Tyler James Leonhardt
d8c3a3263d
Add redirect URI and update MSAL packages ( #268939 )
...
* Bump MSAL packages further
To hopefully fix bugs
* add redirect uri
2025-09-29 19:57:44 +00:00
Tyler James Leonhardt
383f4b59ce
Bump MSAL node to assist non-broker flows ( #268242 )
...
This includes a bug fix on the MSAL side for non-broker flows.
2025-09-24 16:26:17 -07:00
Copilot
f14ccecb1e
Add support for Entra ID v1.0 authorization servers in VSCode MCP Client ( #262603 )
...
* Initial plan
* Add v1.0 Entra ID support and optimize MCP discovery for Microsoft endpoints
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
* Add tests for v1.0 authorization server support
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
* Address code review feedback: remove redundant tests and Microsoft-specific logic
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
2025-08-29 12:21:53 +02:00
Tyler James Leonhardt
7e8f8e9230
Add new msal-no-broker implementation option to allow for getting rid of classic soon ( #263966 )
...
Also, removes the redirectUri from acquireTokenSilent because MSAL was throwing because of it.
2025-08-29 09:01:02 +02:00
Tyler James Leonhardt
da3cf78129
Enable the broker in macOS ( #261148 )
...
* Enable the broker in macOS
Fixes https://github.com/microsoft/vscode/issues/260158
* for testing
* better globbing
* guh
* guh
* delete
* log it all
* let's just log everything
* Only do on supported OS/Arches
* Add a console.log
* look at VSCODE_ARCH
* add msal files
* add entitlement maybe here
* actually it's probably here
* build: bundle msal libs for x64 and arm64
* revert that
* try again
* try adding $(AppIdentifierPrefix)
* temp: add debuggee entitlements
* bump msal and pass in redirect uri on macOS
* revert entitlement files
* forgot the .helper
* Allow PII for the output channel only
* use unsigned option
---------
Co-authored-by: deepak1556 <hop2deep@gmail.com >
2025-08-27 14:31:09 -07:00
Tyler James Leonhardt
cf433b58e5
Ability to pass down WWW-Authenticate challenges down to Auth Providers ( #261717 )
...
* Initial plan
* Implement authentication challenges support for mandatory MFA
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
* Add documentation and integration test for authentication challenges
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
* Add validation script and finalize implementation
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
* Update authentication challenges API to use AuthenticationConstraint interface
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com >
* Get it compiling... who knows if it works
* New parseWWWAuthenticateHeader behavior
* works
* let's go with this for now
* Good shape
* bye
* final polish
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
2025-08-14 18:10:05 -07:00
Tyler James Leonhardt
c235626145
issuer -> authorizationServer refactor (#250359 )
...
* `issuer` -> `authorizationServer` refactor
Also:
* adds `authorizationServerGlobs` to the authentication contribution schema
* removes ugly MCP issuer hack and instead plumbs the authorizationServer down to the new auth providers
2025-06-02 17:38:21 -07:00
Tyler James Leonhardt
86efdcd2c1
Introduce Issuer handling in the Authentication stack ( #248948 )
...
Mostly plumbing... this enables:
```
vscode.authentication.getSession('microsoft', scopes, { issuer: "https://login.microsoftonline.com/common/v2.0 " });
```
And the respective API for an auth providers to handle it being passed in.
This props up work in MCP land which needs a way to map an issuer to an auth provider... but I certainly see utility outside of that space.
Fixes https://github.com/microsoft/vscode/issues/248775#issuecomment-2876711396
2025-05-14 23:02:15 +02:00
Robo
12326f9906
chore: update to Electron 35 ( #245423 )
...
* chore: bump electron@35.0.1
* chore: update types/node@22.x
* chore: update web types for node v22.x
* chore: bump electron@35.1.2
* chore: update node.js build
* chore: update app.dock usage
Refs 71f3ff6bf2afb637e85d#246835 )
* node - adopt compile cache
* adopt for utility process
* tweaks
* log state of compilation cache
* Revert "log state of compilation cache"
This reverts commit f3840387a583013834762e2c44f6e8424929297f.
* Revert "node - adopt compile cache (#246835 )"
This reverts commit 673a00cab66c9bac87f3cd27b80efa41c80150f1.
