Login with AAD MSAL - Login is already in progress

Question

I have a ASP.net website, that uses MSAL to login.

The issue I keep having is that, whenever the user logs in, then logs out again the user is redirected to a logout page. This page implements the new Msal.UserAgentApplication(msalConfig).logout() function, and redirects the user back to the login page.

This all works perfectly. The login page will then automatically redirect the user back to the AAD login page.

If the user then decides to login again, the result of MyMsalObject.GetAccount() returns null, and an error occurs that mentions the following:

ClientAuthError: Login_In_Progress: Error during login call - login is already in progress.

At first I used one js file to handle log in & logout, I then realised that that probably wasn't he best solution, as it attempted a login on load.

So I decided to split them up into two separate JS files but this hasn't fixed my problem.

msalObject definition:

var msalConfig = {
    auth: {
        clientId: "my_client_id",
        authority: "my_authority_url",
        redirectUri: "http://localhost:port"
    },
    cache: {
        cacheLocation: "localStorage",
        storeAuthStateInCookie: true
    }
};

var myMSALObj = new Msal.UserAgentApplication(msalConfig);

login code:

$(document).ready(function(){
    if (!myMSALObj.getAccount()) {
            myMSALObj.loginRedirect(msalConfig);
            acquireTokenRedirectAndCallMSGraph();
    }
});

Edit:

Some extra details. I've now made it so that users must click on a button before being redirected to Microsoft to login.

The above unfortunately still applies. After logging in succesfully for the first time & logging out, a secondary login attempt will not yield a value in the function getaccount() even though, it works perfectly the first time.

The error I get after I've logged in is still the same namely:

ClientAuthError: Login_In_Progress: Error during login call - login is already in progress.

Even though I just logged in..

Does anyone have a solution?

Edit 2:

There is a little bit of progress.. sort of, I've been able to fix the error above by changing way I log the user out.

The config file is now a definition within document ready & I've moved the log out function in there aswell.

Although I now face a new challenge..

Refused to display 'https://login.microsoftonline.com/{{}}' in a frame because it set 'X-Frame-Options' to 'deny'.

And im not entirely sure if this is a step forward or backwards. The reproduction scenario remains the same, you log in, then you log out & back in again, when microsoft sends the user back to the login page I get the error mentioned in this edit, but I don't get this error on the 1st login attempt.

The answer stated on: https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/FAQs#q6-how-to-avoid-page-reloads-when-acquiring-and-renewing-tokens-silently doesn't help at ALL, I'm using chrome but it still doesn't work..

Answer 1

Check session/local storage and cookies for any dangling msal information. We had the same problem, and I stumbled into this link.

https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/1069

It suggests clearing storage and cookies, but if you dig into using your browser tools, you'll see several entries like "msal...interactive...". Those will have values of "in progress", and that's what is causing the error.

Deleting those entries clears up the problem.