Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revert System.Text.Json change #485

Merged
merged 5 commits into from
Mar 6, 2024
Merged

Revert System.Text.Json change #485

merged 5 commits into from
Mar 6, 2024

Conversation

embetten
Copy link
Contributor

@embetten embetten commented Mar 6, 2024

@embetten embetten merged commit c045372 into master Mar 6, 2024
2 checks passed
@embetten embetten deleted the embetten/revert-system-test-json branch March 6, 2024 21:03
Saibamen
Saibamen reviewed Mar 7, 2024
View reviewed changes
CredentialProvider.Microsoft/CredentialProviders/Vsts/VstsSessionTokenClient.cs
@@ -83,6 +77,7 @@ public async Task<string> CreateSessionTokenAsync(VstsTokenType tokenType, DateT
string serializedResponse;
if (response.StatusCode == System.Net.HttpStatusCode.BadRequest)
{

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why?

Saibamen
Saibamen reviewed Mar 7, 2024
View reviewed changes
CredentialProvider.Microsoft/Resources.resx
@@ -473,4 +473,8 @@ Provide MSAL Cache Location
<data name="SessionTokenCacheCancelMessage" xml:space="preserve">
<value>Canceling SessionToken cache operation.</value>
</data>
<data name="InvalidJsonWarning" xml:space="preserve">
<value>Detected invalid single quote charater in JSON input. Migrate to double quotes to avoid breaking in future versions. See https://www.rfc-editor.org/rfc/rfc8259.html#section-7 for more information.</value>
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Double space before See

@embetten embetten mentioned this pull request May 2, 2024
Merged
embetten added a commit that referenced this pull request Jun 10, 2024
@embetten
Managed Identity and Service Principal Support (#492)
ae7cd59 
# Overview
- Added MSAL Managed Identity and Service Principal Token Providers to
Microsoft.Artifacts.Authentication Library.
- Created new endpoint `ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS`
environment variable with new json schema for MI/SP required fields.
- Updated VstsBuildTaskServiceEndpointCredentialProvider to call
Microsoft.Artifacts.Authentication for MI/SP token providers.
- Reverted #485 Changes to use system.text.json for de/serialization
everywhere except for the `VSS_NUGET_EXTERNAL_FEED_ENDPOINTS`
environment variable.

## Design Decisions
- Intentionally not supporting SP secrets authentication to promote
security best practices.
- The new environment variable name and json schema were created instead
of reusing or extending the existing `VSS_NUGET_EXTERNAL_FEED_ENDPOINTS`
to reduce password usage and clarify the environment variable will be
available to our other credproviders such as the
[artifacs-keyring](https://github.com/microsoft/artifacts-keyring) not
just NuGet.

## Environment Variable
 `ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS` 
```javascript
 {"endpointCredentials": [{"endpoint":"http://example.index.json", "clientId":"required", "clientCertificateSubjectName":"optional", "clientCertificateFilePath":"optional"}]}
```
- `endpoint`: required. Feed url to authenticate against. 
- `clientId`: required for both MI/SP. For user assigned managed
identities enter the Entra client id. For system assigned variables set
the value to `system`.
- `clientCertificateSubjectName`: Subject Name of the certificate
located in the My/ CurrentUser or LocalMachine certificate store.
Optional field. Only used by SP authentication.
- `clientCertificateFilePath`: File path location of the certificate on
the machine. Optional field. Only used by SP authentication.

Will throw error if both `clientCertificateSubjectName` or
`clientCertificateFilePath` are specified.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Saibamen Saibamen Saibamen left review comments

@JohnSchmeichel JohnSchmeichel JohnSchmeichel approved these changes

@jmyersmsft jmyersmsft jmyersmsft approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@embetten @Saibamen @jmyersmsft @JohnSchmeichel