Implement synchronous device code credential #6464
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chlowell
added
Client
|
Can one of the admins verify this patch? |
johanste
reviewed
Jul 25, 2019
sdk/identity/azure-identity/azure/identity/_internal/msal_credentials.py
Outdated
Show resolved
Hide resolved
johanste
reviewed
Jul 25, 2019
| # type: (Any) -> None | ||
| super(PublicClientCredential, self).__init__( | ||
| app_class=msal.PublicClientApplication, | ||
| authority="https://login.microsoftonline.com/" + kwargs.pop("tenant", "organizations"), |
There was a problem hiding this comment.
Should the host of the authority be hard-coded? This changes depending on which cloud you are targeting, no?
There was a problem hiding this comment.
It should not. Sovereign cloud support is tracked by #5850. I'm waiting for some global configuration I can leverage to avoid implementing and later replacing something idiosyncratic.
chlowell
force-pushed
the
device-code
branch
2 times, most recently
from
31d6a0d to
91be022
Compare
schaabs
reviewed
Jul 29, 2019
|
|
||
| app = self._get_app() | ||
| flow = app.initiate_device_flow(scopes) | ||
| if "error" in flow: |
There was a problem hiding this comment.
if "error" in flow: [](start = 8, length = 19)
Is this the best way to check for failure?
There was a problem hiding this comment.
Failure of AAD, yes, I think so; flow here is the AAD response payload, which has a value for error when AAD can't start the flow.
schaabs
approved these changes
Jul 29, 2019
|
/azp run python - client - ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run python - client - ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
rakshith91
pushed a commit
to rakshith91/azure-sdk-for-python
that referenced
this pull request
Aug 2, 2019
xiangyan99
added a commit
that referenced
this pull request
Aug 5, 2019
* document async transport requirement (#6541) * [AutoPR] alertsmanagement/resource-manager (#5697) * Generated from f4b30b3785ae1fa51f4333f2acd863137d9c84b2 (#5696) removed "required" field from ExpandDetectorParameter * Packaging update of azure-mgmt-alertsmanagement * Packaging update of azure-mgmt-alertsmanagement * regenerated package * recent version * update history and version... again... * added note about general breaking changes * Synchronous username/password auth (#6416) * Synchronous interactive browser authentication (#6466) * we dont need thread locks (#6551) * KV aiohttp by default (#6563) * Aiohttp default async transport * Record keys with aiohttp * Record secrets with aiohttp * [AutoPR hanaonazure/resource-manager] Removing monitoring hana instance API (#6535) * Generated from 70b51057c4cca0cdb6a743b4e02f39c132121570 Removing monitoring hana instance API * Generated from a6757c439ed37f69147b6a7b50a20f1ca69789be Removing monitoring hana instance API * Packaging update of azure-mgmt-hanaonazure * Updated Release History * KV moved paging return type to ItemPaged (#6558) * KV with latest autorest * Make KV return ItemPaged from azure-core * azure-core history 1.0.0b2 (#6562) * azure-core history * Update HISTORY.md * Make private Cosmos modules private [WIP] (#6329) * make consistent_hash_ring private * make default_retry_policy private * make endpoint_discovery_retry_policy private * make hash_partition_resolver private * make location_cache private * make murmur_hash private * make range private * make range_partition_resolver private * make vector_session_token private * make resource_throttle_retry_policy private * make retry_utility private * make utils private * make routing private * make execution_context private * make cosmos_client_connection private * make retry_options private * make query_iterable private * make constants private * make synchronized_request private * make session_retry_policy private * make partition private * make global_endpoint_manager private * make runtime_constants private * make session private * make request_object private * make base private * Accept extension of JSON content-type (#6583) * Accept extension of JSON content-type * Adding text/something+json test * Support digit * Remove docdb mgmt package from master (#6585) * Revert "Remove docdb mgmt package from master (#6585)" (#6593) This reverts commit d2ed7d8. * azure-core black/pylint/mypy (#6581) * Pylint/black happyness * mypy * Fix exceptiont tests * bad-continuation ignroe by defulat * adjusting to allow default omission of packages for CI. (#6595) * Synchronous device code credential (#6464) * [AutoPR alertsmanagement/resource-manager] fixing subscription id issue (#6574) * Generated from d6b1b67df4f4ddc0b8cb16095d1dd51305a078a5 fix subscriptionId * Generated from 10bf6ed3f7f87035d0c08c83742eba0a39602b39 undone reference change * added changelog, upgraded to rc2 * fixed code generation issues * Remove Configuration from public API (#6603) * [AutoPR] security/resource-manager (#5709) * Generated from 2b4c25b67ef444e5fb6df8a4a4d78bfa747b198a (#5704) chore: jsonfmt security Ran `jsonfmt -w "specification/security/**/*.json"` * [AutoPR security/resource-manager] Changes to the JIT API for Firewall Support (#6047) * Generated from 0a90b13aa3eeec05f438be7bbe0eb444a084e789 Update jitNetworkAccessPolicies.json * Generated from 77db60c613fff13703dc99ca4aaa81bfbd4900ef Update jitNetworkAccessPolicies.json * Generated from 77db60c613fff13703dc99ca4aaa81bfbd4900ef Update jitNetworkAccessPolicies.json * Packaging update of azure-mgmt-security * [AutoPR security/resource-manager] Improving Security Center pricing API documentation (#6289) * Generated from 149ce8a94fd12df4868cb641d0d47bf83472b659 Improving Security Center pricing API documentation * Generated from 149ce8a94fd12df4868cb641d0d47bf83472b659 Improving Security Center pricing API documentation * [AutoPR security/resource-manager] Add Microsoft.Security applicationWhitelistings API (#6262) * Generated from 0bc0b6465c2c93267a29e4eb0c39e2b12a8b623e add operation ID's * Generated from 56fe4277e879002f98abc961fc5fb3abf80cf32a remove location from example, add Executable to fileType * Generated from 6307743902cd21e4a200cca1cddc2383121ae216 add Whitelistings to custom-words * Generated from 01357ba2f4e4ca899217b4e65892b7bdf375d5bf (#6515) chore: jsonfmt security * [AutoPR security/resource-manager] Set IoTSecuritySolutions & IoTSecuritySolutionAnalytics API as stable (#6526) * Generated from 4d6fbc52713c0423aa04f74ae330867fac488b86 Set IoTSecuritySolutions & IoTSecuritySolutionAnalytics API as stable * Generated from e763a96421ef60d69bbae038d008c08002f16359 remove paging support from IoTSecurityDeviceRecommendationsList * Generated from dea80a5e1da4b383480342bba4eca97ba55c053b remove paging from IoTSecurityAlertedDevicesList * regenerated * history and version * general breaking changes info * Minimal change to disable code coverage publishing for PRs. (#6614) * Readme doc update for azure-core (#6611) * Readme doc update * More readme update * Transport update * Typo * typo thanks bryan * Mypy fixes for azure.core.tracing (#6590) * we dont need thread locks * add contextvars * fix version stuff * mypy fixes * added test for get_name and moved stuff in the function * small ci fix * more mypy fixes * get rid of dependency * all use same context * MyPy azure-core (#6619) * MyPy azure-core settings * MyPy azure-core aiohttp * Redesign sentinel * Update Key Vault docstrings (#6632) * Update Key Vault user agent (#6640) * Update README.md (#6635) * mypy fixes (#6641) * mypy fixes * use six * Policies as kwargs for KeyVault (#6616) * Mypy fixes (#6646) * [AutoPR healthcareapis/resource-manager] Fixed healthcareapi readme.md (#6652) * Generated from 06bfc11dfa82fb5c140c82c3496fd59adc6f3b8b just triggereing rebuild * Packaging update of azure-mgmt-healthcareapis * fixed release date * fixed bug in maxItemCount propagation for Order by queries (#6608) * fixed bug with maxItemCount in order by queries * fixed merge conflicts * Final azure-identity preview 2 changes (#6664)
xiangyan99
added a commit
that referenced
this pull request
Aug 5, 2019
* App config code review feedback (#6647) * Use new configuration * Put version into version.py * update packaging * remove readme.rst * get latest master (#6665) * document async transport requirement (#6541) * [AutoPR] alertsmanagement/resource-manager (#5697) * Generated from f4b30b3785ae1fa51f4333f2acd863137d9c84b2 (#5696) removed "required" field from ExpandDetectorParameter * Packaging update of azure-mgmt-alertsmanagement * Packaging update of azure-mgmt-alertsmanagement * regenerated package * recent version * update history and version... again... * added note about general breaking changes * Synchronous username/password auth (#6416) * Synchronous interactive browser authentication (#6466) * we dont need thread locks (#6551) * KV aiohttp by default (#6563) * Aiohttp default async transport * Record keys with aiohttp * Record secrets with aiohttp * [AutoPR hanaonazure/resource-manager] Removing monitoring hana instance API (#6535) * Generated from 70b51057c4cca0cdb6a743b4e02f39c132121570 Removing monitoring hana instance API * Generated from a6757c439ed37f69147b6a7b50a20f1ca69789be Removing monitoring hana instance API * Packaging update of azure-mgmt-hanaonazure * Updated Release History * KV moved paging return type to ItemPaged (#6558) * KV with latest autorest * Make KV return ItemPaged from azure-core * azure-core history 1.0.0b2 (#6562) * azure-core history * Update HISTORY.md * Make private Cosmos modules private [WIP] (#6329) * make consistent_hash_ring private * make default_retry_policy private * make endpoint_discovery_retry_policy private * make hash_partition_resolver private * make location_cache private * make murmur_hash private * make range private * make range_partition_resolver private * make vector_session_token private * make resource_throttle_retry_policy private * make retry_utility private * make