Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSAL Python 1.27 #669

Merged
merged 32 commits into from
Feb 23, 2024
Merged

MSAL Python 1.27 #669

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
e6ebc37
Merge branch 'release-1.26.0' into dev
rayluo Nov 29, 2023
1ae2d19
Update issue templates (#642)
bgavrilMS Dec 20, 2023
72b853d
No more gibberish log from https request to mess up the current terminal
rayluo Dec 3, 2023
dcedc10
Merge branch 'oauth2cli/dev' to close #546
rayluo Dec 25, 2023
866ba2b
AT POP with SHR is tested with Graph end-to-end
rayluo Dec 28, 2023
c1a0ce1
Sort scopes before writing to token cache
rayluo Jan 2, 2024
313d721
O(1) happy path for access token hits
rayluo Jan 5, 2024
5272fbd
Might as well refactor a _get_app_metadata()
rayluo Jan 6, 2024
804d529
Merge pull request #644 from AzureAD/order-scopes
rayluo Jan 9, 2024
84bdfab
Prevent crash on token_cache.find(..., query=None)
rayluo Jan 9, 2024
7c4c4b5
Merge branch 'order-scopes' into dev
rayluo Jan 10, 2024
49a9198
Attempts account removal from broker first
rayluo Jan 18, 2024
c131b9b
Adding docs for PopAuthScheme
rayluo Jan 19, 2024
d7331f2
Tested with latest cryptography 42.x
rayluo Jan 22, 2024
3e68838
Mention instance_discovery instead of validate_authority in an error …
rayluo Feb 22, 2023
d524595
Tolerate ID token time errors
rayluo Jan 28, 2024
ba3cec0
Merge remote-tracking branch 'oauth2cli/dev' into oauth2
rayluo Jan 29, 2024
386ea2e
Tolerate ID token time errors
rayluo Jan 26, 2024
36a1267
Merge pull request #657 from AzureAD/id-token-adjustment
rayluo Jan 29, 2024
1a19c4b
Provide examples for B2C and CIAM
rayluo May 15, 2023
5d9b221
Give a hint on where the client_id came from
rayluo Feb 3, 2024
bb97af2
Merge pull request #661 from AzureAD/document-client-id
rayluo Feb 6, 2024
4b34dd6
Allow github action to write perf result into repo
rayluo Feb 1, 2024
b286540
Adding attributes that were not auto documented
rayluo Feb 27, 2023
3b96de6
Implement remove_tokens_for_client()
rayluo Feb 7, 2024
bb0e24a
Remove premature int(...)
rayluo Mar 10, 2023
0d8b2c2
MSAL's fallback-from-broker behavior remains a FAQ
rayluo Jun 5, 2023
bf87155
Change back to use print(result) in error path
rayluo Oct 31, 2023
4f0e03d
CCA can be tested by: python -m msal
rayluo Feb 8, 2024
59c3000
Pick up latest PyMsalRuntime 0.14.x
rayluo Feb 9, 2024
9a866ca
Don't use bare except when importing (#667)
Singletoned Feb 22, 2024
7e04519
Releasing 1.27
rayluo Dec 21, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/ISSUE_TEMPLATE/bug_report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
---
name: Bug report
about: Create a report to help us improve
title: '[Bug] '
labels: ["untriaged", "needs attention"]
title: "[Bug] "
labels: needs attention, untriaged
assignees: ''

---
Expand Down
40 changes: 40 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
name: Feature request
description: Suggest a new feature for MSAL Python.
labels: ["feature request", "untriaged", "needs attention"]
title : '[Feature Request] '
body:
- type: markdown
attributes:
value: |
## Before submitting your feature request
Please make sure that your question or issue is not already covered in [MSAL documentation](https://learn.microsoft.com/entra/msal/python/) or [samples](https://learn.microsoft.com/azure/active-directory/develop/sample-v2-code?tabs=apptype).

- type: markdown
attributes:
value: |
## Feature request for MSAL Python

- type: dropdown
attributes:
label: MSAL client type
description: Are you using Public Client (desktop apps, CLI apps) or Confidential Client (web apps, web APIs, service-to-service, managed identity)?
multiple: true
options:
- "Public"
- "Confidential"
validations:
required: true

- type: textarea
attributes:
label: Problem Statement
description: "Describe the problem or context for this feature request."
validations:
required: true

- type: textarea
attributes:
label: Proposed solution
description: "Describe the solution you'd like."
validations:
required: false
2 changes: 2 additions & 0 deletions .github/workflows/python-package.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,8 @@ jobs:
# and then run benchmark only once (sampling with only one Python version).
needs: ci
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.9
Expand Down
4 changes: 2 additions & 2 deletions docs/conf.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@
#
# This is also used if you do content translation via gettext catalogs.
# Usually you set "language" from the command line for these cases.
language = None
language = "en"

# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
Expand Down Expand Up @@ -95,7 +95,7 @@
# Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static']
#html_static_path = ['_static']

# Custom sidebar templates, must be a dictionary that maps document names
# to template names.
Expand Down
82 changes: 60 additions & 22 deletions docs/index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
=========================
MSAL Python Documentation
=========================

Expand All @@ -6,11 +7,11 @@ MSAL Python Documentation
:caption: Contents:
:hidden:

index

..
Comment: Perhaps because of the theme, only the first level sections will show in TOC,
regardless of maxdepth setting.
UPDATE: And now (early 2024) suddenly a function-level, long TOC is generated,
even though maxdepth is set to 2.

