The MSAL library for Go is part of the Microsoft identity platform for developers (formerly named Azure AD) v2.0. It enables you to acquire security tokens to call protected APIs. It uses industry standard OAuth2 and OpenID Connect.
MIT License
218
stars
87
forks
source link
Support authnscheme in AcquireTokenByUsernamePassword flow #472
Adds support for authnScheme in AcquireTokenByUsernamePassword flow.
Currently, automated testing for AzRBAC and PoP token flow relies on SPN login, which uses the msal confidential client. However, most customers will be using the interactive login flow which uses msal's public client. In order to enable better testing of the customer scenario, this change enables PoP token support for username/password flow so that automated testing can be conducted for the public client.
How was the change tested?
Vendored this commit on msal into my local branch of kubelogin. Was able to successfully build kubelogin and get a PoP token using ropc (username/password flow):
What is the change?
Adds support for
authnScheme
inAcquireTokenByUsernamePassword
flow.Currently, automated testing for AzRBAC and PoP token flow relies on SPN login, which uses the msal
confidential
client. However, most customers will be using the interactive login flow which uses msal'spublic
client. In order to enable better testing of the customer scenario, this change enables PoP token support for username/password flow so that automated testing can be conducted for thepublic
client.How was the change tested?
Vendored this commit on
msal
into my local branch ofkubelogin
. Was able to successfully buildkubelogin
and get a PoP token using ropc (username/password flow):Outputted token is in correct format: