@codingame/monaco-vscode-authentication-service-override 18.4.0 → 19.0.0

package/vscode/src/vs/workbench/contrib/authentication/browser/actions/manageTrustedExtensionsForAccountAction.js

@@ -0,0 +1,177 @@
+
+import { __decorate, __param } from '@codingame/monaco-vscode-api/external/tslib/tslib.es6';
+import { Codicon } from '@codingame/monaco-vscode-api/vscode/vs/base/common/codicons';
+import { fromNow } from '@codingame/monaco-vscode-api/vscode/vs/base/common/date';
+import { DisposableStore } from '@codingame/monaco-vscode-api/vscode/vs/base/common/lifecycle';
+import { ThemeIcon } from '@codingame/monaco-vscode-api/vscode/vs/base/common/themables';
+import { localize2, localize } from '@codingame/monaco-vscode-api/vscode/vs/nls';
+import { Action2 } from '@codingame/monaco-vscode-api/vscode/vs/platform/actions/common/actions';
+import { ICommandService } from '@codingame/monaco-vscode-api/vscode/vs/platform/commands/common/commands.service';
+import { IDialogService } from '@codingame/monaco-vscode-api/vscode/vs/platform/dialogs/common/dialogs.service';
+import { IInstantiationService } from '@codingame/monaco-vscode-api/vscode/vs/platform/instantiation/common/instantiation';
+import { IQuickInputService } from '@codingame/monaco-vscode-api/vscode/vs/platform/quickinput/common/quickInput.service';
+import { IAuthenticationService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authentication.service';
+import { IAuthenticationQueryService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authenticationQuery.service';
+import { IExtensionService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/extensions/common/extensions.service';
+
+class ManageTrustedExtensionsForAccountAction extends Action2 {
+    constructor() {
+        super({
+            id: '_manageTrustedExtensionsForAccount',
+            title: ( localize2(4310, "Manage Trusted Extensions For Account")),
+            category: ( localize2(4311, "Accounts")),
+            f1: true
+        });
+    }
+    run(accessor, options) {
+        const instantiationService = accessor.get(IInstantiationService);
+        return instantiationService.createInstance(ManageTrustedExtensionsForAccountActionImpl).run(options);
+    }
+}
+let ManageTrustedExtensionsForAccountActionImpl = class ManageTrustedExtensionsForAccountActionImpl {
+    constructor(_extensionService, _dialogService, _quickInputService, _authenticationService, _authenticationQueryService, _commandService) {
+        this._extensionService = _extensionService;
+        this._dialogService = _dialogService;
+        this._quickInputService = _quickInputService;
+        this._authenticationService = _authenticationService;
+        this._authenticationQueryService = _authenticationQueryService;
+        this._commandService = _commandService;
+    }
+    async run(options) {
+        const accountQuery = await this._resolveAccountQuery(options?.providerId, options?.accountLabel);
+        if (!accountQuery) {
+            return;
+        }
+        const items = await this._getItems(accountQuery);
+        if (!items.length) {
+            return;
+        }
+        const picker = this._createQuickPick(accountQuery);
+        picker.items = items;
+        picker.selectedItems = items.filter((i) => i.type !== 'separator' && !!i.picked);
+        picker.show();
+    }
+    async _resolveAccountQuery(providerId, accountLabel) {
+        if (providerId && accountLabel) {
+            return this._authenticationQueryService.provider(providerId).account(accountLabel);
+        }
+        const accounts = await this._getAllAvailableAccounts();
+        const pick = await this._quickInputService.pick(accounts, {
+            placeHolder: ( localize(4312, "Pick an account to manage trusted extensions for")),
+            matchOnDescription: true,
+        });
+        return pick ? this._authenticationQueryService.provider(pick.providerId).account(pick.label) : undefined;
+    }
+    async _getAllAvailableAccounts() {
+        const accounts = [];
+        for (const providerId of this._authenticationService.getProviderIds()) {
+            const provider = this._authenticationService.getProvider(providerId);
+            const sessions = await this._authenticationService.getSessions(providerId);
+            const uniqueLabels = ( new Set());
+            for (const session of sessions) {
+                if (!( uniqueLabels.has(session.account.label))) {
+                    uniqueLabels.add(session.account.label);
+                    accounts.push({
+                        providerId,
+                        label: session.account.label,
+                        description: provider.label
+                    });
+                }
+            }
+        }
+        return accounts;
+    }
