Update trusted extensions flow again

ace72b77 · Rachel Macfarlane · df6e2e96 · ace72b77 · ace72b77 · ace72b77
4 changed file
--- a/src/vs/workbench/api/browser/mainThreadAuthentication.ts
+++ b/src/vs/workbench/api/browser/mainThreadAuthentication.ts
@@ -35,7 +35,6 @@ const BUILT_IN_AUTH_DEPENDENTS: AuthDependent[] = [
 interface AllowedExtension {
 	id: string;
 	name: string;
-	sessionIds?: string[];
 }

 function readAllowedExtensions(storageService: IStorageService, providerId: string, accountName: string): AllowedExtension[] {
@@ -87,15 +86,6 @@ export class MainThreadAuthenticationProvider extends Disposable {
 			const updatedAllowedList = quickPick.selectedItems.map(item => item.extension);
 			storageService.store(`${this.id}-${accountName}`, JSON.stringify(updatedAllowedList), StorageScope.GLOBAL);

-			// Remove sessions of untrusted extensions
-			const deselectedItems = items.filter(item => !quickPick.selectedItems.includes(item));
-			deselectedItems.forEach(item => {
-				const extensionData = allowedExtensions.find(extension => item.extension.id === extension.id);
-				extensionData?.sessionIds?.forEach(sessionId => {
-					this.logout(sessionId);
-				});
-			});
-
 			quickPick.dispose();
 		});

@@ -286,19 +276,10 @@ export class MainThreadAuthentication extends Disposable implements MainThreadAu
 		this.authenticationService.sessionsUpdate(id, event);
 	}

-	async $getSessionsPrompt(providerId: string, accountName: string, sessionId: string, providerName: string, extensionId: string, extensionName: string): Promise<boolean> {
+	async $getSessionsPrompt(providerId: string, accountName: string, providerName: string, extensionId: string, extensionName: string): Promise<boolean> {
 		const allowList = readAllowedExtensions(this.storageService, providerId, accountName);
 		const extensionData = allowList.find(extension => extension.id === extensionId);
 		if (extensionData) {
-			if (!extensionData.sessionIds) {
-				extensionData.sessionIds = [];
-			}
-
-			if (!extensionData.sessionIds.find(id => id === sessionId)) {
-				extensionData.sessionIds.push(sessionId);
-				this.storageService.store(`${providerId}-${accountName}`, JSON.stringify(allowList), StorageScope.GLOBAL);
-			}
-
 			return true;
 		}

@@ -313,7 +294,7 @@ export class MainThreadAuthentication extends Disposable implements MainThreadAu

 		const allow = choice === 1;
 		if (allow) {
-			allowList.push({ id: extensionId, name: extensionName, sessionIds: [sessionId] });
+			allowList.push({ id: extensionId, name: extensionName });
 			this.storageService.store(`${providerId}-${accountName}`, JSON.stringify(allowList), StorageScope.GLOBAL);
 		}

@@ -332,12 +313,4 @@ export class MainThreadAuthentication extends Disposable implements MainThreadAu

 		return choice === 1;
 	}
-
-	async $setTrustedExtension(providerId: string, accountName: string, extensionId: string, extensionName: string): Promise<void> {
-		const allowList = readAllowedExtensions(this.storageService, providerId, accountName);
-		if (!allowList.find(allowed => allowed.id === extensionId)) {
-			allowList.push({ id: extensionId, name: extensionName, sessionIds: [] });
-			this.storageService.store(`${providerId}-${accountName}`, JSON.stringify(allowList), StorageScope.GLOBAL);
-		}
-	}
 }
--- a/src/vs/workbench/api/common/extHost.api.impl.ts
+++ b/src/vs/workbench/api/common/extHost.api.impl.ts
@@ -133,7 +133,7 @@ export function createApiFactoryAndRegisterActors(accessor: ServicesAccessor): I
 	const extHostLabelService = rpcProtocol.set(ExtHostContext.ExtHosLabelService, new ExtHostLabelService(rpcProtocol));
 	const extHostNotebook = rpcProtocol.set(ExtHostContext.ExtHostNotebook, new ExtHostNotebookController(rpcProtocol, extHostCommands, extHostDocumentsAndEditors));
 	const extHostTheming = rpcProtocol.set(ExtHostContext.ExtHostTheming, new ExtHostTheming(rpcProtocol));
-	const extHostAuthentication = rpcProtocol.set(ExtHostContext.ExtHostAuthentication, new ExtHostAuthentication(rpcProtocol, extHostStorage));
+	const extHostAuthentication = rpcProtocol.set(ExtHostContext.ExtHostAuthentication, new ExtHostAuthentication(rpcProtocol));
 	const extHostTimeline = rpcProtocol.set(ExtHostContext.ExtHostTimeline, new ExtHostTimeline(rpcProtocol, extHostCommands));
 	const extHostWebviews = rpcProtocol.set(ExtHostContext.ExtHostWebviews, new ExtHostWebviews(rpcProtocol, initData.environment, extHostWorkspace, extHostLogService, extHostApiDeprecation, extHostDocuments));


