-
Notifications
You must be signed in to change notification settings - Fork 145
Token Cache
Santiago Gonzalez edited this page Aug 30, 2019
·
3 revisions
In MSAL4J, an in-memory token cache is provided by default. The in-memory token cache lasts for the duration of the application.
You can check what accounts are in the cache by calling PublicClientApplication.getAccounts()
PublicClientApplication pca = new PublicClientApplication.Builder(
labResponse.getAppId()).
authority(TestConstants.ORGANIZATIONS_AUTHORITY).
build();
Set<IAccount> accounts = pca.getAccounts().join();
For removing accounts from the cache, first find the account that needs to be removed, and then call PublicClientApplicatoin.removeAccount()
Set<IAccount> accounts = pca.getAccounts().join();
IAccount accountToBeRemoved = accounts.stream().filter(
x -> x.username().equalsIgnoreCase(
UPN_OF_USER_TO_BE_REMOVED)).findFirst().orElse(null);
pca.removeAccount(accountToBeRemoved).join();
To have a persistent token cache application, you will need to customize the serialization. The classes and interfaces involved in token cache serialization are the following:
- ITokenCache: Interface representing security token cache.
- ITokenCacheAccessAspect: Interface representing operation of executing code before and after access. You would @Override beforeCacheAccess and afterCacheAccess with the logic responsible for serializing and deserializing the cache.
- ITokenCacheContext: Interface representing context in which the token cache is accessed.
Below is a naive implementation of custom serialization of token cache serialization/deserialization. This should not be copied and pasted into a production environment.
static class TokenPersistence implements ITokenCacheAccessAspect{
String data;
TokenPersistence(String data){
this.data = data;
}
@Override
public void beforeCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext){
iTokenCacheAccessContext.tokenCache().deserialize(data);
}
@Override
public void afterCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext) {
data = iTokenCacheAccessContext.tokenCache().serialize();
}
}
// Loads cache from file
String dataToInitCache = readResource(this.getClass(), "/cache_data/serialized_cache.json");
ITokenCacheAccessAspect persistenceAspect = new TokenPersistence(dataToInitCache);
// By setting *TokenPersistence* on the PublicClientApplication, MSAL will call *beforeCacheAccess()* before accessing the cache and *afterCacheAccess()* after accessing the cache.
PublicClientApplication app =
PublicClientApplication.builder("my_client_id").setTokenCacheAccessAspect(persistenceAspect).build();
- Home
- Why use MSAL4J
- Register your app with AAD
- Scenarios
- Client Applications
- Acquiring tokens
- IAuthenticationResult
- Calling a protected API