+    async _getItems(accountQuery) {
+        const allowedExtensions = accountQuery.extensions().getAllowedExtensions();
+        const extensionIdToDisplayName = ( new Map());
+        const resolvedExtensions = await Promise.all(( allowedExtensions.map(ext => this._extensionService.getExtension(ext.id))));
+        resolvedExtensions.forEach((resolved, i) => {
+            if (resolved) {
+                extensionIdToDisplayName.set(allowedExtensions[i].id, resolved.displayName || resolved.name);
+            }
+        });
+        const filteredExtensions = ( allowedExtensions
+            .filter(ext => ( extensionIdToDisplayName.has(ext.id)))
+            .map(ext => {
+            const usage = accountQuery.extension(ext.id).getUsage();
+            return {
+                ...ext,
+                name: extensionIdToDisplayName.get(ext.id),
+                lastUsed: usage.length > 0 ? Math.max(...( usage.map(u => u.lastUsed))) : ext.lastUsed
+            };
+        }));
+        if (!filteredExtensions.length) {
+            this._dialogService.info(( localize(4313, "This account has not been used by any extensions.")));
+            return [];
+        }
+        const trustedExtensions = filteredExtensions.filter(e => e.trusted);
+        const otherExtensions = filteredExtensions.filter(e => !e.trusted);
+        const sortByLastUsed = (a, b) => (b.lastUsed || 0) - (a.lastUsed || 0);
+        return [
+            ...( otherExtensions.sort(sortByLastUsed).map(this._toQuickPickItem)),
+            { type: 'separator', label: ( localize(4314, "Trusted by Microsoft")) },
+            ...( trustedExtensions.sort(sortByLastUsed).map(this._toQuickPickItem))
+        ];
+    }
+    _toQuickPickItem(extension) {
+        const lastUsed = extension.lastUsed;
+        const description = lastUsed
+            ? ( localize(4315, "Last used this account {0}", fromNow(lastUsed, true)))
+            : ( localize(4316, "Has not used this account"));
+        let tooltip;
+        let disabled;
+        if (extension.trusted) {
+            tooltip = ( localize(
+                4317,
+                "This extension is trusted by Microsoft and\nalways has access to this account"
+            ));
+            disabled = true;
+        }
+        return {
+            label: extension.name,
+            extension,
+            description,
+            tooltip,
+            disabled,
+            buttons: [{
+                    tooltip: ( localize(4318, "Manage account preferences for this extension")),
+                    iconClass: ThemeIcon.asClassName(Codicon.settingsGear),
+                }],
+            picked: extension.allowed === undefined || extension.allowed
+        };
+    }
+    _createQuickPick(accountQuery) {
+        const disposableStore = ( new DisposableStore());
+        const quickPick = disposableStore.add(this._quickInputService.createQuickPick({ useSeparators: true }));
+        quickPick.canSelectMany = true;
+        quickPick.customButton = true;
+        quickPick.customLabel = ( localize(4319, 'Cancel'));
+        quickPick.title = ( localize(4320, "Manage Trusted Extensions"));
+        quickPick.placeholder = ( localize(4321, "Choose which extensions can access this account"));
+        disposableStore.add(quickPick.onDidAccept(() => {
+            const updatedAllowedList = ( quickPick.items
+                .filter((item) => item.type !== 'separator')
+                .map(i => i.extension));
+            const allowedExtensionsSet = ( new Set(( quickPick.selectedItems.map(i => i.extension))));
+            for (const extension of updatedAllowedList) {
+                const allowed = ( allowedExtensionsSet.has(extension));
+                accountQuery.extension(extension.id).setAccessAllowed(allowed, extension.name);
+            }
+            quickPick.hide();
+        }));
+        disposableStore.add(quickPick.onDidHide(() => disposableStore.dispose()));
+        disposableStore.add(quickPick.onDidCustom(() => quickPick.hide()));
+        disposableStore.add(quickPick.onDidTriggerItemButton(e => this._commandService.executeCommand('_manageAccountPreferencesForExtension', e.item.extension.id, accountQuery.providerId)));
+        return quickPick;
+    }
+};
+ManageTrustedExtensionsForAccountActionImpl = ( __decorate([
+    ( __param(0, IExtensionService)),
+    ( __param(1, IDialogService)),
+    ( __param(2, IQuickInputService)),
+    ( __param(3, IAuthenticationService)),
+    ( __param(4, IAuthenticationQueryService)),
+    ( __param(5, ICommandService))
+], ManageTrustedExtensionsForAccountActionImpl));
+
+export { ManageTrustedExtensionsForAccountAction };

package/vscode/src/vs/workbench/contrib/authentication/browser/actions/manageTrustedMcpServersForAccountAction.d.ts

@@ -0,0 +1,9 @@
+import { Action2 } from "@codingame/monaco-vscode-api/vscode/vs/platform/actions/common/actions";
+import { ServicesAccessor } from "@codingame/monaco-vscode-api/vscode/vs/platform/instantiation/common/instantiation";
+export declare class ManageTrustedMcpServersForAccountAction extends Action2 {
+    constructor();
+    run(accessor: ServicesAccessor, options?: {
+        providerId: string;
+        accountLabel: string;
+    }): Promise<void>;
+}

package/vscode/src/vs/workbench/contrib/authentication/browser/actions/manageTrustedMcpServersForAccountAction.js

@@ -0,0 +1,171 @@
+
+import { __decorate, __param } from '@codingame/monaco-vscode-api/external/tslib/tslib.es6';
+import { Codicon } from '@codingame/monaco-vscode-api/vscode/vs/base/common/codicons';
+import { fromNow } from '@codingame/monaco-vscode-api/vscode/vs/base/common/date';
+import { DisposableStore } from '@codingame/monaco-vscode-api/vscode/vs/base/common/lifecycle';
+import { ThemeIcon } from '@codingame/monaco-vscode-api/vscode/vs/base/common/themables';
+import { localize2, localize } from '@codingame/monaco-vscode-api/vscode/vs/nls';
+import { Action2 } from '@codingame/monaco-vscode-api/vscode/vs/platform/actions/common/actions';
+import { ICommandService } from '@codingame/monaco-vscode-api/vscode/vs/platform/commands/common/commands.service';
+import { IDialogService } from '@codingame/monaco-vscode-api/vscode/vs/platform/dialogs/common/dialogs.service';
+import { IInstantiationService } from '@codingame/monaco-vscode-api/vscode/vs/platform/instantiation/common/instantiation';
+import { IQuickInputService } from '@codingame/monaco-vscode-api/vscode/vs/platform/quickinput/common/quickInput.service';
+import { IAuthenticationService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authentication.service';
+import { IAuthenticationQueryService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authenticationQuery.service';
+import { IMcpService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/contrib/mcp/common/mcpTypes.service';
+
+class ManageTrustedMcpServersForAccountAction extends Action2 {
+    constructor() {
+        super({
+            id: '_manageTrustedMCPServersForAccount',
+            title: ( localize2(4322, "Manage Trusted MCP Servers For Account")),
+            category: ( localize2(4323, "Accounts")),
+            f1: true
+        });
+    }
+    run(accessor, options) {
+        const instantiationService = accessor.get(IInstantiationService);
+        return instantiationService.createInstance(ManageTrustedMcpServersForAccountActionImpl).run(options);
+    }
+}
+let ManageTrustedMcpServersForAccountActionImpl = class ManageTrustedMcpServersForAccountActionImpl {
+    constructor(_mcpServerService, _dialogService, _quickInputService, _mcpServerAuthenticationService, _authenticationQueryService, _commandService) {
+        this._mcpServerService = _mcpServerService;
+        this._dialogService = _dialogService;
+        this._quickInputService = _quickInputService;
+        this._mcpServerAuthenticationService = _mcpServerAuthenticationService;
+        this._authenticationQueryService = _authenticationQueryService;
+        this._commandService = _commandService;
+    }
+    async run(options) {
+        const accountQuery = await this._resolveAccountQuery(options?.providerId, options?.accountLabel);
+        if (!accountQuery) {
+            return;
+        }
+        const items = await this._getItems(accountQuery);
+        if (!items.length) {
+            return;
+        }
+        const picker = this._createQuickPick(accountQuery);
+        picker.items = items;
+        picker.selectedItems = items.filter((i) => i.type !== 'separator' && !!i.picked);
+        picker.show();
+    }
+    async _resolveAccountQuery(providerId, accountLabel) {
+        if (providerId && accountLabel) {
+            return this._authenticationQueryService.provider(providerId).account(accountLabel);
+        }
+        const accounts = await this._getAllAvailableAccounts();
+        const pick = await this._quickInputService.pick(accounts, {
+            placeHolder: ( localize(4324, "Pick an account to manage trusted MCP servers for")),
+            matchOnDescription: true,
+        });
+        return pick ? this._authenticationQueryService.provider(pick.providerId).account(pick.label) : undefined;
+    }
+    async _getAllAvailableAccounts() {
+        const accounts = [];
+        for (const providerId of this._mcpServerAuthenticationService.getProviderIds()) {
+            const provider = this._mcpServerAuthenticationService.getProvider(providerId);
+            const sessions = await this._mcpServerAuthenticationService.getSessions(providerId);
+            const uniqueLabels = ( new Set());
+            for (const session of sessions) {
+                if (!( uniqueLabels.has(session.account.label))) {
+                    uniqueLabels.add(session.account.label);
+                    accounts.push({
+                        providerId,
+                        label: session.account.label,
+                        description: provider.label
+                    });
+                }
+            }
+        }
+        return accounts;
+    }
+    async _getItems(accountQuery) {
+        const allowedMcpServers = accountQuery.mcpServers().getAllowedMcpServers();
+        const serverIdToLabel = ( new Map(( this._mcpServerService.servers.get().map(s => [s.definition.id, s.definition.label]))));
+        const filteredMcpServers = ( allowedMcpServers
+            .filter(server => ( serverIdToLabel.has(server.id)))
+            .map(server => {
+            const usage = accountQuery.mcpServer(server.id).getUsage();
+            return {
+                ...server,
+                name: serverIdToLabel.get(server.id),
+                lastUsed: usage.length > 0 ? Math.max(...( usage.map(u => u.lastUsed))) : server.lastUsed
+            };
+        }));
+        if (!filteredMcpServers.length) {
+            this._dialogService.info(( localize(4325, "This account has not been used by any MCP servers.")));
+            return [];
+        }
+        const trustedServers = filteredMcpServers.filter(s => s.trusted);
+        const otherServers = filteredMcpServers.filter(s => !s.trusted);
+        const sortByLastUsed = (a, b) => (b.lastUsed || 0) - (a.lastUsed || 0);
+        return [
+            ...( otherServers.sort(sortByLastUsed).map(this._toQuickPickItem)),
+            { type: 'separator', label: ( localize(4326, "Trusted by Microsoft")) },
+            ...( trustedServers.sort(sortByLastUsed).map(this._toQuickPickItem))
+        ];
+    }
+    _toQuickPickItem(mcpServer) {
+        const lastUsed = mcpServer.lastUsed;
+        const description = lastUsed
+            ? ( localize(4327, "Last used this account {0}", fromNow(lastUsed, true)))
+            : ( localize(4328, "Has not used this account"));
+        let tooltip;
+        let disabled;
+        if (mcpServer.trusted) {
+            tooltip = ( localize(
+                4329,
+                "This MCP server is trusted by Microsoft and\nalways has access to this account"
+            ));
+            disabled = true;
+        }
+        return {
+            label: mcpServer.name,
+            mcpServer,
+            description,
+            tooltip,
+            disabled,
+            buttons: [{
+                    tooltip: ( localize(4330, "Manage account preferences for this MCP server")),
+                    iconClass: ThemeIcon.asClassName(Codicon.settingsGear),
+                }],
+            picked: mcpServer.allowed === undefined || mcpServer.allowed
+        };
+    }
+    _createQuickPick(accountQuery) {
+        const disposableStore = ( new DisposableStore());
+        const quickPick = disposableStore.add(this._quickInputService.createQuickPick({ useSeparators: true }));
+        quickPick.canSelectMany = true;
+        quickPick.customButton = true;
+        quickPick.customLabel = ( localize(4331, 'Cancel'));
+        quickPick.title = ( localize(4332, "Manage Trusted MCP Servers"));
+        quickPick.placeholder = ( localize(4333, "Choose which MCP servers can access this account"));
+        disposableStore.add(quickPick.onDidAccept(() => {
+            quickPick.hide();
+            const allServers = ( quickPick.items
+                .filter((item) => item.type !== 'separator')
+                .map((i) => i.mcpServer));
+            const selectedServers = ( new Set(( quickPick.selectedItems.map((i) => i.mcpServer))));
+            for (const mcpServer of allServers) {
+                const isAllowed = ( selectedServers.has(mcpServer));
+                accountQuery.mcpServer(mcpServer.id).setAccessAllowed(isAllowed, mcpServer.name);
+            }
+        }));
+        disposableStore.add(quickPick.onDidHide(() => disposableStore.dispose()));
+        disposableStore.add(quickPick.onDidCustom(() => quickPick.hide()));
+        disposableStore.add(quickPick.onDidTriggerItemButton((e) => this._commandService.executeCommand('_manageAccountPreferencesForMcpServer', e.item.mcpServer.id, accountQuery.providerId)));
+        return quickPick;
+    }
+};
+ManageTrustedMcpServersForAccountActionImpl = ( __decorate([
+    ( __param(0, IMcpService)),
+    ( __param(1, IDialogService)),
+    ( __param(2, IQuickInputService)),
+    ( __param(3, IAuthenticationService)),
+    ( __param(4, IAuthenticationQueryService)),
+    ( __param(5, ICommandService))
+], ManageTrustedMcpServersForAccountActionImpl));
+
+export { ManageTrustedMcpServersForAccountAction };

package/vscode/src/vs/workbench/contrib/authentication/browser/actions/signOutOfAccountAction.d.ts

@@ -0,0 +1,9 @@
+import { Action2 } from "@codingame/monaco-vscode-api/vscode/vs/platform/actions/common/actions";
+import { ServicesAccessor } from "@codingame/monaco-vscode-api/vscode/vs/platform/instantiation/common/instantiation";
+export declare class SignOutOfAccountAction extends Action2 {
+    constructor();
+    run(accessor: ServicesAccessor, { providerId, accountLabel }: {
+        providerId: string;
+        accountLabel: string;
+    }): Promise<void>;
+}

package/vscode/src/vs/workbench/contrib/authentication/browser/actions/signOutOfAccountAction.js

@@ -0,0 +1,52 @@
+
+import Severity from '@codingame/monaco-vscode-api/vscode/vs/base/common/severity';
+import { localize } from '@codingame/monaco-vscode-api/vscode/vs/nls';
+import { Action2 } from '@codingame/monaco-vscode-api/vscode/vs/platform/actions/common/actions';
+import { IDialogService } from '@codingame/monaco-vscode-api/vscode/vs/platform/dialogs/common/dialogs.service';
+import { IAuthenticationAccessService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/browser/authenticationAccessService.service';
+import { IAuthenticationUsageService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/browser/authenticationUsageService.service';
+import { IAuthenticationService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authentication.service';
+
+class SignOutOfAccountAction extends Action2 {
+    constructor() {
+        super({
+            id: '_signOutOfAccount',
+            title: ( localize(4334, "Sign out of account")),
+            f1: false
+        });
+    }
+    async run(accessor, { providerId, accountLabel }) {
+        const authenticationService = accessor.get(IAuthenticationService);
+        const authenticationUsageService = accessor.get(IAuthenticationUsageService);
+        const authenticationAccessService = accessor.get(IAuthenticationAccessService);
+        const dialogService = accessor.get(IDialogService);
+        if (!providerId || !accountLabel) {
+            throw ( new Error(
+                'Invalid arguments. Expected: { providerId: string; accountLabel: string }'
+            ));
+        }
+        const allSessions = await authenticationService.getSessions(providerId);
+        const sessions = allSessions.filter(s => s.account.label === accountLabel);
+        const accountUsages = authenticationUsageService.readAccountUsages(providerId, accountLabel);
+        const { confirmed } = await dialogService.confirm({
+            type: Severity.Info,
+            message: accountUsages.length
+                ? ( localize(
+                4335,
+                "The account '{0}' has been used by: \n\n{1}\n\n Sign out from these extensions?",
+                accountLabel,
+                ( accountUsages.map(usage => usage.extensionName)).join('\n')
+            ))
+                : ( localize(4336, "Sign out of '{0}'?", accountLabel)),
+            primaryButton: ( localize(4337, "&&Sign Out"))
+        });
+        if (confirmed) {
+            const removeSessionPromises = ( sessions.map(session => authenticationService.removeSession(providerId, session.id)));
+            await Promise.all(removeSessionPromises);
+            authenticationUsageService.removeAccountUsage(providerId, accountLabel);
+            authenticationAccessService.removeAllowedExtensions(providerId, accountLabel);
+        }
+    }
+}
+
+export { SignOutOfAccountAction };

package/vscode/src/vs/workbench/contrib/authentication/browser/authentication.contribution.d.ts

@@ -0,0 +1 @@
+export {};

package/vscode/src/vs/workbench/contrib/authentication/browser/authentication.contribution.js

@@ -0,0 +1,140 @@
+
+import { __decorate, __param } from '@codingame/monaco-vscode-api/external/tslib/tslib.es6';
+import { Disposable } from '@codingame/monaco-vscode-api/vscode/vs/base/common/lifecycle';
+import { localize } from '@codingame/monaco-vscode-api/vscode/vs/nls';
+import { registerAction2 } from '@codingame/monaco-vscode-api/vscode/vs/platform/actions/common/actions';
+import { CommandsRegistry } from '@codingame/monaco-vscode-api/vscode/vs/platform/commands/common/commands';
+import { SyncDescriptor } from '@codingame/monaco-vscode-api/vscode/vs/platform/instantiation/common/descriptors';
+import { Registry } from '@codingame/monaco-vscode-api/vscode/vs/platform/registry/common/platform';
+import { registerWorkbenchContribution2, WorkbenchPhase } from '@codingame/monaco-vscode-api/vscode/vs/workbench/common/contributions';
+import { SignOutOfAccountAction } from './actions/signOutOfAccountAction.js';
+import { IBrowserWorkbenchEnvironmentService } from '@codingame/monaco-vscode-34a0ffd3-b9f5-5699-b43b-38af5732f38a-common/vscode/vs/workbench/services/environment/browser/environmentService.service';
+import { Extensions } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/extensionManagement/common/extensionFeatures';
+import { ManageTrustedExtensionsForAccountAction } from './actions/manageTrustedExtensionsForAccountAction.js';
+import { ManageAccountPreferencesForExtensionAction } from './actions/manageAccountPreferencesForExtensionAction.js';
+import { IAuthenticationUsageService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/browser/authenticationUsageService.service';
+import { ManageAccountPreferencesForMcpServerAction } from './actions/manageAccountPreferencesForMcpServerAction.js';
+import { ManageTrustedMcpServersForAccountAction } from './actions/manageTrustedMcpServersForAccountAction.js';
+import { RemoveDynamicAuthenticationProvidersAction } from './actions/manageDynamicAuthenticationProvidersAction.js';
+import { IAuthenticationQueryService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authenticationQuery.service';
+import { IMcpRegistry } from '@codingame/monaco-vscode-api/vscode/vs/workbench/contrib/mcp/common/mcpRegistryTypes.service';
+import '@codingame/monaco-vscode-api/vscode/vs/base/common/observableInternal/index';
+import { IAuthenticationService } from '@codingame/monaco-vscode-api/vscode/vs/workbench/services/authentication/common/authentication.service';
+import { Event } from '@codingame/monaco-vscode-api/vscode/vs/base/common/event';
+import { autorun } from '@codingame/monaco-vscode-api/vscode/vs/base/common/observableInternal/reactions/autorun';
+
+const codeExchangeProxyCommand = CommandsRegistry.registerCommand('workbench.getCodeExchangeProxyEndpoints', function (accessor, _) {
+    const environmentService = accessor.get(IBrowserWorkbenchEnvironmentService);
+    return environmentService.options?.codeExchangeProxyEndpoints;
+});
+class AuthenticationDataRenderer extends Disposable {
+    constructor() {
+        super(...arguments);
+        this.type = 'table';
+    }
+    shouldRender(manifest) {
+        return !!manifest.contributes?.authentication;
+    }
+    render(manifest) {
+        const authentication = manifest.contributes?.authentication || [];
+        if (!authentication.length) {
+            return { data: { headers: [], rows: [] }, dispose: () => { } };
+        }
+        const headers = [
+            ( localize(4338, "Label")),
+            ( localize(4339, "ID")),
+            ( localize(4340, "MCP Authorization Servers"))
+        ];
+        const rows = ( authentication
+            .sort((a, b) => a.label.localeCompare(b.label))
+            .map(auth => {
+            return [
+                auth.label,
+                auth.id,
+                (auth.authorizationServerGlobs ?? []).join(',\n')
+            ];
+        }));
+        return {
+            data: {
+                headers,
+                rows
+            },
+            dispose: () => { }
+        };
+    }
+}
+const extensionFeature = ( Registry.as(Extensions.ExtensionFeaturesRegistry)).registerExtensionFeature({
+    id: 'authentication',
+    label: ( localize(4341, "Authentication")),
+    access: {
+        canToggle: false
+    },
+    renderer: ( new SyncDescriptor(AuthenticationDataRenderer)),
+});
+class AuthenticationContribution extends Disposable {
+    static { this.ID = 'workbench.contrib.authentication'; }
+    constructor() {
+        super();
+        this._register(codeExchangeProxyCommand);
+        this._register(extensionFeature);
+        this._registerActions();
+    }
+    _registerActions() {
+        this._register(registerAction2(SignOutOfAccountAction));
+        this._register(registerAction2(ManageTrustedExtensionsForAccountAction));
+        this._register(registerAction2(ManageAccountPreferencesForExtensionAction));
+        this._register(registerAction2(ManageTrustedMcpServersForAccountAction));
+        this._register(registerAction2(ManageAccountPreferencesForMcpServerAction));
+        this._register(registerAction2(RemoveDynamicAuthenticationProvidersAction));
+    }
+}
+let AuthenticationUsageContribution = class AuthenticationUsageContribution {
+    static { this.ID = 'workbench.contrib.authenticationUsage'; }
+    constructor(_authenticationUsageService) {
+        this._authenticationUsageService = _authenticationUsageService;
+        this._initializeExtensionUsageCache();
+    }
+    async _initializeExtensionUsageCache() {
+        await this._authenticationUsageService.initializeExtensionUsageCache();
+    }
+};
+AuthenticationUsageContribution = ( __decorate([
+    ( __param(0, IAuthenticationUsageService))
+], AuthenticationUsageContribution));
+let AuthenticationMcpContribution = class AuthenticationMcpContribution extends Disposable {
+    static { this.ID = 'workbench.contrib.authenticationMcp'; }
+    constructor(_mcpRegistry, _authenticationQueryService, _authenticationService) {
+        super();
+        this._mcpRegistry = _mcpRegistry;
+        this._authenticationQueryService = _authenticationQueryService;
+        this._authenticationService = _authenticationService;
+        this._cleanupRemovedMcpServers();
+        this._register(autorun(reader => {
+            this._mcpRegistry.collections.read(reader);
+            queueMicrotask(() => this._cleanupRemovedMcpServers());
+        }));
+        this._register(Event.any(this._authenticationService.onDidChangeDeclaredProviders, this._authenticationService.onDidRegisterAuthenticationProvider)(() => this._cleanupRemovedMcpServers()));
+    }
+    _cleanupRemovedMcpServers() {
+        const currentServerIds = ( new Set(( this._mcpRegistry.collections.get().flatMap(c => c.serverDefinitions.get()).map(s => s.id))));
+        const providerIds = this._authenticationQueryService.getProviderIds();
+        for (const providerId of providerIds) {
+            this._authenticationQueryService.provider(providerId).forEachAccount(account => {
+                account.mcpServers().forEach(server => {
+                    if (!( currentServerIds.has(server.mcpServerId))) {
+                        server.removeUsage();
+                        server.setAccessAllowed(false);
+                    }
+                });
+            });
+        }
+    }
+};
+AuthenticationMcpContribution = ( __decorate([
+    ( __param(0, IMcpRegistry)),
+    ( __param(1, IAuthenticationQueryService)),
+    ( __param(2, IAuthenticationService))
+], AuthenticationMcpContribution));
+registerWorkbenchContribution2(AuthenticationContribution.ID, AuthenticationContribution, WorkbenchPhase.AfterRestored);
+registerWorkbenchContribution2(AuthenticationUsageContribution.ID, AuthenticationUsageContribution, WorkbenchPhase.Eventually);
+registerWorkbenchContribution2(AuthenticationMcpContribution.ID, AuthenticationMcpContribution, WorkbenchPhase.Eventually);

package/vscode/src/vs/workbench/services/authentication/browser/authenticationAccessService.js

