Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable broker support on Linux for WSL #766

Open
wants to merge 29 commits into
base: dev
Choose a base branch
from
Open

Enable broker support on Linux for WSL #766

wants to merge 29 commits into from

Conversation

DharshanBJ
Copy link
Contributor

No description provided.

@DharshanBJ DharshanBJ requested a review from a team as a code owner November 7, 2024 00:34
@DharshanBJ
Copy link
Contributor Author

/azp run MSAL-Python-SDL-CI

fengga
fengga reviewed Nov 7, 2024
View reviewed changes
fengga
fengga previously approved these changes Nov 7, 2024
View reviewed changes
Copy link
Contributor

@fengga fengga left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, this PR looks good to me. And please make sure get an approval from Ray.

rayluo
rayluo reviewed Nov 8, 2024
View reviewed changes
rayluo
rayluo reviewed Nov 8, 2024
View reviewed changes
rayluo
rayluo reviewed Nov 8, 2024
View reviewed changes
rayluo
rayluo reviewed Nov 8, 2024
View reviewed changes
rayluo
rayluo reviewed Nov 8, 2024
View reviewed changes
rayluo
rayluo requested changes Nov 8, 2024
View reviewed changes
Copy link
Collaborator

@rayluo rayluo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for a clean PR! Implementation wise, it looks good. I added some suggestions above, mostly in terms of our workflow. Please make corresponding changes and then wait for the PyMsalRuntime release.

rayluo
rayluo requested changes Nov 14, 2024
View reviewed changes
Copy link
Collaborator

@rayluo rayluo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will also need to change the precise dependency version error message here and a approximate version hint there

rayluo
rayluo reviewed Nov 14, 2024
View reviewed changes
@DharshanBJ
Copy link
Contributor Author

We will also need to change the precise dependency version error message here and a approximate version hint there

updated

@DharshanBJ DharshanBJ changed the title Enable broker support on Linux Enable broker support on Linux for WSL Jan 14, 2025
@thomasaarholt
Copy link

thomasaarholt commented Feb 17, 2025
edited
Loading

@DharshanBJ, I would love to see this wrapped up.

I arrived here after trying to debug errors with using msal on WSL. This PR worked "as-advertised" and made my life a whole lot easier.

Before your PR, the following snippet kept returning a browser window with The redirect URI 'http://localhost:<some port number>' specified in the request does not match the redirect URIs configured for the application.

Testing with enable_broker_on_linux=True "just worked". 🚀

    app = PublicClientApplication(
        <client_id>,
        authority=<authority>,
        enable_broker_on_linux=True,
    )
    app.acquire_token_interactive(...)

@DharshanBJ
Copy link
Contributor Author

I have one oddity. When using the broker on Linux, I get the following text printed "{{\"ping\",\"success\"}}}"

The "{{"ping","success"}}}" message is expected on WSL, it's from initializing the msal.wsl.proxy execuatble which is needed to talk to the windows broker on WSL. On pure windows, msal.wsl.proxy is not needed and hence we dont see "{{"ping","success"}}}"

@DharshanBJ , that feels like some sort of debug log. Could it be turned off or removed from that "msal.wsl.proxy"?

CC: @jiasli

Yes, this can be done, we'll remove this as part of the next msal.wsl.proxy release

rayluo
rayluo reviewed Mar 11, 2025
View reviewed changes
rayluo
rayluo reviewed Mar 11, 2025
View reviewed changes
rayluo
rayluo reviewed Mar 13, 2025
View reviewed changes
rayluo
rayluo reviewed Mar 29, 2025
View reviewed changes
rayluo
rayluo approved these changes Apr 1, 2025
View reviewed changes
Copy link
Collaborator

@rayluo rayluo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your effort all this time! Approving now, and I'll follow up with the merge and then the release shortly after.

@jiasli jiasli mentioned this pull request Apr 1, 2025
Draft
@jiasli
Copy link
Contributor

jiasli commented Apr 1, 2025
edited
Loading

Tested the code in Azure/azure-cli#31169, but can't get it working.

The behavior is different from enable_broker_on_windows where an account selection window is opened. In WSL, no account selection window is opened. It fails to acquire access token even for the home tenant (Microsoft).

$ az login
...
Select the account you want to log in with. For more information on login with Azure CLI, see https://go.microsoft.com/fwlink/?linkid=2271136

Retrieving tenants and subscriptions for the selection...
Authentication failed against tenant 72f988bf-86f1-41af-91ab-2d7cd011db47 'Microsoft': Can't find token from MSAL cache.

jiasli
jiasli suggested changes Apr 1, 2025
View reviewed changes
Copy link
Contributor

@jiasli jiasli left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't launch account selection window.

@rayluo
Copy link
Collaborator

rayluo commented Apr 1, 2025

Doesn't launch account selection window.

Please upgrade to WSL 2.4.13+

It fails to acquire access token even for the home tenant (Microsoft).

@DharshanBJ , can you investigate this one?

@DharshanBJ
Copy link
Contributor Author

Doesn't launch account selection window.

Please upgrade to WSL 2.4.13+

It fails to acquire access token even for the home tenant (Microsoft).

@DharshanBJ , can you investigate this one?

Checked with jiasli, the issue is due to not having WSL 2.4.13+, since the user is not able to acquire the token interactively(due to not having the account picker changes), the error message "Authentication failed against tenant 72f988bf-86f1-41af-91ab-2d7cd011db47 'Microsoft': Can't find token from MSAL cache." is for that same reason.

@jiasli
Copy link
Contributor

jiasli commented Apr 2, 2025

I checked update in both Windows Store and Windows Update, but WSL is still on an old version

> wsl --version
WSL version: 2.1.5.0
Kernel version: 5.15.146.1-2
WSLg version: 1.0.60
MSRDC version: 1.2.5105
Direct3D version: 1.611.1-81528511
DXCore version: 10.0.25131.1002-220531-1700.rs-onecore-base2-hyp
Windows version: 10.0.26100.3476

wsl --update is only mentioned by

https://learn.microsoft.com/en-us/windows/wsl/install should contain a section on "How to update WSL".

Also, we can't force or expect the users to update WSL to the latest version manually. It is better to have WSL updated by Windows Store or Windows Update automatically.

Besides this, the interface of this functionality looks good to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pvaneck pvaneck pvaneck left review comments

@rayluo rayluo rayluo approved these changes

@jiasli jiasli jiasli approved these changes

@evelyn-ys evelyn-ys evelyn-ys approved these changes

@fengga fengga fengga left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@DharshanBJ @thomasaarholt @rayluo @jiasli @pvaneck @evelyn-ys @fengga