mirror of
https://github.com/Azure/cosmos-explorer.git
synced 2026-05-15 01:37:37 +01:00
Upgrade MSAL library version (#2454)
* Reapply "MSAL browser migration changes"
This reverts commit 60a65efb7b.
* Fix redirect URI for localhost
* Fix URI for logout and other minor fix
* Remove unnecessary files
* Fix tests
* Fix tests
* Run npm format
* Address comments
* Address comment
This commit is contained in:
sindhuba
GitHub
@@ -1,12 +1,14 @@
|
||||
import { AuthType } from "../AuthType";
|
||||
import * as Constants from "../Common/Constants";
|
||||
import { resetConfigContext, updateConfigContext } from "../ConfigContext";
|
||||
import { resetConfigContext } from "../ConfigContext";
|
||||
import { ApiType, updateUserContext, userContext } from "../UserContext";
|
||||
import * as AuthorizationUtils from "./AuthorizationUtils";
|
||||
jest.mock("../Explorer/Explorer");
|
||||
jest.mock("@azure/msal-browser", () => ({
|
||||
PublicClientApplication: jest.fn().mockImplementation((config) => ({
|
||||
_config: config,
|
||||
initialize: jest.fn().mockResolvedValue(undefined),
|
||||
handleRedirectPromise: jest.fn().mockResolvedValue(null),
|
||||
})),
|
||||
}));
|
||||
|
||||
@@ -138,41 +140,27 @@ describe("AuthorizationUtils", () => {
|
||||
});
|
||||
|
||||
describe("getMsalInstance()", () => {
|
||||
const originalHostname = window.location.hostname;
|
||||
const originalNodeEnv = process.env.NODE_ENV;
|
||||
|
||||
afterEach(() => {
|
||||
process.env.NODE_ENV = originalNodeEnv;
|
||||
resetConfigContext();
|
||||
Object.defineProperty(window, "location", {
|
||||
value: { ...window.location, hostname: originalHostname },
|
||||
writable: true,
|
||||
});
|
||||
});
|
||||
|
||||
it("should use configContext.msalRedirectURI when set", async () => {
|
||||
updateConfigContext({ msalRedirectURI: "https://dataexplorer-preview.azurewebsites.net/" });
|
||||
it("should use dev redirect bridge URL in development mode", async () => {
|
||||
process.env.NODE_ENV = "development";
|
||||
const instance = await AuthorizationUtils.getMsalInstance();
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||
expect((instance as any)._config.auth.redirectUri).toBe("https://dataexplorer-preview.azurewebsites.net/");
|
||||
expect((instance as any)._config.auth.redirectUri).toBe(
|
||||
"https://dataexplorer-dev.azurewebsites.net/redirectBridge.html",
|
||||
);
|
||||
});
|
||||
|
||||
it("should use dev redirect URI on localhost", async () => {
|
||||
Object.defineProperty(window, "location", {
|
||||
value: { ...window.location, hostname: "localhost" },
|
||||
writable: true,
|
||||
});
|
||||
it("should use origin-based redirect bridge URL in production", async () => {
|
||||
process.env.NODE_ENV = "production";
|
||||
const instance = await AuthorizationUtils.getMsalInstance();
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||
expect((instance as any)._config.auth.redirectUri).toBe("https://dataexplorer-dev.azurewebsites.net");
|
||||
});
|
||||
|
||||
it("should not set redirect URI in non-localhost production", async () => {
|
||||
Object.defineProperty(window, "location", {
|
||||
value: { ...window.location, hostname: "cosmos.azure.com" },
|
||||
writable: true,
|
||||
});
|
||||
const instance = await AuthorizationUtils.getMsalInstance();
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||
expect((instance as any)._config.auth.redirectUri).toBeUndefined();
|
||||
expect((instance as any)._config.auth.redirectUri).toBe("http://localhost/redirectBridge.html");
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -51,6 +51,12 @@ export function decryptJWTToken(token: string) {
|
||||
}
|
||||
|
||||
export async function getMsalInstance() {
|
||||
// Compute the redirect bridge URL for MSAL v5 COOP handling
|
||||
const redirectBridgeUrl =
|
||||
process.env.NODE_ENV === "development"
|
||||
? "https://dataexplorer-dev.azurewebsites.net/redirectBridge.html"
|
||||
: `${window.location.origin}/redirectBridge.html`;
|
||||
|
||||
const msalConfig: msal.Configuration = {
|
||||
cache: {
|
||||
cacheLocation: "localStorage",
|
||||
@@ -58,16 +64,16 @@ export async function getMsalInstance() {
|
||||
auth: {
|
||||
authority: `${configContext.AAD_ENDPOINT}organizations`,
|
||||
clientId: "203f1145-856a-4232-83d4-a43568fba23d",
|
||||
// MSAL v5 requires redirect bridge for popup/silent flows
|
||||
redirectUri: redirectBridgeUrl,
|
||||
},
|
||||
};
|
||||
|
||||
if (configContext.msalRedirectURI) {
|
||||
msalConfig.auth.redirectUri = configContext.msalRedirectURI;
|
||||
} else if (process.env.NODE_ENV === "development" || window.location.hostname === "localhost") {
|
||||
msalConfig.auth.redirectUri = "https://dataexplorer-dev.azurewebsites.net";
|
||||
}
|
||||
|
||||
const msalInstance = new msal.PublicClientApplication(msalConfig);
|
||||
// v3+ requires explicit initialization before using MSAL APIs
|
||||
await msalInstance.initialize();
|
||||
// Handle any redirect response (e.g., after logoutRedirect) to clear interaction state
|
||||
await msalInstance.handleRedirectPromise();
|
||||
return msalInstance;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user