OBO for SP with RT support #3266
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bgavrilMS
commented
Apr 6, 2022
trwalke
reviewed
Apr 11, 2022
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Show resolved
Hide resolved
trwalke
reviewed
Apr 11, 2022
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Outdated
Show resolved
Hide resolved
trwalke
reviewed
Apr 11, 2022
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Show resolved
Hide resolved
trwalke
reviewed
Apr 11, 2022
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Show resolved
Hide resolved
trwalke
reviewed
Apr 11, 2022
src/client/Microsoft.Identity.Client/Internal/Requests/OnBehalfOfRequest.cs
Show resolved
Hide resolved
trwalke
approved these changes
Apr 11, 2022
pmaytak
approved these changes
Apr 12, 2022
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Show resolved
Hide resolved
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Outdated
Show resolved
Hide resolved
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Outdated
Show resolved
Hide resolved
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Outdated
Show resolved
Hide resolved
tests/Microsoft.Identity.Test.Integration.netfx/HeadlessTests/OboTests2.cs
Show resolved
Hide resolved
bgavrilMS
commented
Apr 14, 2022
| @@ -505,7 +493,7 @@ private static string GetPreferredUsernameFromIdToken(bool isAdfsAuthority, IdTo | |||
| } | |||
|
|
|||
| MsalAccessTokenCacheItem msalAccessTokenCacheItem = GetSingleToken(accessTokens, requestParams); | |||
| msalAccessTokenCacheItem = FilterTokensByKeyId(msalAccessTokenCacheItem, requestParams); | |||
| msalAccessTokenCacheItem = FilterTokensByPopKeyId(msalAccessTokenCacheItem, requestParams); | |||
bgavrilMS
added a commit
that referenced
this pull request
Apr 14, 2022
This reverts commit aad1331.
pmaytak
reviewed
Apr 14, 2022
|
|
||
| var msalTokenResponse = await SilentRequestHelper.RefreshAccessTokenAsync(cachedRefreshToken, this, AuthenticationRequestParameters, cancellationToken) | ||
| .ConfigureAwait(false); | ||
|
|
||
| return await CacheTokenResponseAndCreateAuthenticationResultAsync(msalTokenResponse).ConfigureAwait(false); | ||
| } | ||
|
|
||
| if (AcquireTokenInLongRunningOboWasCalled()) | ||
| { | ||
| AuthenticationRequestParameters.RequestContext.Logger.Error("[FindAccessTokenAsync] AcquireTokenInLongRunningProcess was called and OBO token was not found in the cache."); |
There was a problem hiding this comment.
Change log to "[OBO request] AcquireTokenInLongRunningProcess was called and no access or refresh tokens were found in the cache."
Need to verify that MsalErrorMessage.OboCacheKeyNotInCache is still accurate.
| // Returns whether AcquireTokenInLongRunningProcess was called (user assertion is null in this case) | ||
| private bool AcquireTokenInLongRunningOboWasCalled() | ||
| { | ||
| return AuthenticationRequestParameters.ApiId == ApiEvent.ApiIds.AcquireTokenOnBehalfOf && |
There was a problem hiding this comment.
nit: ApiId check can be removed.
bgavrilMS
added a commit
that referenced
this pull request
Apr 15, 2022
* OBO for SP with RT support * Address PR * Resolving OBO for long running process error when different scopes are used. Co-authored-by: trwalke <trwalke@microsoft.com>
bgavrilMS
added a commit
that referenced
this pull request
Apr 21, 2022
* OBO for SP with RT support (#3266) * OBO for SP with RT support * Address PR * Resolving OBO for long running process error when different scopes are used. Co-authored-by: trwalke <trwalke@microsoft.com> * Update src/client/Microsoft.Identity.Client/Internal/Requests/OnBehalfOfRequest.cs Co-authored-by: Peter M <34331512+pmaytak@users.noreply.github.com> * Pr Feedback * Fix build Co-authored-by: trwalke <trwalke@microsoft.com> Co-authored-by: Travis Walker <travis.walker@microsoft.com> Co-authored-by: Peter M <34331512+pmaytak@users.noreply.github.com>
Csaba8472
added a commit
to Csaba8472/microsoft-authentication-library-for-dotnet
that referenced
this pull request
Apr 24, 2022
…library-for-dotnet * 'master' of github.com:AzureAD/microsoft-authentication-library-for-dotnet: (39 commits) OBO for SP with RT support (AzureAD#3266) (AzureAD#3280) Update some projects to net48 (AzureAD#3269) Bump Source Link version (tool change) (AzureAD#3275) Update changelog.txt (AzureAD#3282) Default to WebView1 instead of WebView2 when using AAD or ADFS authorities (AzureAD#3276) Revert "OBO for SP with RT support (AzureAD#3266)" OBO for SP with RT support (AzureAD#3266) Add perf tests for Acquire Token calls with serialization cache and Builders (AzureAD#3250) Minor fix to SuggestedCacheKey comment and update NuGet icon in Readme. (AzureAD#3268) MSAL changelog 4.43.0 (AzureAD#3263) Bogavril/3251 (AzureAD#3255) Fix for AzureAD#3248 - use the correct plugin to sing out (AzureAD#3253) Performance project improvements (AzureAD#3064) Reuse lists in token cache filtering logic. (AzureAD#3233) Update andorid install script to use andorid 30 (AzureAD#3243) Fix for UWP packaging (AzureAD#3239) Pass account to Auth result (AzureAD#3199) App ported to Lab4 (AzureAD#3229) Trwalke/ruleset updates (AzureAD#3189) Conditional Access for Android (AzureAD#3210) ...
pmaytak
pushed a commit
that referenced
this pull request
May 12, 2022
* OBO for SP with RT support * Address PR * Resolving OBO for long running process error when different scopes are used. Co-authored-by: trwalke <trwalke@microsoft.com>
pmaytak
added a commit
that referenced
this pull request
May 12, 2022
* OBO for SP with RT support (#3266) * OBO for SP with RT support * Address PR * Resolving OBO for long running process error when different scopes are used. Co-authored-by: trwalke <trwalke@microsoft.com> * Update src/client/Microsoft.Identity.Client/Internal/Requests/OnBehalfOfRequest.cs Co-authored-by: Peter M <34331512+pmaytak@users.noreply.github.com> * Pr Feedback * Fix build Co-authored-by: trwalke <trwalke@microsoft.com> Co-authored-by: Travis Walker <travis.walker@microsoft.com> Co-authored-by: Peter M <34331512+pmaytak@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #2817
Changes proposed in this request
Testing
integration test
Performance impact
similar to user obo
Based on @trwalke 's research.