You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Current Windows Credential Manager implementation splits OAuth Access and Refresh Token into two separate entries in Windows Credential Manager - this should ideally be one single entry.
Windows Credential Manager limits passwords to be max size of CRED_MAX_CREDENTIAL_BLOB_SIZE (512) bytes - this is problematic as AAD OAuth tokens easily exceed 512 Bytes.
Leverage use of CredentialAttribute which allows page sizes of CRED_MAX_VALUE_SIZE (256) bytes, with up to CRED_MAX_ATTRIBUTES (64) pages - this would allow storing 16 KiB of data in a Windows Credential Manager-entry - resulting in one entry per OAuth Access/Refresh-Token. Additional metadata can be stored as well (token expiry) as this is currently not handled correctly.
For this to work we rely on the CSWin32- and Win32Metadata-projects to leave Preview (Win32Metadata) and Beta (CSWin32) state and release a stable build.
The text was updated successfully, but these errors were encountered:
Current Windows Credential Manager implementation splits OAuth Access and Refresh Token into two separate entries in Windows Credential Manager - this should ideally be one single entry.
Windows Credential Manager limits passwords to be max size of CRED_MAX_CREDENTIAL_BLOB_SIZE (512) bytes - this is problematic as AAD OAuth tokens easily exceed 512 Bytes.
Leverage use of CredentialAttribute which allows page sizes of CRED_MAX_VALUE_SIZE (256) bytes, with up to CRED_MAX_ATTRIBUTES (64) pages - this would allow storing 16 KiB of data in a Windows Credential Manager-entry - resulting in one entry per OAuth Access/Refresh-Token. Additional metadata can be stored as well (token expiry) as this is currently not handled correctly.
For this to work we rely on the CSWin32- and Win32Metadata-projects to leave Preview (Win32Metadata) and Beta (CSWin32) state and release a stable build.
The text was updated successfully, but these errors were encountered: