Description
Microsoft.Identity.Web Library
Microsoft.Identity.Web.TokenAcquisition
Microsoft.Identity.Web version
2.15.3
Web app
Sign-in users and call web APIs
Web API
Protected web APIs (validating tokens)
Token cache serialization
In-memory caches
Description
In production the project that I'm currently working on, has experienced hangs on the sign-in proces of our Blazor Server website. We couldn't pinpoint the error in production, but I've found similar behaviour after starting the website locally a couple of times.
The code is hanging in ConfidentialClientApplicationBuilderExtension.WithClientCredentials on the line with
credentialsLoader.LoadCredentialsIfNeededAsync(credential, credentialSourceLoaderParameters).GetAwaiter().GetResult();
I've looked at the implementation of the potential credentials-loaders and found that the KeyVault-loader requires an async-path (maybe others as well).
I'm preparing a PR to make ConfidentialClientApplicationBuilderExtension.WithClientCredentialsAsync and the path upwards also async.
While making my change in the code I came across an obsolete message on ITokenAcquisition.ReplyForbiddenWithWwwAuthenticateHeader which pointed to Performance improvements and consequence on async methods in Microsoft.Identity.Web 1.9.0. So I suspect this bug has been in the code-base for a while.
Reproduction steps
Sorry, I'm not able to reproduce this consistently.
Error message
No error message, the application just halts and the browser shows a message that the server took to long to respond after a while.
Id Web logs
No response
Relevant code snippets
Sorry, I can't share the code of this application.Regression
No response
Expected behavior
The call to ConfidentialClientApplicationBuilderExtension.WithClientCredentials to be fully async.