Skip to content

Samples #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rayluo merged 4 commits into from
Dec 6, 2018
Merged

Samples #7

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
9495a2c
3 samples
rayluo Nov 30, 2018
89a1420
Use delegated scope for user scopes
rayluo Dec 3, 2018
eff46e5
Fix typos
rayluo Dec 5, 2018
1f9d674
Adjust descriptions based on latest API changes
rayluo Dec 5, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
3 samples
  • Loading branch information
@rayluo
rayluo committed Dec 6, 2018
commit 9495a2caf738f63fb1ce12ce489c63ca146faeb9
57 changes: 57 additions & 0 deletions sample/client_credential_sample.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
"""
The configuration file would look like this:

{
"authority": "https://login.microsoftonline.com/organizations",
"client_id": "your_client_id",
"secret": "This is a sample only. You better NOT persist your password."
"scope": ["https://graph.microsoft.com/.default"]
}

You can then run this sample with a JSON configuration file:

python sample.py parameters.json
"""

import sys # For simplicity, we'll read config file from 1st CLI param sys.argv[1]
import json
import logging

import msal


# Optional logging
# logging.basicConfig(level=logging.DEBUG)

config = json.load(open(sys.argv[1]))

# Create a preferrably long-lived app instance which maintains a token cache.
Copy link
Contributor

@abhidnya13 abhidnya13 Dec 5, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

preferably

app = msal.ConfidentialClientApplication(
config["client_id"], authority=config["authority"],
client_credential=config["secret"],
# token_cache=... # Default cache is in memory only.
# See SerializableTokenCache for more details.
)

# The pattern to acquire a token looks like this.
result = None

# Firstly, looks up a token from cache
# Since we are looking for token for the current app, NOT for an end user,
# notice we give account parameter as None (which is its default value, by the way).
result = app.acquire_token_silent(config["scope"], account=None)

if not result:
# So no suitable token exists in cache. Let's get a new one from AAD.
result = app.acquire_token_for_client(scopes=config["scope"])

if "access_token" in result:
print(result["access_token"])
print(result["token_type"])
print(result["expires_in"]) # You don't normally need to care about this.
# It will be good for at least 5 minutes.
else:
print(result.get("error"))
print(result.get("error_description"))
print(result.get("correlation_id")) # You may need this when reporting a bug

68 changes: 68 additions & 0 deletions sample/device_flow_sample.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
"""
The configuration file would look like this:

{
"authority": "https://login.microsoftonline.com/organizations",
"client_id": "your_client_id",
"scope": ["https://graph.microsoft.com/.default"]
}

You can then run this sample with a JSON configuration file:

python sample.py parameters.json
"""

import sys # For simplicity, we'll read config file from 1st CLI param sys.argv[1]
import json
import logging

import msal


# Optional logging
# logging.basicConfig(level=logging.DEBUG)

config = json.load(open(sys.argv[1]))

# Create a preferrably long-lived app instance which maintains a token cache.
app = msal.PublicClientApplication(
config["client_id"], authority=config["authority"],
# token_cache=... # Default cache is in memory only.
# See SerializableTokenCache for more details.
)

# The pattern to acquire a token looks like this.
result = None

# If your device-flow app does not have any interactive ability,
# you can completely skip the following cache part. Here we demonstrate it anyway.
# We now check the cache to see if we have some end users signed in before.
accounts = app.get_accounts()
if accounts:
# If so, you could then somehow display these accounts and let end user choose
print("Pick the account you want to use to proceed:")
for a in accounts:
print(a["username"])
# Assumeing the end user chose this one
Copy link
Contributor

@abhidnya13 abhidnya13 Dec 5, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

assuming

chosen = accounts[0]
# Now let's try to find a token in cache for this account
result = app.acquire_token_silent(config["scope"], account=accounts[0])

if not result:
# So no suitable token exists in cache. Let's get a new one from AAD.
flow = app.initiate_device_flow(scopes=config["scope"])
print(flow["message"])
# Ideally you should wait here, in order to save some unnecessary polling
# input("Press Enter after you successfully login from another device...")
result = app.acquire_token_by_device_flow(flow) # By default it will block

if "access_token" in result:
print(result["access_token"])
print(result["token_type"])
print(result["expires_in"]) # You don't normally need to care about this.
# It will be good for at least 5 minutes.
else:
print(result.get("error"))
print(result.get("error_description"))
print(result.get("correlation_id")) # You may need this when reporting a bug

59 changes: 59 additions & 0 deletions sample/username_password_sample.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
"""
The configuration file would look like this:

{
"authority": "https://login.microsoftonline.com/organizations",
"client_id": "your_client_id",
"username": "your_username@your_tenant.com",
"scope": ["https://graph.microsoft.com/.default"],
"password": "This is a sample only. You better NOT persist your password."
}

You can then run this sample with a JSON configuration file:

python sample.py parameters.json
"""

import sys # For simplicity, we'll read config file from 1st CLI param sys.argv[1]
import json
import logging

import msal


# Optional logging
# logging.basicConfig(level=logging.DEBUG)

config = json.load(open(sys.argv[1]))

# Create a preferrably long-lived app instance which maintains a token cache.
app = msal.PublicClientApplication(
config["client_id"], authority=config["authority"],
# token_cache=... # Default cache is in memory only.
# See SerializableTokenCache for more details.
)

# The pattern to acquire a token looks like this.
result = None

# Firstly, check the cache to see if this end user has signed in before
accounts = app.get_accounts(username=config["username"])
if accounts:
# It means the account(s) exists in cache, probably with token too. Let's try.
result = app.acquire_token_silent(config["scope"], account=accounts[0])

if not result:
# So no suitable token exists in cache. Let's get a new one from AAD.
result = app.acquire_token_by_username_password(
config["username"], config["password"], scopes=config["scope"])

if "access_token" in result:
print(result["access_token"])
print(result["token_type"])
print(result["expires_in"]) # You don't normally need to care about this.
# It will be good for at least 5 minutes.
else:
print(result.get("error"))
print(result.get("error_description"))
print(result.get("correlation_id")) # You may need this when reporting a bug