Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Username/Password (ROPC) over confidential client #3774

Closed
4 tasks done
bgavrilMS opened this issue Oct 31, 2022 · 3 comments
Closed
4 tasks done

[Feature Request] Username/Password (ROPC) over confidential client #3774

bgavrilMS opened this issue Oct 31, 2022 · 3 comments
Assignees
@trwalke
Labels
epic Feature Request P2

Comments

@bgavrilMS
Copy link
Member

bgavrilMS commented Oct 31, 2022
edited by trwalke
Loading

This is a consistency item. Tracking epic: https://identitydivision.visualstudio.com/Engineering/_backlogs/backlog/Auth%20Client%20-%20Client%20SDK%20-%20DotNet/Features/?showParents=false&workitem=2092736

Work to be done:

  • throw exception for federated users, we don't want to support this scenario.
  • add new API cca.AcquireTokenByUsernamePassword(string[], string, string) (no support for SecureString). I recommend adding new API and not moving existing API to base class.
  • Static caching of tokens?
  • Integration tests

For now, we should restrict this to cloud users only.
@bgavrilMS
Copy link
Member Author

@rayluo - how did you implement this on MSAL py for federated users, where the public client flow uses SAML?

@bgavrilMS bgavrilMS added this to the 4.49.0 milestone Oct 31, 2022
@rayluo
Copy link
Contributor

rayluo commented Oct 31, 2022

@rayluo - how did you implement this on MSAL py for federated users, where the public client flow uses SAML?

That change in and of itself did not alter how MSAL handles federated users. As long as the IDP does not - and I do not see why they should - behave differently on whether a request also contains client secret (or client certificate), MSALs should not need to treat federated users differently than before.

@pmaytak pmaytak modified the milestones: 4.49.0, 4.50.0 Dec 15, 2022
@bgavrilMS bgavrilMS added the epic label Dec 21, 2022
@bgavrilMS bgavrilMS removed this from the 4.50.0 milestone Dec 21, 2022
@bgavrilMS
Copy link
Member Author

Not planned for Q1

@bgavrilMS bgavrilMS added P2 and removed P3 labels Jul 10, 2023
@trwalke trwalke self-assigned this Feb 28, 2024
@trwalke trwalke mentioned this issue Jun 6, 2024
Merged
1 task
@trwalke trwalke closed this as completed Aug 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trwalke trwalke

Labels
epic Feature Request P2
Projects
MSAL Customer Trust / QM
Archived in project
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rayluo @bgavrilMS @trwalke @pmaytak