Description
Is your feature request related to a problem? Please describe.
MSAL maintains by default a dual cache serialization ADAL, MSAL, but this has performance improvements. See benchmark in See AzureAD/microsoft-authentication-library-for-dotnet#2309. New applications don't need the ADAL cache. And customers who are using Microsoft.Identity.Web (as opposed to those who use MSAL.NET directly) probably don't need token cache migration.
Describe the solution you'd like
MSAL.NET has now the possibility of disabling ADAL cache by specifying WithLegacyCacheCompatibility(false) when building the confidential client application, or using LegacyCacheCompatibilityEnabled = false in the ApplicationConfiguration
The proposal is to disable the ADAL cache by default in Microsoft.Identity.Web applications.
- Option1: in the template, provide "LegacyCacheCompatibilityEnabled": "false" in the appsettings.json files. This is the safest, but won't have an impact on applications that are already created
- Option2: have a new
LegacyCacheCompatibilityEnabledproperty inMIcrosoftIdentityOptionsset to false by default, but overridable by configuration, which would feed theConfidentialClientApplicationOptions(like the ClientID etc ... does). This way, by default any app has the ADAL cache disabled, but customers can enable it if they want.
Alternatives thought of
- Option 3: Just use the
ConfidentialClientApplicationOptions.LegacyCacheCompatibilityEnabled, but it's true by default, and therefore this requires proactive work from customers to disable it (which they might not find) - Option 4: Always disable the ADAL token cache programmatically when creating the ConfidentialClientApplication. This does not allow customers who'd want the cache migration though.
Additional context
See AzureAD/microsoft-authentication-library-for-dotnet#2309 (comment)