Description
Which version of Microsoft Identity Web are you using?
Note that to get help, you need to run the latest version.
v0.2.1-preview
Where is the issue?
- Web app
- Sign-in users
- Sign-in users and call web APIs
- Web API
- Protected web APIs (validating tokens)
- Protected web APIs (validating scopes)
- Protected web APIs call downstream web APIs
- Token cache serialization
- In-memory caches
- Session caches
- Distributed caches
- Other (please describe)
Is this a new or an existing app?
Adding this library to an existing application. The version of this application that is in production is not using this library yet.
Expected behavior
The token has expired (or has been deleted) from the distributed cache. On the next request where the token is needed, the user should be redirected through the authentication flow (since a MsalUiRequiredException is thrown).
Actual behavior
The exception passes through the AuthorizeForScopesAttribute and is not acted upon
Possible solution
The current implementation of AuthroizeForScopesAttribute only looks at the current exception and its inner exception. It should look through all of the nested exceptions to determine if it is caused by MsalUiRequiredException.
I can write my own attribute that inherits from AuthorizeForScopesAttribute, perform the test myself, then call the base method (making sure the MsalUiException is set to the context.Exception property), and everything works as expected.
Additional context / logs / screenshots
The order of the screenshot is the reverse nested order (the first exception listed is the innermost exception).
I can submit a PR if that would help, but wanted to double-check to make sure I wasn't doing anything wrong first.