0

I'm working on a SPA where adal-angular lib is used to handle auth on client side. On backend app, passport-azure-ad is used with Bearer Strategy, to issue access token and other stuff(no refresh token though).

When user authenticates, accessToken, together with idToken is saved in localStorage, and with token timeout (which is around 1h).

When token expires, I get error (AADSTS50058) back saying single sign-in failed as it is missing cookie, to confirm identity. I'm not sure who needs to issue this cookie, and why it is not issued.

So I have one choice to manually, after reaching that error, call signIn method, programatically. It works to login, but full page reload happens and user loses work.

So my questions are:

  1. Can this be fixed with missing cookie, who needs to issue the cookie, and will it also do full page reload or not?

  2. If I cannot solve this with missing cookie, is there another way to re-login without doing full page reload?

Thanks.

Perp
  • 364
  • 7
  • 15

1 Answers1

1

This error may occur if the third-party cookies have been disabled in your browser.

If you are accessing angular application through Chrome browser on incognito mode. it disables third-party cookies at the home page.

If you are using incognito mode. Re-enable third party cookies in your browser to prevent this error from occurring.

For AADSTS50058 error you need to whitelist the login.microsoftonline.com endpoint in your browser extension in order to evade receiving this error again

For using access token, I would suggest to use refresh token, access token has a short life span as it becomes invalid or expires you need to re-login. So make use of refresh token as it has long life span

However, there are two alternatives,

  • Set the shorter expiry date 60 minutes to Access Token.
  • Set the long expiry date 100 days to Refresh Token.

Access token good for an hour, refresh token good for a year or good-till-revoked” So, you better use both Access Token and Refresh Token to fix this issue

To know more in detail please find these links if they are helpful:

Ref1 , Ref2 , Ref3

Imran
  • 3,875
  • 2
  • 3
  • 12