kiota
kiota copied to clipboard
default valid hostnames values and default scope value in the access token provider should be defined in graph core
default valid hostnames values and default scope value in the access token provider should be defined in graph core
Originally posted by @baywet in https://github.com/microsoft/kiota/pull/1051#r791026894
We should move https://graph.microsoft.com/.default
and graph.microsoft.com
I will incorporate the typescript changes for the core part as I am already working on the auth part in core. And marking this issue in the Graph core for JavaScript
@baywet is this tracking work each team needs to cover or general kiota work.
I'm not sure anything needs to happen in Kiota itself anymore at this point. Maybe a little change in behaviour, if there are no valid hostnames, all the host names are valid (instead of nothing valid)? For the scopes, maybe we could set a generic OpenId scope here as a default? And then the work that needs to happen is to set the defaults in Graph cores instead.
After some additional research the best course of actions is probably:
- To have a default scope of
<scheme>://<host>/.default
used in theGetAuthorizationTokenAsync
method of the azure access token provider. This way it'll also work for national clouds or other APIs secured with MIP. - To have the allowed host validator validate when no hosts are provided. (already the case in .net)
- To have default hosts defined with a derived authentication provider in graph core and removed from the kiota lib.
TODO:
- [x] test out ruby changes
- [x] update readmes for go/ruby service libs
- [x] create issues for php/python/swift
- [x] update public docs