msal-extensions


Namemsal-extensions JSON
Version 1.2.0 PyPI version JSON
download
home_pageNone
SummaryMicrosoft Authentication Library extensions (MSAL EX) provides a persistence API that can save your data on disk, encrypted on Windows, macOS and Linux. Concurrent data access will be coordinated by a file lock mechanism.
upload_time2024-06-23 02:15:37
maintainerNone
docs_urlNone
authorNone
requires_python>=3.7
licenseMIT License
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            
# Microsoft Authentication Extensions for Python

The Microsoft Authentication Extensions for Python offers secure mechanisms for client applications to perform cross-platform token cache serialization and persistence. It gives additional support to the [Microsoft Authentication Library for Python (MSAL)](https://github.com/AzureAD/microsoft-authentication-library-for-python).

MSAL Python supports an in-memory cache by default and provides the [SerializableTokenCache](https://msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache) to perform cache serialization. You can read more about this in the MSAL Python [documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-python-token-cache-serialization). Developers are required to implement their own cache persistance across multiple platforms and Microsoft Authentication Extensions makes this simpler.

The supported platforms are Windows, Mac and Linux.
- Windows - [DPAPI](https://docs.microsoft.com/en-us/dotnet/standard/security/how-to-use-data-protection) is used for encryption.
- MAC - The MAC KeyChain is used.
- Linux - [LibSecret](https://wiki.gnome.org/Projects/Libsecret) is used for encryption.

> Note: It is recommended to use this library for cache persistance support for Public client applications such as Desktop apps only. In web applications, this may lead to scale and performance issues. Web applications are recommended to persist the cache in session. Take a look at this [webapp sample](https://github.com/Azure-Samples/ms-identity-python-webapp).

## Installation

You can find Microsoft Authentication Extensions for Python on [Pypi](https://pypi.org/project/msal-extensions/).
1. If you haven't already, [install and/or upgrade the pip](https://pip.pypa.io/en/stable/installing/)
   of your Python environment to a recent version. We tested with pip 18.1.
2. Run `pip install msal-extensions`.

## Versions

This library follows [Semantic Versioning](http://semver.org/).

You can find the changes for each version under
[Releases](https://github.com/AzureAD/microsoft-authentication-extensions-for-python/releases).

## Usage

### Creating an encrypted token cache file to be used by MSAL

The Microsoft Authentication Extensions library provides the `PersistedTokenCache` which accepts a platform-dependent persistence instance. This token cache can then be used to instantiate the `PublicClientApplication` in MSAL Python.

The token cache includes a file lock, and auto-reload behavior under the hood.



Here is an example of this pattern for multiple platforms (taken from the complete [sample here](https://github.com/AzureAD/microsoft-authentication-extensions-for-python/blob/dev/sample/token_cache_sample.py)):

```python
def build_persistence(location, fallback_to_plaintext=False):
    """Build a suitable persistence instance based your current OS"""
    try:
        return build_encrypted_persistence(location)
    except:
        if not fallback_to_plaintext:
            raise
        logging.warning("Encryption unavailable. Opting in to plain text.")
        return FilePersistence(location)

persistence = build_persistence("token_cache.bin")
print("Type of persistence: {}".format(persistence.__class__.__name__))
print("Is this persistence encrypted?", persistence.is_encrypted)

cache = PersistedTokenCache(persistence)
```
Now you can use it in an MSAL application like this:
```python
app = msal.PublicClientApplication("my_client_id", token_cache=cache)
```

### Creating an encrypted persistence file to store your own data

Here is an example of this pattern for multiple platforms (taken from the complete [sample here](https://github.com/AzureAD/microsoft-authentication-extensions-for-python/blob/dev/sample/persistence_sample.py)):

```python
def build_persistence(location, fallback_to_plaintext=False):
    """Build a suitable persistence instance based your current OS"""
    try:
        return build_encrypted_persistence(location)
    except:  # pylint: disable=bare-except
        if not fallback_to_plaintext:
            raise
        logging.warning("Encryption unavailable. Opting in to plain text.")
        return FilePersistence(location)

persistence = build_persistence("storage.bin", fallback_to_plaintext=False)
print("Type of persistence: {}".format(persistence.__class__.__name__))
print("Is this persistence encrypted?", persistence.is_encrypted)

data = {  # It can be anything, here we demonstrate an arbitrary json object
    "foo": "hello world",
    "bar": "",
    "service_principle_1": "blah blah...",
    }

persistence.save(json.dumps(data))
assert json.loads(persistence.load()) == data
```

## Python version support policy

Python versions which are 6 months older than their
[end-of-life cycle defined by Python Software Foundation (PSF)](https://devguide.python.org/versions/#versions)
will not receive new feature updates from this library.


