Skip to main content

Python requests session for microsoft with support for oauth2, adal and msal

Project description

Python Requests for OAuth2 + MSAL / ADAL

About

This project provides a simple Requests compatible session that you can use to authenticate with Microsoft using he following:

  • Azure Active Directory Authentication Library (ADAL)
  • Microsoft Authentication Library(MSAL).

The package is available on PyPi and the code is available on github.

How to use

1. Install the package

# Use pip to install the package
python3 -m pip install --upgrade requests_ms_auth

2. Import the class:

# Import the session class into your code
from requests_ms_auth import MsRequestsSession:

3. Prepare credentials

# Prepare your credentials in a dict (or load it from yaml/json etc).
auth_config = {

    # The Azure resource ID  [required]
    resource: "12345678-1234-1234-1234-123456789abc",

    # The Azure tenant ID  [required]
    tenant: "12345678-1234-1234-1234-123456789abc",

    # The client ID  [required]
    client_id: "12345678-1234-1234-1234-123456789abc",

    # The client secret  [required]
    client_secret: "this is a very secret secret key",

    ## Optional arguments

    # Select ADAL over MSAL [optional]
    # NOTE: MSAL is default and preferred
    do_adal: False,

    # An endpoint that should return 200 when auth works [optional]
    verification_url: "https://your.service.example.com/your/api/verify_endpoint",

    # A json element name that should be in the top level of response body for verification_url [optional]
    verification_element: "data",
}

4. Instanciate a session from the class and use it:

# Instanciate the class with authentication dict as parameters
session = MsRequestsSession(auth_config)

# Use the session as you would use any other Requests session
res = session.get( "https://your.service.example.com/your/api/useful_thingy")

5. Profit!

The session should automatically fetch a token on startup and when the last token expires. It will also verify itself in the constructor using the optional verification_url if specified, allowing you to terminate early on failure.

Implementation details

  • The library uses pip-compile with requirements.in to manage and pin requirements. Requirements for test are maintained in a separate test_rquirements.in.

  • The library uses a Makefile to manage building, packaging and uploading of versions, as well as many short-cuts for running tests, compiling requirements and more. To get a menu simply invoke it with out target like this:

# Invoke the makefile without targets to see a menu of available targets
make
  • The library is built and tested by github actions.

  • The package is prepared and uploaded to PyPi by github actions.

  • The library defaults to MSAL and can be told to use ADAL as an option.

  • To supply OAuth2 compatability the library depends on

Examples

NOTE: These examples are made for easy access to Equinor spesific systems, but should still illustrate general usage.

Description Example code
Python code to access Time Series API using session directly time_series_api_example.py
Python code to access Gordo using the Gordo Client gordo_example.py

6. Tests

To run tests - export following ENV variables (with previously replaced values):

export INTEGRATION_TENANT=tenent
export INTEGRATION_CLIENT_ID=id
export INTEGRATION_CLIENT_SECRET=secret
export INTEGRATION_RESOURCE=resourse
export INTEGRATION_AUTHORITY_HOST_URL=authority
export INTEGRATION_LIVE_VERIFICATION_URL=verification
export INTEGRATION_LIVE_VERIFICATION_ELEMENT=element

OR add env variables to Pycharn or other IDE (with previously added values):

INTEGRATION_TENANT=;INTEGRATION_CLIENT_ID=;INTEGRATION_CLIENT_SECRET=;INTEGRATION_RESOURCE=;INTEGRATION_AUTHORITY_HOST_URL=;INTEGRATION_LIVE_VERIFICATION_URL=;INTEGRATION_LIVE_VERIFICATION_ELEMENT=;

Then run:

make test

License

Please see LICENSE file for details. requests_ms_auth is licensed under GNU AFFERO GENERAL PUBLIC LICENSE and has G-Faps.

History

This project grew from the needs of the latigo project.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for requests-ms-auth, version 0.2.0
Filename, size File type Python version Upload date Hashes
Filename, size requests_ms_auth-0.2.0.tar.gz (29.7 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page