aiohttp-msal


Nameaiohttp-msal JSON
Version 1.0.4 PyPI version JSON
download
home_pageNone
SummaryHelper Library to use the Microsoft Authentication Library (MSAL) with aiohttp
upload_time2025-08-28 08:42:11
maintainerNone
docs_urlNone
authorJohann Kellerman
requires_python>=3.11
licenseMIT
keywords aiohttp asyncio msal oauth
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # Async based MSAL helper for aiohttp - aiohttp_msal Python library

Authorization Code Flow Helper. Learn more about auth-code-flow at
<https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow>

Async based OAuth using the Microsoft Authentication Library (MSAL) for Python.

Blocking MSAL functions are executed in the executor thread.
Should be useful until such time as MSAL Python gets a true async version.

Tested with MSAL Python 1.21.0 onward - [MSAL Python docs](https://github.com/AzureAD/microsoft-authentication-library-for-python)

## AsycMSAL class

The AsyncMSAL class wraps the behavior in the following example app
<https://github.com/Azure-Samples/ms-identity-python-webapp/blob/master/app.py#L76>

It is responsible to manage tokens & token refreshes and as a client to retrieve data using these tokens.

### Acquire the token

Firstly you should get the tokens via OAuth

1. `initiate_auth_code_flow` [referernce](https://msal-python.readthedocs.io/en/latest/#msal.PublicClientApplication.initiate_auth_code_flow)

    The caller is expected to:
    1. somehow store this content, typically inside the current session of the server,
    2. guide the end user (i.e. resource owner) to visit that auth_uri, typically with a redirect
    3. and then relay this dict and subsequent auth response to
        acquire_token_by_auth_code_flow().

    **Step 1** and part of **Step 3** is stored by this class in the aiohttp_session

2. `acquire_token_by_auth_code_flow` [referernce](https://msal-python.readthedocs.io/en/latest/#msal.PublicClientApplication.initiate_auth_code_flow)

### Use the token

Now you are free to make requests (typically from an aiohttp server)

```python
session = await get_session(request)
aiomsal = AsyncMSAL(session)
async with aiomsal.get("https://graph.microsoft.com/v1.0/me") as res:
    res = await res.json()
```

## Example web server

Complete routes can be found in [routes.py](./aiohttp_msal/routes.py)

### Start the login process

```python
@ROUTES.get("/user/login")
async def user_login(request: web.Request) -> web.Response:
    """Redirect to MS login page."""
    session = await new_session(request)

    redir = AsyncMSAL(session).build_auth_code_flow(
        redirect_uri=get_route(request, URI_USER_AUTHORIZED)
    )

    return web.HTTPFound(redir)
```

### Acquire the token after being redirected back to the server

```python
@ROUTES.post(URI_USER_AUTHORIZED)
async def user_authorized(request: web.Request) -> web.Response:
    """Complete the auth code flow."""
    session = await get_session(request)
    auth_response = dict(await request.post())

    aiomsal = AsyncMSAL(session)
    await aiomsal.async_acquire_token_by_auth_code_flow(auth_response)
```

## Helper methods

- `@ROUTES.get("/user/photo")`

  Serve the user's photo from their Microsoft profile

- `get_user_info`

  Get the user's email and display name from MS Graph

- `get_manager_info`

  Get the user's manager info from MS Graph

## Redis tools to retrieve session tokens

```python
from aiohttp_msal import ENV, AsyncMSAL
from aiohttp_msal.redis_tools import get_session

def main()
    # Uses the redis.asyncio driver to retrieve the current token
    # Will update the token_cache if a RefreshToken was used
    ses = asyncio.run(get_session(MYEMAIL))
    client = GraphClient(ses.get_token)
    # ...
    # use the Graphclient
```

## Development

```bash
uv sync --all-extras
uv tool install ruff
uv tool install codespell
uv tool install pyproject-fmt
```