@@ -2,6 +2,7 @@
 import { __decorate, __param } from '@codingame/monaco-vscode-api/external/tslib/tslib.es6';
 import { Emitter } from '@codingame/monaco-vscode-api/vscode/vs/base/common/event';
 import { Disposable } from '@codingame/monaco-vscode-api/vscode/vs/base/common/lifecycle';
+import { ExtensionIdentifier } from '@codingame/monaco-vscode-api/vscode/vs/platform/extensions/common/extensions';
 import '@codingame/monaco-vscode-api/vscode/vs/platform/instantiation/common/extensions';
 import { IProductService } from '@codingame/monaco-vscode-api/vscode/vs/platform/product/common/productService.service';
 import { StorageScope, StorageTarget } from '@codingame/monaco-vscode-api/vscode/vs/platform/storage/common/storage';
@@ -18,16 +19,17 @@ let AuthenticationAccessService = class AuthenticationAccessService extends Disp
     }
     isAccessAllowed(providerId, accountName, extensionId) {
         const trustedExtensionAuthAccess = this._productService.trustedExtensionAuthAccess;
+        const extensionKey = ExtensionIdentifier.toKey(extensionId);
         if (Array.isArray(trustedExtensionAuthAccess)) {
-            if (trustedExtensionAuthAccess.includes(extensionId)) {
+            if (trustedExtensionAuthAccess.includes(extensionKey)) {
                 return true;
             }
         }
-        else if (trustedExtensionAuthAccess?.[providerId]?.includes(extensionId)) {
+        else if (trustedExtensionAuthAccess?.[providerId]?.includes(extensionKey)) {
             return true;
         }
         const allowList = this.readAllowedExtensions(providerId, accountName);
-        const extensionData = allowList.find(extension => extension.id === extensionId);
+        const extensionData = allowList.find(extension => extension.id === extensionKey);
         if (!extensionData) {
             return undefined;
         }
@@ -44,20 +46,51 @@ let AuthenticationAccessService = class AuthenticationAccessService extends Disp
             }
         }
         catch (err) { }
+        const trustedExtensionAuthAccess = this._productService.trustedExtensionAuthAccess;
+        const trustedExtensionIds =
+        Array.isArray(trustedExtensionAuthAccess)
+            ? trustedExtensionAuthAccess
+            : typeof trustedExtensionAuthAccess === 'object'
+                ? trustedExtensionAuthAccess[providerId] ?? []
+                : [];
+        for (const extensionId of trustedExtensionIds) {
+            const extensionKey = ExtensionIdentifier.toKey(extensionId);
+            const existingExtension = trustedExtensions.find(extension => extension.id === extensionKey);
+            if (!existingExtension) {
+                trustedExtensions.push({
+                    id: extensionKey,
+                    name: extensionId,
+                    allowed: true,
+                    trusted: true
+                });
+            }
+            else {
+                existingExtension.allowed = true;
+                existingExtension.trusted = true;
+            }
+        }
         return trustedExtensions;
     }
     updateAllowedExtensions(providerId, accountName, extensions) {
         const allowList = this.readAllowedExtensions(providerId, accountName);
         for (const extension of extensions) {
-            const index = allowList.findIndex(e => e.id === extension.id);
+            const extensionKey = ExtensionIdentifier.toKey(extension.id);
+            const index = allowList.findIndex(e => e.id === extensionKey);
             if (index === -1) {
-                allowList.push(extension);
+                allowList.push({
+                    ...extension,
+                    id: extensionKey
+                });
             }
             else {
                 allowList[index].allowed = extension.allowed;
+                if (extension.name && extension.name !== extensionKey && allowList[index].name !== extension.name) {
+                    allowList[index].name = extension.name;
+                }
             }
         }
-        this._storageService.store(`${providerId}-${accountName}`, JSON.stringify(allowList), StorageScope.APPLICATION, StorageTarget.USER);
+        const userManagedExtensions = allowList.filter(extension => !extension.trusted);
+        this._storageService.store(`${providerId}-${accountName}`, JSON.stringify(userManagedExtensions), StorageScope.APPLICATION, StorageTarget.USER);
         this._onDidChangeExtensionSessionAccess.fire({ providerId, accountName });
     }
     removeAllowedExtensions(providerId, accountName) {