Adopt the MSAL broker to talk to the OS for Microsoft auth (#233739)

This adopts the `NativeBrokerPlugin` provided by `@azure/msal-node-extensions` to provide the ability to use auth state from the OS, and show native auth dialogs instead of going to the browser. This has several pieces: * The adoption of the broker in the microsoft-authentication extension: * Adding `NativeBrokerPlugin` to our PCAs * Using the proposed handle API to pass the native window handle down to MSAL calls (btw, this API will change in a follow up PR) * Adopting an AccountAccess layer to handle: * giving the user control of which accounts VS Code uses * an eventing layer so that auth state can be updated across multiple windows * Getting the extension to build properly and only build what it really needs. This required several package.json/webpack hacks: * Use a fake keytar since we don't use the feature in `@azure/msal-node-extensions` that uses keytar * Use a fake dpapi layer since we don't use the feature in `@azure/msal-node-extensions` that uses it * Ensure the msal runtime `.node` and `.dll` files are included in the bundle * Get the VS Code build to allow a native node module in an extension: by having a list of native extensions that will be built in the "ci" part of the build - in other words when VS Code is building on the target platform There are a couple of followups: * Refactor the `handle` API to handle (heh) Auxiliary Windows https://github.com/microsoft/vscode/issues/233106 * Separate the call to `acquireTokenSilent` and `acquireTokenInteractive` and all the usage of this native node module into a separate process or maybe in Core... we'll see. Something to experiment with after we have something working. NEEDS FOLLOW UP ISSUE Fixes https://github.com/microsoft/vscode/issues/229431
2026-04-26 03:29:00 +01:00 · 2024-11-15 03:53:28 -08:00
parent 681164aaaa
commit 305134296c
20 changed files with 446 additions and 42 deletions
--- a/extensions/microsoft-authentication/extension.webpack.config.js
+++ b/extensions/microsoft-authentication/extension.webpack.config.js
@@ -8,10 +8,42 @@
 'use strict';

 const withDefaults = require('../shared.webpack.config');
+const CopyWebpackPlugin = require('copy-webpack-plugin');
+const path = require('path');
+const { NormalModuleReplacementPlugin } = require('webpack');
+
+const isWindows = process.platform === 'win32';

 module.exports = withDefaults({
 	context: __dirname,
 	entry: {
 		extension: './src/extension.ts'
-	}
+	},
+	externals: {
+		// The @azure/msal-node-runtime package requires this native node module (.node).
+		// It is currently only included on Windows, but the package handles unsupported platforms
+		// gracefully.
+		'./msal-node-runtime': 'commonjs ./msal-node-runtime'
+	},
+	plugins: [
+		...withDefaults.nodePlugins(__dirname),
+		new CopyWebpackPlugin({
+			patterns: [
+				{
+					// The native files we need to ship with the extension
+					from: '**/dist/msal*.(node|dll)',
+					to: '[name][ext]',
+					// These will only be present on Windows for now
+					noErrorOnMissing: !isWindows
+				}
+			]
+		}),
+		// We don't use the feature that uses Dpapi, so we can just replace it with a mock.
+		// This is a bit of a hack, but it's the easiest way to do it. Really, msal should
+		// handle when this native node module is not available.
+		new NormalModuleReplacementPlugin(
+			/\.\.\/Dpapi\.mjs/,
+			path.resolve(__dirname, 'packageMocks', 'dpapi', 'dpapi.js')
+		)
+	]
 });