Im currently trying to provide an authentication-session via the AuthenticationProvider API of vscode.
The basic structure is comparable of what "github-authentication" extension is doing. Im providing one extension which is doing the authentication and multiple other extension depending which are trying to consume the authentication session from main authentication-extension.
This is working fine. The problem comes in with our internal granular structure of the session consuming extensions. Every extension needs to build up the extension trust between the authentication provider and the itself. (This can be seen under profile - "Manage Trusted Extensions") This is also retriggering the authentication mechanism.
So here is the question. Is there a way to auto-trust extensions within my authentication extension? This will us enable to have a more user friendly flow when using our extensions and only authenticate once with a set of scopes (scopes will stay the same with our extensions)
I know there is a silent option to retrieve the session but this also needs established trust or it will not return a session.
Im aware that there come some security concerns with that question. Perhaps there are also some other alternatives? Thanks in advance :)