Skip to content

Migrate SFX authentication from ADAL to MSAL#1001

Draft
Copilot wants to merge 3 commits into
masterfrom
copilot/move-sfx-to-using-msal
Draft

Migrate SFX authentication from ADAL to MSAL#1001
Copilot wants to merge 3 commits into
masterfrom
copilot/move-sfx-to-using-msal

Conversation

Copilot AI commented Feb 13, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

ADAL (adal-angular) is deprecated. This replaces it with @azure/msal-browser (PublicClientApplication).

Key changes

  • Dependencies: Remove adal-angular, @types/adal-angular, @types/adal; add @azure/msal-browser@^4.28.2
  • adal.service.ts: Replace AuthenticationContext with PublicClientApplication
    • load() now calls msalInstance.initialize() (async) via switchMap
    • Token acquisition uses acquireTokenSilent with scopes instead of resource-based acquireToken callback
    • InteractionRequiredAuthError triggers acquireTokenRedirect fallback instead of blind retries
    • userInfo returns MSAL AccountInfo (.name) instead of ADAL cached user (.profile.name)
  • app-initializers.ts: handleWindowCallback() is now async (handleRedirectPromise)
  • app.component.html: userInfo?.profile?.nameuserInfo?.name

ADAL → MSAL API mapping

ADAL MSAL
new AuthenticationContext(opts) new PublicClientApplication(config) + initialize()
context.login() loginRedirect({ scopes })
context.logOut() logoutRedirect()
handleWindowCallback() await handleRedirectPromise()
getCachedUser() getActiveAccount() / getAllAccounts()
acquireToken(resource, cb) acquireTokenSilent({ scopes, account })

Authority construction

// ADAL: instance + tenant resolved separately
config.instance = ensureEndsWith(login, '/');
config.tenant = tenant;

// MSAL: single authority URL
authority = ensureEndsWith(login, '/') + tenant;
// fallback: `https://login.microsoftonline.com/${tenant}`

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • accounts.google.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • android.clients.google.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • clients2.google.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • clientservices.googleapis.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • redirector.gvt1.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • safebrowsingohttpgateway.googleapis.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
  • www.google.com
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4216 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-40395381 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,11513939343230939951,1823309537936887899,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)
    • Triggering command: /opt/google/chrome/chrome /usr/bin/google-chrome --user-data-dir=/tmp/karma-40395381 --enable-automation --no-default-browser-check --no-first-run --disable-default-apps --disable-popup-blocking --disable-translate --disable-REDACTED-timer-throttling --disable-renderer-REDACTEDing --disable-device-discovery-notifications http://localhost:9876/?id=40395381 --headless --disable-gpu --disable-dev-shm-usage --remote-debugging-port=9222 (dns block)
    • Triggering command: /proc/self/exe /proc/self/exe --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --disable-dev-shm-usage --use-angle=swiftshader-webgl --crashpad-handler-pid=4479 --enable-crash-reporter=, --noerrdialogs --user-data-dir=/tmp/karma-50778002 --change-stack-guard-on-fork=enable --shared-files=v8_context_snapshot_data:100 --field-trial-handle=3,i,1484724289383957474,12335783234827982857,262144 --disable-features=PaintHolding --variations-seed-version --trace-process-track-uuid=3190708989122997041 (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

This section details on the original issue you should resolve

<issue_title>move SFX to using MSAL</issue_title>
<issue_description>Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

  • Service Fabric version
  • OS(for browser not SF)
  • Browser/ Browser version [e.g. chrome, safari]

Additional context
Add any other context about the problem here.
</issue_description>

Comments on the Issue (you are @copilot in this section)

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI and others added 2 commits February 13, 2026 23:16
@sridmad
Migrate from ADAL to MSAL for Azure AD authentication
9b5df59 
Replace adal-angular with @azure/msal-browser. Update AdalService to use
PublicClientApplication instead of AuthenticationContext. Use MSAL's
acquireTokenSilent, loginRedirect, logoutRedirect, and handleRedirectPromise
APIs. Update app initializer to await async handleWindowCallback. Update
template to use MSAL AccountInfo.name instead of profile.name.

Co-authored-by: sridmad <7445097+sridmad@users.noreply.github.com>
@sridmad
Address code review: handle InteractionRequiredAuthError and use Cach…
b54d544 
…eType constant

- Handle InteractionRequiredAuthError in acquireTokenResilient by
  falling back to acquireTokenRedirect instead of retrying
- Use AuthenticationBootstrapConstants.CacheType constant instead of
  hardcoded 'localStorage' string

Co-authored-by: sridmad <7445097+sridmad@users.noreply.github.com>
Copilot AI changed the title [WIP] Move SFX to use MSAL library Migrate SFX authentication from ADAL to MSAL Feb 13, 2026
Copilot AI requested a review from sridmad February 13, 2026 23:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sridmad sridmad Awaiting requested review from sridmad

At least 1 approving review is required to merge this pull request.

Assignees

@sridmad sridmad

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

move SFX to using MSAL

2 participants

@sridmad