Unable to call function after getting token back from Azure to access Microsoft Graph

Question

I'm writing an Azure function that takes an OAuth token from Microsoft, which I've been able to successfully obtain. I'm trying to use that token to access to Microsoft Graph. After I receive the token from Microsoft my function times-out after ten minutes and doesn't get past context.log('CALLING MS GRAPH'.) I'm new to Azure and haven't been able to figure out why I can't call my second function with the value of the token returned from Microsoft or with a hard coded value.

Any help is greatly appreciated :)

I've tried hardcoding the token value into the function, changing the timeout, and adding various context.log()'s - but can't get past receiving the token. I've also tried removing the .end() to my POST call.

const https = require('https');
const querystring = require('querystring');

getAccessToken = (context, callback) => {
    const postData = querystring.stringify({
        'client_id': {clientID},
        'scope': 'https://graph.microsoft.com/.default',
        'client_secret': {clientSecret},
        'grant_type': 'client_credentials'
    });

      const msTokenOptions = {
        hostname: 'login.microsoftonline.com',
        port: 443,
        path: `/${tenantID}}/oauth2/v2.0/token`,
        method: 'POST',
        headers: {
            'Content-Type': 'application/x-www-form-urlencoded',
            'Content-Length': postData.length
        }
    };

    const oauthReq = https.request(msTokenOptions, (res) => {
        res.setEncoding('utf8');

        res.on('data', (d) => {
            let accessToken = JSON.parse(d).access_token;

            // Error happens here.  
            context.log('CALLING MSGRAPH')

            // I never make it into the functions below, regardless of how they're called. 
           callback(accessToken);
            accessMsGraph(accessToken)
        });
    });

    oauthReq.on('error', (e) => {
        context.log('ERROR: Problem obtaining MS Token. ' + e);
    });

    oauthReq.write(postData);
    oauthReq.end();

    return;
};

accessMsGraph = (token) => {
    // GET request to MS Graph here - I never make it into this function.

};


module.exports = (context, req) => {
    getAccessToken(context, (token) => {
        context.log('Accessing graph')
        accessMsGraph(context, token)
        accessMsGraph('123456')
    });
};

Answer 1

Please check the Access token lifespan which has been set in your tenant.

This actually isn't determined by Microsoft Graph but rather by Azure Active Directory.For a given tenant, the life-time can be configured using Configurable token lifetimes in Azure Active Directory (Public Preview) .

This functionality is still in Preview, so functionality may change between now and general release.

This configuration is per tenant, service principal, or application. If you configure it on the application, then the policy will apply on multi-tenant applications unless superseded by a policy on the service principal or tenant level.

The maximum lifetime for an Access token is 24 hours (minimum is 10 minutes, default is 1 hour).

In general, rather than adjusting the lifetime of the Access Token you should rely on the Refresh Token instead. These have a much longer lifetime of 14 days.

Refresh Token

When a client acquires an access token to access a protected resource, the client also receives a refresh token. The refresh token is used to obtain new access/refresh token pairs when the current access token expires. A refresh token is bound to a combination of user and client. A refresh token can be revoked at any time, and the token's validity is checked every time the token is used. Refresh tokens are not revoked when used to fetch new access tokens - it's best practice, however, to securely delete the old token when getting a new one.