New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Microsoft Entra Id authentication for rest source #4123
Conversation
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
auto authenticatedAccount = responseData.WebAccount(); | ||
|
||
// Check token's corresponding account matches user input if applicable. | ||
if (m_authArgs.AuthenticationAccount.empty() || Utility::CaseInsensitiveEquals(m_authArgs.AuthenticationAccount, Utility::ConvertToUTF8(authenticatedAccount.UserName()))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Empty m_authArgs.AuthenticationAccount means user or caller did not specify which account to use. So we consider it as authentication success as long as WebAccountmanager returns success.
Change
This pr adds Microsoft Entra Id support for rest source. To achieve this, rest source /information contract is updated with below. The /information endpoint should never use authentication as it is the first handshake between winget client and rest source.
Rest source interface will read this info and acquire authentication using WebAccountManager OS api during all following source interaction (/packageManifests, /manifestSearch)
CLI arguments updated to specify authentication behavior
COM interface updated to specify authentication behavior from caller and provide authentication info of package catalog to caller
Validation
Microsoft Reviewers: Open in CodeFlow