user.auth.clients.msal

Classes

AzureADAttributes

Holds the expected AzureAD id_token_claims used to ensure the user

MSALClient

MSALConnections

Module Contents

class user.auth.clients.msal.AzureADAttributes[source]

Holds the expected AzureAD id_token_claims used to ensure the user

source_id: str[source]
username: str[source]
first_name: str[source]
last_name: str[source]
groups: str[source]
preferred_username: str[source]
classmethod from_cfg(cfg: dict[str, Any]) Self[source]
class user.auth.clients.msal.MSALClient[source]
AUTHORITY_BASE = 'https://login.microsoftonline.com'[source]
SIGN_OUT_ENDPOINT = '/oauth2/v2.0/logout'[source]
client_id: str[source]
client_secret: str[source]
tenant_id: str[source]
validate_authority: bool[source]
attributes: AzureADAttributes[source]
primary: bool[source]
property connection: msal.ConfidentialClientApplication[source]

Returns the msal instance. Upon initiation, the client tries to connect to the authority endpoint. msal always validate the the tenant with an tenant discovery, validate_authority will additionally check the host/instance.

property authority: str[source]
logout_url(logout_redirect: str) str[source]
class user.auth.clients.msal.MSALConnections[source]
connections: dict[str, MSALClient][source]
client(app: onegov.user.auth.provider.HasApplicationIdAndNamespace) MSALClient | None[source]
classmethod from_cfg(config: dict[str, Any]) Self[source]