Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Standardize IPublicClientApplication

See original GitHub issue

Description

An interface should define a common contract that is available across all Target Frameworks. By using compiler directives to change the API, this further makes the library untestable for mobile applications as methods that exist in netstandard simply do not exist in netcore unit tests.

Note that the idea of a contract does not mean that each method is expected to also be implemented on a specific Target Framework. By providing this common contract this means that I may have an implementation in netstandard library like:

var result = await pca.AquireTokenAsync(scopes, account, uiParent);

This would then allow me to mock AquireTokenAsync and properly test my code… As a side note AuthenticationResult needs to be opened up as the only way I have of creating an instance to return in a unit test is with an insane amount of reflection.

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:7 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
bgavrilMScommented, Nov 12, 2018

Thanks @dansiegel, that makes sense. I’ll prototype a version with bait/switch and without and see the implications.

We will not implement Confidential Client flows on mobile platforms because that would lead to a security issue, i.e. there is not secure way of deploying a secret to a mobile app and the OAuth spec reinforces this. Otherwise, it would be just a matter of enabling them …

I’ll have a look at making sure our interfaces are in sync with the objects, via unit tests. Currently we run unit tests only on net45 and netcore; getting the unit tests on other platforms proved too complex / unstable.

0reactions
jmprieurcommented, Dec 13, 2018

This is now solved in MSAL.NET 2.6.0

Read more comments on GitHub >

github_iconTop Results From Across the Web

IPublicClientApplication.java
UUID; public interface IPublicClientApplication { /** * @deprecated This method is now deprecated. The library is moving towards standardizing the use of ...
Read more >
IPublicClientApplication Interface (Microsoft.Identity.Client)
Class used to acquire tokens in desktop and mobile applications. Public client applications are not trusted to safely keep application secrets and therefore ......
Read more >
Getting Started with Microsoft Graph API - Simple Talk
The Microsoft Graph API allows access to Microsoft cloud resources such as Office365 and Enterprise Mobility and Security Services.
Read more >
Initialize client applications using MSAL.NET
Learn about initializing public client and confidential client applications using the Microsoft Authentication Library for .NET (MSAL.NET).
Read more >
Security Aspects of Software Development in the Microsoft ...
Examine security aspects of software development on the Microsoft Azure platform. Identify and review important services that the developers ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

MsalClientException during AcquireTokenSilentAsync with forcerefresh true

Next page

Upgrade from MSAL v1.0 to MSAL v2.0+ iOS - Object reference not set to an instance of an object