-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is App Service easy auth token refresh working? #1115
Comments
The user shouldn't need to log in or log out. You can try the same sample without easy-auth by running it locally. An integrated authorization system will be used instead. This will allow you to see if easy auth is the issue |
Another thing you can try when you are at a login page that is stuck for a long time is to open developer tools and see if there are any network errors. We have previously had issues with CORS not working for easy auth which had the same symptom of a "stuck login page". |
I checked in a PR which might help with any refresh issues - but i'm still curious if this is reproducible without using easy-auth at all |
For repro - I'm stuck with this error. I'm sure is transient. I'll try later today or tomorrow.
Repro steps in local mac m1 dev container - not complete yet: Initial upload of documents and provisioning of resources
Sets up for easy auth
Use website to query search
Docs aren't locked down yet but website requires auth. Change acls in search index
Use website to query search
|
Are you using the same tenant for both auth and your app? It might help to explicitly set |
I can't reproduce. If I hit it again I'll try to capture more details. |
I set up the user auth and document level access control but this took a lot longer than I thought. I stayed on the web page after authenticating. The website didn't tell me that my token was expired or that I needed to login again.
Once I adde by user to the Benefit_Options.pdf with the manageacl.sp1 script and verified the acl was on that doc, I went back to the website and clicked on the first card (which has to do with benefit options). I got an auth error. Since I've worked on AAD auth before with easy auth, I assumed it was an expired token so I logged out and logged back in then tried the card and got the answer instead of the error.
This feels like it is an issue with the App Service easy auth not refreshing the token behind the scenes. Is there code the repo to fresh the auth token? Or do I as the user need to logout/login manually after I'm given permissions to a specific PDF in Azure Search?
The text was updated successfully, but these errors were encountered: