-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Windows broker (WAM) #323
Conversation
3579c91
to
af6d5c9
Compare
Add support for broker-assisted authentication on Windows using "WAM" (Web Authentication Manager) as provided by the MSAL.Desktop library. The GCM_MSAUTH_USEBROKER environment variable or the credential.msauthUseBroker configuration option will control if WAM is enabled or not. By default WAM _is_ enabled.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to be worried about these warnings (StorageCreationPropertiesBuilder()
being obsolete)?
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
Reorder the CanUseBroker logic to be easier to grok.
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Outdated
Show resolved
Hide resolved
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
Improve the wording around which settings and values cause the auth-flow setting to be ignored. Grammer iz hard.
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
src/shared/Microsoft.Git.CredentialManager/Authentication/MicrosoftAuthentication.cs
Show resolved
Hide resolved
Remove the usage of a now deprecated constructor for the shared token cache storage properties. This constructor took the client ID which was only used to eventing; GCM doesn't use this.
@dscho I've removed the warnings by dropping that extra (not needed) argument from the constructor in question. |
Add support for broker-assisted authentication on Windows using "WAM" (Web Authentication Manager) as provided by the MSAL.Desktop library.
The
GCM_MSAUTH_USEBROKER
environment variable or thecredential.msauthUseBroker
configuration option will control if WAM is enabled or not.By default WAM is enabled.This ended up being simpler then I expected. Looks like the VS AAD app registration has now been updated to have the required WAM redirect URI which was previously a technical blocker.
Fixes #211
Update: WAM is now default disabled due to concerns about the maturity of the UX and technology. cc: @bgavrilMS