Proper implementation of TokenCache

Question

I'm integrating the Microsoft Graph API into an MVC 5 web app, as well as using ADAL Open ID Connect according to this article:

https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-webapp-openidconnect-v2/

I'm wondering, how can I provide an implementation of TokenCache that doesn't rely on Session State? What argument should I supply to AcquireTokenForClientAsync? Right now, I'm just supplying a new instance of the class itself as to satisfy the signature of the method. I'd rather the refresh token get handled automatically, as I've read elsewhere. But if you supply null for the TokenCache argument, token cache does not get handled automatically? Here's an example of how I'm getting a token, and supplying new TokenCache() each time I call it.

ConfidentialClientApplication daemonClient = new ConfidentialClientApplication(
    AuthConstants.ClientId, 
    String.Format("https://login.microsoftonline.com/{0}/v2.0", AuthConstants.TenantId), 
    AuthConstants.RedirectUri, 
    new ClientCredential(AuthConstants.ClientSecret), 
    null, 
    new TokenCache());

AuthenticationResult authResult = await daemonClient.AcquireTokenForClientAsync(new string[] { "https://graph.microsoft.com/.default" });

return authResult.AccessToken;

Answer 1

You need to provide your own implementation to store the content of the cache in the storage you want (be it a database, a file etc). For this, you will set delegates using the SetBeforeAccess, SetAfterAccess, and SetBeforeWrite extension methods of the TokenCache class.

An example of an implementation writing/reading the content of a cache to file is available (for the case of a .NET WPF application) in https://github.com/Azure-Samples/active-directory-b2c-dotnet-desktop/blob/master/active-directory-b2c-wpf/TokenCacheHelper.cs