* chore: update builds
* chore: bump electron@35.2.0
* chore: bump electron@35.2.1
* chore: bump electron@35.2.2
---------
Co-authored-by: Benjamin Pasero <benjamin.pasero@microsoft.com >
2025-05-09 19:03:36 +09:00
Tyler James Leonhardt
445bb01935
Bump @azure/msal-node-runtime to 0.18.2 ( #247301 )
2025-04-24 12:56:59 +02:00
Tyler James Leonhardt
4293d3771a
Revert "Bump msal-runtime ( #244321 )" ( #246336 )
...
This reverts commit bdb7cc4f0c
2025-04-11 19:52:38 +02:00
Tyler James Leonhardt
bdb7cc4f0c
Bump msal-runtime ( #244321 )
...
Fixes https://github.com/microsoft/vscode/issues/240307
2025-03-21 20:56:33 -07:00
Tyler James Leonhardt
14324bbbc2
Remove old client id versioning code ( #242760 )
...
We're not doing this anymore and our default client id will be "upgraded" by the identity team.
2025-03-06 11:56:44 +09:00
Tyler James Leonhardt
a9ce0b5556
Include an ability to change the default client id ( #238736 )
...
Include an ability to change the client id
So our migration is easy to test
2025-01-24 16:46:50 -08:00
Tyler James Leonhardt
8eddff6613
Default to MSAL authentication 🚀 ( #237920 )
...
Here we go. Ref https://github.com/microsoft/vscode/issues/178740
2025-01-14 21:23:14 +01:00
Logan Ramos
e689b912ba
Update telemetry package ( #236378 )
2024-12-17 20:12:49 +01:00
Tyler James Leonhardt
c0c6b07185
Disable MSAL for now ( #235048 )
...
Because of late breaking issues:
* https://github.com/microsoft/vscode/issues/234932
* https://github.com/microsoft/vscode/issues/234954
This also comments out the `_setupRefresh` logic since that is causing the high CPU load. I'd like to see what happens when we don't do this behavior.
2024-12-03 01:39:32 +00:00
Tyler James Leonhardt
f6dd987698
No need for memento hack ( #234450 )
...
MSAL node made `clearCache` synchronous 🎉 so we can safely depend on it for clearing the cache.
> Context: The default behavior of MSAL's internal cache is that it is a union with what's in the persistant cache (secret storage) but what _we_ want is that secret storage is the source of truth, so every time we receive an update to secret storage, we clear the in-memory cache to get the data from the persistant cache.
Also bumps msal-node-extensions while we're at it.
2024-11-22 22:35:49 +01:00
Tyler James Leonhardt
d12854f6ba
Default MSAL to true ( #234290 )
...
Using new `microsoft-authentication.implementation` setting
2024-11-20 13:15:09 -08:00
Tyler James Leonhardt
305134296c
Adopt the MSAL broker to talk to the OS for Microsoft auth ( #233739 )
...
This adopts the `NativeBrokerPlugin` provided by `@azure/msal-node-extensions` to provide the ability to use auth state from the OS, and show native auth dialogs instead of going to the browser.
This has several pieces:
* The adoption of the broker in the microsoft-authentication extension:
* Adding `NativeBrokerPlugin` to our PCAs
* Using the proposed handle API to pass the native window handle down to MSAL calls (btw, this API will change in a follow up PR)
* Adopting an AccountAccess layer to handle:
* giving the user control of which accounts VS Code uses
* an eventing layer so that auth state can be updated across multiple windows
* Getting the extension to build properly and only build what it really needs. This required several package.json/webpack hacks:
* Use a fake keytar since we don't use the feature in `@azure/msal-node-extensions` that uses keytar
* Use a fake dpapi layer since we don't use the feature in `@azure/msal-node-extensions` that uses it
* Ensure the msal runtime `.node` and `.dll` files are included in the bundle
* Get the VS Code build to allow a native node module in an extension: by having a list of native extensions that will be built in the "ci" part of the build - in other words when VS Code is building on the target platform
There are a couple of followups:
* Refactor the `handle` API to handle (heh) Auxiliary Windows https://github.com/microsoft/vscode/issues/233106
* Separate the call to `acquireTokenSilent` and `acquireTokenInteractive` and all the usage of this native node module into a separate process or maybe in Core... we'll see. Something to experiment with after we have something working. NEEDS FOLLOW UP ISSUE
Fixes https://github.com/microsoft/vscode/issues/229431
2024-11-15 20:53:28 +09:00
Raymond Zhao
fcae80e2df
fix: useMsal setting doesn't have tags ( #232534 )
2024-10-29 15:26:18 -07:00
Tyler James Leonhardt
35183efe58
Revert "Rename MSAL setting" ( #230164 )
...
