[Identity] [localhost to cloud proposal] @azure/identity-spa #21028
Conversation
|
This pull request is protected by Check Enforcer. What is Check Enforcer?Check Enforcer helps ensure all pull requests are covered by at least one check-run (typically an Azure Pipeline). When all check-runs associated with this pull request pass then Check Enforcer itself will pass. Why am I getting this message?You are getting this message because Check Enforcer did not detect any check-runs being associated with this pull request within five minutes. This may indicate that your pull request is not covered by any pipelines and so Check Enforcer is correctly blocking the pull request being merged. What should I do now?If the check-enforcer check-run is not passing and all other check-runs associated with this PR are passing (excluding license-cla) then you could try telling Check Enforcer to evaluate your pull request again. You can do this by adding a comment to this pull request as follows: What if I am onboarding a new service?Often, new services do not have validation pipelines associated with them, in order to bootstrap pipelines for a new service, you can issue the following command as a pull request comment: |
| const pageLoadResult = await credential.onPageLoad(); | ||
| if (pageLoadResult) { | ||
| state = JSON.parse(pageLoadResult.state); | ||
| } |
There was a problem hiding this comment.
State and pageLoadResult need to move up.
| // A browser application can keep track of its own state and resume after authenticating. | ||
| let state = { | ||
| application: "state" | ||
| }; |
There was a problem hiding this comment.
State might not be useful in popup mode.
| // Interactive authentication will happen via a popup window that will appear when the authenticate() method is called. | ||
| await credential.authenticate(scopes, { | ||
| // The authenticate() method supports sending the browser application state. | ||
| state: JSON.stringify(state) |
There was a problem hiding this comment.
State might not be useful in popup mode.
| code: hash.get("code") || undefined, | ||
| state: hash.get("state") || undefined, | ||
| }; | ||
| } |
There was a problem hiding this comment.
This isn’t useful for the PopupCredential, but it is useful for the RedirectCredential.
| */ | ||
| async authenticate( | ||
| scopes: string | string[], | ||
| options: GetTokenOptions = {} |
There was a problem hiding this comment.
Options here should include a state property.
| ): Promise<AuthenticationRecord | undefined> { | ||
| return trace(`${this.constructor.name}.authenticate`, options, async (newOptions) => { | ||
| const arrayScopes = Array.isArray(scopes) ? scopes : [scopes]; | ||
| await this.msalFlow.getToken(arrayScopes, newOptions); |
There was a problem hiding this comment.
The MSAL flow should pass the state property to MSAL.
KarishmaGhiya
force-pushed
the
identity/spa-plugin
branch
from
5fd06a7
to
622423a
Compare
sdk/identity/identity-spa/README.md
Outdated
|
|
||
| // On page load, developers can retrieve the state of the previous authentication. | ||
| const pageLoadResult = await credential.onPageLoad(); | ||
| if (pageLoadResult) { |
There was a problem hiding this comment.
| if (pageLoadResult) { | |
| if (pageLoadResult.state) { |
| if (pageLoadResult) { | |
| if (pageLoadResult) { |
|
API change check for API changes have been detected in API changes + readonly scopes?: string[]; |
…re-sdk-for-js into identity/spa-plugin
| @@ -321,6 +321,7 @@ export interface SerializerOptions { | |||
| export class ServiceClient { | |||
| constructor(options?: ServiceClientOptions); | |||
| readonly pipeline: Pipeline; | |||
| readonly scopes?: string[]; | |||
There was a problem hiding this comment.
The authenticate method requires user to pass in the scope
- this is a way for the user to retrieve the
scopefrom the client.
|
|
||
| // @public | ||
| export interface SPACredentialOptions extends InteractiveCredentialOptions, CredentialPersistenceOptions { | ||
| clientId?: string; |
There was a problem hiding this comment.
CredentialPersistenceOptions not needed, since the persistence is already done by the MSAL browser
ghost
added
the
no-recent-activity
|
Hi @sadasant. Thank you for your interest in helping to improve the Azure SDK experience and for your contribution. We've noticed that there hasn't been recent engagement on this pull request. If this is still an active work stream, please let us know by pushing some changes or leaving a comment. Otherwise, we'll close this out in 7 days. |
|
Please leave this PR open. Don't close Pleaseee |
ghost
removed
the
no-recent-activity
ghost
added
the
no-recent-activity
|
Hi @sadasant. Thank you for your interest in helping to improve the Azure SDK experience and for your contribution. We've noticed that there hasn't been recent engagement on this pull request. If this is still an active work stream, please let us know by pushing some changes or leaving a comment. Otherwise, we'll close this out in 7 days. |
ghost
closed this
|
Hi @sadasant. Thank you for your contribution. Since there hasn't been recent engagement, we're going to close this out. Feel free to respond with a comment containing "/reopen" if you'd like to continue working on these changes. Please be sure to use the command to reopen or remove the "no-recent-activity" label; otherwise, this is likely to be closed again with the next cleanup pass. |
This package is a WORK IN PROGRESS.
This PR introduces two credentials:
RedirectCredentialandPopupCredentialthrough a new package,@azure/identity-spa. This effort aims to simplify the development of web backend applications, from localhost to the Azure cloud.Before I make the actual proposal, I’ll use this draft PR to ask for feedback, and to build the package for the Playwright-based champion scenarios that I’m making.
Fixes #21050
If you want to try out how the new design looks in comparison to the old design, I’m working on mocked tests here: