Skip to main content

Cleaning ADAL token cache on Android and iOS

·2 mins

Microsoft Azure Active Directory Authentication Libraries (ADAL) is a popular set wrapper around Azure Active Directory API distributed in the form of platform and language specific components. It’s especially useful in multi-platform applications that integrate with various AD APIs such as Outlook or Graph API. It not only wraps the oAuth endpoints but automates the entire application flow for retrieving, refreshing and persisting tokens.

Unfortunately, among many features, ADAL does not provide the logout functionality out of the box. Let’s see how to implement this in few simple steps.

First one is to define a common abstraction that can be referenced in PCL:

Next is the implementation of Android provider. On this platform ADAL stores tokens in SharedPreferences under specific name and key. With this knowledge the implementation is straightforward:

iOS implementation is quite similar. It uses the KeyChain for the same purpose and the removal is pretty simple:

At the end let’s consider a sample scenario - clearing user credentials (tokens) in MVVMCross application on reinstallation. To achieve this the app needs to remember if it has been run since the last uninstall or if it’s the first time. This state can be persisted using i.e. the Xamarin.Settings plugin (in the example it’s wrapped with IApplicationSettings interface). In the first case, it would also be nice to not bother the user showing him the login screen.

Here’s the sample code:

Happy coding!