def get(self, request):

        if request.session.get("user_name", None) is None:
            return HttpResponseRedirect(reverse("login"))

        accounts = AuthenticationHelper.get_confidential_client().get_accounts(
            username=request.session["user_name"])

        if len(accounts) == 0:
            return HttpResponseRedirect(reverse("login"))

        token_response = AuthenticationHelper.get_confidential_client(
        ).acquire_token_silent(scopes=[os.environ.get("API_SCOPE")],
                               account=accounts[0],
                               authority=os.environ.get("AUTHORITY"))

        if "error" in token_response:
            return HttpResponse("An Error Occured:" +
                                token_response.get("error") + " " +
                                token_response.get("error_description"),
                                status=404)

        rg_response = RequestsHelper.get_backend_api_session(
            token_response).get(os.environ.get("FLASK_BACKEND_URL")).json()
        rg_response_converted = json.dumps(rg_response)

        return HttpResponse(rg_response_converted)
    def get(self, request):

        accounts = AuthenticationHelper.get_confidential_client().get_accounts(
            username=request.session["user_name"])

        if len(accounts) != 0:
            #remove the user's account from the token cache
            AuthenticationHelper.get_confidential_client().remove_account(
                account=accounts[0])

        #remove the user's session from the Django managed database
        request.session.flush()

        logout_url = os.environ.get("AUTHORITY") + os.environ.get(
            "LOGOUT_URL") + os.environ.get("POST_LOGOUT_REDIRECT_URI")

        return HttpResponseRedirect(logout_url)
    def get(self, request):

        #generating sign in url to initate the user's sign in with AAD
        #using the initiate_auth_code_flow method ensures PKCE protection is used
        auth_code_response = AuthenticationHelper.get_confidential_client(
        ).initiate_auth_code_flow(scopes=[os.environ.get("SCOPE")],
                                  redirect_uri=os.environ.get("REDIRECT_URI"))

        if "error" in auth_code_response:
            return HttpResponse("An Error Occured:" +
                                auth_code_response.get("error") + " " +
                                auth_code_response.get("error_description"),
                                status=404)

        request.session["auth_code_response"] = auth_code_response

        return HttpResponseRedirect(auth_code_response["auth_uri"])
    def get(self, request):

        if "error" in request.GET:
            return HttpResponse("An Error Occurred:" +
                                request.GET.get("error") + " " +
                                request.GET.get("error_description"),
                                status=403)

        try:
            #using the acquire_token_by_auth_code_flow method ensures PKCE protection is verified
            #NOTE) This token acquisition uses the same set of scopes from the initial request made to initiate_auth_code_flow above
            token_response = AuthenticationHelper.get_confidential_client(
            ).acquire_token_by_auth_code_flow(
                auth_code_flow=request.session.get('auth_code_response', {}),
                auth_response=request.GET,
                scopes=[os.environ.get("SCOPE")],
            )
        except ValueError as exc:
            #only occurs when client data, either auth_code_response or SCOPE in this case, is missing or malformed
            return HttpResponse("An Error Occurred: " + str(exc), status=404)

        if "error" in token_response:
            return HttpResponse("An Error Occurred:" +
                                token_response.get("error") + " " +
                                token_response.get("error_description"),
                                status=404)

        #sets the user_name value for this session, which will be used to determine if a user has been fully authenticated or not
        #when managing user sign in via sessions, ensure to set the SESSION_COOKIE_AGE setting to a low number of seconds
        request.session["user_name"] = token_response['id_token_claims'][
            'preferred_username']

        #remove used auth_code_response values from request session
        del request.session['auth_code_response']
        request.session.modified = True

        return HttpResponseRedirect(reverse("azure_management_home"))