Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement POP (SHR) for confidential client #1946

Closed
bgavrilMS opened this issue Jul 17, 2020 · 3 comments
Closed

Implement POP (SHR) for confidential client #1946

bgavrilMS opened this issue Jul 17, 2020 · 3 comments
Assignees
@trwalke
Labels
Feature Request
Milestone
4.18.0

Comments

@bgavrilMS
Copy link
Member

bgavrilMS commented Jul 17, 2020
edited by trwalke
Loading

What MSAL implements today:

  • WithProofOfPossession API
  • this is available on .NET desktop for public client only
  • there exists an internal interface IPoPCryptoProvider for key management
  • key management is done by storing key on disk in a container (similar to DPAPI protection)

Tasks to complete:

First deliverable

  1. Add an implementation of IPoPCryptoProvider that stores key in memory statically. Keys must be recycled every 8h. This should be the default implementation.
  2. Expose public API on .net core and on confidentuil client
@bgavrilMS
Copy link
Member Author

CC @henrik-me - a spec for the PoP work

@bgavrilMS bgavrilMS added this to the 4.18.0 milestone Jul 23, 2020
@henrik-me henrik-me changed the title Implement POP for confidential client Implement POP (SHR) for confidential client Aug 5, 2020
@trwalke trwalke mentioned this issue Aug 13, 2020
Merged
@trwalke trwalke mentioned this issue Aug 26, 2020
Closed
@trwalke
Copy link
Member

trwalke commented Aug 26, 2020

Continuing in Part 2 (#2013)

@trwalke
Copy link
Member

trwalke commented Sep 2, 2020

fixed in Release 4.18.0

@trwalke trwalke closed this as completed Sep 2, 2020
@trwalke trwalke mentioned this issue Dec 8, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@trwalke trwalke

Labels
Feature Request
Projects
None yet
Milestone
4.18.0
Development

No branches or pull requests
3 participants
@bgavrilMS @trwalke @henrik-me