Skip to content

Upgrade Microsoft.Identity.Client package reference #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
philon-msft merged 3 commits into from
Jun 1, 2023
Merged

Upgrade Microsoft.Identity.Client package reference #7

philon-msft merged 3 commits into from
Jun 1, 2023

Conversation

@philon-msft
Copy link
Contributor

@philon-msft philon-msft commented May 25, 2023
edited
Loading

Fix #6, #15, #18, #34

neha-bhargava
neha-bhargava reviewed May 25, 2023
View reviewed changes
gladjohn
gladjohn reviewed May 25, 2023
View reviewed changes
@gladjohn
Copy link

gladjohn commented May 25, 2023

changes looks good. please enable MSAL logging, this will help us with troubleshooting any issues you may see.

@samsaha-ms samsaha-ms mentioned this pull request May 25, 2023
Closed
@philon-msft
Copy link
Contributor Author

philon-msft commented May 25, 2023

changes looks good. please enable MSAL logging, this will help us with troubleshooting any issues you may see.

Thanks @gladjohn - we plan to enable MSAL logging in an upcoming release once StackExchange.Redis itself supports a logging story

gladjohn
gladjohn reviewed May 25, 2023
View reviewed changes
src/AzureCacheForRedis.cs
/// <param name="configurationOptions">The configuration to update.</param>
/// <param name="clientId">Client ID of the user-assigned managed identity.</param>
/// <param name="clientId">Client ID or resource ID of the user-assigned managed identity.</param>
/// <param name="principalId">Principal (object) ID of the user-assigned managed identity.</param>
Copy link

@gladjohn gladjohn May 25, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MSAL does not support principalId for Managed Identity. Is this something you want us to support?

Copy link
Contributor Author

@philon-msft philon-msft May 26, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@samsaha-ms can you comment on this? We pass the MI's object/principal ID as the username for the Redis connection, so I believe we use it in some capacity while validating tokens on the server side

Copy link

@samsaha-ms samsaha-ms May 26, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this is something related to what our extension does to interact with Redis, not related to MSAL.
It does two things 1. Acquire token from MSAL 2. Send AUTH request to Redis with principal-id and token to comply with redis command format "auth username password" and we validate this pair in server side.
We could actually make this field optional here, we could parse the acquired token and get the oid field in token and use that value while sending to redis. We can choose it do later after giving some thought as it might add client side overhead of parsing token.

@philon-msft philon-msft merged commit f0312b3 into main Jun 1, 2023
@tompazourek tompazourek mentioned this pull request Sep 11, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

3 more reviewers

@gladjohn gladjohn gladjohn approved these changes

@neha-bhargava neha-bhargava neha-bhargava approved these changes

@samsaha-ms samsaha-ms samsaha-ms approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Authentication fails for User Assigned Managed Identity

5 participants

@philon-msft @gladjohn @neha-bhargava @samsaha-ms