def __init__(self, username=None, **kwargs): # pylint:disable=unused-argument
# type: (Optional[str], **Any) -> None
self._authority = kwargs.pop(
"authority", None) or KnownAuthorities.AZURE_PUBLIC_CLOUD
self._authority_aliases = KNOWN_ALIASES.get(
self._authority) or frozenset((self._authority, ))
self._username = username
self._tenant_id = kwargs.pop("tenant_id", None)
cache = kwargs.pop("_cache", None) # for ease of testing
if not cache and sys.platform.startswith(
"win") and "LOCALAPPDATA" in os.environ:
from msal_extensions.token_cache import WindowsTokenCache
cache = WindowsTokenCache(cache_location=os.path.join(
os.environ["LOCALAPPDATA"], ".IdentityService", "msal.cache"))
# prevent writing to the shared cache
# TODO: seperating deserializing access tokens from caching them would make this cleaner
cache.add = lambda *_, **__: None
if cache:
self._cache = cache
self._client = self._get_auth_client(
authority=self._authority, cache=cache,
**kwargs) # type: Optional[AadClientBase]
else:
self._client = None
def test_windows_token_cache_roundtrip():
client_id = os.getenv('AZURE_CLIENT_ID')
client_secret = os.getenv('AZURE_CLIENT_SECRET')
if not (client_id and client_secret):
pytest.skip(
'no credentials present to test WindowsTokenCache round-trip with.'
)
test_folder = tempfile.mkdtemp(
prefix="msal_extension_test_windows_token_cache_roundtrip")
cache_file = os.path.join(test_folder, 'msal.cache')
try:
subject = WindowsTokenCache(cache_location=cache_file)
app = msal.ConfidentialClientApplication(
client_id=client_id,
client_credential=client_secret,
token_cache=subject)
desired_scopes = ['https://graph.microsoft.com/.default']
token1 = app.acquire_token_for_client(scopes=desired_scopes)
os.utime(cache_file,
None) # Mock having another process update the cache.
token2 = app.acquire_token_silent(scopes=desired_scopes, account=None)
assert token1['access_token'] == token2['access_token']
finally:
shutil.rmtree(test_folder, ignore_errors=True)
def __init__(self, username, **kwargs): # pylint:disable=unused-argument
# type: (str, **Any) -> None
self._username = username
cache = None
if sys.platform.startswith("win") and "LOCALAPPDATA" in os.environ:
from msal_extensions.token_cache import WindowsTokenCache
cache = WindowsTokenCache(cache_location=os.environ["LOCALAPPDATA"] + "/.IdentityService/msal.cache")
# prevent writing to the shared cache
# TODO: seperating deserializing access tokens from caching them would make this cleaner
cache.add = lambda *_: None
if cache:
self._client = self._get_auth_client(cache) # type: Optional[AuthnClientBase]
else:
self._client = None
def _load_persistent_cache():
# type: () -> msal.TokenCache
if sys.platform.startswith("win") and "LOCALAPPDATA" in os.environ:
from msal_extensions.token_cache import WindowsTokenCache
return WindowsTokenCache(cache_location=os.path.join(
os.environ["LOCALAPPDATA"], ".IdentityService", "msal.cache"))
raise NotImplementedError(
"A persistent cache is not available on this platform.")