def test_get_default_authority(): """get_default_authority should return public cloud or the value of $AZURE_AUTHORITY_HOST, with 'https' scheme""" # default scheme is https for authority in ("localhost", "https://localhost"): with patch.dict("os.environ", {EnvironmentVariables.AZURE_AUTHORITY_HOST: authority}, clear=True): assert get_default_authority() == "https://localhost" # default to public cloud for environ in ({}, { EnvironmentVariables.AZURE_AUTHORITY_HOST: KnownAuthorities.AZURE_PUBLIC_CLOUD }): with patch.dict("os.environ", environ, clear=True): assert get_default_authority( ) == "https://" + KnownAuthorities.AZURE_PUBLIC_CLOUD # require https with pytest.raises(ValueError): with patch.dict( "os.environ", {EnvironmentVariables.AZURE_AUTHORITY_HOST: "http://localhost"}, clear=True): get_default_authority()
def get_account_event(username, uid, utid, authority=None, client_id="client-id", refresh_token="refresh-token", scopes=None, **kwargs): if authority: endpoint = "https://" + "/".join(( authority, utid, "path", )) else: endpoint = get_default_authority() + "/{}/{}".format(utid, "path") return { "response": build_aad_response(uid=uid, utid=utid, refresh_token=refresh_token, id_token=build_id_token(aud=client_id, username=username), foci="1", **kwargs), "client_id": client_id, "token_endpoint": endpoint, "scope": scopes or ["scope"], }
def __init__(self, **kwargs): # type: (**Any) -> None self._successfull_tenant_id = None self.authority = kwargs.pop("authority", None) self.authority = normalize_authority( self.authority) if self.authority else get_default_authority() self.interactive_browser_tenant_id = kwargs.pop( "interactive_browser_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)) self.subscription_id = kwargs.pop("subscription_id", os.environ.get("SUBSCRIPTION_ID")) self.arm_base_url = kwargs.pop("arm_base_url", "https://management.azure.com/") self.managed_identity_client_id = kwargs.pop( "managed_identity_client_id", os.environ.get(EnvironmentVariables.AZURE_CLIENT_ID)) self.shared_cache_username = kwargs.pop( "shared_cache_username", os.environ.get(EnvironmentVariables.AZURE_USERNAME)) self.shared_cache_tenant_id = kwargs.pop( "shared_cache_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)) self.vscode_tenant_id = kwargs.pop( "visual_studio_code_tenant_id", os.environ.get(EnvironmentVariables.AZURE_TENANT_ID)) self.exclude_token_file_credential = kwargs.pop( "exclude_token_file_credential", False) self.exclude_environment_credential = kwargs.pop( "exclude_environment_credential", False) self.exclude_managed_identity_credential = kwargs.pop( "exclude_managed_identity_credential", False) self.exclude_shared_token_cache_credential = kwargs.pop( "exclude_shared_token_cache_credential", False) self.exclude_visual_studio_code_credential = kwargs.pop( "exclude_visual_studio_code_credential", False) self.exclude_cli_credential = kwargs.pop("exclude_cli_credential", False) self.exclude_interactive_browser_credential = kwargs.pop( "exclude_interactive_browser_credential", True) self.exclude_device_code_credential = kwargs.pop( "exclude_device_code_credential", False) self.exclude_powershell_credential = kwargs.pop( "exclude_powershell_credential", False) # credentials will be created lazy on the first call to get_token super(_DefaultAzureCredential, self).__init__()
def get_account_event( username, uid, utid, authority=None, client_id="client-id", refresh_token="refresh-token", scopes=None ): return { "response": build_aad_response( uid=uid, utid=utid, refresh_token=refresh_token, id_token=build_id_token(aud=client_id, preferred_username=username), foci="1", ), "client_id": client_id, "token_endpoint": "https://" + "/".join((authority or get_default_authority(), utid, "/path",)), "scope": scopes or ["scope"], }