-
Notifications
You must be signed in to change notification settings - Fork 139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make webview parameters optional in MSALSignoutParameters #1086
Conversation
@@ -1132,6 +1131,8 @@ - (void)acquireTokenWithParameters:(MSALInteractiveTokenParameters *)parameters | |||
return; | |||
} | |||
|
|||
[msidParams fillWithAccount:parameters.account]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Not immediately sure what's being filled in with the account. Maybe "setAccountIdentifier"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Addressed
@@ -3060,6 +3060,49 @@ - (void)testSignoutWithAccount_whenNonNilaccount_andSignoutFromBrowserFalse_andB | |||
[self waitForExpectations:@[expectation] timeout:1]; | |||
} | |||
|
|||
- (void)testSignoutWithAccount_whenSignoutFromBrowserTrue_andNilWebViewParameters_shouldFailWithError_andNotRemoveAccount |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just curious, should we include a test case for _whenSignoutFromBrowserFalse_andNilWebViewParameters_shouldremoveAccount?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great idea, added :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This isn't related to your changes Olga but I detected some unused/deprecated methods/fields in MSALPublicClientApplication.m:
->unused method(line 714): acquireTokenForScopes
->unused field(line 114): _defaultKeychainGroup
->deprecated method(lines 164 and 176): both use self initWithClientId:clientId
keychainGroup:MSALCacheConfig.defaultKeychainSharingGroup
authority:authority
redirectUri:nil
error:error]. But should use (instancetype)initWithConfiguration:(MSALPublicClientApplicationConfig *)config
error:(NSError **)error instead.
Thanks, I think acquireTokenForScopes on line 714 is actually public. It is deprecated, but we cannot remove it without updating major MSAL version. We should be able to remove all deprecated methods when we release MSAL 2.x. _defaultKeychainGroup - good catch. Please submit a separate PR to fix this. deprecated method(lines 164 and 176): both use self initWithClientId:clientId - I think it is the same as acquireTokenForScopes. We need to keep it for backward compatibility since those are public APIs. Let me know if that explains. |
Ok. I'll create a separate PR for removing _defaultKeychainGroup. As for the deprecated/unused methods, does a list of these exist somewhere for when MSAL 2.x happens? If not I can add start a list our knowledgeable. (Unless we have some script that we are planning on running before MSAL 2.x that will catch all of these). |
Thanks. For the deprecated APIs, you can just see all of them in the MSALPublicClientApplication.h file. They're annotated with DEPRECATED_MSG_ATTRIBUTE. |
Got it.. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me.
Proposed changes
Since most of developers call MSAL signout without requesting interactive signout from browser, it is tedious to require to provide MSALWebViewParameters in those cases.
This PR makes MSAL a bit "smarter" and makes MSALWebViewParameters mandatory only when signoutFromBrowser is requested.
Type of change
Risk
Additional information