Ok think I got it. It must be behavior of the msal - be it react-aad-msal or actual msal.js it is wrapping around. Anyway, solution proved to be to pass query string in state parameter on AuthenticationParameters
when creating the provider omitting the local storage issue all together.
I just pass the query string from component:
<AzureAD
provider={authProviderWithState(this.props.queryString)}
reduxStore={this.props.reduxStore}
forceLogin={false}>
Which is then glued on the top of defaults
export const authProviderWithState = (state) => {
whichAuthParams.state = state;
return new MsalAuthProvider(whichConfig, whichAuthParams, LoginType.Redirect);
};
State is simply appended to the callback url used by the authorization endpoint so it works as I need it.