[Bug] Protected API calls protected API: TokenAcquisition.GetAccessTokenForUserAsync throws null pointer exception

[kdblocher]

Which Version of Microsoft Identity Web are you using ?
Microsoft Identity Web 1.0.0-preview

Where is the issue?

• Web App
  • Sign-in users
  • Sign-in users and call web APIs
• Web API
  • Protected web APIs (Validating tokens)
  • Protected web APIs (Validating scopes)
  • Protected web APIs call downstream web APIs
• Token cache serialization
  • In Memory caches
  • Session caches
  • Distributed caches

Other? - please describe;

Is this a new or existing app?
c. This is a new app or experiment

Repro
I have a SPA that calls a protected API that calls a downstream API. The problem is in the calling API.
I have generated NSwag client code for the downstream API that I inject a handler into - the handler code looks like this:

async override SendAsync (request, cancellationToken) {
  var token = await _tokenAcquisition.GetAccessTokenForUserAsync([ _config.Scope ]);
  request.Headers.Authorization = AuthenticationHeaderValue("Bearer", token);
  return await base.SendAsync(request, cancellationToken);
}

The projects (all 3 of them) are set up following the published API-calls-API scenarios. I have tested everything else independently working but when I try to chain them together, this bug occurs.

Expected behavior
Valid token is returned

Actual behavior
MSAL.NET throws null pointer exception, uncaught by this library

Additional context/ Logs / Screenshots
By the time the code gets to the handler, The token passed in is obtained by the SPA and passes authorization on the first API.

On calling GetAccessTokenForUserAsync the code eventually gets to the Web API flow in TokenAcquisition.cs

When executing this code, a null pointer exception is thrown by MSAL.NET's ClientCredentialHelper because ClientCredential.Thumbprint property getter throws an exception upon initialization, and that helper tries to reference it. You can see the problem from this screenshot (taken from TokenClient.cs)

I am completely stuck and am at a loss of how to work around this problem.

I put the issue here because I found it while trying to use this library, but the issue may be a bug in MSAL.NET, so let me know if I should add it there as well.

[jmprieur]

@kdblocher : do you have repro steps or code that would help understand what happens?
How does your SPA call the web API. Is it based on MSAL.js?

[kdblocher]

Yes, we have an SPA that calls the web API (using MSAL.JS) which then calls the lower-level web API.
I can provide snippets or I can upload all of the code minus secrets, but most of the code is written in F# and TypeScript (react+redux). A repro sample would take a long time to build, but I could probably do that, too.

Which would you prefer?

[kdblocher]

Looks like this is a duplicate or related to issue #66 - the call stack where the error is thrown is identical.

[kdblocher]

xpost #66 (comment)

[jennyf19]

@kdblocher is this still reproducing 0.3.0-preview? we've done a lot of work for SPAs (blazor) in this release, this should be working now. thanks.

[jmprieur]

Closing as this is now fixed