            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "aiohttp-msal",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.11",
    "maintainer_email": null,
    "keywords": "aiohttp, asyncio, msal, oauth",
    "author": "Johann Kellerman",
    "author_email": "Johann Kellerman <kellerza@gmail.com>",
    "download_url": "https://files.pythonhosted.org/packages/bd/45/57909b32d9039d20f3a41eedf9e7626ac6b168da29a08fe32d1c1a328734/aiohttp_msal-1.0.4.tar.gz",
    "platform": null,
    "description": "# Async based MSAL helper for aiohttp - aiohttp_msal Python library\n\nAuthorization Code Flow Helper. Learn more about auth-code-flow at\n<https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-auth-code-flow>\n\nAsync based OAuth using the Microsoft Authentication Library (MSAL) for Python.\n\nBlocking MSAL functions are executed in the executor thread.\nShould be useful until such time as MSAL Python gets a true async version.\n\nTested with MSAL Python 1.21.0 onward - [MSAL Python docs](https://github.com/AzureAD/microsoft-authentication-library-for-python)\n\n## AsycMSAL class\n\nThe AsyncMSAL class wraps the behavior in the following example app\n<https://github.com/Azure-Samples/ms-identity-python-webapp/blob/master/app.py#L76>\n\nIt is responsible to manage tokens & token refreshes and as a client to retrieve data using these tokens.\n\n### Acquire the token\n\nFirstly you should get the tokens via OAuth\n\n1. `initiate_auth_code_flow` [referernce](https://msal-python.readthedocs.io/en/latest/#msal.PublicClientApplication.initiate_auth_code_flow)\n\n    The caller is expected to:\n    1. somehow store this content, typically inside the current session of the server,\n    2. guide the end user (i.e. resource owner) to visit that auth_uri, typically with a redirect\n    3. and then relay this dict and subsequent auth response to\n        acquire_token_by_auth_code_flow().\n\n    **Step 1** and part of **Step 3** is stored by this class in the aiohttp_session\n\n2. `acquire_token_by_auth_code_flow` [referernce](https://msal-python.readthedocs.io/en/latest/#msal.PublicClientApplication.initiate_auth_code_flow)\n\n### Use the token\n\nNow you are free to make requests (typically from an aiohttp server)\n\n```python\nsession = await get_session(request)\naiomsal = AsyncMSAL(session)\nasync with aiomsal.get(\"https://graph.microsoft.com/v1.0/me\") as res:\n    res = await res.json()\n```\n\n## Example web server\n\nComplete routes can be found in [routes.py](./aiohttp_msal/routes.py)\n\n### Start the login process\n\n```python\n@ROUTES.get(\"/user/login\")\nasync def user_login(request: web.Request) -> web.Response:\n    \"\"\"Redirect to MS login page.\"\"\"\n    session = await new_session(request)\n\n    redir = AsyncMSAL(session).build_auth_code_flow(\n        redirect_uri=get_route(request, URI_USER_AUTHORIZED)\n    )\n\n    return web.HTTPFound(redir)\n```\n\n### Acquire the token after being redirected back to the server\n\n```python\n@ROUTES.post(URI_USER_AUTHORIZED)\nasync def user_authorized(request: web.Request) -> web.Response:\n    \"\"\"Complete the auth code flow.\"\"\"\n    session = await get_session(request)\n    auth_response = dict(await request.post())\n\n    aiomsal = AsyncMSAL(session)\n    await aiomsal.async_acquire_token_by_auth_code_flow(auth_response)\n```\n\n## Helper methods\n\n- `@ROUTES.get(\"/user/photo\")`\n\n  Serve the user's photo from their Microsoft profile\n\n- `get_user_info`\n\n  Get the user's email and display name from MS Graph\n\n- `get_manager_info`\n\n  Get the user's manager info from MS Graph\n\n## Redis tools to retrieve session tokens\n\n```python\nfrom aiohttp_msal import ENV, AsyncMSAL\nfrom aiohttp_msal.redis_tools import get_session\n\ndef main()\n    # Uses the redis.asyncio driver to retrieve the current token\n    # Will update the token_cache if a RefreshToken was used\n    ses = asyncio.run(get_session(MYEMAIL))\n    client = GraphClient(ses.get_token)\n    # ...\n    # use the Graphclient\n```\n\n## Development\n\n```bash\nuv sync --all-extras\nuv tool install ruff\nuv tool install codespell\nuv tool install pyproject-fmt\n```\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Helper Library to use the Microsoft Authentication Library (MSAL) with aiohttp",
    "version": "1.0.4",
    "project_urls": {
        "Homepage": "https://github.com/kellerza/aiohttp_msal"
    },
    "split_keywords": [
        "aiohttp",
        " asyncio",
        " msal",
        " oauth"
    ],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "e7b8fe3a7c5005c57de1e5a15a92903e60fdeceb0ea6ec4849660e6233684224",
                "md5": "fd1a5aa341db272237e0699090594c04",
                "sha256": "923b1aeb66539bb3fa3171fce6d1ab046f2fcd69526a06056de59b51ad83ab8b"
            },
            "downloads": -1,
            "filename": "aiohttp_msal-1.0.4-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "fd1a5aa341db272237e0699090594c04",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.11",
            "size": 16670,
            "upload_time": "2025-08-28T08:42:10",
            "upload_time_iso_8601": "2025-08-28T08:42:10.047547Z",
            "url": "https://files.pythonhosted.org/packages/e7/b8/fe3a7c5005c57de1e5a15a92903e60fdeceb0ea6ec4849660e6233684224/aiohttp_msal-1.0.4-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "bd4557909b32d9039d20f3a41eedf9e7626ac6b168da29a08fe32d1c1a328734",
                "md5": "5bf94591632d32fda1579fc0c53d7b8b",
                "sha256": "8f3086629d9881415caa12736a005c4f5ad443210235c9ed3be0ec4213797ff6"
            },
            "downloads": -1,
            "filename": "aiohttp_msal-1.0.4.tar.gz",
            "has_sig": false,
            "md5_digest": "5bf94591632d32fda1579fc0c53d7b8b",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.11",
            "size": 13575,
            "upload_time": "2025-08-28T08:42:11",
            "upload_time_iso_8601": "2025-08-28T08:42:11.176613Z",
            "url": "https://files.pythonhosted.org/packages/bd/45/57909b32d9039d20f3a41eedf9e7626ac6b168da29a08fe32d1c1a328734/aiohttp_msal-1.0.4.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-08-28 08:42:11",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "kellerza",
    "github_project": "aiohttp_msal",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "aiohttp-msal"
}
        
Elapsed time: 1.04336s