MsalInteractiveTokenProvider breaks if no console window handle available about artifacts-credprovider HOT 3 OPEN

@embetten - Some clarification for you

• We want to avoid device flow authentication if at all possible as it requires copy/paste, going to a website, entering a code, and then doesn't seem to work with SilentAuth in subsequent tries, so it means our end users have to constantly repeat this.

• The MSAL's publicclientapplicationbuilder WithBroker now requires you pass in a windows handle so it can center itself

• CredentialProvider.Microsoft has implemented this by getting a handle to the ConsoleWindow

• In our case we don't always have a console window, e.g we run CredentialProvider.Microsoft.exe directly from a Windows Forms application, and don't show a console window, which means GetConsoleWindow() returns zero, and the interactive popup we require doesn't work and we move onto the next auth method, which is DeviceFlow.

My PR just was a trial piece of code that works for us, that if we don't have a console window, then maybe we can get the window handle from the process which launched us. It could probably be refactored better into a list of IParentWindowHandleProvider type classes, trying each one in turn until one returns an HWND.

To answer your questions above directly:
You want the cred provider interactive prompt pop-up windows, and device code flow is not possible or wanted? Yes, exactly

But the parent process does not have access to the console window, but the parent process of the parent process does?
The current process might have no ConsoleWindow(), but the parent process (or parent of parent etc) does have a window (not necessarily a Console, might be a WinForm, might be a native app, but all you need is the hWnd)

from artifacts-credprovider.

@TomKuhn - to make sure I understand your use case:

You want the cred provider interactive prompt pop-up windows, and device code flow is not possible or wanted?
But the parent process does not have access to the console window, but the parent process of the parent process does?

from artifacts-credprovider.

@TomKuhn

Thanks for the additional information. Looking into the area more, it looks like the dotnet auth team is moving some of this logic into MSAL see. In addition, looking at the PR, #473, we have concerns about prompting users from the wrong handler in non-windows form scenarios.

We are considering an alternate approach to allow users to pass the appropriate handle as an input and will keep this issue open as an enhancement to track that work. For this approach, please let us know if you are running the cred provider from a nuget.exe, dotnet, or in standalone mode.

from artifacts-credprovider.