--- a/src/vs/workbench/api/common/extHost.protocol.ts
+++ b/src/vs/workbench/api/common/extHost.protocol.ts
@@ -158,9 +158,8 @@ export interface MainThreadAuthenticationShape extends IDisposable {
 	$registerAuthenticationProvider(id: string, displayName: string): void;
 	$unregisterAuthenticationProvider(id: string): void;
 	$onDidChangeSessions(providerId: string, event: modes.AuthenticationSessionsChangeEvent): void;
-	$getSessionsPrompt(providerId: string, accountName: string, sessionId: string, providerName: string, extensionId: string, extensionName: string): Promise<boolean>;
+	$getSessionsPrompt(providerId: string, accountName: string, providerName: string, extensionId: string, extensionName: string): Promise<boolean>;
 	$loginPrompt(providerName: string, extensionName: string): Promise<boolean>;
-	$setTrustedExtension(providerId: string, accountName: string, extensionId: string, extensionName: string): Promise<void>;
 }

 export interface MainThreadConfigurationShape extends IDisposable {

--- a/src/vs/workbench/api/common/extHostAuthentication.ts
+++ b/src/vs/workbench/api/common/extHostAuthentication.ts
@@ -9,7 +9,6 @@ import { Emitter, Event } from 'vs/base/common/event';
 import { IMainContext, MainContext, MainThreadAuthenticationShape, ExtHostAuthenticationShape } from 'vs/workbench/api/common/extHost.protocol';
 import { Disposable } from 'vs/workbench/api/common/extHostTypes';
 import { IExtensionDescription, ExtensionIdentifier } from 'vs/platform/extensions/common/extensions';
-import { IExtHostStorage } from 'vs/workbench/api/common/extHostStorage';

 export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 	private _proxy: MainThreadAuthenticationShape;
@@ -21,8 +20,7 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 	private _onDidChangeSessions = new Emitter<{ [providerId: string]: vscode.AuthenticationSessionsChangeEvent }>();
 	readonly onDidChangeSessions: Event<{ [providerId: string]: vscode.AuthenticationSessionsChangeEvent }> = this._onDidChangeSessions.event;

-	constructor(mainContext: IMainContext,
-		@IExtHostStorage private readonly storageService: IExtHostStorage) {
+	constructor(mainContext: IMainContext) {
 		this._proxy = mainContext.getProxy(MainContext.MainThreadAuthentication);
 	}

@@ -35,20 +33,6 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 		return ids;
 	}

-	private async hasNotBeenReadByOtherExtension(providerId: string, session: vscode.AuthenticationSession, extensionId: string): Promise<boolean> {
-		const readerId = await this.storageService.getValue(true, `${providerId}-${session.accountName}-${session.id}`);
-		if (!readerId) {
-			await this.storageService.setValue(true, `${providerId}-${session.accountName}-${session.id}`, extensionId as any);
-			return true;
-		}
-
-		return readerId === extensionId;
-	}
-
-	private async isMatchingSession(session: vscode.AuthenticationSession, scopes: string, providerId: string, extensionId: string): Promise<boolean> {
-		return session.scopes.sort().join(' ') === scopes && (await this.hasNotBeenReadByOtherExtension(providerId, session, extensionId));
-	}
-
 	async getSessions(requestingExtension: IExtensionDescription, providerId: string, scopes: string[]): Promise<readonly vscode.AuthenticationSession[]> {
 		const provider = this._authenticationProviders.get(providerId);
 		if (!provider) {
@@ -58,11 +42,8 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 		const extensionId = ExtensionIdentifier.toKey(requestingExtension.identifier);
 		const orderedScopes = scopes.sort().join(' ');

-		const sessions = await provider.getSessions();
-		const filteredSessions = await Promise.all(sessions.map(session => this.isMatchingSession(session, orderedScopes, providerId, extensionId)));
-
-		return sessions
-			.filter((_, i) => { return filteredSessions[i]; })
+		return (await provider.getSessions())
+			.filter(session => session.scopes.sort().join(' ') === orderedScopes)
 			.map(session => {
 				return {
 					id: session.id,
@@ -72,7 +53,6 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 						const isAllowed = await this._proxy.$getSessionsPrompt(
 							provider.id,
 							session.accountName,
-							session.id,
 							provider.displayName,
 							extensionId,
 							requestingExtension.displayName || requestingExtension.name);
@@ -100,7 +80,6 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 		}

 		const session = await provider.login(scopes);
-		await this._proxy.$setTrustedExtension(provider.id, session.accountName, ExtensionIdentifier.toKey(requestingExtension.identifier), extensionName);
 		return {
 			id: session.id,
 			accountName: session.accountName,
@@ -109,7 +88,6 @@ export class ExtHostAuthentication implements ExtHostAuthenticationShape {
 				const isAllowed = await this._proxy.$getSessionsPrompt(
 					provider.id,
 					session.accountName,
-					session.id,
 					provider.displayName,
 					ExtensionIdentifier.toKey(requestingExtension.identifier),
 					requestingExtension.displayName || requestingExtension.name);