Skip to content

[msal-node][msal-common] Client applications, authorization code and device code implementation #1409

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 27 commits into from
Mar 26, 2020
Merged

[msal-node][msal-common] Client applications, authorization code and device code implementation #1409

merged 27 commits into from
Mar 26, 2020

Conversation

sangonzal
Copy link
Contributor

@sangonzal sangonzal commented Mar 23, 2020
edited
Loading

Adds implementation public APIs and implementation for authorization code flow and device code flow. Will add a separate PR for unit tests- won't merge this until that is out and reviewed.

Adds to msal-common:

  • AuthorizationCodeClient - creating authorization endpoint URI and then making token request
  • DeviceCodeClient - device code flow
  • BaseClient - will be extended by all oauth clients (refresh token and silent coming next)
  • Configuration - configuration of for oauth clients

response:

  • DeviceCodeResponse - response from first step of device code flow. Returned to user via callback.
  • AuthenticationResult - value returned to the user after a successful token acquisition. Have not finalized if this will be added.

request:

  • AuthorizationCodeRequest - ClientApp.acquireTokenByAuthCode(AuthorizationCodeRequest)
  • AuthorizationCodeUrlRequest - ClientApp.getAuthCodeUrl(AuthorizationCodeUrlRequest)
  • DeviceCodeRequest - PublicClientApp.acquireTokenByDeviceCode(DeviceCodeRequest)
  • RequestValidator - validation utils for requests
  • RequestUtils - utils for constructing requests
  • CancellationToken - for cancelling polling in device code flow

Add to msal-node:

  • ClientApplication - abstract base class for PublicClientApp and ConfidentialClientApp. Contains APIs shared by both. Not exported.
  • PublicClientApplication - public client flows.
  • ConfidentialClientApplication - confidential client flows.
  • ClientConfiguration - configuration for PublicClientApplication and ConfidentialClientApplication.
  • HeaderUtils - Injecting node default headers into msal-common

Adds to samples:

  • msal-node-auth-code: express app showing authorization code flow
  • msal-node-device-code: console app showing device code flow

sameerag and others added 23 commits March 15, 2020 01:11
@sameerag
generateUrl initial changes
70a9dec
@sameerag
End-to-end Authorization code grant with PKCE for msal-node
c661000
@sameerag
Add .DS_Store to gitignore
ae7a430
@sameerag
Add conditional check for code_challenge
2ab34e9
@sameerag
Commit lerna bootstrap changes
ff95f27
@sameerag
more lerna changes
c6c4cca
@sameerag
add axios
54e4ca1
@sameerag
fixing tests
dd87af5
@sameerag
fixing more tests
5b9f0e5
@sameerag
Updating test path for windows
14965b2
@sameerag
moving "axios" to a regular dependency
ed4717e
@sameerag
removing the print statement
bc75b89
@sameerag
Merge pull request #1383 from AzureAD/msal-node-lerna
8518076 
[msal-node] lerna bootstrap and lerna builds
@sameerag
Changing helpers to be member functions
495b222
@sameerag
Improve readability by undoing some of the "prettify" changes
d0a0355
Add device code implementation.
eb56f70
Merge branch 'msal-node-generate-request' into sagonzal/device-code
642684f
Add device code sample
9f2062b
Clean up device code implementation
eba0ceb
Add msal-node auth code sample
0a2b5e4
Add comments. Refactor.
f883bcb
Add comments. Delete unused code.
ee3f5fa
Merge branch 'msal-node-network' into sagonzal/device-code
9bb12b9
@sangonzal sangonzal changed the title msal-node authorization code and device code implementation [msal-node][msal-common] Client applications, authorization code and device code implementation Mar 23, 2020
@sameerag sameerag mentioned this pull request Mar 23, 2020
Closed
1 task
sangonzal
sangonzal commented Mar 23, 2020
View reviewed changes
lib/msal-node/src/cache/Storage.ts
@@ -0,0 +1,231 @@
/*
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please ignore this file. It's here as placeholder, and @sameerag plans to update this with her cache work.

sangonzal
sangonzal commented Mar 23, 2020
View reviewed changes
lib/msal-common/src/request/RequestValidator.ts
@@ -0,0 +1,82 @@
/*
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Considering moving these methods to RequestUtils. Thoughts?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this file here is actually more representative of a RequestUtils file and the other (current) RequestUtils file is really just a bunch of helper/setter functions that should probably live where that request it being built

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've refactored away from using the static methods and just created a "ParametersBuilder" that contains these methods, as they will be shared by all the clients in msal-common

jmckennon
jmckennon reviewed Mar 25, 2020
View reviewed changes
lib/msal-common/src/request/CancellationToken.ts
* While the user authenticates on a separate device, MSAL polls the the token endpoint of security token service for the interval
* specified in the device code resonse (usually 15 minutes). To stop polling and cancel the request, set cancellationToken.cancel = true.
* */
export class CancellationToken {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I may just be ignorant here, but is the plan to add to this class? what's the purpose of having a class with just one field and nothing else?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CancellationToken is a pattern used to be able to short-circuit a long running operation.

lib/msal-common/src/request/RequestValidator.ts
@@ -0,0 +1,82 @@
/*
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO this file here is actually more representative of a RequestUtils file and the other (current) RequestUtils file is really just a bunch of helper/setter functions that should probably live where that request it being built

lib/msal-common/src/request/AuthorizationCodeRequest.ts
* @type AuthorizationCodeRequest: Request object passed by user to acquire a token from the server exchanging a valid authorization code
* (second leg of OAuth2.0 Authorization Code flow)
*
* scopes: A space-separated array of scopes for the same resource.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just wanted to say that I appreciate the effort that gets put into the readability of many of these comments, well done

lib/msal-common/src/utils/RequestUtils.ts
* @param paramsMap
* @param authority
*/
static createQueryString(paramsMap: Map<string, string>): string {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to the comment on RequestValidator, I think every function in this file probably belongs somewhere in the request folder else except for this one as createQueryString

@sameerag sameerag merged commit b999ccf into msal-node-network Mar 26, 2020
@DarylThayil
Copy link
Contributor

made lots of comments, but overall looking good. It is definitely a challenge to review in totality with the number of changes. In the future I would encourage thinking through how to do this in say 10 smaller prs.

Maybe something like

  1. stub apis
  2. implement request utils
  3. implement http client for device code and auth code
  4. implement pol for device code
  5. etc....

That way you can add tests as you go for each stage and the mental over head of each pr is fairly small. Even if you end up altering previous pieces as you go its no big deal because the number of changes is fairly low.

I also find that it helps me high level plan out my design better to do smaller prs.

@sameerag sameerag mentioned this pull request Apr 6, 2020
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DarylThayil DarylThayil DarylThayil left review comments

@jmckennon jmckennon jmckennon left review comments

@pkanher617 pkanher617 Awaiting requested review from pkanher617

@sameerag sameerag Awaiting requested review from sameerag

@jasonnutter jasonnutter Awaiting requested review from jasonnutter

@tnorling tnorling Awaiting requested review from tnorling

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@sangonzal @DarylThayil @jasonnutter @jmckennon @sameerag