Priority
(Medium) I'm annoyed but I'll live
Description
When an access token expires, refreshing the token, when connected using a public client, fails with an error when you run CLI with a proxy.
Steps to reproduce
m365 logoutm365 login- Use CLI with a proxy, eg.
HTTP_PROXY=http://127.0.0.1:8000 m365 spo site list
Expected results
CLI silently acquires the access token and executes the command
Actual results
CLI fails with the following error:
Error: unknown_error: Error(s): Not Available - Timestamp: Not Available - Description: An unknown error occured.
Http status code: 302
Http status message: Found
Headers: {"Content-Length":"0","Location":"https://login.microsoftonline.com:443/<tenant>/oauth2/v2.0/token","Set-Cookie":"stsservicecookie=estsfd; path=/; secure; httponly","client-request-id":"045b60c9-123b-420d-b1b8-b22437e8c00b","Date":"Sat, 31 Aug 2024 13:40:53 GMT","Connection":"close"} - Correlation ID: Not Available - Trace ID: Not Available
Diagnostics
No response
CLI for Microsoft 365 version
Latest from main
nodejs version
20
Operating system (environment)
macOS
Shell
zsh
cli doctor
No response
Additional Info
I tried tracing it and found out that it's coming from node_modules/@azure/msal-common/dist/client/SilentFlowClient.mjs:
else if (wasClockTurnedBack(cachedAccessToken.cachedAt) ||
isTokenExpired(cachedAccessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)) {
// must refresh due to the expires_in value
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
throw createClientAuthError(tokenRefreshRequired);
}This part is the same whether you use a proxy or not, but somehow, the following code fails when using proxy but works just fine without it. We'll need to check what's wrong exactly and if we're properly passing proxy configuration to MSAL.
Update 02-03-25:
I've done some more tracing and it seems that the node_modules/@azure/msal-node/dist/network/HttpClient.mjs:networkRequestViaProxy method is broken.
Priority
(Medium) I'm annoyed but I'll live
Description
When an access token expires, refreshing the token, when connected using a public client, fails with an error when you run CLI with a proxy.
Steps to reproduce
m365 logoutm365 loginHTTP_PROXY=http://127.0.0.1:8000 m365 spo site listExpected results
CLI silently acquires the access token and executes the command
Actual results
CLI fails with the following error:
Diagnostics
No response
CLI for Microsoft 365 version
Latest from main
nodejs version
20
Operating system (environment)
macOS
Shell
zsh
cli doctor
No response
Additional Info
I tried tracing it and found out that it's coming from
node_modules/@azure/msal-common/dist/client/SilentFlowClient.mjs:This part is the same whether you use a proxy or not, but somehow, the following code fails when using proxy but works just fine without it. We'll need to check what's wrong exactly and if we're properly passing proxy configuration to MSAL.
Update 02-03-25:
I've done some more tracing and it seems that the node_modules/@azure/msal-node/dist/network/HttpClient.mjs:networkRequestViaProxy method is broken.