Microsoft/vscode
1
0
Fork 0
mirror of https://github.com/microsoft/vscode.git synced 2026-05-03 23:06:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reinstate normal loopback flow for Gov clouds (#230541)

Browse Source 
I finally managed to make changes to the Gov cloud configurations and we can now use the loopback flow for the Gov clouds.
This commit is contained in:
Tyler James Leonhardt
2024-10-04 13:22:00 -07:00
committed by GitHub
parent d2af8e6957
commit 4ae34118f2
1 changed files with 34 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
extensions/microsoft-authentication/src/node/authProvider.ts
View File

@@ -155,54 +155,45 @@ export class MsalAuthProvider implements AuthenticationProvider {
const cachedPca = await this.getOrCreatePublicClientApplication(scopeData.clientId, scopeData.tenant);
let result: AuthenticationResult | undefined;
// Currently, the http://localhost redirect URI is only in the AzureCloud environment... even though I did make the change in the SovereignCloud environments...
// TODO: Remove this check when the change is in all environments.
let useLoopBack = this._env !== Environment.AzureCloud && scopeData.clientId === 'aebc6443-996d-45c2-90f0-388ff96faa56';
if (!useLoopBack) {
try {
result = await cachedPca.acquireTokenInteractive({
openBrowser: async (url: string) => { await env.openExternal(Uri.parse(url)); },
scopes: scopeData.scopesToSend,
// The logic for rendering one or the other of these templates is in the
// template itself, so we pass the same one for both.
successTemplate: loopbackTemplate,
errorTemplate: loopbackTemplate,
// Pass the label of the account to the login hint so that we prefer signing in to that account
loginHint: options.account?.label,
// If we aren't logging in to a specific account, then we can use the prompt to make sure they get
// the option to choose a different account.
prompt: options.account?.label ? undefined : 'select_account'
});
} catch (e) {
if (e instanceof CancellationError) {
const yes = l10n.t('Yes');
const result = await window.showErrorMessage(
l10n.t('Having trouble logging in?'),
{
modal: true,
detail: l10n.t('Would you like to try a different way to sign in to your Microsoft account? ({0})', 'protocol handler')
},
yes
);
if (!result) {
this._telemetryReporter.sendLoginFailedEvent();
throw e;
}
}
// This error comes from the backend and is likely not due to the user's machine
// failing to open a port or something local that would require us to try the
// URL handler loopback client.
if (e instanceof ServerError) {
try {
result = await cachedPca.acquireTokenInteractive({
openBrowser: async (url: string) => { await env.openExternal(Uri.parse(url)); },
scopes: scopeData.scopesToSend,
// The logic for rendering one or the other of these templates is in the
// template itself, so we pass the same one for both.
successTemplate: loopbackTemplate,
errorTemplate: loopbackTemplate,
// Pass the label of the account to the login hint so that we prefer signing in to that account
loginHint: options.account?.label,
// If we aren't logging in to a specific account, then we can use the prompt to make sure they get
// the option to choose a different account.
prompt: options.account?.label ? undefined : 'select_account'
});
} catch (e) {
if (e instanceof CancellationError) {
const yes = l10n.t('Yes');
const result = await window.showErrorMessage(
l10n.t('Having trouble logging in?'),
{
modal: true,
detail: l10n.t('Would you like to try a different way to sign in to your Microsoft account? ({0})', 'protocol handler')
},
yes
);
if (!result) {
this._telemetryReporter.sendLoginFailedEvent();
throw e;
}
// The user wants to try the loopback client or we got an error likely due to spinning up the server
useLoopBack = true;
}
}
// This error comes from the backend and is likely not due to the user's machine
// failing to open a port or something local that would require us to try the
// URL handler loopback client.
if (e instanceof ServerError) {
this._telemetryReporter.sendLoginFailedEvent();
throw e;
}
if (useLoopBack) {
// The user wants to try the loopback client or we got an error likely due to spinning up the server
const loopbackClient = new UriHandlerLoopbackClient(this._uriHandler, redirectUri, this._logger);
try {
result = await cachedPca.acquireTokenInteractive({