Microsoft/vscode
1
0
Fork 0
mirror of https://github.com/microsoft/vscode.git synced 2026-04-20 08:38:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
140,661 Commits 3,600 Branches 356 Tags
b2481854e8e0a8654dca4e4537138f7fc84ede49
Commit Graph

186 Commits

Author SHA1 Message Date
Tyler James Leonhardt
bcbd0b4a98 Remove quick pick flow for protocol handler (#270455) 
Remove quick pick flow

Since we have device code flow, that's better.

ref https://github.com/microsoft/vscode/issues/270452
 2025-10-08 18:20:16 -07:00
Tyler James Leonhardt
d751a3d55f Add device code flow when not brokered (#270453) 
fixes https://github.com/microsoft/vscode/issues/270452
 2025-10-08 16:49:23 -07:00
Tyler James Leonhardt
8845fc4b5c Remove any casts in auth extensions (#270089) 2025-10-06 12:28:27 -07:00
Matt Bierner
360c9fd134 Add lint rule for as any and bulk ignore all existing breaks 
For #269213

This adds a new eslint rule for `as any` and `<any>({... })`. We'd like to remove almost all of these, however right now the first goal is to prevent them in new code. That's why with this first PR I simply add `eslint-disable` comments for all breaks

Trying to get this change in soon after branching off for release to hopefully minimize disruption during debt week work
 2025-10-02 23:38:33 -07:00
Tyler James Leonhardt
d8c3a3263d Add redirect URI and update MSAL packages (#268939) 
* Bump MSAL packages further

To hopefully fix bugs

* add redirect uri
 2025-09-29 19:57:44 +00:00
Tyler James Leonhardt
bf0108fb1e Re-enable MSAL broker on macOS (#267833) 
Fixes https://github.com/microsoft/vscode/issues/260158
 2025-09-22 13:36:31 -07:00
Tyler James Leonhardt
3e2f34ebe8 Address API sync feedback for challenges API (#265921) 
* Address API sync feedback for challenges API

* use `fallbackScopes` instead of `scopes`
* `WWW`-> `Www`

ref https://github.com/microsoft/vscode/issues/260156

* adopt the change
 2025-09-09 17:05:43 -04:00
Matt Bierner
46433f1a75 Fix ms auth compile error 2025-09-05 14:52:25 -07:00
Tyler James Leonhardt
7a4d034fc5 Disable macOS broker support due to blocking MSAL bug (#264954) 
Sigh... Unfortunately, MSAL seems to fail for clients that don't have managed machines that have opted in to the broker... I have opened a blocking issue on them internally.

At least, when they fix it, it would just be a matter of updating the package version and the conditional here.
 2025-09-03 17:30:49 +00:00
Tyler James Leonhardt
151a19f321 Only add the broker if it's available (#264785) 
We shouldn't have to do this, but let's see if this resolves issues with users who don't have the broker installed.
 2025-09-02 22:28:03 +00:00
Tyler James Leonhardt
70e7eae770 MSAL Redirect Funkiness (#264057) 
Why do they do this to me...
 2025-08-29 08:47:16 -10:00
Tyler James Leonhardt
54b39dc336 Typo in telemetry (#264041) 2025-08-29 16:50:45 +00:00
Copilot
f14ccecb1e Add support for Entra ID v1.0 authorization servers in VSCode MCP Client (#262603) 
* Initial plan

* Add v1.0 Entra ID support and optimize MCP discovery for Microsoft endpoints

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Add tests for v1.0 authorization server support

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Address code review feedback: remove redundant tests and Microsoft-specific logic

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>
 2025-08-29 12:21:53 +02:00
Tyler James Leonhardt
7e8f8e9230 Add new msal-no-broker implementation option to allow for getting rid of classic soon (#263966) 
Also, removes the redirectUri from acquireTokenSilent because MSAL was throwing because of it.
 2025-08-29 09:01:02 +02:00
Tyler James Leonhardt
2e43a0c0d6 Handle authority & redirectUri in acquireTokenByRefreshToken (#263958) 
Handle authority in acquireTokenByRefreshToken

This fixes the migration logic for clients that that moving from MSAL to MSAL+Broker
 2025-08-29 04:27:54 +00:00
Tyler James Leonhardt
5b25d491ca Add a log statement for acquireTokenSilent (#263951) 
* Add a log statement for acquireTokenSilent

* stringify
 2025-08-29 06:09:28 +02:00
Tyler James Leonhardt
7d1d412b25 default is true, fix the log (#263931) 2025-08-29 00:14:58 +00:00
Tyler James Leonhardt
da3cf78129 Enable the broker in macOS (#261148) 
* Enable the broker in macOS

