Address API sync feedback for challenges API (#265921)

* Address API sync feedback for challenges API

* use `fallbackScopes` instead of `scopes`
* `WWW`-> `Www`

ref https://github.com/microsoft/vscode/issues/260156

* adopt the change
This commit is contained in:
Tyler James Leonhardt
2025-09-09 14:05:43 -07:00
committed by GitHub
parent 0246a6ce90
commit 3e2f34ebe8
9 changed files with 69 additions and 82 deletions

View File

@@ -290,8 +290,11 @@ export class MsalAuthProvider implements AuthenticationProvider {
async getSessionsFromChallenges(constraint: AuthenticationConstraint, options: AuthenticationProviderSessionOptions): Promise<readonly AuthenticationSession[]> {
this._logger.info('[getSessionsFromChallenges]', 'starting with', constraint.challenges.length, 'challenges');
// Use scopes from constraint if provided, otherwise extract from challenges
const scopes = constraint.scopes?.length ? [...constraint.scopes] : this.extractScopesFromChallenges(constraint.challenges);
// Use scopes from challenges if provided, otherwise use fallback scopes
const scopes = this.extractScopesFromChallenges(constraint.challenges) ?? constraint.fallbackScopes;
if (!scopes || scopes.length === 0) {
throw new Error('No scopes found in authentication challenges or fallback scopes');
}
const claims = this.extractClaimsFromChallenges(constraint.challenges);
if (!claims) {
throw new Error('No claims found in authentication challenges');
@@ -309,8 +312,11 @@ export class MsalAuthProvider implements AuthenticationProvider {
async createSessionFromChallenges(constraint: AuthenticationConstraint, options: AuthenticationProviderSessionOptions): Promise<AuthenticationSession> {
this._logger.info('[createSessionFromChallenges]', 'starting with', constraint.challenges.length, 'challenges');
// Use scopes from constraint if provided, otherwise extract from challenges
const scopes = constraint.scopes?.length ? [...constraint.scopes] : this.extractScopesFromChallenges(constraint.challenges);
// Use scopes from challenges if provided, otherwise use fallback scopes
const scopes = this.extractScopesFromChallenges(constraint.challenges) ?? constraint.fallbackScopes;
if (!scopes || scopes.length === 0) {
throw new Error('No scopes found in authentication challenges or fallback scopes');
}
const claims = this.extractClaimsFromChallenges(constraint.challenges);
// Use scopes if available, otherwise fall back to default scopes
@@ -392,14 +398,13 @@ export class MsalAuthProvider implements AuthenticationProvider {
throw lastError ?? new Error('No auth flow succeeded');
}
private extractScopesFromChallenges(challenges: readonly AuthenticationChallenge[]): string[] {
const scopes: string[] = [];
private extractScopesFromChallenges(challenges: readonly AuthenticationChallenge[]): string[] | undefined {
for (const challenge of challenges) {
if (challenge.scheme.toLowerCase() === 'bearer' && challenge.params.scope) {
scopes.push(...challenge.params.scope.split(' '));
return challenge.params.scope.split(' ');
}
}
return scopes;
return undefined;
}
private extractClaimsFromChallenges(challenges: readonly AuthenticationChallenge[]): string | undefined {