[Identity] Using service-bus for manual test with MSAL 2.0 #13308
Conversation
Once finished and cleaned up, fixes #13307
ghost
added
the
sadasant
changed the title
|
@jonathandturner I'll get @HarshaNalluru 🌞 |
sadasant
changed the title
sadasant
changed the title
Co-authored-by: Harsha Nalluru <[email protected]>
| @@ -2,7 +2,7 @@ | |||
|
|
|||
| This package contains some simple manual verification for the use of Azure | |||
| Identity with other Azure SDK libraries in the browser. For now, it just tests | |||
| that the `InteractiveBrowserCredential` works with the `@azure/keyvault-keys` | |||
| that the `InteractiveBrowserCredential` works with the `@azure/service-bus` | |||
There was a problem hiding this comment.
Ran into this..
Access to fetch at 'https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Why don't I run into the same error when I'm bundling and serving with "parcel"?
There was a problem hiding this comment.
So, running with a new AAD application worked fine.
Might be that the older AAD apps are not supported the same way?
There was a problem hiding this comment.
They should work too 👍 the app that I have (the one you saw me run this through) is an older one. Can you try again?
There was a problem hiding this comment.
It failed again, it is not a blocker of this PR. Based on our discussion offline, we don't know what's causing it.
Let's investigate further once the MSAL people get back to you on the issue.
Co-authored-by: Harsha Nalluru <[email protected]>
| - Creating a Key Vault (if you haven't created one). | ||
| - Either in the "Access policies" section of the creation form, or by going to your Key Vault's "Access policies" page, click con `+ Add Access Policy`, select all permissions, then select your AAD application as the "principal", then click "Add", then click "Save" if applicable. | ||
| - Creating a Service Bus namespace (if you haven't created one). | ||
| - Either in the "Access policies" section of the creation form, or by going to the Service Bus namespace's "Access policies" page, click con `+ Add Access Policy`, select all permissions, then select your AAD application as the "Service Bus Data Owner", then click "Add", then click "Save" if applicable. |
There was a problem hiding this comment.
Just checked.. you can't add access policies while creation.. you need to go to the namespace and do it.
There was a problem hiding this comment.
| - Either in the "Access policies" section of the creation form, or by going to the Service Bus namespace's "Access policies" page, click con `+ Add Access Policy`, select all permissions, then select your AAD application as the "Service Bus Data Owner", then click "Add", then click "Save" if applicable. | |
| - Go to the Service Bus namespace's "Access control (IAM)" tab, click on `+ Add` > `Add role assignment`, Pick "Service Bus Data Owner" role, and select your AAD application to assign the role, then click "Save". |
Updates the Identity InteractiveBrowserCredential to work with MSAL 1 and 2, meaning with the Implicit Grant flow and the Auth Code Flow. Also moved it from using Key Vault to use Service Bus, since Key Vault doesn't allow CORS.
Relies on this update: #13263
Fixes #13307