Commit Graph

98 Commits

Author SHA1 Message Date
Tyler James Leonhardt
d8c3a3263d Add redirect URI and update MSAL packages (#268939)
* Bump MSAL packages further

To hopefully fix bugs

* add redirect uri
2025-09-29 19:57:44 +00:00
Tyler James Leonhardt
383f4b59ce Bump MSAL node to assist non-broker flows (#268242)
This includes a bug fix on the MSAL side for non-broker flows.
2025-09-24 16:26:17 -07:00
Copilot
f14ccecb1e Add support for Entra ID v1.0 authorization servers in VSCode MCP Client (#262603)
* Initial plan

* Add v1.0 Entra ID support and optimize MCP discovery for Microsoft endpoints

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Add tests for v1.0 authorization server support

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Address code review feedback: remove redundant tests and Microsoft-specific logic

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>
2025-08-29 12:21:53 +02:00
Tyler James Leonhardt
7e8f8e9230 Add new msal-no-broker implementation option to allow for getting rid of classic soon (#263966)
Also, removes the redirectUri from acquireTokenSilent because MSAL was throwing because of it.
2025-08-29 09:01:02 +02:00
Tyler James Leonhardt
da3cf78129 Enable the broker in macOS (#261148)
* Enable the broker in macOS

Fixes https://github.com/microsoft/vscode/issues/260158

* for testing

* better globbing

* guh

* guh

* delete

* log it all

* let's just log everything

* Only do on supported OS/Arches

* Add a console.log

* look at VSCODE_ARCH

* add msal files

* add entitlement maybe here

* actually it's probably here

* build: bundle msal libs for x64 and arm64

* revert that

* try again

* try adding $(AppIdentifierPrefix)

* temp: add debuggee entitlements

* bump msal and pass in redirect uri on macOS

* revert entitlement files

* forgot the .helper

* Allow PII for the output channel only

* use unsigned option

---------

Co-authored-by: deepak1556 <hop2deep@gmail.com>
2025-08-27 14:31:09 -07:00
Tyler James Leonhardt
cf433b58e5 Ability to pass down WWW-Authenticate challenges down to Auth Providers (#261717)
* Initial plan

* Implement authentication challenges support for mandatory MFA

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Add documentation and integration test for authentication challenges

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Add validation script and finalize implementation

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Update authentication challenges API to use AuthenticationConstraint interface

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Get it compiling... who knows if it works

* New parseWWWAuthenticateHeader behavior

* works

* let's go with this for now

* Good shape

* bye

* final polish

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
2025-08-14 18:10:05 -07:00
Tyler James Leonhardt
c235626145 issuer -> authorizationServer refactor (#250359)
* `issuer` -> `authorizationServer` refactor

Also:
* adds `authorizationServerGlobs` to the authentication contribution schema
* removes ugly MCP issuer hack and instead plumbs the authorizationServer down to the new auth providers
2025-06-02 17:38:21 -07:00
Tyler James Leonhardt
86efdcd2c1 Introduce Issuer handling in the Authentication stack (#248948)
Mostly plumbing... this enables:
```
vscode.authentication.getSession('microsoft', scopes, { issuer: "https://login.microsoftonline.com/common/v2.0" });
```
And the respective API for an auth providers to handle it being passed in.

This props up work in MCP land which needs a way to map an issuer to an auth provider... but I certainly see utility outside of that space.

Fixes https://github.com/microsoft/vscode/issues/248775#issuecomment-2876711396
2025-05-14 23:02:15 +02:00
Robo
12326f9906 chore: update to Electron 35 (#245423)
* chore: bump electron@35.0.1

* chore: update types/node@22.x

* chore: update web types for node v22.x

* chore: bump electron@35.1.2

* chore: update node.js build

* chore: update app.dock usage

Refs 71f3ff6bf2

* chore: bump electron@35.1.4

* chore: bump electron@35.1.5

* ci: bump sysroot to glibc 2.28 and gcc 10.5.0

* ci: enable timeout for smoketests

* chore: bump min glibcxx to 3.4.26 for server

* Revert "ci: enable timeout for smoketests"

This reverts commit afb637e85d.

