Fixes T5899: Add support for authentication through Office 365 and T4256: Support Azure as an auth provider allowing users to login with their Azure AD / Office 365 account.
Details
Details
- Reviewers
epriestley - Group Reviewers
Blessed Reviewers - Maniphest Tasks
- T5899: Add support for authentication through Office 365
T4256: Support Azure as an auth provider - Required Signatures
L28 Phacility Individual Contributor License Agreement
Signed in using Office 365
Diff Detail
Diff Detail
- Repository
- rP Phabricator
- Branch
- azuread
- Lint
Lint Passed - Unit
Tests Passed - Build Status
Buildable 2275 Build 2279: [Placeholder Plan] Wait for 30 Seconds
Event Timeline
Comment Actions
It looks like I have to pay for a "Windows Azure Subscription" (I guess?) in order to create an OAuth application, although I'm having trouble even doing that (the form has a section called "Payment Information" but won't let me enter any, and the "Sign Up" button is greyed out).
I'll try again later, but we need to be able to test this before we can upstream it. It looks technically correct, but there's no way we can support it if I can't create an account and go through the workflow.
Comment Actions
Their form is tricky: you first have to complete the mobile phone verification before to be able to fill credit card information. The area becomes visible some seconds (but not immediately) after code verification.
There is a free offer and by default, it's not possible to get charged, as the charge limit is configured to zero. Verifying the credit card, there is an usual temporary reservation fee (when I tested Azure, it were 1 €) liberated after some days.
Comment Actions
What assistance could be offered to help this along? Setting up a test azure as app with access for the phabricator team?
Comment Actions
You can find some discussion of how we prioritize in T4778.
It's important that we be able to test changes like this repeatably -- not just once. When we make unrelated changes to OAuth in the future, we need to be able to quickly assess that all of the providers still work. If some providers are very difficult to assess, that would tend to make us hesitant to make OAuth changes. We generally don't want features in the upstream which slow down or impair our ability to develop or test the software.
My experience earlier suggested that the minimum amount of effort to get this change into the upstream is substantial, and the difficulty of testing the provider might have a chilling effect on modifying providers. As such, it is very difficult for us to prioritize. There is nothing you can do to meaningfully reduce the repeatability barrier, so there is nothing you can do to get this into the upstream sooner other than register your interest in it. We've currently seen very little interest, so this is not likely to make it upstream in the near future.
Comment Actions
Thanks for the insight. I guess my interest is registered, and I'll probably try to keep a patch like this maintained locally, and keep watching to see if azure does anything to lower the testing barrier.
Thanks!
Comment Actions
Just pushing this out of my queue; we've seen very little interest in Azure and I don't currently plan to bring this upstream in the foreseeable future. See T4256.
Comment Actions
Our company proudly and happily uses Phabricator for 2 years now. We use Azure and it would awesome if we could get rid of yet-another-use-account-base with this feature.
What kind of help can we offer to make this feature get int?