Token Cache

In MSAL4J, an in-memory token cache is provided by default. The in-memory token cache lasts for the duration of the application.

Checking what accounts are in the cache

You can check what accounts are in the cache by calling PublicClientApplication.getAccounts()

PublicClientApplication pca = new PublicClientApplication.Builder(
                labResponse.getAppId()).
                authority(TestConstants.ORGANIZATIONS_AUTHORITY).
                build();

Set<IAccount> accounts = pca.getAccounts().join();

Removing accounts from the cache

For removing accounts from the cache, first find the account that needs to be removed, and then call PublicClientApplicatoin.removeAccount()

Set<IAccount> accounts = pca.getAccounts().join();

IAccount accountToBeRemoved = accounts.stream().filter(
                x -> x.username().equalsIgnoreCase(
                        UPN_OF_USER_TO_BE_REMOVED)).findFirst().orElse(null);

pca.removeAccount(accountToBeRemoved).join();

Custom token cache serialization in MSAL4J

To have a persistent token cache application, you will need to customize the serialization. The classes and interfaces involved in token cache serialization are the following:

ITokenCache: Interface representing security token cache.
ITokenCacheAccessAspect: Interface representing operation of executing code before and after access. You would @Override beforeCacheAccess and afterCacheAccess with the logic responsible for serializing and deserializing the cache.
ITokenCacheContext: Interface representing context in which the token cache is accessed.

Below is a naive implementation of custom serialization of token cache serialization/deserialization. This should not be copied and pasted into a production environment.

    static class TokenPersistence implements ITokenCacheAccessAspect{
        String data;

        TokenPersistence(String data){
            this.data = data;
        }

        @Override
        public void beforeCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext){
            iTokenCacheAccessContext.tokenCache().deserialize(data);
        }

        @Override
        public void afterCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext) {
            data = iTokenCacheAccessContext.tokenCache().serialize();
        }
    }

String dataToInitCache = readResource(this.getClass(), "/cache_data/serialized_cache.json");

ITokenCacheAccessAspect persistenceAspect = new TokenPersistence(dataToInitCache);

PublicClientApplication app = PublicClientApplication.builder("my_client_id").setTokenCacheAccessAspect(persistenceAspect).build();

Steps -

Above, readResource() loads the Token Cache string from file. This String should be in the format output by the PublicClientApplication.
Create ITokenCacheAccessAspect by providing your own implementation.
Set the ITokenCacheAccessAspect to the PublicClientApplication object by calling setTokenCacheAccessAspect.

By setting TokenPersistence on the PublicClientApplication, MSAL will call beforeCacheAccess() before accessing the cache and afterCacheAccess() after accessing the cache.

Token Cache

Checking what accounts are in the cache

Removing accounts from the cache

Custom token cache serialization in MSAL4J

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Getting started with MSAL Java

Configure, build, and test

Advanced topics

FAQ & Common Issues

News

Other resources

Clone this wiki locally