New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update new var in configuration to allow user by pass URI check #1013
Conversation
@@ -95,6 +95,12 @@ to target MSAL at a specific test slice & flight. These apply to all requests ma | |||
*/ | |||
- (nonnull instancetype)initWithClientId:(NSString *)clientId; | |||
|
|||
/** | |||
Default is disable |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you add a little bit more detailed comment such as developer would understand why it is needed?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Address, I will update in next commit.
{ | ||
return nil; | ||
} | ||
|
||
BOOL brokerCapable = [MSALRedirectUri redirectUriIsBrokerCapable:redirectURI]; | ||
BOOL brokerCapable = !bypassRedirectValidation && [MSALRedirectUri redirectUriIsBrokerCapable:redirectURI]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bypassing of Redirect URI validation shouldn't impact whether URL is broker capable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought we designed to forward the request to broker only when the redirectURI is verified? I might misunderstand the purpose of verifying redirectURI in MSAL.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My bad, I've misread the code :) So this is to ensure that we don't forward request to broker, unless redirect was validated.
* update new var in configuration to allow user by pass URI check merge CHANGELOG
* update new var in configuration to allow user by pass URI check merge to cherry-pick
Proposed changes
Update MSAL Public configuration to allow user to enable bypass RedirectURI check for SSO Seeding feature.
Type of change
Risk
Additional information