azuread / microsoft-authentication-library-for-dotnet Goto Github PK
View Code? Open in Web Editor NEWMicrosoft Authentication Library (MSAL) for .NET
Home Page: https://aka.ms/msal-net
License: MIT License
Microsoft Authentication Library (MSAL) for .NET
Home Page: https://aka.ms/msal-net
License: MIT License
disable SSO header feature
Why?
To enable an easy migration of applications using ADAL.Net to MSAL.Net, we'd want the cache to be backward and forward compatible in both libraries.
What?
MSAL.Net should be able to:
Use SOAPValue to determine WSTrust 1.3 vs 2005
throw Argument exception when platform parameters are not complete
special case b2c scenarios to not send email and profile as scopes
update TokenCacheTests.LoadCacheItems to create cache
Fix webview bug in iOS and cache storage label issue
remove stream.position and fix MSALServiceException in HttpClientWrapper.GetResponseAsync
MSAL does not return access token when restrictToSingleUser=true and authority tenant is set to common. MSAL should be able to ignore the tenant and return the AT because we guarantee single unique user in the cache.
Add forceRefresh support in Silent calls
disable HTTP redirects in webview
Remove integrated auth support using WS-Trust. Update source to use silent web UI.
We need to send client_info=1 parameter on token endpoint to get uid, utid. Update cache model to use uid/utid as a key instead of home oid.
Add innerexception to AcquireTokenSilentAcquisitionException
Rework Exception handling
Refresh Token as a SSO artifact -- (Header)
Add log.error for every caught exception in MSAL. Make sure all the catch statements in the code are covered.
Normalize cache storage to have 1 RT per user
refactor hard-coded string into variables
turn on warnings as errors in build. This requires removing all the code warnings in the source first.
Add support for resiliency/client heuristics for outages
add whitelist for url schemes where only HTTPS redirects are allowed.-- see adal v3 for reference
make token cache scope lookup case insensitive
Handle organizations and consumers as common authority. Currently only "/common" is treated as Common endpoint. MSAL needs to add support for /organizations and /consumers.
this is required for family of client id feature
MSAL should send haschrome=1 QP for all interactive requests. This will hide the back button the UI and developers will stop getting access_denied error when it was actually user_cancel.
Add support to read error and error_description from URL when user cancels web ui for cases when the user gets an error on authorize like your app does not have access to the resource or transient error happened. These pages are generally non-recoverable and user ends up calling "cancel". This results in user_cancelled error in the API even though it was actually some other error. Putting the error and description will allow us to provide error details to developers and will improve our and developer's ability to build telemetry.
app.Users does not add client_id and cache reference to object
look up userIdentifier in the cache to load user object when developer passes identifier instead of User in AcquireTokenSilentHandler and other flows.
Make client Id immutable in application object.
Revert changes for Issue #55 once b2c is updated
compare with ADAL and make necessary fixes.
Revert changes for issue #65
Clean project structure
Add hook to test browser control launch and close
Update README
Add fxcop analysis during build
Family of client ids
Make the cache thread safe
Add logging implementation for iOS/Android
add default client id for public clients
add get authz url tests
New JSON cache format for cross platform sharing
check if we can have empty scopes and document how to handle them.
replace PCL. to MSAL. in PlatformInformation.GetProductName
Port bug fixes from v2 and v3 in to MSAL
Use rootId to represent user instead of uniqueId
Clean up warnings during the build
Add support for UserAssertion Hash
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.