def __init__(self, username=None, **kwargs): # pylint:disable=unused-argument # type: (Optional[str], **Any) -> None self._authority = kwargs.pop( "authority", None) or KnownAuthorities.AZURE_PUBLIC_CLOUD self._authority_aliases = KNOWN_ALIASES.get( self._authority) or frozenset((self._authority, )) self._username = username self._tenant_id = kwargs.pop("tenant_id", None) cache = kwargs.pop("_cache", None) # for ease of testing if not cache and sys.platform.startswith( "win") and "LOCALAPPDATA" in os.environ: from msal_extensions.token_cache import WindowsTokenCache cache = WindowsTokenCache(cache_location=os.path.join( os.environ["LOCALAPPDATA"], ".IdentityService", "msal.cache")) # prevent writing to the shared cache # TODO: seperating deserializing access tokens from caching them would make this cleaner cache.add = lambda *_, **__: None if cache: self._cache = cache self._client = self._get_auth_client( authority=self._authority, cache=cache, **kwargs) # type: Optional[AadClientBase] else: self._client = None
def test_windows_token_cache_roundtrip(): client_id = os.getenv('AZURE_CLIENT_ID') client_secret = os.getenv('AZURE_CLIENT_SECRET') if not (client_id and client_secret): pytest.skip( 'no credentials present to test WindowsTokenCache round-trip with.' ) test_folder = tempfile.mkdtemp( prefix="msal_extension_test_windows_token_cache_roundtrip") cache_file = os.path.join(test_folder, 'msal.cache') try: subject = WindowsTokenCache(cache_location=cache_file) app = msal.ConfidentialClientApplication( client_id=client_id, client_credential=client_secret, token_cache=subject) desired_scopes = ['https://graph.microsoft.com/.default'] token1 = app.acquire_token_for_client(scopes=desired_scopes) os.utime(cache_file, None) # Mock having another process update the cache. token2 = app.acquire_token_silent(scopes=desired_scopes, account=None) assert token1['access_token'] == token2['access_token'] finally: shutil.rmtree(test_folder, ignore_errors=True)
def __init__(self, username, **kwargs): # pylint:disable=unused-argument # type: (str, **Any) -> None self._username = username cache = None if sys.platform.startswith("win") and "LOCALAPPDATA" in os.environ: from msal_extensions.token_cache import WindowsTokenCache cache = WindowsTokenCache(cache_location=os.environ["LOCALAPPDATA"] + "/.IdentityService/msal.cache") # prevent writing to the shared cache # TODO: seperating deserializing access tokens from caching them would make this cleaner cache.add = lambda *_: None if cache: self._client = self._get_auth_client(cache) # type: Optional[AuthnClientBase] else: self._client = None
def _load_persistent_cache(): # type: () -> msal.TokenCache if sys.platform.startswith("win") and "LOCALAPPDATA" in os.environ: from msal_extensions.token_cache import WindowsTokenCache return WindowsTokenCache(cache_location=os.path.join( os.environ["LOCALAPPDATA"], ".IdentityService", "msal.cache")) raise NotImplementedError( "A persistent cache is not available on this platform.")