msalrequestsauth 0.8.1
Authentication using python requests and MSAL. This uses the MSAL cache
for repeated requests.
Bugs/Questions
Report bugs/feature requests: https://github.com/corteva/msal-requests-auth/issues
Ask questions: https://github.com/corteva/msal-requests-auth/discussions
Usage
Compatible with:
requests
httpx
Device Code Flow
Note
By default, DeviceCodeAuth copys the code to your clipboard and opens a webbrowser.
To disable, either set headless=True when initializing DeviceCodeAuth
or set the environment variable MSAL_REQUESTS_AUTH_HEADLESS to true.
New in version 0.2.0: headless
New in version 0.6.0: MSAL_REQUESTS_AUTH_HEADLESS environment variable
New in version 0.7.0: KeyringTokenCache
import requests
import msal
from msal_requests_auth.auth import DeviceCodeAuth
from msal_requests_auth.cache import KeyringTokenCache
client_id = "<client ID from Azure AD>"
tenant_id = "<tenant ID from Azure AD>"
application_id = "<client ID of application you want to get a token for from Azure AD>"
with KeyringTokenCache() as token_cache:
app = msal.PublicClientApplication(
client_id,
authority=f"https://login.microsoftonline.com/{tenant_id}/",
token_cache=token_cache,
)
auth = DeviceCodeAuth(
client=app,
scopes=[f"{application_id}/.default"],
)
response = requests.get(
endpoint,
auth=auth,
)
Client Credentials Flow
import requests
import msal
from msal_requests_auth.auth import ClientCredentialAuth
client_id = "<client ID from Azure AD>"
client_secret = "<client secret for client in Azure AD>"
tenant_id = "<tenant ID from Azure AD>"
application_id = "<client ID of application you want to get a token for from Azure AD>"
app = msal.ConfidentialClientApplication(
client_id,
authority=(f"https://login.microsoftonline.com/{tenant_id}/"),
client_credential=client_secret,
)
auth = ClientCredentialAuth(
client=app,
scopes=[f"{application_id}/.default"],
)
response = requests.get(
endpoint,
auth=auth,
)
Installation
To install msal-requests-auth, run this command in your terminal:
$ python -m pip install msal_requests_auth
If you use conda:
$ conda install -c conda-forge msal_requests_auth
Windows keyring backend
The Windows Credential Locker is used by default by keyring.
However, its password length limitations often prevent
storing tokens. An alternative backend may resolve this limitation.
When choosing a backend, be sure you are aware of its limitations.
keyrings.alt is an alternative keyring backend to consider:
python -m pip install keyrings.alt
Here is an example of how to set an alternative backend for keyring:
import keyring
keyring.core._config_path().parent.mkdir(parents=True, exist_ok=True)
keyring.core._config_path().write_text(
"[backend]\ndefault-keyring=keyrings.alt.Windows.EncryptedKeyring"
)
Credits
This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.
For personal and professional use. You cannot resell or redistribute these repositories in their original state.
There are no reviews.