DN-3783 feat: add SURFconext authentication support#1
Open
annesnour03 wants to merge 4 commits into
Open
Conversation
goomens
previously approved these changes
Jul 2, 2026
| import * as oidc from 'openid-client'; | ||
| import { logger } from '../logger.js'; | ||
|
|
||
| export const SURFCONEXT_AUTHORITY = new URL('https://connect.test.surfconext.nl/'); |
Member
There was a problem hiding this comment.
Should these be part of the extension config (with these defaults)?
Author
There was a problem hiding this comment.
I've now added something into the package.json for this
| logger.warn(`Workflow launch stopped because the API returned HTTP ${response.status}.`); | ||
| this.sendErrorResponse(launchResponse, { | ||
| id: response.status, | ||
| format: `Workflow API rejected the upload (${response.status}).` |
Member
There was a problem hiding this comment.
This should still include the error returned by the backend because this should contain a sensible error message that tells the user if they've messed up something
Author
There was a problem hiding this comment.
Good idea, I'll add that in.
…age.json and update related code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is my approach to OIDC authentication.
On launch, the extension:
vscode://thing, but I couldn't register that as a redirect in the sp dashboard).Users can clear their local session through the VS Code Accounts menu.
I first had refresh tokens implemented, but I realized that SURF doesn't grant them, I think we have to ask them to enable it for our client id (https://servicedesk.surf.nl/wiki/spaces/IAM/pages/128910087/Refresh%2BTokens%2B-%2BWhat%2Bare%2Bthey%2Band%2Bwhen%2Bto%2Buse%2Bthem). So I've just removed that part for now.