Token renewal operation failed due to timeout.

[janandreschweiger]

Library versions)

• react-aad-msal: 2.3.5 (latest) and 2.2.1
• msal: 1.4.0 (latest) and 1.2.0

Describe the bug
1-10 minutes after the initial login, we and our clients get redirected to the Microsoft login screen. From there on the only way to login again is to delete the cookies.

Additionally, the following error is logged multiple times to the console:
MSAL Authentication Error! Error-Code: token_renewal_error | Error-Message: Token renewal operation failed due to timeout.

Interesting Notes

1. Our react-msal setup worked fine for 5 months. Now from one day to another this error occurred. We didn't modify the code or change any package versions.
2. We experience this issue primarily on Firefox. Still some of our clients have reported this issue for Chrome.
3. We upgraded both packages to the latest versions, as noted at the beginning. The issue remains.

Our Setup:
Our setup is almost the same as described in your documentation.

1. We have a static served auth.html.
2. We have added both http://localhost:3000 and http://localhost:3000/auth.html to the Redirect URLs.
3. This is our msal configuration:

import { MsalAuthProvider, LoginType } from 'react-aad-msal';
import { Logger, LogLevel } from 'msal';

const origin = "http://localhost:3000";
const config = {
    auth: {
      authority: 'https://login.microsoftonline.com/' + tenant,
      clientId: clientId,
      postLogoutRedirectUri: origin,
      redirectUri: origin,
      validateAuthority: true,
      navigateToLoginRequestUrl: false
    },
    system: {
      logger: new Logger(
        (logLevel, message, containsPii) => {
          console.log(logLevel, message);
        {
          level: LogLevel.Warning,
          piiLoggingEnabled: false
        }
      )
    },
    cache: {
      cacheLocation: 'localStorage', // we also tried 'sessionStorage',
      storeAuthStateInCookie: false
    }
  };

  const authenticationParameters = {
    scopes: ['openid']
  };

  const options = {
    loginType: LoginType.Redirect,
    tokenRefreshUri: origin + "/auth.html"
  };

  return new MsalAuthProvider(config, authenticationParameters, options);  // provider

4. Then we use the provider from above like this:

<AzureAD provider={provider} forceLogin>
  ...
</AzureAD>

Desktop:

• OS: Ubuntu
• Browser Firefox and Chrome
• Version 80.0 (Firefox)

I am grateful for any help. :)

[ace-kay-law-neo]

I face the same error. Unfortunately, this problem makes my whole application useless. Any ideas on this?

[htariq-nisum-com]

I am also facing this issue, it seems like this library is using MSAL v1 endpoint which utilizes iframe to renew the tokens now discouraged by modern browsers. for this MSAL.js v2.0 endpoint was introduced to resolve it. checkout https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

[ace-kay-law-neo]

It's pretty weird. I haven't experienced this issue for one day. But now the token-renewal fails like before.

@AndrewCraswell could you please have a look on this?

[GraemeF]

Should be resolved by #238

[janandreschweiger]

@GraemeF thanks for your respond. It helped me a lot. Is there any way we can fix it ourselves or should we still wait for another update?