Issue: Entra ID User Disabeld Tokan Cach Expired, Password login stops working, SSHKey Keeps Working.

[Jeroen-LWD]

Is there an existing issue for this?

• I have searched the existing issues and found none that matched mine

Describe the issue

I whant to allow my Entra ID Users to login, to login on my Linux server.
After they leave the Company there accounts wil be disabeld so they cannot login annymore.

When testing this,
User can login, local account is created.
Then when disabeling the user in Entra ID, after a hour or 2 the cach wil expire and loggin in whit username and password wil no longer work.
Only the local account wil not expire, only the login cash, so when a user has uploaded his Public ssh key, they are stil able to login.

Steps to reproduce

Login, add public sshkey, disabel account, tray login whit key

System information and logs

authd 0.3.5~24.04

name: authd-msentraid
summary: MSEntra ID broker for authd
publisher: Canonical✓
store-url: https://snapcraft.io/authd-msentraid
license: GPL-3.0
description: |
This is the MS Entra ID broker snap for authd to provide MS Entra ID OIDC based authentication on
Ubuntu with authd.
services:
authd-msentraid: simple, enabled, active
snap-id: vS3oJLMss6lgWwoFcPqYDUA2HB20I1Dc
tracking: 0.x/edge
refresh-date: yesterday at 13:32 CEST
channels:
0.x/stable: 0.1+4fe9826.0f76acc 2024-10-02 (51) 18MB -
0.x/candidate: ↑
0.x/beta: ↑
0.x/edge: 0.1+0b5d024.21625c4 2024-10-07 (52) 18MB -
installed: 0.1+0b5d024.21625c4 (52) 18MB -

Distributor ID: Ubuntu
Description: Ubuntu 24.04.1 LTS
Release: 24.04
Codename: noble

level=ERROR msg="could not refresh token: oauth2: "invalid_grant" "AADSTS50057: The user account is disabled.

Double check your logs

• I have redacted any sensitive information from the logs