microsoft-authentication-library-for-js: Invalid state Expected: null
I’m submitting a…
[ ] Regression (a behavior that used to work and stopped working in a new release)
[x] Bug report
[ ] Performance issue
[ ] Feature request
[ ] Documentation issue or request
[ ] Other... Please describe:
Browser:
- Chrome version latest
- Firefox version XX
- IE version XX
- Edge version XX
- Safari version XX
Library version
Library version: 1.1.3
Current behavior
Ever since I upgraded from 0.2.4
to newer versions - currently the newest. I have nothing but problems which I never had before. I’m not sure if I’m doing something wrong. But I don’t know what.
Currently and quite randomly this error occurs quite often. The only thing which helps then is to manually “logout” and log in again:
ClientAuthError: Invalid state. f7e035d3-ea01-4300-ba18-dc4ec5fd936c, state expected : null.
at ClientAuthError.AuthError [as constructor] (http://localhost:3000/static/js/1.chunk.js:59448:24)
at new ClientAuthError (http://localhost:3000/static/js/1.chunk.js:59579:24)
at Function.ClientAuthError.createInvalidStateError (http://localhost:3000/static/js/1.chunk.js:59624:12)
at UserAgentApplication.saveTokenFromHash (http://localhost:3000/static/js/1.chunk.js:58737:93)
at UserAgentApplication.processCallBack (http://localhost:3000/static/js/1.chunk.js:58093:23)
at UserAgentApplication.handleAuthenticationResponse (http://localhost:3000/static/js/1.chunk.js:58200:10)
at new UserAgentApplication (http://localhost:3000/static/js/1.chunk.js:57232:14)
at WebMsalService._this.createClient (http://localhost:3000/static/js/main.chunk.js:5126:21)
at new WebMsalService (http://localhost:3000/static/js/main.chunk.js:5144:11)
at _callee4$ (http://localhost:3000/static/js/main.chunk.js:2841:125)
at tryCatch (http://localhost:3000/static/js/1.chunk.js:168970:17)
at Generator.invoke [as _invoke] (http://localhost:3000/static/js/1.chunk.js:169189:22)
at Generator.prototype.<computed> [as next] (http://localhost:3000/static/js/1.chunk.js:169023:21)
at asyncGeneratorStep (http://localhost:3000/static/js/1.chunk.js:20628:24)
at _next (http://localhost:3000/static/js/1.chunk.js:20650:9)
at http://localhost:3000/static/js/1.chunk.js:20657:7
at new Promise (<anonymous>)
at http://localhost:3000/static/js/1.chunk.js:20646:12
at _getMsalClient (http://localhost:3000/static/js/main.chunk.js:2850:25)
at getMsalClient (http://localhost:3000/static/js/main.chunk.js:2830:25)
at _callee9$ (http://localhost:3000/static/js/main.chunk.js:3065:20)
at tryCatch (http://localhost:3000/static/js/1.chunk.js:168970:17)
at Generator.invoke [as _invoke] (http://localhost:3000/static/js/1.chunk.js:169189:22)
at Generator.prototype.<computed> [as next] (http://localhost:3000/static/js/1.chunk.js:169023:21)
at asyncGeneratorStep (http://localhost:3000/static/js/1.chunk.js:20628:24)
at _next (http://localhost:3000/static/js/1.chunk.js:20650:9)
at http://localhost:3000/static/js/1.chunk.js:20657:7
at new Promise (<anonymous>)
at http://localhost:3000/static/js/1.chunk.js:20646:12
at _getForClient (http://localhost:3000/static/js/main.chunk.js:3086:24)
at getForClient (http://localhost:3000/static/js/main.chunk.js:3041:24)
at _callee8$ (http://localhost:3000/static/js/main.chunk.js:3001:20)
at tryCatch (http://localhost:3000/static/js/1.chunk.js:168970:17)
at Generator.invoke [as _invoke] (http://localhost:3000/static/js/1.chunk.js:169189:22)
at Generator.prototype.<computed> [as next] (http://localhost:3000/static/js/1.chunk.js:169023:21)
at asyncGeneratorStep (http://localhost:3000/static/js/1.chunk.js:20628:24)
at _next (http://localhost:3000/static/js/1.chunk.js:20650:9)
Expected behavior
Silent Token renewal should work.
Any pointers to what COULD be my problem are very welcome.
We’re basically using MSAL like this.
My MSAL config:
const authConfig = {
auth: {
clientId: this.authConfiguration.clientId,
authority: policy || this.authConfiguration.signInPolicy, // https://login.microsoftonline.com/common"
validateAuthority: true,
redirectUri: `${this.appUrl}/login-complete`,
postLogoutRedirectUri: postLogoutRedirectUri || this.appUrl,
navigateToLoginRequestUrl: false
},
cache: {
cacheLocation: 'localStorage'
}
} as Configuration;
Log in:
client.loginRedirect({
scopes: this.getScopes(), // we provide some extra scopes here
extraQueryParameters: hints,
loginHint: hints.login_hint
});
Acquiring the token:
const response = await client.acquireTokenSilent({ scopes: [this.authConfiguration.clientId] });
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 22 (12 by maintainers)
Hello
I have been having similar issues when migrating from react-aad-msal to direct msal (for more fine grained control).
react-aad-msal did not have this issue but when I migrated to msal with identical configuration parameters and loginRedirect calls msal failed while react-aad-msal worked.
After digging into it a bit more I found that it was caused by when I invoked msal.handleRedirectCallback. If the call happens too late I get the above error.
I was able to break my working version by delaying the register:
I am using msal with React and the delayed useEffects were the cause of my issues
Ciaran
Hopefully by next monday. There is a
beta.4
in pipeline and we plan to release1.2.0
after that.