Added documentation and examples

vladvildanov · vladvildanov · commit 656c2ecf9a24 · 2025-03-05T15:36:37.000+02:00
diff --git a/README.md b/README.md
@@ -50,6 +50,31 @@ from redis_entraid.cred_provider import *
 
 ### Step 2 - Create the credential provider via the factory method
 
+Following factory methods are offered depends on authentication type you need:
+
+`create_from_managed_identity` - Creates a credential provider based on a managed identity. 
+Managed identities allow Azure services to authenticate without needing explicit credentials, as they are automatically assigned by Azure.
+
+`create_from_service_principal` - Creates a credential provider using a service principal. 
+A service principal is typically used when you want to authenticate as an application, rather than as a user, with Azure Active Directory.
+
+`create_from_default_azure_credential` - Creates a credential provider from a Default Azure Credential. 
+This method allows automatic selection of the appropriate credential mechanism based on the environment 
+(e.g., environment variables, managed identities, service principal, interactive browser etc.).
+
+#### Examples ####
+
+**Managed Identity**
+
+```python
+credential_provider = create_from_managed_identity(
+    identity_type=ManagedIdentityType.SYSTEM_ASSIGNED,
+    resource="https://redis.azure.com/"
+)
+```
+
+**Service principal**
+
 ```python
 credential_provider = create_from_service_principal(
     CLIENT_ID, 
@@ -58,6 +83,14 @@ credential_provider = create_from_service_principal(
 )
 ```
 
+**Default Azure Credential**
+
+```python
+credential_provider = create_from_default_azure_credential(
+    ("https://redis.azure.com/.default",),
+)
+```
+
 ### Step 3 - Provide optional token renewal configuration
 
 The default configuration would be applied, but you're able to customise it.
diff --git a/examples/__init__.py b/examples/__init__.py
diff --git a/examples/interactive_browser_login.py b/examples/interactive_browser_login.py
@@ -0,0 +1,28 @@
+# Before run this example you need to configure your EntraID application the following way:
+#
+# 1. Enable "Allow public client flows" option, under "Authentication" section.
+# 2. Add the Redirect URL of the web server that DefaultAzureCredential runs
+# By default, uses port 8400, so the default Redirect URL looks like "http://localhost:8400".
+
+import os
+
+from redis_entraid.cred_provider import create_from_default_azure_credential
+
+def main():
+
+    # By default, interactive browser login is excluded so you need to enable it.
+    credential_provider = create_from_default_azure_credential(
+        ("user.read",),
+        app_kwargs={
+            "exclude_interactive_browser_credential": False,
+            "interactive_browser_client_id": os.getenv("AZURE_CLIENT_ID"),
+            "interactive_browser_tenant_id": os.getenv("AZURE_TENANT_ID"),
+        }
+    )
+
+    # Opens a browser tab. After you'll enter your username/password it would return you a credentials needed for auth.
+    print(credential_provider.get_credentials())
+
+
+if __name__ == "__main__":
+    main()
diff --git a/pyproject.toml b/pyproject.toml
@@ -20,4 +20,4 @@ dependencies = [
 
 [tool.setuptools.packages.find]
 include = ["redis_entraid"]
-exclude = ["tests", ".github"]
+exclude = ["tests", "examples", ".github"]
diff --git a/redis_entraid/cred_provider.py b/redis_entraid/cred_provider.py
@@ -164,7 +164,7 @@ def create_from_service_principal(
 
 def create_from_default_azure_credential(
         scopes: Tuple[str],
-        additional_tenant_id: Optional[str] = None,
+        tenant_id: Optional[str] = None,
         authority: Optional[str] = None,
         token_kwargs: Optional[dict] = {},
         app_kwargs: Optional[dict] = {},
@@ -183,7 +183,7 @@ def create_from_default_azure_credential(
     https://learn.microsoft.com/en-us/python/api/azure-identity/azure.identity.defaultazurecredential?view=azure-python
 
     :param scopes: Service principal scopes. Fallback to default scopes if None.
-    :param additional_tenant_id: Optional tenant to include in the token request.
+    :param tenant_id: Optional tenant to include in the token request.
     :param authority: Custom authority, by default used  'login.microsoftonline.com'
     :param token_kwargs: Optional token arguments applied when retrieving tokens.
     :param app_kwargs: Optional keyword arguments to pass when instantiating application.
@@ -192,7 +192,7 @@ def create_from_default_azure_credential(
     default_azure_credential_config = DefaultAzureCredentialIdentityProviderConfig(
         scopes=scopes,
         authority=authority,
-        additional_tenant_id=additional_tenant_id,
+        additional_tenant_id=tenant_id,
         token_kwargs=token_kwargs,
         app_kwargs=app_kwargs,
     )
