Skip to content
This repository was archived by the owner on Apr 10, 2024. It is now read-only.

Implement authentication for usernames/passwords using adal#3

Closed
brettcannon wants to merge 7 commits intoAzure:masterfrom
brettcannon:adal
Closed

Implement authentication for usernames/passwords using adal#3
brettcannon wants to merge 7 commits intoAzure:masterfrom
brettcannon:adal

Conversation

@brettcannon
Copy link
Copy Markdown
Member

@brettcannon brettcannon commented Oct 24, 2016

No description provided.

lmazuel
lmazuel suggested changes Oct 25, 2016
View reviewed changes
msrestazure/azure_active_directory.py
def __init__(self, username, password, **kwargs):
super(AdalUserPassCredentials, self).__init__(**kwargs)
self.username = username
self.password = password
Copy link
Copy Markdown
Member

@lmazuel lmazuel Oct 25, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This implies that credentials are not tested at the instance creation, but at the instance usage. This is different from current UserPassCredentials behavior.
I think we might want to keep the current behavior, but I'm open to discussion (@annatisch)

Copy link
Copy Markdown
Member Author

@brettcannon brettcannon Oct 27, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

msrestazure/azure_active_directory.py Outdated

"""Base class for adal-derived authentication."""

def __init__(self, client_id="04b07795-8ddb-461a-bbee-02f9e1bf7b46",
Copy link
Copy Markdown
Member

@lmazuel lmazuel Oct 25, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer to have this id in a constant XPLAT_APP_ID since it's not recommend anymore to use it:
https://github.com/AzureAD/azure-activedirectory-library-for-python#about-client_id-and-resource-arguments

Copy link
Copy Markdown
Member Author

@brettcannon brettcannon Oct 27, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done.

@annatisch
Copy link
Copy Markdown
Member

annatisch commented Nov 2, 2016

Hi @brettcannon, @lmazuel

The changes look good.
My only concern is that there's currently no support for refresh tokens.
Maybe while we're still supporting the old classes and this being an interim solution it might not be such a big deal.
Once we do a larger scale merging of the ADAL vNext lib into the pipeline this will likely go away.

In order to integrate the refresh token functionality we would need to use an oauth-requestslib Session as opposed to a standard requests Session.

Alternatively, maybe ADAL has refresh token handling built in - and we can access it be doing a token acquisition at the time of creating the Session? I'm not sure - I'll take a look at ADAL.

@lmazuel
Copy link
Copy Markdown
Member

lmazuel commented Nov 30, 2016
edited
Loading

Close since integrated in #8
@brettcannon, feel free to talk if I should have not closed this one :)

@lmazuel lmazuel closed this Nov 30, 2016
@brettcannon
Copy link
Copy Markdown
Member Author

brettcannon commented Nov 30, 2016

Nope, closing was the right thing to do.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

1 more reviewer

@lmazuel lmazuel lmazuel requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

@annatisch annatisch

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@brettcannon @annatisch @lmazuel