Adding ADAL wrapper to msrestazure

msrestazure/azure_active_directory.py

@@ -39,10 +39,16 @@
     MismatchingStateError,
     OAuth2Error,
     TokenExpiredError)
-from requests import RequestException
+from requests import (
+    RequestException,
+    ConnectionError
+)
 import requests_oauthlib as oauth
 
-from msrest.authentication import OAuthTokenAuthentication
+from msrest.authentication import (
+    OAuthTokenAuthentication,
+    Authentication
+)
 from msrest.exceptions import TokenExpiredError as Expired
 from msrest.exceptions import (
     AuthenticationError,
@@ -525,3 +531,32 @@ def set_token(self, response_url):
             raise_with_traceback(AuthenticationError, "", err)
         else:
             self.token = token
+
+class AdalAuthentication(Authentication):#pylint: disable=too-few-public-methods
+
+    def __init__(self, adal_method, *args, **kwargs):
+        self._adal_method = adal_method
+        self._args = args
+        self._kwargs = kwargs
+
+    def signed_session(self):
+        session = super(AdalAuthentication, self).signed_session()
+
+        import adal # Adal is not mandatory
+
+        try:
+            raw_token = self._adal_method(*self._args, **self._kwargs)
+            scheme, token = raw_token['tokenType'], raw_token['accessToken']
+        except adal.AdalError as err:
+            #pylint: disable=no-member
+            if (hasattr(err, 'error_response') and ('error_description' in err.error_response)
+                    and ('AADSTS70008:' in err.error_response['error_description'])):
+                raise Expired("Credentials have expired due to inactivity.")
+
+            raise AuthenticationError(err)
+        except ConnectionError as err:
+            raise AuthenticationError('Please ensure you have network connection. Error detail: ' + str(err))
+
+        header = "{} {}".format(scheme, token)
+        session.headers['Authorization'] = header
+        return session

requirements.txt

@@ -1 +1,2 @@
 msrest>=0.4.4,<0.5.0
+adal~=0.4.0

setup.py

@@ -49,5 +49,7 @@
         'License :: OSI Approved :: MIT License',
         'Topic :: Software Development'],
     install_requires=[
-        "msrest>=0.4.4"],
+        "msrest~=0.4.4",
+        "adal~=0.4.0"
+    ],
 )

test/unittest_auth.py

@@ -34,19 +34,22 @@
 
 from requests_oauthlib import OAuth2Session
 import oauthlib
+import adal
 
 from msrestazure import AzureConfiguration
 from msrestazure import azure_active_directory
 from msrestazure.azure_active_directory import (
     AADMixin,
     InteractiveCredentials,
     ServicePrincipalCredentials,
-    UserPassCredentials
+    UserPassCredentials,
+    AdalAuthentication
     )
 from msrest.exceptions import (
     TokenExpiredError,
     AuthenticationError,
     )
+from requests import ConnectionError
 
 
 class TestInteractiveCredentials(unittest.TestCase):
@@ -356,6 +359,34 @@ def test_user_pass_credentials(self):
                 client_id="client_id", username='my_username',
                 password='my_password', resource='https://management.core.chinacloudapi.cn/', verify=False)
 
+    def test_adal_authentication(self):
+        def success_auth():
+            return {
+                'tokenType': 'https',
+                'accessToken': 'cryptictoken'
+            }
+
+        credentials = AdalAuthentication(success_auth)
+        session = credentials.signed_session()
+        self.assertEquals(session.headers['Authorization'], 'https cryptictoken')
+
+        def error():
+            raise adal.AdalError("You hacker", {})
+        credentials = AdalAuthentication(error)
+        with self.assertRaises(AuthenticationError) as cm:
+            session = credentials.signed_session()
+
+        def expired():
+            raise adal.AdalError("Too late", {'error_description': "AADSTS70008: Expired"})
+        credentials = AdalAuthentication(expired)
+        with self.assertRaises(TokenExpiredError) as cm:
+            session = credentials.signed_session()
+
+        def connection_error():
+            raise ConnectionError("Plug the network")
+        credentials = AdalAuthentication(connection_error)
+        with self.assertRaises(AuthenticationError) as cm:
+            session = credentials.signed_session()
 
 if __name__ == '__main__':
     unittest.main()