Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add state parameter in authentication requests #15078

Closed
hswimmer opened this issue Apr 29, 2021 · 10 comments
Closed

Add state parameter in authentication requests #15078

hswimmer opened this issue Apr 29, 2021 · 10 comments
Assignees
@sadasant
Labels
Azure.Identity blocking-release Blocks release Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. feature-request This issue requires a new behavior in the product in order be resolved. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team
Milestone
[2021] July

Comments

@hswimmer
Copy link

We use state parameter for single redirect url for many sites.

with msal we send:

await msal.loginPopup({
        scopes: scopes,
        state: requestState
      })

any idea how we can send it with InteractiveBrowserCredential
@ghost ghost added needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. customer-reported Issues that are reported by GitHub users external to the Azure organization. question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Apr 29, 2021
@ramya-rao-a ramya-rao-a added Azure.Identity Client This issue points to a problem in the data-plane of the library. labels Apr 29, 2021
@ghost ghost removed the needs-triage Workflow: This is a new issue that needs to be triaged to the appropriate team. label Apr 29, 2021
@ghost ghost added the needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team label Apr 29, 2021
@sadasant
Copy link
Contributor

Hello @hswimmer ! I'll be doing my best to help.

We should definitely support this.

We'll start working on this issue in a couple of weeks. I'll make sure to give you an update of when we'll release this feature!

@sadasant
Copy link
Contributor

I'll leave this link for context, for myself: https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/3a730d5ad842eaa8fc643015817cd7c20415e921/lib/msal-browser/src/request/PopupRequest.ts#L20

@sadasant sadasant added this to the [2021] June milestone Apr 29, 2021
@sadasant sadasant added feature-request This issue requires a new behavior in the product in order be resolved. blocking-release Blocks release and removed question The issue doesn't require a change to the product in order to be resolved. Most issues start as that labels Apr 29, 2021
@sadasant sadasant mentioned this issue May 25, 2021
Closed
@sadasant
Copy link
Contributor

@hswimmer would it make sense for you if the InteractiveBrowserCredential accepted a new constructor option called loginState? to then pass that option to MSAL’s popup/redirect login requests?

@sadasant
Copy link
Contributor

@hswimmer do you have a concrete example of how this property would help you?

@sadasant sadasant added the needs-author-feedback Workflow: More information is needed from author to address the issue. label May 27, 2021
@ghost ghost removed the needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team label May 27, 2021
@hswimmer
Copy link
Author

We have several clients app authenticated with AAD and using @azure/storage-blob package
We use one redirect url for all of them and from the redirect url we navigate back to the original site by url we send in state parameter.
When trying to use InteractiveBrowserCredential we send the 'global' redirect url but no way to send the original site url

@ghost ghost added needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team and removed needs-author-feedback Workflow: More information is needed from author to address the issue. labels May 27, 2021
@sadasant
Copy link
Contributor

@hswimmer thank you. We’ll have an update in about a week.

@sadasant sadasant modified the milestones: [2021] June, [2021] July Jun 3, 2021
@sadasant
Copy link
Contributor

sadasant commented Jun 3, 2021

@hswimmer it’s been a week and we do have an update. We’ll be discussing about this suggestion with the team in the following days. We want to make sure we’re all aligned on what’s the best way forward. I’ll keep you posted!

@sadasant sadasant mentioned this issue Jun 3, 2021
Closed
@sadasant
Copy link
Contributor

sadasant commented Jun 4, 2021
edited
Loading

@hswimmer, after thorough conversations with my team, we’ve decided to postpone adding support for this.

The best we can do in the short term is provide documentation on creating a custom credential that would use @azure/msal-browser underneath. For that purpose, I’ve made this issue: #15573

We want to have a better browser story in the long term, though. We’ll make sure to keep you posted.

@sadasant sadasant mentioned this issue Jun 4, 2021
Merged
@hswimmer
Copy link
Author

hswimmer commented Jun 6, 2021

@sadasant thanks for the update. waiting for documentation.

@sadasant sadasant mentioned this issue Jun 7, 2021
Closed
@sadasant
Copy link
Contributor

@hswimmer If you find some time to review what we’re adding in this PR, your feedback is appreciated: #15573

I’ll close this issue for now. Thank you for submitting your feedback so far! This issue has helped us a lot. We’ll be working on a better browser-oriented experience through the upcoming months and well into next year.

@github-actions github-actions bot locked and limited conversation to collaborators Apr 12, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@sadasant sadasant

Labels
Azure.Identity blocking-release Blocks release Client This issue points to a problem in the data-plane of the library. customer-reported Issues that are reported by GitHub users external to the Azure organization. feature-request This issue requires a new behavior in the product in order be resolved. needs-team-attention Workflow: This issue needs attention from Azure service team or SDK team
Projects
None yet
Milestone
[2021] July
Development

No branches or pull requests
3 participants
@sadasant @ramya-rao-a @hswimmer