Pass all scopes in token request and update IndividualLocalAuth template (#26232)

* Pass all scopes in token request and update IndividualLocalAuth template

* Fix build and address feedback from peer review
This commit is contained in:
Safia Abdalla 2020-09-23 20:42:44 -07:00 committed by GitHub
parent 650bbeb8f5
commit b925b2886a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 5 deletions

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -54,6 +54,7 @@ class MsalAuthorizeService implements AuthorizeService {
private readonly _msalApplication: Msal.PublicClientApplication; private readonly _msalApplication: Msal.PublicClientApplication;
private _account: Msal.AccountInfo | undefined; private _account: Msal.AccountInfo | undefined;
private _redirectCallback: Promise<AuthenticationResult | null> | undefined; private _redirectCallback: Promise<AuthenticationResult | null> | undefined;
private _requestedScopes: string[] | undefined;
constructor(private readonly _settings: AuthorizeServiceConfiguration) { constructor(private readonly _settings: AuthorizeServiceConfiguration) {
if (this._settings.auth?.knownAuthorities?.length == 0) { if (this._settings.auth?.knownAuthorities?.length == 0) {
@ -81,10 +82,23 @@ class MsalAuthorizeService implements AuthorizeService {
return; return;
} }
const scopes: string[] = [];
if (this._settings.defaultAccessTokenScopes && this._settings.defaultAccessTokenScopes.length > 0) {
scopes.push(...this._settings.defaultAccessTokenScopes)
}
if (this._settings.additionalScopesToConsent && this._settings.additionalScopesToConsent.length > 0) {
scopes.push(...this._settings.additionalScopesToConsent);
}
if (this._requestedScopes && this._requestedScopes.length > 0) {
scopes.push(...this._requestedScopes);
}
const silentRequest = { const silentRequest = {
redirectUri: this._settings.auth?.redirectUri, redirectUri: this._settings.auth?.redirectUri,
account: account, account: account,
scopes: this._settings.defaultAccessTokenScopes scopes: scopes
}; };
const response = await this._msalApplication.acquireTokenSilent(silentRequest); const response = await this._msalApplication.acquireTokenSilent(silentRequest);
@ -111,6 +125,7 @@ class MsalAuthorizeService implements AuthorizeService {
return; return;
} }
this._requestedScopes = scopes;
const silentRequest = { const silentRequest = {
redirectUri: this._settings.auth?.redirectUri, redirectUri: this._settings.auth?.redirectUri,
account: account, account: account,
@ -162,7 +177,7 @@ class MsalAuthorizeService implements AuthorizeService {
const silentRequest = { const silentRequest = {
redirectUri: request.redirectUri, redirectUri: request.redirectUri,
account: account, account: account,
scopes: request.scopes, scopes: request.scopes.concat(request.extraScopesToConsent || [])
}; };
await this._msalApplication.acquireTokenSilent(silentRequest); await this._msalApplication.acquireTokenSilent(silentRequest);
} }

View File

@ -1,7 +1,7 @@
{ {
////#if (IndividualLocalAuth) ////#if (IndividualLocalAuth)
//"Local": { //"Local": {
// "Authority": "https://login.microsoftonline.com/", // "Authority": "https:////login.microsoftonline.com/",
// "ClientId": "33333333-3333-3333-33333333333333333" // "ClientId": "33333333-3333-3333-33333333333333333"
//} //}
////#endif ////#endif