Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Core] WAM integration #22774

Closed
wants to merge 6 commits into from
Closed

[Core] WAM integration #22774

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
a5190b6
Declare msal broker as dependency
rayluo Jun 8, 2022
99cdfeb
Enable broker mode
rayluo Jun 8, 2022
6860db8
allow_broker
jiasli Jun 30, 2022
ecebcb1
Improve error
jiasli Jul 8, 2022
2b2fc6d
Merge remote-tracking branch 'azure/dev' into broker-integration
jiasli Aug 17, 2022
d45f9bb
update
jiasli Aug 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/azure-cli-core/azure/cli/core/_profile.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -755,7 +755,7 @@ def find_using_common_tenant(self, username, credential=None):
# The tenant requires MFA and can't be accessed with home tenant's refresh token
mfa_tenants.append(t)
else:
logger.warning("Failed to authenticate '%s' due to error '%s'", t, ex)
logger.warning("Failed to authenticate %s due to error '%s'", t.tenant_id_name, ex)
continue

if not subscriptions:
Expand Down
4 changes: 3 additions & 1 deletion src/azure-cli-core/azure/cli/core/auth/identity.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,9 @@ def _msal_app_kwargs(self):
return {
"authority": self._msal_authority,
"token_cache": Identity._msal_token_cache,
"http_cache": Identity._msal_http_cache
"http_cache": Identity._msal_http_cache,
# TODO: introduce a config option to allow turning broker off
"allow_broker": True
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"allow_broker": True
"allow_broker": True,

:-p

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why? Isn't last comma supposed to be omitted?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is less-defined, so there is no official preference that you are "supposed" to follow. However, since Python does allow the extra trailing comma, I prefer to take advantage of it.

}

@property
Expand Down
2 changes: 1 addition & 1 deletion src/azure-cli-core/azure/cli/core/auth/util.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ def aad_error_handler(error, **kwargs):
else "To re-authenticate, please run:\n{}").format(login_command)

from azure.cli.core.azclierror import AuthenticationError
raise AuthenticationError(error_description, recommendation=login_message)
raise AuthenticationError(error_description, msal_error=error, recommendation=login_message)


def _generate_login_command(scopes=None):
Expand Down
3 changes: 3 additions & 0 deletions src/azure-cli-core/azure/cli/core/azclierror.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -266,6 +266,9 @@ class RecommendationError(ClientError):

class AuthenticationError(ServiceError):
""" Raised when AAD authentication fails. """
def __init__(self, error_msg, msal_error=None, **kwargs):
super().__init__(error_msg, **kwargs)
self.msal_error = msal_error


class HTTPError(CLIError):
Expand Down
2 changes: 1 addition & 1 deletion src/azure-cli-core/setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@
'jmespath',
'knack~=0.9.0',
'msal-extensions~=1.0.0',
'msal==1.18.0b1',
'msal[broker] @ git+https://github.com/AzureAD/microsoft-authentication-library-for-python.git@wam', # Temporary source
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

msal[broker] can also be manually installed with

pip install .\microsoft-authentication-library-for-python\[broker]

'msrestazure~=0.6.4',
'packaging>=20.9,<22.0',
'paramiko>=2.0.8,<3.0.0',
Expand Down