Refs:
Complexity: 4
Create Issue
We added a 3rd property to the options in vscode.authentication.getSession it allows you to ask the user to re-sign in. This is great for situations when SSO is lost on a token (like for GitHub).
To test this, make a new extension and play with the proposed API here:
|
/** |
|
* More options to be used when getting an {@link AuthenticationSession} from an {@link AuthenticationProvider}. |
|
*/ |
|
export interface AuthenticationGetSessionOptions { |
|
/** |
|
* Whether we should attempt to reauthenticate even if there is already a session available. |
|
* |
|
* If true, a modal dialog will be shown asking the user to sign in again. This is mostly used for scenarios |
|
* where the token needs to be re minted because it has lost some authorization. |
|
* |
|
* Defaults to false. |
|
*/ |
|
forceRecreate?: boolean; |
|
} |
|
|
|
export namespace authentication { |
|
/** |
|
* Get an authentication session matching the desired scopes. Rejects if a provider with providerId is not |
|
* registered, or if the user does not consent to sharing authentication information with |
|
* the extension. If there are multiple sessions with the same scopes, the user will be shown a |
|
* quickpick to select which account they would like to use. |
|
* |
|
* Currently, there are only two authentication providers that are contributed from built in extensions |
|
* to the editor that implement GitHub and Microsoft authentication: their providerId's are 'github' and 'microsoft'. |
|
* @param providerId The id of the provider to use |
|
* @param scopes A list of scopes representing the permissions requested. These are dependent on the authentication provider |
|
* @param options The {@link AuthenticationGetSessionOptions} to use |
|
* @returns A thenable that resolves to an authentication session |
|
*/ |
|
export function getSession(providerId: string, scopes: readonly string[], options: AuthenticationGetSessionOptions & { forceRecreate: true }): Thenable<AuthenticationSession>; |
|
} |
Things to verify:
- It takes you through the flow and you get a dialog that says you are being asked to sign in again
- You get a new session (different access token) in the session that's returned:
const originalSession = await vscode.authentication.getSession('github', ['repo'], { createIfNone: true });
const newSession = await vscode.authentication.getSession('github', ['repo'], { forceRecreate: true });
console.log(originalSession);
console.log(newSession);
- If you abort the flow, the existing token should still exist so we don't mess up other extensions. Code to verify that might like look like this:
const originalSession = await vscode.authentication.getSession('github', ['repo'], { createIfNone: true });
let newSession: vscode.AuthenticationSession | undefined;
try {
newSession = await vscode.authentication.getSession('github', ['repo'], { forceRecreate: true });
} catch (e) {}
const session = await vscode.authentication.getSession('github', ['repo']);
console.log(session);
console.log(originalSession);