## Community Help and Support

We leverage Stack Overflow to work with the community on supporting Azure Active Directory and its SDKs, including this one!
We highly recommend you ask your questions on Stack Overflow (we're all on there!).
Also browse existing issues to see if someone has had your question before.

We recommend you use the "msal" tag so we can see it!
Here is the latest Q&A on Stack Overflow for MSAL:
[http://stackoverflow.com/questions/tagged/msal](http://stackoverflow.com/questions/tagged/msal)


## Contributing

All code is licensed under the MIT license and we triage actively on GitHub.

This project welcomes contributions and suggestions.  Most contributions require you to agree to a
Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide
a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions
provided by the bot. You will only need to do this once across all repos using our CLA.


## We value and adhere to the Microsoft Open Source Code of Conduct

This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.

            

Raw data

            {
    "_id": null,
    "home_page": null,
    "name": "msal-extensions",
    "maintainer": null,
    "docs_url": null,
    "requires_python": ">=3.7",
    "maintainer_email": null,
    "keywords": null,
    "author": null,
    "author_email": null,
    "download_url": "https://files.pythonhosted.org/packages/2d/38/ad49272d0a5af95f7a0cb64a79bbd75c9c187f3b789385a143d8d537a5eb/msal_extensions-1.2.0.tar.gz",
    "platform": null,
    "description": "\n# Microsoft Authentication Extensions for Python\n\nThe Microsoft Authentication Extensions for Python offers secure mechanisms for client applications to perform cross-platform token cache serialization and persistence. It gives additional support to the [Microsoft Authentication Library for Python (MSAL)](https://github.com/AzureAD/microsoft-authentication-library-for-python).\n\nMSAL Python supports an in-memory cache by default and provides the [SerializableTokenCache](https://msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache) to perform cache serialization. You can read more about this in the MSAL Python [documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-python-token-cache-serialization). Developers are required to implement their own cache persistance across multiple platforms and Microsoft Authentication Extensions makes this simpler.\n\nThe supported platforms are Windows, Mac and Linux.\n- Windows - [DPAPI](https://docs.microsoft.com/en-us/dotnet/standard/security/how-to-use-data-protection) is used for encryption.\n- MAC - The MAC KeyChain is used.\n- Linux - [LibSecret](https://wiki.gnome.org/Projects/Libsecret) is used for encryption.\n\n> Note: It is recommended to use this library for cache persistance support for Public client applications such as Desktop apps only. In web applications, this may lead to scale and performance issues. Web applications are recommended to persist the cache in session. Take a look at this [webapp sample](https://github.com/Azure-Samples/ms-identity-python-webapp).\n\n## Installation\n\nYou can find Microsoft Authentication Extensions for Python on [Pypi](https://pypi.org/project/msal-extensions/).\n1. If you haven't already, [install and/or upgrade the pip](https://pip.pypa.io/en/stable/installing/)\n   of your Python environment to a recent version. We tested with pip 18.1.\n2. Run `pip install msal-extensions`.\n\n## Versions\n\nThis library follows [Semantic Versioning](http://semver.org/).\n\nYou can find the changes for each version under\n[Releases](https://github.com/AzureAD/microsoft-authentication-extensions-for-python/releases).\n\n## Usage\n\n### Creating an encrypted token cache file to be used by MSAL\n\nThe Microsoft Authentication Extensions library provides the `PersistedTokenCache` which accepts a platform-dependent persistence instance. This token cache can then be used to instantiate the `PublicClientApplication` in MSAL Python.\n\nThe token cache includes a file lock, and auto-reload behavior under the hood.\n\n\n\nHere is an example of this pattern for multiple platforms (taken from the complete [sample here](https://github.com/AzureAD/microsoft-authentication-extensions-for-python/blob/dev/sample/token_cache_sample.py)):\n\n```python\ndef build_persistence(location, fallback_to_plaintext=False):\n    \"\"\"Build a suitable persistence instance based your current OS\"\"\"\n    try:\n        return build_encrypted_persistence(location)\n    except:\n        if not fallback_to_plaintext:\n            raise\n        logging.warning(\"Encryption unavailable. Opting in to plain text.\")\n        return FilePersistence(location)\n\npersistence = build_persistence(\"token_cache.bin\")\nprint(\"Type of persistence: {}\".format(persistence.__class__.__name__))\nprint(\"Is this persistence encrypted?