Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: AzureAD/microsoft-authentication-library-for-go
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.4.1
Choose a base ref
...
head repository: AzureAD/microsoft-authentication-library-for-go
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.4.2
Choose a head ref
  • 5 commits
  • 27 files changed
  • 2 contributors

Commits on Mar 11, 2025

  1. Support for refresh_in for ConfidentialClient (#542) 

    * Added support for force refresh_in

* fixed failing test

* updating storage

* Updated the force refresh in

* Updated test description

* Updated test

* Updated force refresh in

Shifted RefreshOn in Metadata

* Updated some tests

* Updated time.

* Cleaned up code reference with PR comments

* Refactor code

* Updated the refreshin system on per tenant base

* Added test for force refresh once for each tenant

* Update confidential_test.go

* Update confidential_test.go

* Update confidential_test.go

* Refactor code

* Update confidential_test.go

* Updated some tests to adapt to change in time

* Added RefreshIn logic for Managed Identity

* Added a sync http client and updated tests

* Updated the code

* Added a time setting for refreshOn for MI

* Updated the refreshon time when ests gives empry refreshon

* Updated test to fail on first error

* Refactored the channel for test

* Resolve PR comments

* updated code based on comments

* Added a test to check the concurrent 2 tenant request

* Updated concurrent test

* Updating MockClient

* Updated one concurrent test

* Update confidential_test.go

* Resolved the flaky test

* Updating for the simpler check for refresh in

* resolved comments
    @4gust
    4gust authored Mar 11, 2025
    Loading
    Loading status checks…

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    3e85bc9 View commit details

  2. Update public_test.go (#560)

    @4gust
    4gust authored Mar 11, 2025
    Loading
    Loading status checks…

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    fc56b03 View commit details

Commits on Mar 21, 2025

  1. Exposing necessary types from each client (#561) 

    * Exposing necessary types from each client

* Updated formatting

* Update confidential_test.go

* Removed TokenSourceUnknown
    @4gust
    4gust authored Mar 21, 2025
    Loading
    Loading status checks…

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    5881237 View commit details

Commits on Mar 24, 2025

  1. 4gust/cca 256sha support (#562) 

    * Updated the Algo to PR256

* Updated the token header keys

* reformat code

* Added that ADFS and dSTS uses sha1 algo

* Add ADFS and DSTS signing support with RS256 algorithm

* refactoring code

* added comment on nosec issue

* Fetching cert from env directly

* Added temp running on pipeline

* Added secret to yaml file

* secret name changed

* Update build_test.yaml

* Update build_test.yaml

* Update build_test.yaml

* Update build_test.yaml

* Removed the branch name from pipeline

* Update apps/tests/integration/integration_test.go

Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>

* Update apps/tests/integration/integration_test.go

Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>

Co-authored-by: Charles Lowell <10964656+chlowell@users.noreply.github.com>
    @4gust @chlowell
    4gust and chlowell authored Mar 24, 2025
    Loading
    Loading status checks…

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    5fa3f02 View commit details

Commits on Mar 26, 2025

  1. Updated the version info (#564) 

    * Updated the version info

* Update release.md
    @4gust
    4gust authored Mar 26, 2025
    Loading
    Loading status checks…

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    8a9d640 View commit details
10 changes: 6 additions & 4 deletions ado/build_test.yaml
View file
Original file line number Diff line number Diff line change
@@ -5,7 +5,7 @@ pr:
autoCancel: false
branches:
include:
- main
- main

pool:
vmImage: "ubuntu-latest"
@@ -29,22 +29,24 @@ steps:
- task: Go@0
inputs:
command: "test"
arguments: "-race -short ./apps/cache/... ./apps/confidential/... ./apps/public/... ./apps/internal/..."
arguments: "-race -short ./apps/cache/... ./apps/confidential/... ./apps/public/... ./apps/internal/... ./apps/managedidentity/..."
workingDirectory: "$(System.DefaultWorkingDirectory)"
displayName: "Run Unit Tests"
- task: AzureKeyVault@2
displayName: "Connect to Key Vault"
inputs:
azureSubscription: "AuthSdkResourceManager"
KeyVaultName: "msidlabs"
SecretsFilter: "LabAuth"
SecretsFilter: "LabAuth,IDLABS-APP-Confidential-Client-Cert-OnPrem"
- task: Bash@3
displayName: Installing certificate
inputs:
targetType: "inline"
script: |
echo $(LabAuth) | base64 -d > $(Build.SourcesDirectory)/cert.pfx
openssl pkcs12 -in $(Build.SourcesDirectory)/cert.pfx -out $(Build.SourcesDirectory)/cert.pem -nodes -passin pass:''
OPENSSL_CONF=/dev/null openssl pkcs12 -in $(Build.SourcesDirectory)/cert.pfx -out $(Build.SourcesDirectory)/cert.pem -nodes -passin pass:'' -legacy
echo "$(IDLABS-APP-Confidential-Client-Cert-OnPrem)" | base64 -d > $(Build.SourcesDirectory)/ccaCert.pfx
OPENSSL_CONF=/dev/null openssl pkcs12 -in $(Build.SourcesDirectory)/ccaCert.pfx -out $(Build.SourcesDirectory)/ccaCert.pem -nodes -passin pass:'' -legacy
- task: Go@0
inputs:
11 changes: 9 additions & 2 deletions apps/confidential/confidential.go
View file
Original file line number Diff line number Diff line change
@@ -65,6 +65,13 @@ type AuthenticationScheme = authority.AuthenticationScheme

type Account = shared.Account

type TokenSource = base.TokenSource

const (
TokenSourceIdentityProvider = base.TokenSourceIdentityProvider
TokenSourceCache = base.TokenSourceCache
)

// CertFromPEM converts a PEM file (.pem or .key) for use with [NewCredFromCert]. The file
// must contain the public certificate and the private key. If a PEM block is encrypted and
// password is not an empty string, it attempts to decrypt the PEM blocks using the password.
@@ -639,7 +646,7 @@ func (cca Client) AcquireTokenByUsernamePassword(ctx context.Context, scopes []s
if err != nil {
return AuthResult{}, err
}
return cca.base.AuthResultFromToken(ctx, authParams, token, true)
return cca.base.AuthResultFromToken(ctx, authParams, token)
}

// acquireTokenByAuthCodeOptions contains the optional parameters used to acquire an access token using the authorization code flow.
@@ -733,7 +740,7 @@ func (cca Client) AcquireTokenByCredential(ctx context.Context, scopes []string,
if err != nil {
return AuthResult{}, err
}
return cca.base.AuthResultFromToken(ctx, authParams, token, true)
return cca.base.AuthResultFromToken(ctx, authParams, token)
}

// acquireTokenOnBehalfOfOptions contains optional configuration for AcquireTokenOnBehalfOf
Loading