auth: `authentication.getSession` doesn't respect scopes argument

microsoft / vscode-azuretools

Common packages for building Azure extensions for VS Code

MIT License

106 stars 66 forks source link

auth: `authentication.getSession` doesn't respect scopes argument #1596

Open alexweininger opened 11 months ago

alexweininger commented 11 months ago

The implementation returns the same session regardless of what scopes are passed to getSession().

https://github.com/microsoft/vscode-azuretools/blob/51c5c77594a377fc0e1d5328a4debeacc6e93b9e/auth/src/VSCodeAzureSubscriptionProvider.ts#L262

alexweininger commented 1 month ago

This needs to be reopened because the fix #1597 had to be reverted since it caused many downstream issues. We need to reimplement a fix for this to unblock a couple of other extensions.

See https://github.com/microsoft/vscode-azuretools/issues/1745

mikeburgh commented 1 month ago

I found a way to work around this if someone needs it while this is being worked on.

Looking at the fix, I found you can use the built in getSession method, and along with the scopes you need, add in VSCODE_TENANT:{tenantId}

For example: vscode.authentication.getSession('microsoft',['https://management.core.windows.net/.default','VSCODE_TENANT:xxx-xxx-yyy-yyy']

The access token in the session you get back will then work with the associated API (Azure, etc) for the tenant you provided.