* chore: update debian dependencies

* fix: workaround npm.ps1 argument parsing with powershell

* chore: update rpm dependencies

* test: partially revert changes from 242535

* test: remove redudant keybinding dispatch for selectTab

* test: fix test failure from running configured tasks

* test: focus settings editor for preferences.test.ts

* node - adopt compile cache (#246835)

* node - adopt compile cache

* adopt for utility process

* tweaks

* log state of compilation cache

* Revert "log state of compilation cache"

This reverts commit f3840387a583013834762e2c44f6e8424929297f.

* Revert "node - adopt compile cache (#246835)"

This reverts commit 673a00cab66c9bac87f3cd27b80efa41c80150f1.

* chore: update builds

* chore: bump electron@35.2.0

* chore: bump electron@35.2.1

* chore: bump electron@35.2.2

---------

Co-authored-by: Benjamin Pasero <benjamin.pasero@microsoft.com>
2025-05-09 19:03:36 +09:00
Tyler James Leonhardt
445bb01935 Bump @azure/msal-node-runtime to 0.18.2 (#247301) 2025-04-24 12:56:59 +02:00
Tyler James Leonhardt
4293d3771a Revert "Bump msal-runtime (#244321)" (#246336)
This reverts commit bdb7cc4f0c.
2025-04-11 19:52:38 +02:00
Tyler James Leonhardt
bdb7cc4f0c Bump msal-runtime (#244321)
Fixes https://github.com/microsoft/vscode/issues/240307
2025-03-21 20:56:33 -07:00
Tyler James Leonhardt
14324bbbc2 Remove old client id versioning code (#242760)
We're not doing this anymore and our default client id will be "upgraded" by the identity team.
2025-03-06 11:56:44 +09:00
Tyler James Leonhardt
a9ce0b5556 Include an ability to change the default client id (#238736)
Include an ability to change the client id

So our migration is easy to test
2025-01-24 16:46:50 -08:00
Tyler James Leonhardt
8eddff6613 Default to MSAL authentication 🚀 (#237920)
Here we go. Ref https://github.com/microsoft/vscode/issues/178740
2025-01-14 21:23:14 +01:00
Logan Ramos
e689b912ba Update telemetry package (#236378) 2024-12-17 20:12:49 +01:00
Tyler James Leonhardt
c0c6b07185 Disable MSAL for now (#235048)
Because of late breaking issues:

* https://github.com/microsoft/vscode/issues/234932
* https://github.com/microsoft/vscode/issues/234954

This also comments out the `_setupRefresh` logic since that is causing the high CPU load. I'd like to see what happens when we don't do this behavior.
2024-12-03 01:39:32 +00:00
Tyler James Leonhardt
f6dd987698 No need for memento hack (#234450)
MSAL node made `clearCache` synchronous 🎉 so we can safely depend on it for clearing the cache.

> Context: The default behavior of MSAL's internal cache is that it is a union with what's in the persistant cache (secret storage) but what _we_ want is that secret storage is the source of truth, so every time we receive an update to secret storage, we clear the in-memory cache to get the data from the persistant cache.

Also bumps msal-node-extensions while we're at it.
2024-11-22 22:35:49 +01:00
Tyler James Leonhardt
d12854f6ba Default MSAL to true (#234290)
Using new `microsoft-authentication.implementation` setting
2024-11-20 13:15:09 -08:00
Tyler James Leonhardt
305134296c Adopt the MSAL broker to talk to the OS for Microsoft auth (#233739)
This adopts the `NativeBrokerPlugin` provided by `@azure/msal-node-extensions` to provide the ability to use auth state from the OS, and show native auth dialogs instead of going to the browser.

This has several pieces:
* The adoption of the broker in the microsoft-authentication extension:
  * Adding `NativeBrokerPlugin` to our PCAs
  * Using the proposed handle API to pass the native window handle down to MSAL calls (btw, this API will change in a follow up PR)
  * Adopting an AccountAccess layer to handle:
    * giving the user control of which accounts VS Code uses
    * an eventing layer so that auth state can be updated across multiple windows
* Getting the extension to build properly and only build what it really needs. This required several package.json/webpack hacks:
  * Use a fake keytar since we don't use the feature in `@azure/msal-node-extensions` that uses keytar
  * Use a fake dpapi layer since we don't use the feature in  `@azure/msal-node-extensions` that uses it
  * Ensure the msal runtime `.node` and `.dll` files are included in the bundle
* Get the VS Code build to allow a native node module in an extension: by having a list of native extensions that will be built in the "ci" part of the build - in other words when VS Code is building on the target platform

There are a couple of followups:
* Refactor the `handle` API to handle (heh) Auxiliary Windows https://github.com/microsoft/vscode/issues/233106
* Separate the call to `acquireTokenSilent` and `acquireTokenInteractive` and all the usage of this native node module into a separate process or maybe in Core... we'll see. Something to experiment with after we have something working. NEEDS FOLLOW UP ISSUE

Fixes https://github.com/microsoft/vscode/issues/229431
2024-11-15 20:53:28 +09:00
Raymond Zhao
fcae80e2df fix: useMsal setting doesn't have tags (#232534) 2024-10-29 15:26:18 -07:00
Tyler James Leonhardt
35183efe58 Revert "Rename MSAL setting" (#230164)
Revert "Rename MSAL setting (#230142)"

This reverts commit 2a677c686b.
2024-09-30 14:38:38 -07:00
Tyler James Leonhardt
2a677c686b Rename MSAL setting (#230142) 2024-09-30 19:25:47 +02:00
Tyler James Leonhardt
9d28a232cb Bump MSAL Node (#227815) 2024-09-06 18:39:14 +02:00
Tyler James Leonhardt
6544b003dc Bump msal-node and fix a bad contrast ratio (#226210)
Bumps MSAL-node which contains [my fix](https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/7247) that will actually show our error template.

Also fixes an A11y contrast issue with said error template.
2024-08-22 00:53:21 +02:00
Tyler James Leonhardt
c125b90d41 Add experimentation to Microsoft auth (#226107)
* Add experimentation to Microsoft auth

So that we can gradually roll out MSAL support.

* correct order
2024-08-20 17:17:15 -07:00
Tyler James Leonhardt
70d27743ac Ability to use MSAL in the Desktop (#225272)
* Ability to use MSAL in the Desktop

* add comment about MSAL workaround
2024-08-09 12:18:34 -07:00
Tyler James Leonhardt
02b638ae27 Finalize getAccounts API (#224877)
Fixes https://github.com/microsoft/vscode/issues/152399
2024-08-05 11:59:33 -07:00
Tyler James Leonhardt
86495e947b Use global fetch and crypto (#221736)
Now that we're on Node 20, we can just use the global fetch and crypto which work the same in node and in the browser.
2024-07-15 10:58:31 -07:00
Tyler James Leonhardt
5d7157cb03 Implement getAccounts API over getSessions (#215874)
And plumb that through to the Microsoft auth provider
2024-06-16 18:12:37 -07:00
Robo
5216c04428 chore: update to electron 29 (#209818)
* chore: update electron@29.1.0

* chore: update typings to 20.x

* chore: bump electron@29.1.5

* ci: fix crash in compiling extensions-ci

* chore: disable .d.ts check for build/

$ ../node_modules/.bin/tsc -p tsconfig.build.json
node_modules/@types/chokidar/index.d.ts:21:14 - error TS2420: Class 'import("/Users/demohan/github/vscode/build/node_modules/@types/chokidar/index").FSWatcher' incorrectly implements interface 'import("fs").FSWatcher'.
  Type 'FSWatcher' is missing the following properties from type 'FSWatcher': ref, unref

21 export class FSWatcher extends EventEmitter implements fs.FSWatcher {
                ~~~~~~~~~

node_modules/chokidar/types/index.d.ts:8:14 - error TS2420: Class 'import("/Users/demohan/github/vscode/build/node_modules/chokidar/types/index").FSWatcher' incorrectly implements interface 'import("fs").FSWatcher'.
  Type 'FSWatcher' is missing the following properties from type 'FSWatcher': ref, unref

8 export class FSWatcher extends EventEmitter implements fs.FSWatcher {
               ~~~~~~~~~

Found 2 errors in 2 files.

Errors  Files
     1  node_modules/@types/chokidar/index.d.ts:21
     1  node_modules/chokidar/types/index.d.ts:8

Refs a0f9e09f64

* chore: update core types

* temp: fix layer validation

* chore: update nodejs checksums

* ci: use latest v20 LTS for missing node-gyp

Refs eacec5f490

* ci: define LIBCPP_HARDENING_MODE

* ci: fix crash in vscode-web-min-ci

* chore: update rpm deps-list

* chore: bump tree-sitter-typescript@0.20.5

* chore: bump electron@29.3.0

* chore: bump electron@29.3.1

* chore: update rpm deps-list for x86_64

* ci: disable io_uring UV backend on linux

* ci: disable io_uring backend for oss as well

* chore: update typings to 20.x

* ci: add TODO for io_uring workaround

* chore: bump distro

* chore: update preinstall node version checks

* chore: update @types/gulp

Refs https://github.com/microsoft/vscode/issues/212442

* ci: disable io_uring in more test suites
2024-05-11 01:20:28 +09:00
Logan Ramos
9bea1fc96a Bump telemetry package (#197168) 2023-11-01 20:51:03 +01:00
Logan Ramos
cc98e55794 Fix slow telemetry module (#193607) 2023-09-20 20:14:12 +01:00
Logan Ramos
ecb0c80fc1 Bump extension telemetry module (#191237)
* Bump extension telemetry module

* Fix webpack
2023-08-24 12:53:41 -07:00
Robo
ea490e5545 chore: update to Electron 25 (#188268)
* chore: update electron@25.3.0

* ci: update NodeTool version

* chore: update @types/node

* add more common types to layers checker

* chore: update debian dependencies

* chore: update rpm dependencies

* fix: use legacy dns result order of Node.js

* ci: remove deprecated always-auth npm config

Refs npm/cli@72a7eeb

* chore: update deb and rpm dependencies

* chore: update armhf rpm dependencies

* chore: update x64 debian dependencies

* chore: update x64 rpm dependencies

* chore: update electron@25.3.1

* chore: update electron@25.4.0

* chore: bump distro

* chore: bump distro

---------

Co-authored-by: Benjamin Pasero <benjamin.pasero@microsoft.com>
2023-08-07 21:46:27 +09:00
Tyler James Leonhardt
dd2441f7ba Polish Sovereign Cloud support (#184634)
* Use `@azure/ms-rest-azure-env` as official reference of endpoints
* Allow better configuration of custom clouds (these are new so it is ok to change the settings without migration)

Also clean up:

* querystring -> URLSearchParams (getting rid of a package dependency in the web)
* handle `workbench.getCodeExchangeProxyEndpoints` in one place
2023-06-08 12:39:29 -07:00
Brandon Waterloo [MSFT]
f9d14d68fb Support sovereign/custom clouds in microsoft authentication provider (#178725) 2023-04-07 16:38:38 -07:00
Martin Aeschlimann
273e74965b add querystring fallback (#177250) 2023-03-15 09:29:41 -07:00
Logan Ramos
8e6bcc9b9e Bump module to new package (#173599) 2023-02-06 12:29:36 -08:00
Logan Ramos
8cea434dec Remove unused proposals (#172035) 2023-01-23 19:09:07 +01:00
Logan Ramos
4acf2d9b46 Update the telemetry modules (#170512)
Update the module
2023-01-03 15:10:45 -05:00
Logan Ramos
b1076b41f3 Bump telemetry packages (#169283) 2022-12-15 17:29:10 +01:00
Joyce Er
3bdea7784d authentication implicit activation events (#166715)
* `authentication` implicit activation events

* More safety accessing `.id`
2022-11-19 08:30:48 -08:00
Logan Ramos
73d882bcf7 Update telemetry package (#166292) 2022-11-14 09:30:33 -08:00
Tyler James Leonhardt
ef415578d1 Take advantage of platform features in Microsoft Authentication extension (#166066) 2022-11-10 18:26:48 -08:00
Sandeep Somavarapu
2cd8ea24f2 #159892 Finalize (#165925) 2022-11-09 10:28:27 -05:00
Logan Ramos
bf1697d98c Consume proposed telemetry API (#165862)
* Consume proposed telemetry API

* Update webpack
2022-11-08 21:58:28 -05:00
Tyler James Leonhardt
6684350a58 Onboard GitHub & Microsoft auth extensions to l10n (#163662)
* onboard github-auth completely to l10n

* onboard microsoft-authentication entirely on to l10n
2022-10-14 08:41:21 -07:00
Tyler James Leonhardt
29e985eca0 rev vscode-nls to version that doesn't ask for vscode-nls-web-data (#161819)
ref #161297
2022-09-26 11:10:54 -07:00
Sandeep Somavarapu
35c7ee9d02 Support log output channels for extensions (#161249)
* introduce log api in extension context

* separate registering output vs log channel

* Separate extension log channels in show logs command

* add logging error to embedder logger

* show extension log in the extension editor

* configure log level per extension

* change the order of log entries

* introduce logger

* align with output chanel

* revert changes

* fixes
2022-09-19 09:03:41 -07:00