Merge pull request #2994 from AzureAD/remove-expireson-null-type

Fix typing for expiresOn field

Author: Prithvi Kanherkar

change/@azure-msal-common-f03abef3-46c5-4af7-87f5-0400870c8004.json

@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "Fix typing for expiresOn field (#2994)",
+  "packageName": "@azure/msal-common",
+  "email": "prkanher@microsoft.com",
+  "dependentChangeType": "patch"
+}

lib/msal-common/src/error/ClientAuthError.ts

@@ -169,7 +169,11 @@ export const ClientAuthErrorMessage = {
     },
     noAuthorizationCodeFromServer: {
         code: "authorization_code_missing_from_server_response",
-        desc: "Srver response does not contain an authorization code to proceed"
+        desc: "Server response does not contain an authorization code to proceed"
+    },
+    accessTokenEntityNullError: {
+        code: "access_token_entity_null",
+        desc: "Access token entity is null, please check logs and cache to ensure a valid access token is present."
     }
 };
 
@@ -486,4 +490,11 @@ export class ClientAuthError extends AuthError {
     static createNoAuthCodeInServerResponseError(): ClientAuthError {
         return new ClientAuthError(ClientAuthErrorMessage.noAuthorizationCodeFromServer.code, ClientAuthErrorMessage.noAuthorizationCodeFromServer.desc);
     }
+
+    /**
+     * Throws error when access token entity is null when handling a response.
+     */
+    static createAccessTokenEntityNullError(): ClientAuthError {
+        return new ClientAuthError(ClientAuthErrorMessage.accessTokenEntityNullError.code, ClientAuthErrorMessage.accessTokenEntityNullError.desc);
+    }
 }

lib/msal-common/src/response/AuthenticationResult.ts

@@ -30,7 +30,7 @@ export type AuthenticationResult = {
     idTokenClaims: object;
     accessToken: string;
     fromCache: boolean;
-    expiresOn: Date | null;
+    expiresOn: Date;
     tokenType: string;
     extExpiresOn?: Date;
     state?: string;

lib/msal-common/src/response/ResponseHandler.ts

@@ -305,7 +305,7 @@ export class ResponseHandler {
         requestState?: RequestStateObject): Promise<AuthenticationResult> {
         let accessToken: string = "";
         let responseScopes: Array<string> = [];
-        let expiresOn: Date | null = null;
+        let expiresOn: Date;
         let extExpiresOn: Date | undefined;
         let familyId: string = Constants.EMPTY_STRING;
         if (cacheRecord.accessToken) {
@@ -318,6 +318,8 @@ export class ResponseHandler {
             responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();
             expiresOn = new Date(Number(cacheRecord.accessToken.expiresOn) * 1000);
             extExpiresOn = new Date(Number(cacheRecord.accessToken.extendedExpiresOn) * 1000);
+        } else {
+            throw ClientAuthError.createAccessTokenEntityNullError();
         }
 
         if (cacheRecord.appMetadata) {

lib/msal-common/test/client/SilentFlowClient.spec.ts

@@ -137,7 +137,6 @@ describe("SilentFlowClient unit tests", () => {
             expect(response.idTokenClaims).to.deep.eq(ID_TOKEN_CLAIMS);
             expect(response.accessToken).to.deep.eq(testAccessTokenEntity.secret);
             expect(response.state).to.be.empty;
-            console.log();
         });
 
         it("acquireCachedToken() looks up Bearer token when AuthenticationScheme is not set in request", async () => {

lib/msal-common/test/response/ResponseHandler.spec.ts

@@ -200,23 +200,17 @@ describe("ResponseHandler.ts", () => {
     });
 
     describe("generateAuthenticationResult", async () => {
-        it("sets default values if access_token not in cacheRecord", async () => {
+        it("throws error if access_token not in cacheRecord", async () => {
+            const testResponse: ServerAuthorizationTokenResponse = {...AUTHENTICATION_RESULT.body};
+            testResponse.access_token = undefined;
             const testRequest: BaseAuthRequest = {
                 authority: testAuthority.canonicalAuthority,
                 correlationId: "CORRELATION_ID",
                 scopes: ["openid", "profile", "User.Read", "email"]
             };
-            const testResponse: ServerAuthorizationTokenResponse = {...AUTHENTICATION_RESULT.body};
-            testResponse.access_token = null;
-
             const responseHandler = new ResponseHandler("this-is-a-client-id", testCacheManager, cryptoInterface, new Logger(loggerOptions), null, null);
             const timestamp = TimeUtils.nowSeconds();
-            const result = await responseHandler.handleServerTokenResponse(testResponse, testAuthority, timestamp, testRequest);
-
-            expect(result.accessToken).to.be.eq("");
-            expect(result.scopes).to.be.length(0);
-            expect(result.expiresOn).to.be.null;
-            expect(result.extExpiresOn).to.be.undefined;
+            await expect(responseHandler.handleServerTokenResponse(testResponse, testAuthority, timestamp, testRequest)).rejectedWith(ClientAuthErrorMessage.accessTokenEntityNullError.desc);
         });
 
         it("sets default values if refresh_token not in cacheRecord", async () => {
@@ -226,7 +220,7 @@ describe("ResponseHandler.ts", () => {
                 scopes: ["openid", "profile", "User.Read", "email"]
             };
             const testResponse: ServerAuthorizationTokenResponse = {...AUTHENTICATION_RESULT.body};
-            testResponse.refresh_token = null;
+            testResponse.refresh_token = undefined;
 
             const responseHandler = new ResponseHandler("this-is-a-client-id", testCacheManager, cryptoInterface, new Logger(loggerOptions), null, null);
             const timestamp = TimeUtils.nowSeconds();