Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Identity] Expose MsaPassthrough as an option #31227

Closed
wants to merge 4 commits into from
Closed

[Identity] Expose MsaPassthrough as an option #31227

wants to merge 4 commits into from

Conversation

isra-fel
Copy link
Member

@isra-fel isra-fel commented Sep 19, 2022
edited
Loading

This PR exposes the WindowsBrokerOptions.MsaPassthrough option of MSAL to two credential option types of Azure.Identity.BrokeredAuthentication libraries as it's essential to supporting MSA account.

Contributing to the Azure SDK

Please see our CONTRIBUTING.md if you are not familiar with contributing to this repository or have questions.

For specific information about pull request etiquette and best practices, see this section.

@ghost ghost added the Azure.Identity label Sep 19, 2022
@azure-sdk
Copy link
Collaborator

API change check

APIView has identified API level changes in this PR and created following API reviews.

Azure.Identity.BrokeredAuthentication

bgavrilMS
bgavrilMS reviewed Sep 19, 2022
View reviewed changes
...ntity/Azure.Identity.BrokeredAuthentication/src/InteractiveBrowserCredentialBrokerOptions.cs Outdated

/// <summary>
/// Creates a new instance of <see cref="InteractiveBrowserCredentialBrokerOptions"/> to configure a <see cref="InteractiveBrowserCredential"/>.
/// </summary>
/// <param name="parentWindowHandle">Handle of the parent window the system authentication broker should be docked to.</param>
public InteractiveBrowserCredentialBrokerOptions(IntPtr parentWindowHandle) : base()
/// <param name="msaPassthrough">A legacy option available only to old Microsoft applications. Should be avoided where possible. Support is experimental.</param>
public InteractiveBrowserCredentialBrokerOptions(IntPtr parentWindowHandle, bool msaPassthrough = false) : base()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New default param is a subtle breaking change (a binary breaking change). Prefer to use a new ctor.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for reviewing and good to know that :) Azure.Identity.BrokeredAuthentication is a beta so I thought we needn't worry too much about breaking change. Anyway, I'll let @schaabs 's team decide the final look of the API.

@isra-fel isra-fel marked this pull request as ready for review September 20, 2022 02:01
bgavrilMS
bgavrilMS reviewed Sep 23, 2022
View reviewed changes
...ntity/Azure.Identity.BrokeredAuthentication/src/InteractiveBrowserCredentialBrokerOptions.cs Outdated

/// <summary>
/// Creates a new instance of <see cref="InteractiveBrowserCredentialBrokerOptions"/> to configure a <see cref="InteractiveBrowserCredential"/>.
/// </summary>
/// <param name="parentWindowHandle">Handle of the parent window the system authentication broker should be docked to.</param>
public InteractiveBrowserCredentialBrokerOptions(IntPtr parentWindowHandle) : base()
/// <param name="msaPassthrough">A legacy option available only to old Microsoft applications. Should be avoided where possible. Support is experimental.</param>
public InteractiveBrowserCredentialBrokerOptions(IntPtr parentWindowHandle, bool msaPassthrough = false) : base()
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another way of doing this without exposing public API is to turn on this option based on client id and authority. AzurePS client id is configured as MSA-PT. So basically, hardcode some client_ids.

Afaik, it is not possible to configure an app to move away from being MSA-PT. Identity recommends folks to create a new client_id.

@ghost ghost added the no-recent-activity There has been no recent activity on this issue. label Nov 25, 2022
@ghost
Copy link

ghost commented Nov 25, 2022

Hi @isra-fel. Thank you for your interest in helping to improve the Azure SDK experience and for your contribution. We've noticed that there hasn't been recent engagement on this pull request. If this is still an active work stream, please let us know by pushing some changes or leaving a comment. Otherwise, we'll close this out in 7 days.

@ghost ghost removed the no-recent-activity There has been no recent activity on this issue. label Nov 29, 2022
@ghost ghost added the no-recent-activity There has been no recent activity on this issue. label Feb 3, 2023
@ghost
Copy link

ghost commented Feb 3, 2023

Hi @isra-fel. Thank you for your interest in helping to improve the Azure SDK experience and for your contribution. We've noticed that there hasn't been recent engagement on this pull request. If this is still an active work stream, please let us know by pushing some changes or leaving a comment. Otherwise, we'll close this out in 7 days.

@ghost ghost closed this Feb 10, 2023
@ghost
Copy link

ghost commented Feb 10, 2023

Hi @isra-fel. Thank you for your contribution. Since there hasn't been recent engagement, we're going to close this out. Feel free to respond with a comment containing "/reopen" if you'd like to continue working on these changes. Please be sure to use the command to reopen or remove the "no-recent-activity" label; otherwise, this is likely to be closed again with the next cleanup pass.

This was referenced Mar 14, 2023
Closed
Closed
Closed
Closed
Open
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@scottaddie scottaddie scottaddie left review comments

@bgavrilMS bgavrilMS bgavrilMS left review comments

@KrzysztofCwalina KrzysztofCwalina Awaiting requested review from KrzysztofCwalina

@tg-msft tg-msft Awaiting requested review from tg-msft

@schaabs schaabs Awaiting requested review from schaabs schaabs is a code owner

@christothes christothes Awaiting requested review from christothes christothes is a code owner

@ShivangiReja ShivangiReja Awaiting requested review from ShivangiReja

Assignees
No one assigned
Labels
Azure.Identity no-recent-activity There has been no recent activity on this issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@isra-fel @azure-sdk @scottaddie @bgavrilMS