Add token expiration handling for AzureMFA auth (#16936)

* refresh azure account token if it's expired before sending query/list requests

* fix several connection checks && add more logging

* fix async UI glitch during token refreshing

* cleanup

* minor fix

* add test for refreshAzureAccountTokenIfNecessary

* address comments

* comments

* comments

* comments

* error handling
This commit is contained in:
Hai Cao
2021-09-02 17:24:45 -07:00
committed by GitHub
parent 73c20345e9
commit 0bc2a50d78
9 changed files with 171 additions and 4 deletions

View File

@@ -184,17 +184,20 @@ export abstract class AzureAuth implements vscode.Disposable {
const currentTime = new Date().getTime() / 1000;
let accessToken = cachedTokens.accessToken;
let expiresOn = Number(cachedTokens.expiresOn);
const remainingTime = expiry - currentTime;
const maxTolerance = 2 * 60; // two minutes
if (remainingTime < maxTolerance) {
const result = await this.refreshToken(tenant, resource, cachedTokens.refreshToken);
accessToken = result.accessToken;
expiresOn = Number(result.expiresOn);
}
// Let's just return here.
if (accessToken) {
return {
...accessToken,
expiresOn: expiresOn,
tokenType: 'Bearer'
};
}
@@ -214,6 +217,7 @@ export abstract class AzureAuth implements vscode.Disposable {
if (result.accessToken) {
return {
...result.accessToken,
expiresOn: Number(result.expiresOn),
tokenType: 'Bearer'
};
}
@@ -674,6 +678,11 @@ export interface Token extends AccountKey {
*/
token: string;
/**
* Access token expiry timestamp
*/
expiresOn?: number;
/**
* TokenType
*/

View File

@@ -96,8 +96,8 @@ describe('Azure Authentication', function () {
it('token recieved for ossRdbmns resource', async function () {
azureAuthCodeGrant.setup(x => x.getTenants(mockToken)).returns(() => {
return Promise.resolve([
mockTenant
]);
mockTenant
]);
});
azureAuthCodeGrant.setup(x => x.getTokenHelper(mockTenant, provider.settings.ossRdbmsResource, TypeMoq.It.isAny(), TypeMoq.It.isAny(), TypeMoq.It.isAny())).returns(() => {
return Promise.resolve({