Make webview parameters optional in MSALSignoutParameters #1086
Conversation
| @@ -1132,6 +1131,8 @@ - (void)acquireTokenWithParameters:(MSALInteractiveTokenParameters *)parameters | |||
| return; | |||
| } | |||
|
|
|||
| [msidParams fillWithAccount:parameters.account]; | |||
There was a problem hiding this comment.
nit: Not immediately sure what's being filled in with the account. Maybe "setAccountIdentifier"?
| @@ -3060,6 +3060,49 @@ - (void)testSignoutWithAccount_whenNonNilaccount_andSignoutFromBrowserFalse_andB | |||
| [self waitForExpectations:@[expectation] timeout:1]; | |||
| } | |||
|
|
|||
| - (void)testSignoutWithAccount_whenSignoutFromBrowserTrue_andNilWebViewParameters_shouldFailWithError_andNotRemoveAccount | |||
There was a problem hiding this comment.
Just curious, should we include a test case for _whenSignoutFromBrowserFalse_andNilWebViewParameters_shouldremoveAccount?
There was a problem hiding this comment.
This isn't related to your changes Olga but I detected some unused/deprecated methods/fields in MSALPublicClientApplication.m:
->unused method(line 714): acquireTokenForScopes
->unused field(line 114): _defaultKeychainGroup
->deprecated method(lines 164 and 176): both use self initWithClientId:clientId
keychainGroup:MSALCacheConfig.defaultKeychainSharingGroup
authority:authority
redirectUri:nil
error:error]. But should use (instancetype)initWithConfiguration:(MSALPublicClientApplicationConfig *)config
error:(NSError **)error instead.
Thanks, I think acquireTokenForScopes on line 714 is actually public. It is deprecated, but we cannot remove it without updating major MSAL version. We should be able to remove all deprecated methods when we release MSAL 2.x. _defaultKeychainGroup - good catch. Please submit a separate PR to fix this. deprecated method(lines 164 and 176): both use self initWithClientId:clientId - I think it is the same as acquireTokenForScopes. We need to keep it for backward compatibility since those are public APIs. Let me know if that explains. |
|
Ok. I'll create a separate PR for removing _defaultKeychainGroup. As for the deprecated/unused methods, does a list of these exist somewhere for when MSAL 2.x happens? If not I can add start a list our knowledgeable. (Unless we have some script that we are planning on running before MSAL 2.x that will catch all of these). |
Thanks. For the deprecated APIs, you can just see all of them in the MSALPublicClientApplication.h file. They're annotated with DEPRECATED_MSG_ATTRIBUTE. |
Got it.. |
Proposed changes
Since most of developers call MSAL signout without requesting interactive signout from browser, it is tedious to require to provide MSALWebViewParameters in those cases.
This PR makes MSAL a bit "smarter" and makes MSALWebViewParameters mandatory only when signoutFromBrowser is requested.
Type of change
Risk
Additional information