random-mirrors/cosmos-explorer
1
0
Fork 0
mirror of https://github.com/Azure/cosmos-explorer.git synced 2026-04-22 14:33:34 +01:00
Code Issues Packages Projects Releases Wiki Activity

known authorities

Browse Source
This commit is contained in:
Asier Isayas
2026-03-11 06:52:31 -07:00
parent 30fcf0c02e
commit 7dffd6554f
2 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Explorer/Menus/CommandBar/CommandBarComponentButtonFactory.tsx
View File

@@ -279,15 +279,18 @@ function createOpenVsCodeDialogButton(container: Explorer): CommandButtonCompone
} }
function createLoginForEntraIDButton(container: Explorer): CommandButtonComponentProps { function createLoginForEntraIDButton(container: Explorer): CommandButtonComponentProps {
if (configContext.platform !== Platform.Portal) { // if (configContext.platform !== Platform.Portal) {
return undefined; // return undefined;
} // }
const handleCommandClick = async () => { const handleCommandClick = async () => {
await container.openLoginForEntraIDPopUp(); await container.openLoginForEntraIDPopUp();
useDataPlaneRbac.setState({ dataPlaneRbacEnabled: true }); useDataPlaneRbac.setState({ dataPlaneRbacEnabled: true });
}; };
console.log("is dataplane rbac enabled", userContext.dataPlaneRbacEnabled);
console.log("aad token", userContext.aadToken);
if (!userContext.dataPlaneRbacEnabled || userContext.aadToken) { if (!userContext.dataPlaneRbacEnabled || userContext.aadToken) {
return undefined; return undefined;
} }

13
src/Utils/AuthorizationUtils.ts
View File

@@ -58,6 +58,7 @@ export async function getMsalInstance() {
auth: { auth: {
authority: `${configContext.AAD_ENDPOINT}organizations`, authority: `${configContext.AAD_ENDPOINT}organizations`,
clientId: "203f1145-856a-4232-83d4-a43568fba23d", clientId: "203f1145-856a-4232-83d4-a43568fba23d",
knownAuthorities: [configContext.AAD_ENDPOINT],
}, },
}; };
@@ -84,14 +85,16 @@ export async function acquireMsalTokenForAccount(
hrefEndpoint = new URL(userContext.databaseAccount.properties.documentEndpoint).href.replace(/\/+$/, "/.default"); hrefEndpoint = new URL(userContext.databaseAccount.properties.documentEndpoint).href.replace(/\/+$/, "/.default");
} }
const msalInstance = await getMsalInstance(); const msalInstance = await getMsalInstance();
console.log("msalInstance", msalInstance);
const knownAccounts = msalInstance.getAllAccounts(); const knownAccounts = msalInstance.getAllAccounts();
console.log("knownAccounts", knownAccounts);
// If user_hint is provided, we will try to use it to find the account. // If user_hint is provided, we will try to use it to find the account.
// If no account is found, we will use the current active account or first account in the list. // If no account is found, we will use the current active account or first account in the list.
const msalAccount = const msalAccount =
knownAccounts?.filter((account) => account.username === user_hint)[0] ?? knownAccounts?.filter((account) => account.username === user_hint)[0] ??
msalInstance.getActiveAccount() ?? msalInstance.getActiveAccount() ??
knownAccounts?.[0]; knownAccounts?.[0];
console.log("msalAccount", msalAccount);
if (!msalAccount) { if (!msalAccount) {
// If no account was found, we need to sign in. // If no account was found, we need to sign in.
// This will eventually throw InteractionRequiredAuthError if silent is true, we won't handle it here. // This will eventually throw InteractionRequiredAuthError if silent is true, we won't handle it here.
@@ -100,6 +103,7 @@ export async function acquireMsalTokenForAccount(
loginHint: user_hint ?? userContext.userName, loginHint: user_hint ?? userContext.userName,
authority: userContext.tenantId ? `${configContext.AAD_ENDPOINT}${userContext.tenantId}` : undefined, authority: userContext.tenantId ? `${configContext.AAD_ENDPOINT}${userContext.tenantId}` : undefined,
}; };
console.log("loginRequest", loginRequest);
try { try {
if (silent) { if (silent) {
// We can try to use SSO between different apps to avoid showing a popup. // We can try to use SSO between different apps to avoid showing a popup.
@@ -163,7 +167,12 @@ export async function acquireTokenWithMsal(
// attempt silent acquisition first // attempt silent acquisition first
return (await msalInstance.acquireTokenSilent(tokenRequest)).accessToken; return (await msalInstance.acquireTokenSilent(tokenRequest)).accessToken;
} catch (silentError) { } catch (silentError) {
if (silentError instanceof msal.InteractionRequiredAuthError && silent === false) { console.log(silentError)
if (
(silentError instanceof msal.InteractionRequiredAuthError) &&
// (silentError instanceof msal.InteractionRequiredAuthError || silentError instanceof msal.AuthError) &&
silent === false
) {
try { try {
// The error indicates that we need to acquire the token interactively. // The error indicates that we need to acquire the token interactively.
// This will display a pop-up to re-establish authorization. If user does not // This will display a pop-up to re-establish authorization. If user does not