Azure – AD – AcquireTokenSilent giving an error failed_to_acquire_toke…

微信扫一扫,分享到朋友圈

Azure – AD – AcquireTokenSilent giving an error failed_to_acquire_toke…

We are using Azure AD to authenticate and get the refreshed access token every 30 mins. We invoke below method which acquires security token and add it to request header.

var userObjectId = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/objectidentifier").Value;
var authContext = new AuthenticationContext(Authority, new NaiveSessionCache(userObjectId));
var credential = new ClientCredential(ConfigurationManager.AppSettings["ida:ClientId"],
ConfigurationManager.AppSettings["ida:ClientSecret"]);

    try
    {
    var authenticationResult = authContext.AcquireTokenSilent(ConfigurationManager.AppSettings["WebAPIBaseAddress"], credential, new UserIdentifier(userObjectId, UserIdentifierType.UniqueId));
    //set cookie for azure oauth refresh token - on successful login
    var httpCookie = HttpContext.Current.Response.Cookies["RefreshToken"];
    if (httpCookie != null)
        httpCookie.Value = authenticationResult.RefreshToken;

    request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authenticationResult.AccessToken);
    }
    catch
    {
    //Get access token using Refresh Token
    var authenticationResult = authContext.AcquireTokenByRefreshToken(httpCookie.Value, credential, ConfigurationManager.AppSettings["WebAPIBaseAddress"]);
    }

In above method, we have used AcquireTokenSilent method which gives us access token. Since access token lasts only for certain period of time. After its expiry, we call AcquireTokenByRefreshToken to get refresh token.

The above code works well, however we are getting below exception randomly:

Microsoft.IdentityModel.Clients.ActiveDirectory.AdalSilentTokenAcquisitionException: Failed to acquire token silently. Call method AcquireToken
   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenSilentHandler.SendTokenRequestAsync()
   at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.d__0.MoveNext()
ErrorCode: failed_to_acquire_token_silently

What could be the reason of such inconsistent behaviour? The same code is working on few environments (Stage/Dev) but its throwing error randomly on Production.

Please suggest.

We were able to resolve this. It seems to be a small mistake in the code itself. When the AccessToken expires, it throws an exception and it tries to fetch a new one using AcquireTokenByRefreshToken in the catch block. Here we were not setting the newly received refresh token back in the Cookie. We need to add below statement in the catch block also, so that it would get the Refresh token, which can then be passed back to generate a new Access Token.

httpCookie.Value = authenticationResult.RefreshToken;

微信扫一扫,分享到朋友圈

Azure – AD – AcquireTokenSilent giving an error failed_to_acquire_toke…

莱特兄弟获6000万元A轮融资,拓展C端航空素质教育和体验业务

上一篇

Spring and Cross-Context: WebAsyncManager can not be passed to WebAsyncManager

下一篇

你也可能喜欢

Azure – AD – AcquireTokenSilent giving an error failed_to_acquire_toke…

长按储存图像,分享给朋友