Skip to content

Commit 4d017a9

Browse files
author
Rachel Macfarlane
committed
Fix displayName of sessions
1 parent a90aedd commit 4d017a9

File tree

1 file changed

+22
-18
lines changed

1 file changed

+22
-18
lines changed

extensions/vscode-account/src/AADHelper.ts

Lines changed: 22 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -4,18 +4,18 @@
44
*--------------------------------------------------------------------------------------------*/
55

66
import * as crypto from 'crypto';
7-
import * as vscode from 'vscode';
87
import * as https from 'https';
98
import * as querystring from 'querystring';
10-
import { keychain } from './keychain';
11-
import { toBase64UrlEncoding } from './utils';
9+
import * as vscode from 'vscode';
1210
import { createServer, startServer } from './authServer';
11+
import { keychain } from './keychain';
1312
import Logger from './logger';
13+
import { toBase64UrlEncoding } from './utils';
1414

1515
const redirectUrl = 'https://vscode-redirect.azurewebsites.net/';
1616
const loginEndpointUrl = 'https://login.microsoftonline.com/';
1717
const clientId = 'aebc6443-996d-45c2-90f0-388ff96faa56';
18-
const scope = 'https://management.core.windows.net/.default offline_access';
18+
const resourceId = 'https://management.core.windows.net/';
1919
const tenant = 'common';
2020

2121
interface IToken {
@@ -24,6 +24,13 @@ interface IToken {
2424
refreshToken: string;
2525
}
2626

27+
interface ITokenClaims {
28+
email?: string;
29+
unique_name?: string;
30+
oid?: string;
31+
altsecid?: string;
32+
}
33+
2734
export const onDidChangeSessions = new vscode.EventEmitter<void>();
2835

2936
export class AzureActiveDirectoryService {
@@ -59,23 +66,20 @@ export class AzureActiveDirectoryService {
5966
}
6067

6168
private tokenToAccount(token: IToken): vscode.Session {
69+
const claims = this.getTokenClaims(token.accessToken);
6270
return {
63-
id: '',
71+
id: claims?.oid || claims?.altsecid || '',
6472
accessToken: token.accessToken,
65-
displayName: this.getDisplayNameFromToken(token.accessToken)
73+
displayName: claims?.email || claims?.unique_name || '[email protected]'
6674
};
6775
}
6876

69-
private getDisplayNameFromToken(accessToken: string): string {
70-
let displayName = '[email protected]';
77+
private getTokenClaims(accessToken: string): ITokenClaims | undefined {
7178
try {
72-
// TODO fixme
73-
displayName = JSON.parse(atob(accessToken.split('.')[1]));
79+
return JSON.parse(Buffer.from(accessToken.split('.')[1], 'base64').toString());
7480
} catch (e) {
75-
// Fall back to example display name
81+
Logger.error(e.message);
7682
}
77-
78-
return displayName;
7983
}
8084

8185
get sessions(): vscode.Session[] {
@@ -108,7 +112,7 @@ export class AzureActiveDirectoryService {
108112

109113
const codeVerifier = toBase64UrlEncoding(crypto.randomBytes(32).toString('base64'));
110114
const codeChallenge = toBase64UrlEncoding(crypto.createHash('sha256').update(codeVerifier).digest('base64'));
111-
const loginUrl = `${loginEndpointUrl}${tenant}/oauth2/v2.0/authorize?response_type=code&response_mode=query&client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodeURIComponent(redirectUrl)}&state=${state}&scope=${encodeURIComponent(scope)}&prompt=select_account&code_challenge_method=S256&code_challenge=${codeChallenge}`;
115+
const loginUrl = `${loginEndpointUrl}${tenant}/oauth2/authorize?response_type=code&response_mode=query&client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodeURIComponent(redirectUrl)}&state=${state}&resource=${encodeURIComponent(resourceId)}&prompt=select_account&code_challenge_method=S256&code_challenge=${codeChallenge}`;
112116

113117
await redirectReq.res.writeHead(302, { Location: loginUrl });
114118
redirectReq.res.end();
@@ -165,12 +169,12 @@ export class AzureActiveDirectoryService {
165169
grant_type: 'authorization_code',
166170
code: code,
167171
client_id: clientId,
168-
scope: scope,
172+
resource: resourceId,
169173
code_verifier: codeVerifier,
170174
redirect_uri: redirectUrl
171175
});
172176

173-
const tokenUrl = vscode.Uri.parse(`${loginEndpointUrl}${tenant}/oauth2/v2.0/token`);
177+
const tokenUrl = vscode.Uri.parse(`${loginEndpointUrl}${tenant}/oauth2/token`);
174178

175179
const post = https.request({
176180
host: tokenUrl.authority,
@@ -220,12 +224,12 @@ export class AzureActiveDirectoryService {
220224
refresh_token: refreshToken,
221225
client_id: clientId,
222226
grant_type: 'refresh_token',
223-
scope: scope
227+
resource: resourceId
224228
});
225229

226230
const post = https.request({
227231
host: 'login.microsoftonline.com',
228-
path: `/${tenant}/oauth2/v2.0/token`,
232+
path: `/${tenant}/oauth2/token`,
229233
method: 'POST',
230234
headers: {
231235
'Content-Type': 'application/x-www-form-urlencoded',

0 commit comments

Comments
 (0)