Fixes https://github.com/microsoft/vscode/issues/260158

* for testing

* better globbing

* guh

* guh

* delete

* log it all

* let's just log everything

* Only do on supported OS/Arches

* Add a console.log

* look at VSCODE_ARCH

* add msal files

* add entitlement maybe here

* actually it's probably here

* build: bundle msal libs for x64 and arm64

* revert that

* try again

* try adding $(AppIdentifierPrefix)

* temp: add debuggee entitlements

* bump msal and pass in redirect uri on macOS

* revert entitlement files

* forgot the .helper

* Allow PII for the output channel only

* use unsigned option

---------

Co-authored-by: deepak1556 <hop2deep@gmail.com>
 2025-08-27 14:31:09 -07:00
Tyler James Leonhardt
cf433b58e5 Ability to pass down WWW-Authenticate challenges down to Auth Providers (#261717) 
* Initial plan

* Implement authentication challenges support for mandatory MFA

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Add documentation and integration test for authentication challenges

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Add validation script and finalize implementation

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Update authentication challenges API to use AuthenticationConstraint interface

Co-authored-by: TylerLeonhardt <2644648+TylerLeonhardt@users.noreply.github.com>

* Get it compiling... who knows if it works

* New parseWWWAuthenticateHeader behavior

* works

* let's go with this for now

* Good shape

* bye

* final polish

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
 2025-08-14 18:10:05 -07:00
Tyler James Leonhardt
86ff5cd43b Use the tenantId property instead (#260418) 
since it _seems_ most of the time, the idTokenClaims are not present.
 2025-08-07 22:02:13 +00:00
Matt Bierner
30b93b1217 Bump extensions to target es2024 
I reviewed the various changes and library additions of es2024 and it seems they are widely supported across node and modern browsers
 2025-08-05 10:40:33 -07:00
Tyler James Leonhardt
c235626145 issuer -> authorizationServer refactor (#250359) 
* `issuer` -> `authorizationServer` refactor

Also:
* adds `authorizationServerGlobs` to the authentication contribution schema
* removes ugly MCP issuer hack and instead plumbs the authorizationServer down to the new auth providers
 2025-06-02 17:38:21 -07:00
Tyler James Leonhardt
86efdcd2c1 Introduce Issuer handling in the Authentication stack (#248948) 
Mostly plumbing... this enables:
```
vscode.authentication.getSession('microsoft', scopes, { issuer: "https://login.microsoftonline.com/common/v2.0" });
```
And the respective API for an auth providers to handle it being passed in.

This props up work in MCP land which needs a way to map an issuer to an auth provider... but I certainly see utility outside of that space.

Fixes https://github.com/microsoft/vscode/issues/248775#issuecomment-2876711396
 2025-05-14 23:02:15 +02:00
Tyler James Leonhardt
846dae676c Fix telemetry event name (#248569) 
* Fix telemetry event name

* fix more
 2025-05-09 22:28:59 +00:00
Tyler James Leonhardt
1c8271a135 Fix telemetry event name (#248557) 
rip
 2025-05-09 23:00:08 +02:00
Tyler James Leonhardt
b2224f2fc6 Improve logic for detection of node vs web worker extension host (#248534) 
* Use `WorkerGlobalScope` instead of `navigator` since node defines `navigator` now

* microsoft auth too

* better logic
 2025-05-09 19:37:27 +02:00
Tyler James Leonhardt
690d2be258 Clean up some dead code and add a telemetry even to track classic microsoft auth usage (#248256) 
So we can see how many people disable MSAL.
 2025-05-06 15:36:17 -07:00
Tyler James Leonhardt
febbcf78c8 Add even more MSAL error telemetry (#246335) 2025-04-11 19:42:41 +02:00
Tyler James Leonhardt
0ab622083b Add error telemetry (#246262) 2025-04-10 23:46:53 -07:00
Tyler James Leonhardt
28c596a419 Use toLower for Microsoft auth labels (#245732) 
Fixes https://github.com/microsoft/vscode/issues/242510
 2025-04-04 23:43:08 +02:00
Matt Bierner
4a1dff2d44 Fix never-null error 2025-03-24 16:08:24 -07:00
Tyler James Leonhardt
739de723a5 Fix ScopeData so that tenantId truly is only a GUID (#242929) 
Fixes https://github.com/microsoft/vscode/issues/242839
 2025-03-07 14:46:25 -08:00
Tyler James Leonhardt
14324bbbc2 Remove old client id versioning code (#242760) 
We're not doing this anymore and our default client id will be "upgraded" by the identity team.
 2025-03-06 11:56:44 +09:00
Tyler James Leonhardt
eab6f90c72 Better lifecycle handling (#242758) 
I moved to a factory model because there was just so much that needed to be async.