You can find high level conceptual documentations in the project
`README <https://github.com/AzureAD/microsoft-authentication-library-for-python>`_.
Expand All @@ -23,7 +24,7 @@ MSAL Python supports some of them.
**The following diagram serves as a map. Locate your application scenario on the map.**
**If the corresponding icon is clickable, it will bring you to an MSAL Python sample for that scenario.**

* Most authentication scenarios acquire tokens on behalf of signed-in users.
* Most authentication scenarios acquire tokens representing the signed-in user.

.. raw:: html

Expand All @@ -43,7 +44,7 @@ MSAL Python supports some of them.
alt="Browserless app" title="Browserless app" href="https://github.com/Azure-Samples/ms-identity-python-devicecodeflow">
</map>

* There are also daemon apps. In these scenarios, applications acquire tokens on behalf of themselves with no user.
* There are also daemon apps, who acquire tokens representing themselves, not a user.

.. raw:: html

Expand All @@ -63,26 +64,24 @@ MSAL Python supports some of them.

API Reference
=============
.. note::

Only the contents inside
`this source file <https://github.com/AzureAD/microsoft-authentication-library-for-python/blob/dev/msal/__init__.py>`_
and their documented methods (unless otherwise marked as deprecated)
are MSAL Python public API,
which are guaranteed to be backward-compatible until the next major version.

Everything else, regardless of their naming, are all internal helpers,
which could change at anytime in the future, without prior notice.

The following section is the API Reference of MSAL Python.
The API Reference is like a dictionary. You **read this API section when and only when**:
The API Reference is like a dictionary, which is useful when:

* You already followed our sample(s) above and have your app up and running,
but want to know more on how you could tweak the authentication experience
by using other optional parameters (there are plenty of them!)
* You read the MSAL Python source code and found a helper function that is useful to you,
then you would want to double check whether that helper is documented below.
Only documented APIs are considered part of the MSAL Python public API,
which are guaranteed to be backward-compatible in MSAL Python 1.x series.
Undocumented internal helpers are subject to change anytime, without prior notice.

.. note::

Only APIs and their parameters documented in this section are part of public API,
with guaranteed backward compatibility for the entire 1.x series.

Other modules in the source code are all considered as internal helpers,
which could change at anytime in the future, without prior notice.
* Some important features have their in-depth documentations in the API Reference.

MSAL proposes a clean separation between
`public client applications and confidential client applications
Expand All @@ -92,7 +91,7 @@ They are implemented as two separated classes,
with different methods for different authentication scenarios.

ClientApplication
=================
-----------------

.. autoclass:: msal.ClientApplication
:members:
Expand All @@ -101,22 +100,23 @@ ClientApplication
.. automethod:: __init__

PublicClientApplication
=======================
-----------------------

.. autoclass:: msal.PublicClientApplication
:members:

.. autoattribute:: msal.PublicClientApplication.CONSOLE_WINDOW_HANDLE
.. automethod:: __init__

ConfidentialClientApplication
=============================
-----------------------------

.. autoclass:: msal.ConfidentialClientApplication
:members:


TokenCache
==========
----------

One of the parameters accepted by
both `PublicClientApplication` and `ConfidentialClientApplication`
Expand All @@ -130,3 +130,41 @@ See `SerializableTokenCache` for example.

.. autoclass:: msal.SerializableTokenCache
:members:

Prompt
------
.. autoclass:: msal.Prompt
:members:

.. autoattribute:: msal.Prompt.SELECT_ACCOUNT
.. autoattribute:: msal.Prompt.NONE
.. autoattribute:: msal.Prompt.CONSENT
.. autoattribute:: msal.Prompt.LOGIN

PopAuthScheme
-------------

This is used as the `auth_scheme` parameter in many of the acquire token methods
to support for Proof of Possession (PoP) tokens.

New in MSAL Python 1.26

.. autoclass:: msal.PopAuthScheme
:members:

.. autoattribute:: msal.PopAuthScheme.HTTP_GET
.. autoattribute:: msal.PopAuthScheme.HTTP_POST
.. autoattribute:: msal.PopAuthScheme.HTTP_PUT
.. autoattribute:: msal.PopAuthScheme.HTTP_DELETE
.. autoattribute:: msal.PopAuthScheme.HTTP_PATCH
.. automethod:: __init__


Exceptions
----------
These are exceptions that MSAL Python may raise.
You should not need to create them directly.
You may want to catch them to provide a better error message to your end users.

.. autoclass:: msal.IdTokenError

3 changes: 1 addition & 2 deletions msal/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@
ConfidentialClientApplication,
PublicClientApplication,
)
from .oauth2cli.oidc import Prompt
from .oauth2cli.oidc import Prompt, IdTokenError
from .token_cache import TokenCache, SerializableTokenCache
from .auth_scheme import PopAuthScheme

Loading
Loading