aafa-3328d04a23b1/read" + ] } -} +} \ No newline at end of file diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json index 42e38744a0..07338ec644 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json @@ -5,14 +5,15 @@ "authority": "https://login.microsoftonline.com/common" }, "cache": { - "cacheLocation": "localStorage", - "storeAuthStateInCookie": false + "cacheLocation": "localStorage" }, "system": { "allowPlatformBroker": false } }, "request": { - "scopes": ["User.Read"] + "scopes": [ + "User.Read" + ] } -} +} \ No newline at end of file diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json index 580be73a47..eb120a7590 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json @@ -5,14 +5,15 @@ "authority": "https://login.microsoftonline.com/common" }, "cache": { - "cacheLocation": "memoryStorage", - "storeAuthStateInCookie": true + "cacheLocation": "memoryStorage" }, "system": { "allowPlatformBroker": false } }, "request": { - "scopes": ["User.Read"] + "scopes": [ + "User.Read" + ] } -} +} \ No newline at end of file diff --git a/samples/msal-react-samples/react-router-sample/README.md b/samples/msal-react-samples/react-router-sample/README.md index f409c90c62..3d51fc313a 100644 --- a/samples/msal-react-samples/react-router-sample/README.md +++ b/samples/msal-react-samples/react-router-sample/README.md @@ -80,10 +80,6 @@ You will also see any lint errors in the console. 1. Open [http://localhost:3000](http://localhost:3000) to view it in the browser. 1. Open [http://localhost:3000/profile](http://localhost:3000/profile) to see an example of a protected route. If you are not yet signed in, signin will be invoked automatically. -#### Running the sample in IE11 - -`@azure/msal-react` and `@azure/msal-browser` support IE11 but the `react-scripts` package requires a few polyfills to work properly. In order to run this sample in IE11 go to `src/index.js` and uncomment the first 2 imports. We recommend using the redirect flow and setting the `storeAuthStateInCookie` config parameter to `true` in IE11 as there are known issues with popups. You can read more about the known issues with IE11 [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/Known-issues-on-IE-and-Edge-Browser) - #### Learn more about the 3rd-party libraries used to create this sample - [React documentation](https://reactjs.org/).