I think the amount of async code will be reduced in the future as we remove some migration logic, but this makes sure we don't accidentally create instances without awaiting their initialization.
 2025-03-06 02:50:14 +01:00
Tyler James Leonhardt
9e0461087b Make account access cross client ids (#242721) 
The point here is that the user already allowed access to the account for one client id, so that should just apply to any client id that is being used since:
* If we don't actually _have_ an auth token, the user will be asked to log in - so they will see a prompt as expected
* If we _do_ have an auth token, then we rely on extension auth access to gate access to the account

Fixes https://github.com/microsoft/vscode/issues/241526
 2025-03-05 20:58:49 +01:00
Tyler James Leonhardt
95ab795ff0 Detach authority/tenant from the PublicClientApp (#242719) 
everything
 2025-03-05 19:55:10 +01:00
Tyler James Leonhardt
5571308162 Force an update after acquiring a token interactively (#239539) 
* Force an update after acquiring a token interactively

This will make sure the account cache is up-to-date before the acquireTokenInteractive ends.

A greater fix is maybe turning the accounts cache to be a promise... bit this is the candidate fix for now.

Fixes #235327

* also delete event
 2025-02-03 23:56:45 +01:00
Tyler James Leonhardt
4c32889faf Show InputBox for unsupported clients (#239389) 
* Show InputBox for unsupported clients

Fixes https://github.com/microsoft/vscode/issues/238147

* comment

* Add 127.0.0.1 for good measure
 2025-02-01 05:26:18 +00:00
Tyler James Leonhardt
a9ce0b5556 Include an ability to change the default client id (#238736) 
Include an ability to change the client id

So our migration is easy to test
 2025-01-24 16:46:50 -08:00
Tyler James Leonhardt
60230a46df Fix the booleans on the MSAL flows (#238148) 
* Loopback does _not_ work in REH or WebWorker
* UrlHandler _does_ work in REH
 2025-01-17 19:46:29 +01:00
Tyler James Leonhardt
8eddff6613 Default to MSAL authentication 🚀 (#237920) 
Here we go. Ref https://github.com/microsoft/vscode/issues/178740
 2025-01-14 21:23:14 +01:00
Tyler James Leonhardt
e6cba379a4 Try asking for different claims in another request (#237531) 
I'm hoping that this solution will be good enough until we stop depending on the id token for certain things.

Fixes https://github.com/microsoft/vscode/issues/237370
 2025-01-08 23:55:18 +01:00
Tyler James Leonhardt
691eaea3bd Remove old code, simplify properties (#237512) 2025-01-08 19:11:01 +01:00
Tyler James Leonhardt
1410d77f6f reverse cancellation and sequencer (#237029) 
When we cancel, then the promise should be cancelled. If we don't do this, we hang on the first interaction request until we timeout.

Fixes the 2nd point in https://github.com/microsoft/vscode/issues/236825#issuecomment-2563882150
 2024-12-28 09:36:05 +01:00
Tyler James Leonhardt
0a66dc39ff Adopt concept of flows in Microsoft Auth (#237006) 
And only use Loopback flow when not running in Remote Extension Host.
 2024-12-27 11:31:53 -08:00
Tyler James Leonhardt
358e96ab1e Cancel if the user dismisses the modal (#236642) 
Fixes https://github.com/microsoft/vscode/issues/235364
 2024-12-19 21:40:19 +01:00
Tyler James Leonhardt
d55cb9a7a0 Use claims to force an idToken in Broker flow (#236623) 
Looks like the Broker doesn't support `forceRefresh`... This is an alternative way of forcing a refresh.

Fixes https://github.com/microsoft/vscode/issues/229456
 2024-12-19 19:25:37 +01:00
Tyler James Leonhardt
b425f4802f Check idtoken expiration (#236011) 
and force expiration in a similar way to the way MSAL does it for access tokens.

Fixes https://github.com/microsoft/vscode/issues/229456
 2024-12-13 02:45:44 +01:00
Tyler James Leonhardt
c0c6b07185 Disable MSAL for now (#235048) 
Because of late breaking issues:

* https://github.com/microsoft/vscode/issues/234932
* https://github.com/microsoft/vscode/issues/234954

This also comments out the `_setupRefresh` logic since that is causing the high CPU load. I'd like to see what happens when we don't do this behavior.
 2024-12-03 01:39:32 +00:00
Tyler James Leonhardt
893926f953 Always update refresh & sequencialize updates (#234716) 2024-11-27 05:38:53 -08:00