utils private * make routing private * make execution_context private * make cosmos_client_connection private * make retry_options private * make query_iterable private * make constants private * make synchronized_request private * make session_retry_policy private * make partition private * make global_endpoint_manager private * make runtime_constants private * make session private * make request_object private * make base private * Accept extension of JSON content-type (#6583) * Accept extension of JSON content-type * Adding text/something+json test * Support digit * Remove docdb mgmt package from master (#6585) * Revert "Remove docdb mgmt package from master (#6585)" (#6593) This reverts commit d2ed7d8. * azure-core black/pylint/mypy (#6581) * Pylint/black happyness * mypy * Fix exceptiont tests * bad-continuation ignroe by defulat * adjusting to allow default omission of packages for CI. (#6595) * Synchronous device code credential (#6464) * [AutoPR alertsmanagement/resource-manager] fixing subscription id issue (#6574) * Generated from d6b1b67df4f4ddc0b8cb16095d1dd51305a078a5 fix subscriptionId * Generated from 10bf6ed3f7f87035d0c08c83742eba0a39602b39 undone reference change * added changelog, upgraded to rc2 * fixed code generation issues * Remove Configuration from public API (#6603) * [AutoPR] security/resource-manager (#5709) * Generated from 2b4c25b67ef444e5fb6df8a4a4d78bfa747b198a (#5704) chore: jsonfmt security Ran `jsonfmt -w "specification/security/**/*.json"` * [AutoPR security/resource-manager] Changes to the JIT API for Firewall Support (#6047) * Generated from 0a90b13aa3eeec05f438be7bbe0eb444a084e789 Update jitNetworkAccessPolicies.json * Generated from 77db60c613fff13703dc99ca4aaa81bfbd4900ef Update jitNetworkAccessPolicies.json * Generated from 77db60c613fff13703dc99ca4aaa81bfbd4900ef Update jitNetworkAccessPolicies.json * Packaging update of azure-mgmt-security * [AutoPR security/resource-manager] Improving Security Center pricing API documentation (#6289) * Generated from 149ce8a94fd12df4868cb641d0d47bf83472b659 Improving Security Center pricing API documentation * Generated from 149ce8a94fd12df4868cb641d0d47bf83472b659 Improving Security Center pricing API documentation * [AutoPR security/resource-manager] Add Microsoft.Security applicationWhitelistings API (#6262) * Generated from 0bc0b6465c2c93267a29e4eb0c39e2b12a8b623e add operation ID's * Generated from 56fe4277e879002f98abc961fc5fb3abf80cf32a remove location from example, add Executable to fileType * Generated from 6307743902cd21e4a200cca1cddc2383121ae216 add Whitelistings to custom-words * Generated from 01357ba2f4e4ca899217b4e65892b7bdf375d5bf (#6515) chore: jsonfmt security * [AutoPR security/resource-manager] Set IoTSecuritySolutions & IoTSecuritySolutionAnalytics API as stable (#6526) * Generated from 4d6fbc52713c0423aa04f74ae330867fac488b86 Set IoTSecuritySolutions & IoTSecuritySolutionAnalytics API as stable * Generated from e763a96421ef60d69bbae038d008c08002f16359 remove paging support from IoTSecurityDeviceRecommendationsList * Generated from dea80a5e1da4b383480342bba4eca97ba55c053b remove paging from IoTSecurityAlertedDevicesList * regenerated * history and version * general breaking changes info * Minimal change to disable code coverage publishing for PRs. (#6614) * Readme doc update for azure-core (#6611) * Readme doc update * More readme update * Transport update * Typo * typo thanks bryan * Mypy fixes for azure.core.tracing (#6590) * we dont need thread locks * add contextvars * fix version stuff * mypy fixes * added test for get_name and moved stuff in the function * small ci fix * more mypy fixes * get rid of dependency * all use same context * MyPy azure-core (#6619) * MyPy azure-core settings * MyPy azure-core aiohttp * Redesign sentinel * Update Key Vault docstrings (#6632) * Update Key Vault user agent (#6640) * Update README.md (#6635) * mypy fixes (#6641) * mypy fixes * use six * Policies as kwargs for KeyVault (#6616) * Mypy fixes (#6646) * [AutoPR healthcareapis/resource-manager] Fixed healthcareapi readme.md (#6652) * Generated from 06bfc11dfa82fb5c140c82c3496fd59adc6f3b8b just triggereing rebuild * Packaging update of azure-mgmt-healthcareapis * fixed release date * fixed bug in maxItemCount propagation for Order by queries (#6608) * fixed bug with maxItemCount in order by queries * fixed merge conflicts * Final azure-identity preview 2 changes (#6664)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This closes #6352 with a credential implementing synchronous device code authentication using an MSAL public client application (the async equivalent is tracked by #6293).
When its
get_tokenmethod is called, this credential acquires a URL and code from AAD, then blocks until a user authenticates at that URL with the code. The credential respects an optional timeout and accepts an optional callback allowing an application to control how the URL and code are presented.