diff --git a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ConfidentialClientApplicationUnitT.java b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ConfidentialClientApplicationUnitT.java index 66d35c27..5624c60c 100644 --- a/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ConfidentialClientApplicationUnitT.java +++ b/msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ConfidentialClientApplicationUnitT.java @@ -318,6 +318,7 @@ public void validateAppTokenProviderAsync() throws Exception{ IClientCredential iClientCredential = ClientCredentialFactory.createFromClientAssertion( clientAssertion.assertion()); + Long refreshInSeconds = new Date().getTime() / 1000 + + 800000; //builds client with AppTokenProvider ConfidentialClientApplication cca = ConfidentialClientApplication. builder(TestConfiguration.AAD_CLIENT_ID, iClientCredential) @@ -325,7 +326,7 @@ public void validateAppTokenProviderAsync() throws Exception{ Assert.assertNotNull(parameters.scopes); Assert.assertNotNull(parameters.correlationId); Assert.assertNotNull(parameters.tenantId); - return getAppTokenProviderResult("/default"); + return getAppTokenProviderResult("/default", refreshInSeconds); }) .build(); @@ -338,6 +339,10 @@ public void validateAppTokenProviderAsync() throws Exception{ Assert.assertNotNull(result1.accessToken()); Assert.assertEquals(cca.tokenCache.accessTokens.size(), 1); + //check that refreshOn is set correctly when provided by an app developer + Assert.assertNotNull(cca.tokenCache.accessTokens.values().iterator().next().refreshOn()); + Assert.assertEquals(cca.tokenCache.accessTokens.values().iterator().next().refreshOn(), refreshInSeconds.toString()); + System.out.println(cca.tokenCache.accessTokens.values().iterator().next().refreshOn()); //Acquire token from cache @@ -356,7 +361,7 @@ public void validateAppTokenProviderAsync() throws Exception{ Assert.assertNotNull(parameters.scopes); Assert.assertNotNull(parameters.correlationId); Assert.assertNotNull(parameters.tenantId); - return getAppTokenProviderResult("/newScope"); + return getAppTokenProviderResult("/newScope", 0L); }) .build(); @@ -369,17 +374,20 @@ public void validateAppTokenProviderAsync() throws Exception{ Assert.assertNotEquals(result2.accessToken(), result3.accessToken()); Assert.assertEquals(cca.tokenCache.accessTokens.size(), 1); - + //check that refreshOn is set correctly when a value is not provided by an app developer + Assert.assertNotNull(cca.tokenCache.accessTokens.values().iterator().next().refreshOn()); + System.out.println(cca.tokenCache.accessTokens.values().iterator().next().refreshOn()); } - private CompletableFuture getAppTokenProviderResult(String differentScopesForAt) + private CompletableFuture getAppTokenProviderResult(String differentScopesForAt, + long refreshInSeconds) { long currTimestampSec = new Date().getTime() / 1000; TokenProviderResult token = new TokenProviderResult(); token.setAccessToken(TestConstants.DEFAULT_ACCESS_TOKEN + differentScopesForAt); //Used to indicate that there is a new access token for a different set of scopes token.setTenantId("tenantId"); token.setExpiresInSeconds(currTimestampSec + 1000000); - token.setRefreshInSeconds(currTimestampSec + 800000); + token.setRefreshInSeconds(refreshInSeconds); return CompletableFuture.completedFuture(token); } diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByAppProviderSupplier.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByAppProviderSupplier.java index 1afa2d7d..4966f0de 100644 --- a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByAppProviderSupplier.java +++ b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByAppProviderSupplier.java @@ -11,6 +11,8 @@ */ class AcquireTokenByAppProviderSupplier extends AuthenticationResultSupplier { + private static final int TWO_HOURS = 2*3600; + private AppTokenProviderParameters appTokenProviderParameters; private ClientCredentialRequest clientCredentialRequest; @@ -23,7 +25,7 @@ class AcquireTokenByAppProviderSupplier extends AuthenticationResultSupplier { this.appTokenProviderParameters = appTokenProviderParameters; } - private static void validateTokenProviderResult(TokenProviderResult tokenProviderResult) { + private static void validateAndUpdateTokenProviderResult(TokenProviderResult tokenProviderResult) { if (null == tokenProviderResult.getAccessToken() || tokenProviderResult.getAccessToken().isEmpty()) { handleInvalidExternalValueError(tokenProviderResult.getAccessToken()); } @@ -35,6 +37,13 @@ private static void validateTokenProviderResult(TokenProviderResult tokenProvide if (null == tokenProviderResult.getTenantId() || tokenProviderResult.getTenantId().isEmpty()) { handleInvalidExternalValueError(tokenProviderResult.getTenantId()); } + + if (0 == tokenProviderResult.getRefreshInSeconds()){ + long expireInSeconds = tokenProviderResult.getExpiresInSeconds(); + if(expireInSeconds >= TWO_HOURS){ + tokenProviderResult.setRefreshInSeconds(expireInSeconds/2); + } + } } private static void handleInvalidExternalValueError(String nameOfValue) { @@ -70,7 +79,7 @@ public AuthenticationResult fetchTokenUsingAppTokenProvider(AppTokenProviderPara throw new MsalAzureSDKException(ex); } - validateTokenProviderResult(tokenProviderResult); + validateAndUpdateTokenProviderResult(tokenProviderResult); return AuthenticationResult.builder() .accessToken(tokenProviderResult.getAccessToken())