mirror of
https://github.com/ckaczor/azuredatastudio.git
synced 2026-02-16 18:46:40 -05:00
Merge from vscode bead496a613e475819f89f08e9e882b841bc1fe8 (#14883)
* Merge from vscode bead496a613e475819f89f08e9e882b841bc1fe8 * Bump distro * Upgrade GCC to 4.9 due to yarn install errors * Update build image * Fix bootstrap base url * Bump distro * Fix build errors * Update source map file * Disable checkbox for blocking migration issues (#15131) * disable checkbox for blocking issues * wip * disable checkbox fixes * fix strings * Remove duplicate tsec command * Default to off for tab color if settings not present * re-skip failing tests * Fix mocha error * Bump sqlite version & fix notebooks search view * Turn off esbuild warnings * Update esbuild log level * Fix overflowactionbar tests * Fix ts-ignore in dropdown tests * cleanup/fixes * Fix hygiene * Bundle in entire zone.js module * Remove extra constructor param * bump distro for web compile break * bump distro for web compile break v2 * Undo log level change * New distro * Fix integration test scripts * remove the "no yarn.lock changes" workflow * fix scripts v2 * Update unit test scripts * Ensure ads-kerberos2 updates in .vscodeignore * Try fix unit tests * Upload crash reports * remove nogpu * always upload crashes * Use bash script * Consolidate data/ext dir names * Create in tmp directory Co-authored-by: chlafreniere <hichise@gmail.com> Co-authored-by: Christopher Suh <chsuh@microsoft.com> Co-authored-by: chgagnon <chgagnon@microsoft.com>
This commit is contained in:
Karl Burtram
@@ -10,11 +10,15 @@ import * as vscode from 'vscode';
|
||||
import { createServer, startServer } from './authServer';
|
||||
|
||||
import { v4 as uuid } from 'uuid';
|
||||
import { keychain } from './keychain';
|
||||
import { Keychain } from './keychain';
|
||||
import Logger from './logger';
|
||||
import { toBase64UrlEncoding } from './utils';
|
||||
import fetch from 'node-fetch';
|
||||
import fetch, { Response } from 'node-fetch';
|
||||
import { sha256 } from './env/node/sha256';
|
||||
import * as nls from 'vscode-nls';
|
||||
import { MicrosoftAuthenticationSession } from './microsoft-authentication';
|
||||
|
||||
const localize = nls.loadMessageBundle();
|
||||
|
||||
const redirectUrl = 'https://vscode-redirect.azurewebsites.net/';
|
||||
const loginEndpointUrl = 'https://login.microsoftonline.com/';
|
||||
@@ -23,6 +27,7 @@ const tenant = 'organizations';
|
||||
|
||||
interface IToken {
|
||||
accessToken?: string; // When unable to refresh due to network problems, the access token becomes undefined
|
||||
idToken?: string; // depending on the scopes can be either supplied or empty
|
||||
|
||||
expiresIn?: number; // How long access token is valid, in seconds
|
||||
expiresAt?: number; // UNIX epoch time at which token will expire
|
||||
@@ -68,6 +73,11 @@ export interface ITokenResponse {
|
||||
id_token?: string;
|
||||
}
|
||||
|
||||
export interface IMicrosoftTokens {
|
||||
accessToken: string;
|
||||
idToken?: string;
|
||||
}
|
||||
|
||||
function parseQuery(uri: vscode.Uri) {
|
||||
return uri.query.split('&').reduce((prev: any, current) => {
|
||||
const queryString = current.split('=');
|
||||
@@ -97,13 +107,16 @@ export class AzureActiveDirectoryService {
|
||||
private _codeExchangePromises = new Map<string, Promise<vscode.AuthenticationSession>>();
|
||||
private _codeVerfifiers = new Map<string, string>();
|
||||
|
||||
constructor() {
|
||||
private _keychain: Keychain;
|
||||
|
||||
constructor(private _context: vscode.ExtensionContext) {
|
||||
this._keychain = new Keychain(_context);
|
||||
this._uriHandler = new UriEventHandler();
|
||||
this._disposables.push(vscode.window.registerUriHandler(this._uriHandler));
|
||||
}
|
||||
|
||||
public async initialize(): Promise<void> {
|
||||
const storedData = await keychain.getToken() || await keychain.tryMigrate();
