Add token expiration handling for AzureMFA auth (#16936)

* refresh azure account token if it's expired before sending query/list requests * fix several connection checks && add more logging * fix async UI glitch during token refreshing * cleanup * minor fix * add test for refreshAzureAccountTokenIfNecessary * address comments * comments * comments * comments * error handling
2026-02-16 10:58:30 -05:00 · 2021-09-02 17:24:45 -07:00
parent 73c20345e9
commit 0bc2a50d78
9 changed files with 171 additions and 4 deletions
--- a/extensions/azurecore/src/account-provider/auths/azureAuth.ts
+++ b/extensions/azurecore/src/account-provider/auths/azureAuth.ts
@@ -184,17 +184,20 @@ export abstract class AzureAuth implements vscode.Disposable {
 			const currentTime = new Date().getTime() / 1000;

 			let accessToken = cachedTokens.accessToken;
+			let expiresOn = Number(cachedTokens.expiresOn);
 			const remainingTime = expiry - currentTime;
 			const maxTolerance = 2 * 60; // two minutes

 			if (remainingTime < maxTolerance) {
 				const result = await this.refreshToken(tenant, resource, cachedTokens.refreshToken);
 				accessToken = result.accessToken;
+				expiresOn = Number(result.expiresOn);
 			}
 			// Let's just return here.
 			if (accessToken) {
 				return {
 					...accessToken,
+					expiresOn: expiresOn,
 					tokenType: 'Bearer'
 				};
 			}
@@ -214,6 +217,7 @@ export abstract class AzureAuth implements vscode.Disposable {
 		if (result.accessToken) {
 			return {
 				...result.accessToken,
+				expiresOn: Number(result.expiresOn),
 				tokenType: 'Bearer'
 			};
 		}
@@ -674,6 +678,11 @@ export interface Token extends AccountKey {
 	 */
 	token: string;

+	/**
+	 * Access token expiry timestamp
+	 */
+	expiresOn?: number;
+
 	/**
 	 * TokenType
 	 */
--- a/extensions/azurecore/src/test/account-provider/auths/azureAuth.test.ts
+++ b/extensions/azurecore/src/test/account-provider/auths/azureAuth.test.ts
@@ -96,8 +96,8 @@ describe('Azure Authentication', function () {
 		it('token recieved for ossRdbmns resource', async function () {
 			azureAuthCodeGrant.setup(x => x.getTenants(mockToken)).returns(() => {
 				return Promise.resolve([
-				mockTenant
-			]);
+					mockTenant
+				]);
 			});
 			azureAuthCodeGrant.setup(x => x.getTokenHelper(mockTenant, provider.settings.ossRdbmsResource, TypeMoq.It.isAny(), TypeMoq.It.isAny(), TypeMoq.It.isAny())).returns(() => {
 				return Promise.resolve({