mirror of
https://github.com/microsoft/vscode.git
synced 2026-05-03 06:51:53 +01:00
b8be82f239
* Workaround MSAL behavior The main change this makes is around what scopes are being requested. Due to an MSAL or Identity issue, if you request a resource like `FOO/user_impersonation` and then `email`... the 2nd call does not use Graph and instead uses FOO and FOO may not have an `email` scope available. To work around this, if we detect that all scopes being requested are [OIDC scopes](https://learn.microsoft.com/en-us/entra/identity-platform/scopes-oidc#openid-connect-scopes) then we tack on `User.Read` to make sure that what gets returned is in fact from Graph. This prevents an infinite loop that was happening before. MSAL/Identity should fix this behavior, but this works for now. Additionally, MSAL does already tack on OIDC scopes to all requests so I removed the logic that adds those. Couple small things: * Make sure MSAL logs get logged (trace) * Use a Sequencer to make sure acquireToken calls are done sequentially just in case. * more comment
Microsoft Authentication for Visual Studio Code
Notice: This extension is bundled with Visual Studio Code. It can be disabled but not uninstalled.
Features
This extension provides support for authenticating to Microsoft. It registers the microsoft Authentication Provider that can be leveraged by other extensions. This also provides the Microsoft authentication used by Settings Sync.
Additionally, it provides the microsoft-sovereign-cloud Authentication Provider that can be used to sign in to other Azure clouds like Azure for US Government or Azure China. Use the setting microsoft-sovereign-cloud.endpoint to select the authentication endpoint the provider should use. Please note that different scopes may also be required in different environments.