My team writes a monitoring system which we have recently migrated the definitions of our monitoring into a git repo. These definitions are comprised of some json and powershell files. VSCode is an ideal scenario for editing and dealing with git. The problem is while developing the monitoring it is nice to be able to execute it against a test environment. Previously all editing was done through a web interface and we allowed ad hoc execution of the powershell against test machines through an API which is secured with AzureAD and OAuth2.0.
VS Code extensions don't have access to the full electron api and you are restricted from creating a BrowserWindow to handle the usual OAuth redirect flow. Is there a way to work around this limitation and allow a user to auth to our api so that we can make calls to it?
Any ideas or possible workarounds would be awesome.
答案 0 :(得分:0)
您可以做的一件事是通过Client Credentials身份验证方法使用Server to Server。 There is node npm library here。 您需要首先通过Azure门户将VS代码扩展注册到Azure AD中。 此方法的缺点是传递给Web API的凭据不是用户的凭据,而是相同的扩展特定凭据。但是如果你不需要VS代码用户的身份就行了。
答案 1 :(得分:0)
为无法打开Web浏览器进行身份验证的应用程序获取用户令牌的受支持方法是“ OAuth设备流程”。这是有关如何使用AAD实施博客的博客链接。
答案 2 :(得分:0)
在执行身份验证时,您需要在扩展程序中托管一个本地主机Web服务器,然后将localhost:port传递为oauth登录流程的重定向URI。