Revert "Rename MSAL setting (#230142 )"
This reverts commit 2a677c686b
2024-09-30 14:38:38 -07:00
Tyler James Leonhardt
2a677c686b
Rename MSAL setting ( #230142 )
2024-09-30 19:25:47 +02:00
Tyler James Leonhardt
9d28a232cb
Bump MSAL Node ( #227815 )
2024-09-06 18:39:14 +02:00
Tyler James Leonhardt
6544b003dc
Bump msal-node and fix a bad contrast ratio ( #226210 )
...
Bumps MSAL-node which contains [my fix](https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/7247 ) that will actually show our error template.
Also fixes an A11y contrast issue with said error template.
2024-08-22 00:53:21 +02:00
Tyler James Leonhardt
c125b90d41
Add experimentation to Microsoft auth ( #226107 )
...
* Add experimentation to Microsoft auth
So that we can gradually roll out MSAL support.
* correct order
2024-08-20 17:17:15 -07:00
Tyler James Leonhardt
70d27743ac
Ability to use MSAL in the Desktop ( #225272 )
...
* Ability to use MSAL in the Desktop
* add comment about MSAL workaround
2024-08-09 12:18:34 -07:00
Tyler James Leonhardt
02b638ae27
Finalize getAccounts API ( #224877 )
...
Fixes https://github.com/microsoft/vscode/issues/152399
2024-08-05 11:59:33 -07:00
Tyler James Leonhardt
86495e947b
Use global fetch and crypto ( #221736 )
...
Now that we're on Node 20, we can just use the global fetch and crypto which work the same in node and in the browser.
2024-07-15 10:58:31 -07:00
Tyler James Leonhardt
5d7157cb03
Implement getAccounts API over getSessions ( #215874 )
...
And plumb that through to the Microsoft auth provider
2024-06-16 18:12:37 -07:00
Robo
5216c04428
chore: update to electron 29 ( #209818 )
...
* chore: update electron@29.1.0
* chore: update typings to 20.x
* chore: bump electron@29.1.5
* ci: fix crash in compiling extensions-ci
* chore: disable .d.ts check for build/
$ ../node_modules/.bin/tsc -p tsconfig.build.json
node_modules/@types/chokidar/index.d.ts:21:14 - error TS2420: Class 'import("/Users/demohan/github/vscode/build/node_modules/@types/chokidar/index").FSWatcher' incorrectly implements interface 'import("fs").FSWatcher'.
Type 'FSWatcher' is missing the following properties from type 'FSWatcher': ref, unref
21 export class FSWatcher extends EventEmitter implements fs.FSWatcher {
~~~~~~~~~
node_modules/chokidar/types/index.d.ts:8:14 - error TS2420: Class 'import("/Users/demohan/github/vscode/build/node_modules/chokidar/types/index").FSWatcher' incorrectly implements interface 'import("fs").FSWatcher'.
Type 'FSWatcher' is missing the following properties from type 'FSWatcher': ref, unref
8 export class FSWatcher extends EventEmitter implements fs.FSWatcher {
~~~~~~~~~
Found 2 errors in 2 files.
Errors Files
1 node_modules/@types/chokidar/index.d.ts:21
1 node_modules/chokidar/types/index.d.ts:8
Refs a0f9e09f64eacec5f490tree-sitter-typescript@0.20 .5
* chore: bump electron@29.3.0
* chore: bump electron@29.3.1
* chore: update rpm deps-list for x86_64
* ci: disable io_uring UV backend on linux
* ci: disable io_uring backend for oss as well
* chore: update typings to 20.x
* ci: add TODO for io_uring workaround
* chore: bump distro
* chore: update preinstall node version checks
* chore: update @types/gulp
Refs https://github.com/microsoft/vscode/issues/212442
* ci: disable io_uring in more test suites
2024-05-11 01:20:28 +09:00
Logan Ramos
9bea1fc96a
Bump telemetry package ( #197168 )
2023-11-01 20:51:03 +01:00
Logan Ramos
cc98e55794
Fix slow telemetry module ( #193607 )
2023-09-20 20:14:12 +01:00
Logan Ramos
ecb0c80fc1
Bump extension telemetry module ( #191237 )
...
