问题
In a Chrome extension a developer is able to determine user identity using the following:
chrome.identity.getProfileUserInfo(function callback)
Microsoft Edge does not seem to have the same functionality.
Is anyone aware of a method for determining user identity inside a Microsoft Edge extension? According to Microsoft's documentation it looks like it's in consideration for development but I was hoping somebody had found another way to do this: for reference (https://docs.microsoft.com/en-us/microsoft-edge/extensions/api-support/extension-api-roadmap).
Our extension will engage with a server-side API which means we need to reconcile the identity of the user, but it is being rolled out by system administrators to hundreds of users in an organization top-down; therefore, it's not possible to "ask" each user through the extension to sign in.
回答1:
As noted above, Microsoft Edge does not yet support this.
One method of getting the identity of a user, which involves some compromise, is requiring users to use google.com as their homepage and then reading the page source data for the user identity. You can then use the "tabs" API to get the page content and discover the signed in user identity.
Here is the Chrome code:
chrome.tabs.getSelected(null, function (tab) {
chrome.tabs.sendRequest(tab.id, {action: "getSource"}, function(source) {
alert(source);
});
});
It appears as though Microsoft Edge has a way of doing this as well, but the documentation is vague:
https://docs.microsoft.com/en-us/microsoft-edge/extensions/api-support/supported-apis#tabs
It should be noted this is NOT a good way to securely identify a user (e.g. other extensions could modify the page data to forge a user). It should not be used as a substitute for a proper authentication token -- but, it does work as a method of figuring out who is "probably" using the extension. In our situation we're building extensions to provide an improved user experience for an enterprise organizations team.
If anyone more familiar with the Edge developer API is able to add the Edge code for grabbing page source data to make this answer more complete it would be appreciated.
回答2:
As you know, Edge does not support identity now . So we cannot get user identity using Edge extension APIs. Currently we do not have any tricky do get user identity and do not encourage to do it with a tricky method. The best and safety way is sign-in with your extension now.
If Edge implemented the identity API, then it could be designed to return the user’s MSA or AAD info. However, Edge doesn’t implement that API, and even if it did, it might not satisfy the need because it’s entirely possible that a given enterprise user is using a traditionally domain joined PC with a domain user (e.g. constoso\test) but using a MSA (e.g. sample@hotmail.com) for syncing.
In most cases, an Enterprise would probably be happier to just get the user’s Domain identity. Today, they may be able to have the extension issue a WebRequest that hits an internal web service that challenges the client using Windows Integrated Authentication, auto-authenticates (since it’s internal) and returns a Domain credential-linked token.
来源:https://stackoverflow.com/questions/52483650/how-do-you-determine-identity-in-a-microsoft-edge-extension