Streamlit Authentication library based on MSAL.JS
Project description
OpenID Connect (OIDC) authentication component for Streamlit
About
This Streamlit component enables client-side authentication using Azure AD work and school accounts (AAD), Microsoft personal accounts (MSA) and social identity providers like Facebook, Google, LinkedIn, Microsoft accounts, etc. through Azure AD B2C service. The component is achieving this by applying the Microsoft MSAL JS Library inside of a React project. Since the component is based on MSAL, it can be configured to support any provider that supports the OpenID Connect Authorization Code Flow (PKCE). For more information on MSAL, consult the Github project and its offical documentation.
Usage
Below is a sample Python snippet displaying how to apply the component. Visually, the component gives rise to a single button
in the Streamlit Dashboard with a text that depends on whether an active login session exists. The auth and cache
parameters are entirely equivalent to the properties mentioned in the Github documentation.
The login_request and logout_request parameters are covered here.
import streamlit as st
from msal_streamlit_authentication import msal_authentication
login_token = msal_authentication(
auth={
"clientId": "aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeee",
"authority": "https://login.microsoftonline.com/aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeee",
"redirectUri": "/",
"postLogoutRedirectUri": "/"
}, # Corresponds to the 'auth' configuration for an MSAL Instance
cache={
"cacheLocation": "sessionStorage",
"storeAuthStateInCookie": False
}, # Corresponds to the 'cache' configuration for an MSAL Instance
login_request={
"scopes": ["aaaaaaa-bbbb-cccc-dddd-eeeeeeeeeee/.default"]
}, # Optional
logout_request={}, # Optional
login_button_text="Login", # Optional, defaults to "Login"
logout_button_text="Logout", # Optional, defaults to "Logout"
class_name="css_button_class_selector", # Optional, defaults to None. Corresponds to HTML class.
html_id="html_id_for_button", # Optional, defaults to None. Corresponds to HTML id.
key=1 # Optional if only a single instance is needed
)
st.write("Recevied login token:", login_token)
A minimal sample project using the library can be found here. Note that it is Dockerized.
The component currently expects for the user to go through a popup based login flow.
Further flows may be supported at a later time. As discussed here,
the protocolMode parameter in auth can be used to configure OIDC providers that differ from Azure AD.
Inspiration
Inspired by official Streamlit template, this tutorial (Github) and the official Streamlit NPM component-lib.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file msal_streamlit_authentication-1.1.0.tar.gz.
File metadata
- Download URL: msal_streamlit_authentication-1.1.0.tar.gz
- Upload date:
- Size: 158.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 018594c8eb7bad3df7f6dbc7b5cc1518c99f2da4796a5ae2097fd78301680cdd |
|
| MD5 | a7f20dfda7820af0ed17c62cbb1e2b36 |
|
| BLAKE2b-256 | 9929d6faf62389a039ad6111b8cfd7100864fe27a5275bfae7114819c85db3c3 |
File details
Details for the file msal_streamlit_authentication-1.1.0-py3-none-any.whl.
File metadata
- Download URL: msal_streamlit_authentication-1.1.0-py3-none-any.whl
- Upload date:
- Size: 158.5 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 111d0df8a47e83ca94b5345166104760edadc4b1884541203bd854c5bcd5487c |
|
| MD5 | 2776424068f55298f9b32c5ec7442122 |
|
| BLAKE2b-256 | 73373952a91cbc434aa3cb71ae097e373d46f6a738b1c8aa0e1320a756c15679 |