* Bump extension telemetry module
* Fix webpack
2023-08-24 12:53:41 -07:00
Robo
ea490e5545
chore: update to Electron 25 ( #188268 )
...
* chore: update electron@25.3.0
* ci: update NodeTool version
* chore: update @types/node
* add more common types to layers checker
* chore: update debian dependencies
* chore: update rpm dependencies
* fix: use legacy dns result order of Node.js
* ci: remove deprecated always-auth npm config
Refs npm/cli@72a7eeb
* chore: update deb and rpm dependencies
* chore: update armhf rpm dependencies
* chore: update x64 debian dependencies
* chore: update x64 rpm dependencies
* chore: update electron@25.3.1
* chore: update electron@25.4.0
* chore: bump distro
* chore: bump distro
---------
Co-authored-by: Benjamin Pasero <benjamin.pasero@microsoft.com >
2023-08-07 21:46:27 +09:00
Tyler James Leonhardt
dd2441f7ba
Polish Sovereign Cloud support ( #184634 )
...
* Use `@azure/ms-rest-azure-env` as official reference of endpoints
* Allow better configuration of custom clouds (these are new so it is ok to change the settings without migration)
Also clean up:
* querystring -> URLSearchParams (getting rid of a package dependency in the web)
* handle `workbench.getCodeExchangeProxyEndpoints` in one place
2023-06-08 12:39:29 -07:00
Brandon Waterloo [MSFT]
f9d14d68fb
Support sovereign/custom clouds in microsoft authentication provider ( #178725 )
2023-04-07 16:38:38 -07:00
Martin Aeschlimann
273e74965b
add querystring fallback ( #177250 )
2023-03-15 09:29:41 -07:00
Logan Ramos
8e6bcc9b9e
Bump module to new package ( #173599 )
2023-02-06 12:29:36 -08:00
Logan Ramos
8cea434dec
Remove unused proposals ( #172035 )
2023-01-23 19:09:07 +01:00
Logan Ramos
4acf2d9b46
Update the telemetry modules ( #170512 )
...
Update the module
2023-01-03 15:10:45 -05:00
Logan Ramos
b1076b41f3
Bump telemetry packages ( #169283 )
2022-12-15 17:29:10 +01:00
Joyce Er
3bdea7784d
authentication implicit activation events (#166715 )
...
* `authentication` implicit activation events
* More safety accessing `.id`
2022-11-19 08:30:48 -08:00
Logan Ramos
73d882bcf7
Update telemetry package ( #166292 )
2022-11-14 09:30:33 -08:00
Tyler James Leonhardt
ef415578d1
Take advantage of platform features in Microsoft Authentication extension ( #166066 )
2022-11-10 18:26:48 -08:00
Sandeep Somavarapu
2cd8ea24f2
#159892 Finalize ( #165925 )
2022-11-09 10:28:27 -05:00
Logan Ramos
bf1697d98c
Consume proposed telemetry API ( #165862 )
...
* Consume proposed telemetry API
* Update webpack
2022-11-08 21:58:28 -05:00
Tyler James Leonhardt
6684350a58
Onboard GitHub & Microsoft auth extensions to l10n ( #163662 )
...
* onboard github-auth completely to l10n
* onboard microsoft-authentication entirely on to l10n
2022-10-14 08:41:21 -07:00
Tyler James Leonhardt
29e985eca0
rev vscode-nls to version that doesn't ask for vscode-nls-web-data ( #161819 )
...
ref #161297
2022-09-26 11:10:54 -07:00
Sandeep Somavarapu
35c7ee9d02
Support log output channels for extensions ( #161249 )
...
* introduce log api in extension context
* separate registering output vs log channel
* Separate extension log channels in show logs command
* add logging error to embedder logger
* show extension log in the extension editor
* configure log level per extension
* change the order of log entries
* introduce logger
* align with output chanel
* revert changes
* fixes
2022-09-19 09:03:41 -07:00