\", persistence.is_encrypted)\n\ncache = PersistedTokenCache(persistence)\n```\nNow you can use it in an MSAL application like this:\n```python\napp = msal.PublicClientApplication(\"my_client_id\", token_cache=cache)\n```\n\n### Creating an encrypted persistence file to store your own data\n\nHere is an example of this pattern for multiple platforms (taken from the complete [sample here](https://github.com/AzureAD/microsoft-authentication-extensions-for-python/blob/dev/sample/persistence_sample.py)):\n\n```python\ndef build_persistence(location, fallback_to_plaintext=False):\n    \"\"\"Build a suitable persistence instance based your current OS\"\"\"\n    try:\n        return build_encrypted_persistence(location)\n    except:  # pylint: disable=bare-except\n        if not fallback_to_plaintext:\n            raise\n        logging.warning(\"Encryption unavailable. Opting in to plain text.\")\n        return FilePersistence(location)\n\npersistence = build_persistence(\"storage.bin\", fallback_to_plaintext=False)\nprint(\"Type of persistence: {}\".format(persistence.__class__.__name__))\nprint(\"Is this persistence encrypted?\", persistence.is_encrypted)\n\ndata = {  # It can be anything, here we demonstrate an arbitrary json object\n    \"foo\": \"hello world\",\n    \"bar\": \"\",\n    \"service_principle_1\": \"blah blah...\",\n    }\n\npersistence.save(json.dumps(data))\nassert json.loads(persistence.load()) == data\n```\n\n## Python version support policy\n\nPython versions which are 6 months older than their\n[end-of-life cycle defined by Python Software Foundation (PSF)](https://devguide.python.org/versions/#versions)\nwill not receive new feature updates from this library.\n\n\n## Community Help and Support\n\nWe leverage Stack Overflow to work with the community on supporting Azure Active Directory and its SDKs, including this one!\nWe highly recommend you ask your questions on Stack Overflow (we're all on there!).\nAlso browse existing issues to see if someone has had your question before.\n\nWe recommend you use the \"msal\" tag so we can see it!\nHere is the latest Q&A on Stack Overflow for MSAL:\n[http://stackoverflow.com/questions/tagged/msal](http://stackoverflow.com/questions/tagged/msal)\n\n\n## Contributing\n\nAll code is licensed under the MIT license and we triage actively on GitHub.\n\nThis project welcomes contributions and suggestions.  Most contributions require you to agree to a\nContributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us\nthe rights to use your contribution. For details, visit https://cla.microsoft.com.\n\nWhen you submit a pull request, a CLA-bot will automatically determine whether you need to provide\na CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions\nprovided by the bot. You will only need to do this once across all repos using our CLA.\n\n\n## We value and adhere to the Microsoft Open Source Code of Conduct\n\nThis project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.\n",
    "bugtrack_url": null,
    "license": "MIT License",
    "summary": "Microsoft Authentication Library extensions (MSAL EX) provides a persistence API that can save your data on disk, encrypted on Windows, macOS and Linux. Concurrent data access will be coordinated by a file lock mechanism.",
    "version": "1.2.0",
    "project_urls": {
        "Changelog": "https://github.com/AzureAD/microsoft-authentication-extensions-for-python/releases"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "2c69314d887a01599669fb330da14e5c6ff5f138609e322812a942a74ef9b765",
                "md5": "01ee67c81c8ad7819e68dbf5077e86b5",
                "sha256": "cf5ba83a2113fa6dc011a254a72f1c223c88d7dfad74cc30617c4679a417704d"
            },
            "downloads": -1,
            "filename": "msal_extensions-1.2.0-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "01ee67c81c8ad7819e68dbf5077e86b5",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.7",
            "size": 19254,
            "upload_time": "2024-06-23T02:15:36",
            "upload_time_iso_8601": "2024-06-23T02:15:36.584867Z",
            "url": "https://files.pythonhosted.org/packages/2c/69/314d887a01599669fb330da14e5c6ff5f138609e322812a942a74ef9b765/msal_extensions-1.2.0-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "2d38ad49272d0a5af95f7a0cb64a79bbd75c9c187f3b789385a143d8d537a5eb",
                "md5": "804a213b61da2077f4baa908e6a98b31",
                "sha256": "6f41b320bfd2933d631a215c91ca0dd3e67d84bd1a2f50ce917d5874ec646bef"
            },
            "downloads": -1,
            "filename": "msal_extensions-1.2.0.tar.gz",
            "has_sig": false,
            "md5_digest": "804a213b61da2077f4baa908e6a98b31",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.7",
            "size": 22391,
            "upload_time": "2024-06-23T02:15:37",
            "upload_time_iso_8601": "2024-06-23T02:15:37.702619Z",
            "url": "https://files.pythonhosted.org/packages/2d/38/ad49272d0a5af95f7a0cb64a79bbd75c9c187f3b789385a143d8d537a5eb/msal_extensions-1.2.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-06-23 02:15:37",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "AzureAD",
    "github_project": "microsoft-authentication-extensions-for-python",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "requirements": [],
    "tox": true,
    "lcname": "msal-extensions"
}
        
Elapsed time: 0.31464s