KEMBAR78
Use CIMD if supported by TylerLeonhardt · Pull Request #271403 · microsoft/vscode · GitHub
Skip to content

Use CIMD if supported #271403

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 14, 2025
Merged

Use CIMD if supported #271403

merged 2 commits into from
Oct 14, 2025
+16 −2

Conversation

@TylerLeonhardt
Copy link
Member

If the Authorization Server we are auth'ing against supports the Client ID Metadata auth flow, we use the client id metadata url from product.json as the client id in auth flows.

Fixes #270811

@TylerLeonhardt
Use CIMD if supported
d179215 
If the Authorization Server we are auth'ing against supports the Client ID Metadata auth flow, we use the client id metadata url from product.json as the client id in auth flows.

Fixes #270811
@Copilot Copilot AI review requested due to automatic review settings October 14, 2025 21:48
@TylerLeonhardt TylerLeonhardt enabled auto-merge (squash) October 14, 2025 21:48
@TylerLeonhardt TylerLeonhardt self-assigned this Oct 14, 2025
Copilot
Copilot AI reviewed Oct 14, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements Client ID Metadata Document (CIMD) support for OAuth authentication flows. When an authorization server supports CIMD, the authentication system will use the client ID metadata URL from product.json as the client ID.

Key changes:

  • Added support for checking CIMD capability in authorization server metadata
  • Modified authentication logic to use product.json's authClientIdMetadataUrl when CIMD is supported
  • Extended the OAuth interface to include the CIMD support flag

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
src/vs/workbench/api/browser/mainThreadAuthentication.ts Added IProductService injection and logic to use CIMD URL when supported
src/vs/base/common/product.ts Added optional authClientIdMetadataUrl property to product configuration
src/vs/base/common/oauth.ts Added client_id_metadata_document_supported flag to OAuth server metadata interface
package.json Updated distro hash

@vs-code-engineering vs-code-engineering bot added this to the October 2025 milestone Oct 14, 2025
@TylerLeonhardt @Copilot
Update src/vs/workbench/api/browser/mainThreadAuthentication.ts
f1c2d24 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@TylerLeonhardt TylerLeonhardt merged commit 286a752 into main Oct 14, 2025
28 checks passed
@TylerLeonhardt TylerLeonhardt deleted the tyler/probable-bobolink branch October 14, 2025 23:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dmitrivMS dmitrivMS dmitrivMS approved these changes

Assignees

@TylerLeonhardt TylerLeonhardt

Labels

None yet

Projects

None yet

Milestone

October 2025

Development

Successfully merging this pull request may close these issues.

Support Client Id Metadata Document auth flow

3 participants

@TylerLeonhardt @dmitrivMS