Update MSAL libraries and use new MSALRuntime-based broker implementation #1191
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mjcheetham
added
auth:microsoft
Use the new Windows broker which is based on the MSALRuntime; an export wrapper around a native, cross-platform MSAL library. In this new set up, we drop the `.Desktop` package in favour of the `.Broker` package that also means we drop the WebView2Loader.dll, which we didn't make use of anyway. There are a few new binaries to be distrubuted in the new model, including a P/Invoke layer, IdentityModel abstractions library, and the native msalruntime_x86.dll. Note that GCM still only support x86 on Windows, and only supports broker use on Windows. For this reason we don't bother adding the broker package on non-.NET Framework builds to keep the sizes on Mac/Linux to a minimium.
Always set the parent window handle for MSAL on Windows. Previously we only set this if provided a handle by the user/config. Now however we must always try and provide a handle because using the new MSALRuntime-based Windows broker means we must do so - MSAL no longer provides us with a 'dummy' handle to use. Use the parent console window handle, as recommended by the MSAL docs: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/wam#parent-window-handles
mjcheetham
force-pushed
the
msal-broker-v2
branch
from
6d7d7e1 to
134e622
Compare
Contributor
Author
|
@bgavrilMS could a member of the MSAL team have a quick glance over our usage of the new broker implementation on Windows, to make sure we're not doing something wrong? Thanks! |
bgavrilMS
reviewed
Apr 10, 2023
bgavrilMS
reviewed
Apr 10, 2023
bgavrilMS
approved these changes
Apr 10, 2023
ldennington
approved these changes
Apr 10, 2023
Contributor
ldennington
left a comment
ldennington
left a comment
There was a problem hiding this comment.
Looks great! This allowed for a lot of nice cleanup.
mjcheetham
force-pushed
the
msal-broker-v2
branch
2 times, most recently
from
3f1b017 to
cffba7a
Compare
ldennington
approved these changes
Apr 15, 2023
Contributor
ldennington
left a comment
ldennington
left a comment
There was a problem hiding this comment.
Latest commit looks good, just a few small comments. Overall, though, I think this solution is all right until (hopefully) the issue is handled in MSAL.
If we are unable to get a parent window handle; because for example, we don't have a console, then create a small 'dummy' window using WinForms that we can use to pass a handle to MSAL.
Update the large block comment on how we select which types of flows to use for Microsoft authentication.
mjcheetham
force-pushed
the
msal-broker-v2
branch
from
cffba7a to
68acbc9
Compare
Contributor
Author
|
@ldennington I've updated that outdated block comment in _MicrosoftAuthentication.cs`; did you want to have another 👀 over it? Thanks! |
ldennington
approved these changes
Apr 17, 2023
Contributor
ldennington
left a comment
ldennington
left a comment
There was a problem hiding this comment.
Comment updates look good - thanks for doing that!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Use the new Windows broker which is based on the MSALRuntime; an export wrapper around a native, cross-platform MSAL library.
In this new set up, we drop the
.Desktoppackage in favour of the.Brokerpackage that also means we drop the WebView2Loader.dll, which we didn't make use of anyway. There are a few new binaries to be distributed in the new model, including a P/Invoke layer, IdentityModel abstractions library, and the nativemsalruntime_x86.dll.Note that GCM still only support x86 on Windows, and only supports broker use on Windows. For this reason we don't bother adding the broker package on non-.NET Framework builds to keep the sizes on Mac/Linux to a minimum.
Also update the MSAL extensions library whilst we are here to pick up various bug fixes, and drop workarounds that are no longer required for this new broker implementation!