Pass all scopes in token request and update IndividualLocalAuth template (#26232)
* Pass all scopes in token request and update IndividualLocalAuth template * Fix build and address feedback from peer review
This commit is contained in:
parent
650bbeb8f5
commit
b925b2886a
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
|
@ -54,6 +54,7 @@ class MsalAuthorizeService implements AuthorizeService {
|
||||||
private readonly _msalApplication: Msal.PublicClientApplication;
|
private readonly _msalApplication: Msal.PublicClientApplication;
|
||||||
private _account: Msal.AccountInfo | undefined;
|
private _account: Msal.AccountInfo | undefined;
|
||||||
private _redirectCallback: Promise<AuthenticationResult | null> | undefined;
|
private _redirectCallback: Promise<AuthenticationResult | null> | undefined;
|
||||||
|
private _requestedScopes: string[] | undefined;
|
||||||
|
|
||||||
constructor(private readonly _settings: AuthorizeServiceConfiguration) {
|
constructor(private readonly _settings: AuthorizeServiceConfiguration) {
|
||||||
if (this._settings.auth?.knownAuthorities?.length == 0) {
|
if (this._settings.auth?.knownAuthorities?.length == 0) {
|
||||||
|
|
@ -81,10 +82,23 @@ class MsalAuthorizeService implements AuthorizeService {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const scopes: string[] = [];
|
||||||
|
if (this._settings.defaultAccessTokenScopes && this._settings.defaultAccessTokenScopes.length > 0) {
|
||||||
|
scopes.push(...this._settings.defaultAccessTokenScopes)
|
||||||
|
}
|
||||||
|
|
||||||
|
if (this._settings.additionalScopesToConsent && this._settings.additionalScopesToConsent.length > 0) {
|
||||||
|
scopes.push(...this._settings.additionalScopesToConsent);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (this._requestedScopes && this._requestedScopes.length > 0) {
|
||||||
|
scopes.push(...this._requestedScopes);
|
||||||
|
}
|
||||||
|
|
||||||
const silentRequest = {
|
const silentRequest = {
|
||||||
redirectUri: this._settings.auth?.redirectUri,
|
redirectUri: this._settings.auth?.redirectUri,
|
||||||
account: account,
|
account: account,
|
||||||
scopes: this._settings.defaultAccessTokenScopes
|
scopes: scopes
|
||||||
};
|
};
|
||||||
|
|
||||||
const response = await this._msalApplication.acquireTokenSilent(silentRequest);
|
const response = await this._msalApplication.acquireTokenSilent(silentRequest);
|
||||||
|
|
@ -111,6 +125,7 @@ class MsalAuthorizeService implements AuthorizeService {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
this._requestedScopes = scopes;
|
||||||
const silentRequest = {
|
const silentRequest = {
|
||||||
redirectUri: this._settings.auth?.redirectUri,
|
redirectUri: this._settings.auth?.redirectUri,
|
||||||
account: account,
|
account: account,
|
||||||
|
|
@ -162,7 +177,7 @@ class MsalAuthorizeService implements AuthorizeService {
|
||||||
const silentRequest = {
|
const silentRequest = {
|
||||||
redirectUri: request.redirectUri,
|
redirectUri: request.redirectUri,
|
||||||
account: account,
|
account: account,
|
||||||
scopes: request.scopes,
|
scopes: request.scopes.concat(request.extraScopesToConsent || [])
|
||||||
};
|
};
|
||||||
await this._msalApplication.acquireTokenSilent(silentRequest);
|
await this._msalApplication.acquireTokenSilent(silentRequest);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
////#if (IndividualLocalAuth)
|
////#if (IndividualLocalAuth)
|
||||||
//"Local": {
|
//"Local": {
|
||||||
// "Authority": "https://login.microsoftonline.com/",
|
// "Authority": "https:////login.microsoftonline.com/",
|
||||||
// "ClientId": "33333333-3333-3333-33333333333333333"
|
// "ClientId": "33333333-3333-3333-33333333333333333"
|
||||||
//}
|
//}
|
||||||
////#endif
|
////#endif
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue