-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Core] WAM integration #22774
[Core] WAM integration #22774
Conversation
WAM |
@@ -52,7 +52,7 @@ | |||
'jmespath', | |||
'knack~=0.9.0', | |||
'msal-extensions~=1.0.0', | |||
'msal==1.18.0b1', | |||
'msal[broker] @ git+https://github.com/AzureAD/microsoft-authentication-library-for-python.git@wam', # Temporary source |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
msal[broker]
can also be manually installed with
pip install .\microsoft-authentication-library-for-python\[broker]
"http_cache": Identity._msal_http_cache | ||
"http_cache": Identity._msal_http_cache, | ||
# TODO: introduce a config option to allow turning broker off | ||
"allow_broker": True |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"allow_broker": True | |
"allow_broker": True, |
:-p
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why? Isn't last comma supposed to be omitted?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is less-defined, so there is no official preference that you are "supposed" to follow. However, since Python does allow the extra trailing comma, I prefer to take advantage of it.
@rayluo, is WAM still considered auth code flow? If not, are we fully deprecating auth code flow for WAM-supported device? |
The broker (wam) behavior is indeed implemented in MSAL's This is meant to be a transparent change to Azure CLI, so Azure CLI does not need to deprecate anything. MSAL itself will still keep the auth code flow APIs because they will still be useful for web applications. |
Related command
az login
acquire_token_silent()
.Description
Close #21201
Require AzureAD/microsoft-authentication-library-for-python#415
This PR is currently a draft to demonstrate how Azure CLI could enable the broker behavior from an MSAL feature branch.
Testing Guide
pip install git+https://github.com/azure/azure-cli@broker-integration
az login
, and notice how a pop-up window (rather than a browser) would pop up.az foo bar
command to make sure the token returned by broker would workHistory Notes
This checklist is used to make sure that common guidelines for a pull request are followed.
The PR title and description has followed the guideline in Submitting Pull Requests.
I adhere to the Command Guidelines.
I adhere to the Error Handling Guidelines.