Broker: Add ability to pass parent window handle for Windows broker a…

…uthentication method
microsoft · Jul 8, 2024 · cb7caec · cb7caec
1 parent 62788bf
commit cb7caec
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 4 deletions.
diff --git a/CredentialProvider.Microsoft/CredentialProviders/Vsts/MsalTokenProvidersFactory.cs b/CredentialProvider.Microsoft/CredentialProviders/Vsts/MsalTokenProvidersFactory.cs
@@ -30,7 +30,7 @@ public async Task<IEnumerable<ITokenProvider>> GetAsync(Uri authority)
             }
 
             var app = AzureArtifacts.CreateDefaultBuilder(authority)
-                .WithBroker(EnvUtil.MsalAllowBrokerEnabled(), logger)
+                .WithBroker(EnvUtil.MsalAllowBrokerEnabled(), EnvUtil.GetMsalBrokerWindowHandle(), logger)
                 .WithHttpClientFactory(HttpClientFactory.Default)
                 .WithLogging(
                     (Microsoft.Identity.Client.LogLevel level, string message, bool containsPii) =>

diff --git a/...redentialProviders/VstsBuildTaskServiceEndpoint/VstsBuildTaskMsalTokenProvidersFactory.cs b/...redentialProviders/VstsBuildTaskServiceEndpoint/VstsBuildTaskMsalTokenProvidersFactory.cs
@@ -24,7 +24,7 @@ public VstsBuildTaskMsalTokenProvidersFactory(ILogger logger)
     public Task<IEnumerable<ITokenProvider>> GetAsync(Uri authority)
     {
         var app = AzureArtifacts.CreateDefaultBuilder(authority)
-            .WithBroker(EnvUtil.MsalAllowBrokerEnabled(), logger)
+            .WithBroker(EnvUtil.MsalAllowBrokerEnabled(), EnvUtil.GetMsalBrokerWindowHandle(), logger)
             .WithHttpClientFactory(HttpClientFactory.Default)
             .WithLogging(
                 (level, message, containsPii) =>

diff --git a/CredentialProvider.Microsoft/Util/EnvUtil.cs b/CredentialProvider.Microsoft/Util/EnvUtil.cs
@@ -35,6 +35,7 @@ public static class EnvUtil
         public const string MsalFileCacheEnvVar = "NUGET_CREDENTIALPROVIDER_MSAL_FILECACHE_ENABLED";
         public const string MsalFileCacheLocationEnvVar = "NUGET_CREDENTIALPROVIDER_MSAL_FILECACHE_LOCATION";
         public const string MsalAllowBrokerEnvVar = "NUGET_CREDENTIALPROVIDER_MSAL_ALLOW_BROKER";
+        public const string MsalBrokerWindowEnvVar = "NUGET_CREDENTIALPROVIDER_MSAL_BROKER_WINDOW";
 
         public const string EndpointCredentials = "ARTIFACTS_CREDENTIALPROVIDER_FEED_ENDPOINTS";
         public const string BuildTaskExternalEndpoints = "VSS_NUGET_EXTERNAL_FEED_ENDPOINTS";
@@ -100,6 +101,22 @@ public static bool MsalAllowBrokerEnabled()
             return GetEnabledFromEnvironment(MsalAllowBrokerEnvVar, defaultValue: RuntimeInformation.IsOSPlatform(OSPlatform.Windows));
         }
 
+        public static IntPtr? GetMsalBrokerWindowHandle()
+        {
+            var handleRaw = Environment.GetEnvironmentVariable(MsalBrokerWindowEnvVar);
+            if (handleRaw == null)
+            {
+                return null;
+            }
+
+            if (!long.TryParse(handleRaw, out var numericHandle))
+            {
+                return null;
+            }
+
+            return new IntPtr(numericHandle);
+        }
+
         public static IList<string> GetHostsFromEnvironment(ILogger logger, string envVar, IEnumerable<string> defaultHosts, [CallerMemberName] string collectionName = null)
         {
             var hosts = new List<string>();

diff --git a/src/Authentication/AzureArtifacts.cs b/src/Authentication/AzureArtifacts.cs
@@ -33,7 +33,7 @@ public static PublicClientApplicationBuilder CreateDefaultBuilder(Uri authority)
         return builder;
     }
 
-    public static PublicClientApplicationBuilder WithBroker(this PublicClientApplicationBuilder builder, bool enableBroker, ILogger logger)
+    public static PublicClientApplicationBuilder WithBroker(this PublicClientApplicationBuilder builder, bool enableBroker, IntPtr? parentWindowHandle, ILogger logger)
     {
         // Eventually will be rolled into CreateDefaultBuilder as using the brokers is desirable
         if (!enableBroker)
@@ -52,7 +52,7 @@ public static PublicClientApplicationBuilder WithBroker(this PublicClientApplica
                     ListOperatingSystemAccounts = true,
                     MsaPassthrough = true
                 })
-                .WithParentActivityOrWindow(() => GetConsoleOrTerminalWindow());
+                .WithParentActivityOrWindow(() => parentWindowHandle ?? GetConsoleOrTerminalWindow());
         }
         else
         {
@@ -62,6 +62,11 @@ public static PublicClientApplicationBuilder WithBroker(this PublicClientApplica
 
         return builder;
     }
+
+    public static PublicClientApplicationBuilder WithBroker(this PublicClientApplicationBuilder builder, bool enableBroker, ILogger logger)
+    {
+        return builder.WithBroker(enableBroker, null, logger);
+    }
 
     public static PublicClientApplicationBuilder WithHttpClient(this PublicClientApplicationBuilder builder, HttpClient? httpClient = null)
     {