|
||||
const storedData = await this._keychain.getToken() || await this._keychain.tryMigrate();
|
||||
if (storedData) {
|
||||
try {
|
||||
const sessions = this.parseStoredData(storedData);
|
||||
@@ -143,7 +156,7 @@ export class AzureActiveDirectoryService {
|
||||
}
|
||||
}
|
||||
|
||||
this._disposables.push(vscode.authentication.onDidChangePassword(() => this.checkForUpdates));
|
||||
this._disposables.push(this._context.secrets.onDidChange(() => this.checkForUpdates));
|
||||
}
|
||||
|
||||
private parseStoredData(data: string): IStoredSession[] {
|
||||
@@ -160,13 +173,13 @@ export class AzureActiveDirectoryService {
|
||||
};
|
||||
});
|
||||
|
||||
await keychain.setToken(JSON.stringify(serializedData));
|
||||
await this._keychain.setToken(JSON.stringify(serializedData));
|
||||
}
|
||||
|
||||
private async checkForUpdates(): Promise<void> {
|
||||
const addedIds: string[] = [];
|
||||
let removedIds: string[] = [];
|
||||
const storedData = await keychain.getToken();
|
||||
const storedData = await this._keychain.getToken();
|
||||
if (storedData) {
|
||||
try {
|
||||
const sessions = this.parseStoredData(storedData);
|
||||
@@ -222,29 +235,36 @@ export class AzureActiveDirectoryService {
|
||||
}
|
||||
}
|
||||
|
||||
private async convertToSession(token: IToken): Promise<vscode.AuthenticationSession> {
|
||||
const resolvedToken = await this.resolveAccessToken(token);
|
||||
private async convertToSession(token: IToken): Promise<MicrosoftAuthenticationSession> {
|
||||
const resolvedTokens = await this.resolveAccessAndIdTokens(token);
|
||||
return {
|
||||
id: token.sessionId,
|
||||
accessToken: resolvedToken,
|
||||
accessToken: resolvedTokens.accessToken,
|
||||
idToken: resolvedTokens.idToken,
|
||||
account: token.account,
|
||||
scopes: token.scope.split(' ')
|
||||
};
|
||||
}
|
||||
|
||||
private async resolveAccessToken(token: IToken): Promise<string> {
|
||||
private async resolveAccessAndIdTokens(token: IToken): Promise<IMicrosoftTokens> {
|
||||
if (token.accessToken && (!token.expiresAt || token.expiresAt > Date.now())) {
|
||||
token.expiresAt
|
||||
? Logger.info(`Token available from cache, expires in ${token.expiresAt - Date.now()} milliseconds`)
|
||||
: Logger.info('Token available from cache');
|
||||
return Promise.resolve(token.accessToken);
|
||||
return Promise.resolve({
|
||||
accessToken: token.accessToken,
|
||||
idToken: token.idToken
|
||||
});
|
||||
}
|
||||
|
||||
try {
|
||||
Logger.info('Token expired or unavailable, trying refresh');
|
||||
const refreshedToken = await this.refreshToken(token.refreshToken, token.scope, token.sessionId);
|
||||
if (refreshedToken.accessToken) {
|
||||
return refreshedToken.accessToken;
|
||||
return {
|
||||
accessToken: refreshedToken.accessToken,
|
||||
idToken: refreshedToken.idToken
|
||||
};
|
||||
} else {
|
||||
throw new Error();
|
||||
}
|
||||
@@ -495,6 +515,7 @@ export class AzureActiveDirectoryService {
|
||||
expiresIn: json.expires_in,
|
||||
expiresAt: json.expires_in ? Date.now() + json.expires_in * 1000 : undefined,
|
||||
accessToken: json.access_token,
|
||||
idToken: json.id_token,
|
||||
refreshToken: json.refresh_token,
|
||||
scope,
|
||||
sessionId: existingId || `${claims.tid}/${(claims.oid || (claims.altsecid || '' + claims.ipd || ''))}/${uuid()}`,
|
||||
@@ -642,7 +663,7 @@ export class AzureActiveDirectoryService {
|
||||
this.removeInMemorySessionData(sessionId);
|
||||
|
||||
if (this._tokens.length === 0) {
|
||||
await keychain.deleteToken();
|
||||
await this._keychain.deleteToken();
|
||||
} else {
|
||||
this.storeTokenData();
|
||||
}
|
||||
@@ -651,7 +672,7 @@ export class AzureActiveDirectoryService {
|
||||
public async clearSessions() {
|
||||
Logger.info('Logging out of all sessions');
|
||||
this._tokens = [];
|
||||
await keychain.deleteToken();
|
||||
await this._keychain.deleteToken();
|
||||
|
||||
this._refreshTimeouts.forEach(timeout => {
|
||||
clearTimeout(timeout);
|
||||
|
||||
@@ -13,15 +13,12 @@ export async function activate(context: vscode.ExtensionContext) {
|
||||
const { name, version, aiKey } = require('../package.json') as { name: string, version: string, aiKey: string };
|
||||
const telemetryReporter = new TelemetryReporter(name, version, aiKey);
|
||||
|
||||
const loginService = new AzureActiveDirectoryService();
|
||||
const loginService = new AzureActiveDirectoryService(context);
|
||||
context.subscriptions.push(loginService);
|
||||
|
||||
await loginService.initialize();
|
||||
|
||||
context.subscriptions.push(vscode.authentication.registerAuthenticationProvider({
|
||||
id: 'microsoft',
|
||||
label: 'Microsoft',
|
||||
supportsMultipleAccounts: true,
|
||||
context.subscriptions.push(vscode.authentication.registerAuthenticationProvider('microsoft', 'Microsoft', {
|
||||
onDidChangeSessions: onDidChangeSessions.event,
|
||||
getSessions: () => Promise.resolve(loginService.sessions),
|
||||
login: async (scopes: string[]) => {
|
||||
@@ -59,7 +56,7 @@ export async function activate(context: vscode.ExtensionContext) {
|
||||
telemetryReporter.sendTelemetryEvent('logoutFailed');
|
||||
}
|
||||
}
|
||||
}));
|
||||
}, { supportsMultipleAccounts: true }));
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -35,7 +35,7 @@ const ACCOUNT_ID = 'account';
|
||||
export class Keychain {
|
||||
private keytar: Keytar;
|
||||
|
||||
constructor() {
|
||||
constructor(private context: vscode.ExtensionContext) {
|
||||
const keytar = getKeytar();
|
||||
if (!keytar) {
|
||||
throw new Error('System keychain unavailable');
|
||||
@@ -46,8 +46,9 @@ export class Keychain {
|
||||
|
||||
|
||||
async setToken(token: string): Promise<void> {
|
||||
|
||||
try {
|
||||
return await vscode.authentication.setPassword(SERVICE_ID, token);
|
||||
return await this.context.secrets.store(SERVICE_ID, token);
|
||||
} catch (e) {
|
||||
Logger.error(`Setting token failed: ${e}`);
|
||||
|
||||
@@ -69,7 +70,7 @@ export class Keychain {
|
||||
|
||||
async getToken(): Promise<string | null | undefined> {
|
||||
try {
|
||||
return await vscode.authentication.getPassword(SERVICE_ID);
|
||||
return await this.context.secrets.get(SERVICE_ID);
|
||||
} catch (e) {
|
||||
// Ignore
|
||||
Logger.error(`Getting token failed: ${e}`);
|
||||
@@ -79,7 +80,7 @@ export class Keychain {
|
||||
|
||||
async deleteToken(): Promise<void> {
|
||||
try {
|
||||
return await vscode.authentication.deletePassword(SERVICE_ID);
|
||||
return await this.context.secrets.delete(SERVICE_ID);
|
||||
} catch (e) {
|
||||
// Ignore
|
||||
Logger.error(`Deleting token failed: ${e}`);
|
||||
@@ -102,5 +103,3 @@ export class Keychain {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
export const keychain = new Keychain();
|
||||
|
||||
16
extensions/microsoft-authentication/src/microsoft-authentication.d.ts
vendored
Normal file
16
extensions/microsoft-authentication/src/microsoft-authentication.d.ts
vendored
Normal file
@@ -0,0 +1,16 @@
|
||||
/*---------------------------------------------------------------------------------------------
|
||||
* Copyright (c) Microsoft Corporation. All rights reserved.
|
||||
* Licensed under the Source EULA. See License.txt in the project root for license information.
|
||||
*--------------------------------------------------------------------------------------------*/
|
||||
|
||||
import { AuthenticationSession } from 'vscode';
|
||||
|
||||
/**
|
||||
* Represents a session of a currently logged in Microsoft user.
|
||||
*/
|
||||
export interface MicrosoftAuthenticationSession extends AuthenticationSession {
|
||||
/**
|
||||
* The id token.
|
||||
*/
|
||||
idToken?: string;
|
||||
}
|
||||
Reference in New Issue
Block a user