aiohttp-msal 1.0.1__py3-none-any.whl → 1.0.3__py3-none-any.whl

aiohttp_msal/msal_async.py

@@ -8,9 +8,10 @@ Once you have the OAuth tokens store in the session, you are free to make reques
 import asyncio
 import json
 from collections.abc import Callable
-from functools import cached_property, partial, partialmethod, wraps
+from functools import cached_property, partialmethod
 from typing import Any, ClassVar, Literal, Unpack
 
+import attrs
 from aiohttp import web
 from aiohttp.client import (
     ClientResponse,
@@ -33,32 +34,10 @@ HTTP_DELETE = "delete"
 HTTP_ALLOWED = [HTTP_GET, HTTP_POST, HTTP_PUT, HTTP_PATCH, HTTP_DELETE]
 
 DEFAULT_SCOPES = ["User.Read", "User.Read.All"]
-
-
-def async_wrap(func: Callable) -> Callable:
-    """Wrap a function doing I/O to run in an executor thread."""
-
-    @wraps(func)
-    async def run(
-        *args: Any,
-        loop: asyncio.AbstractEventLoop | None = None,
-        executor: Any = None,
-        **kwargs: dict[str, Any],
-    ) -> Callable:
-        if loop is None:
-            loop = asyncio.get_event_loop()
-        pfunc = partial(func, *args, **kwargs)
-        return await loop.run_in_executor(executor, pfunc)
-
-    return run
-
-
-# These keys will be used on the aiohttp session
-TOKEN_CACHE = "token_cache"
 FLOW_CACHE = "flow_cache"
-USER_EMAIL = "mail"
 
 
+@attrs.define()
 class AsyncMSAL:
     """AsycMSAL class.
 
@@ -70,53 +49,48 @@ class AsyncMSAL:
     Use until such time as MSAL Python gets a true async version.
     """
 
+    session: Session | dict[str, Any]
+    save_callback: Callable[[Session | dict[str, Any]], None] | None = None
+    """Called if the token cache changes. Optional.
+    Not required when the session parameter is an aiohttp_session.Session.
+    """
+    app_kwargs: dict[str, Any] | None = None
+    """ConfidentialClientApplication kwargs."""
     client_session: ClassVar[ClientSession | None] = None
 
-    def __init__(
-        self,
-        session: Session | dict[str, Any],
-        save_callback: Callable[[Session | dict[str, Any]], None] | None = None,
-    ):
-        """Init the class.
+    token_cache_key: str = "token_cache"
+    user_email_key: str = "mail"
 
-        **save_callback** will be called if the token cache changes. Optional.
-          Not required when the session parameter is an aiohttp_session.Session.
-        """
-        self.session = session
-        self.save_callback = save_callback
-        if not isinstance(session, Session | dict):
-            raise ValueError(f"session or dict-like object required {session}")
+    @cached_property
+    def app(self) -> ConfidentialClientApplication:
+        """Get the app."""
+        kwargs = {
+            "client_id": ENV.SP_APP_ID,
+            "client_credential": ENV.SP_APP_PW,
+            "authority": ENV.SP_AUTHORITY,
+            "validate_authority": False,
+            "token_cache": self.token_cache,
+        }
+        if self.app_kwargs:
+            kwargs.update(self.app_kwargs)
+        return ConfidentialClientApplication(**kwargs)
 
     @cached_property
     def token_cache(self) -> SerializableTokenCache:
         """Get the token_cache."""
         res = SerializableTokenCache()
-        if self.session and self.session.get(TOKEN_CACHE):
-            res.deserialize(self.session[TOKEN_CACHE])
+        if tc := self.session.get(self.token_cache_key):
+            res.deserialize(tc)
         return res
 
-    @cached_property
-    def app(self) -> ConfidentialClientApplication:
-        """Create the application using the cache.
-
-        Based on: https://github.com/Azure-Samples/ms-identity-python-webapp/blob/master/app.py#L76
-        """
-        return ConfidentialClientApplication(
-            client_id=ENV.SP_APP_ID,
-            client_credential=ENV.SP_APP_PW,
-            authority=ENV.SP_AUTHORITY,  # common/oauth2/v2.0/token'
-            validate_authority=False,
-            token_cache=self.token_cache,
-        )
-
     def save_token_cache(self) -> None:
         """Save the token cache if it changed."""
         if self.token_cache.has_state_changed:
-            self.session[TOKEN_CACHE] = self.token_cache.serialize()
+            self.session[self.token_cache_key] = self.token_cache.serialize()
             if self.save_callback:
                 self.save_callback(self.session)
 
-    def build_auth_code_flow(
+    def initiate_auth_code_flow(
         self,
         redirect_uri: str,
         scopes: list[str] | None = None,
@@ -124,8 +98,8 @@ class AsyncMSAL:
         **kwargs: Any,
     ) -> str:
         """First step - Start the flow."""
-        self.session[TOKEN_CACHE] = None
-        self.session[USER_EMAIL] = None
+        self.session.pop(self.token_cache_key, None)
+        self.session.pop(self.user_email_key, None)
         self.session[FLOW_CACHE] = res = self.app.initiate_auth_code_flow(
             scopes or DEFAULT_SCOPES,
             redirect_uri=redirect_uri,
@@ -138,19 +112,23 @@ class AsyncMSAL:
         # https://msal-python.readthedocs.io/en/latest/#msal.ClientApplication.initiate_auth_code_flow
         return str(res["auth_uri"])
 
-    def acquire_token_by_auth_code_flow(self, auth_response: Any) -> None:
+    def acquire_token_by_auth_code_flow(
+        self, auth_response: Any, scopes: list[str] | None = None
+    ) -> None:
         """Second step - Acquire token."""
         # Assume we have it in the cache (added by /login)
         # will raise keryerror if no cache
         auth_code_flow = self.session.pop(FLOW_CACHE)
-        result = self.app.acquire_token_by_auth_code_flow(auth_code_flow, auth_response)
+        result = self.app.acquire_token_by_auth_code_flow(
+            auth_code_flow, auth_response, scopes=scopes
+        )
         if "error" in result:
             raise web.HTTPBadRequest(text=str(result["error"]))
         if "id_token_claims" not in result:
             raise web.HTTPBadRequest(text=f"Expected id_token_claims in {result}")
         self.save_token_cache()
         if tok := result.get("id_token_claims"):
-            self.session[USER_EMAIL] = tok.get("preferred_username")
+            self.session[self.user_email_key] = tok.get("preferred_username")
 
     async def async_acquire_token_by_auth_code_flow(self, auth_response: Any) -> None:
         """Second step - Acquire token, async version."""
@@ -222,7 +200,7 @@ class AsyncMSAL:
     @property
     def mail(self) -> str:
         """User email."""
-        return self.session.get(USER_EMAIL, "")
+        return self.session.get(self.user_email_key, "")
 
     @property
     def manager_mail(self) -> str:
@@ -242,4 +220,4 @@ class AsyncMSAL:
     @property
     def authenticated(self) -> bool:
         """If the user is logged in."""
-        return bool(self.session.get("mail"))
+        return bool(self.session.get(self.user_email_key))

aiohttp_msal/routes.py

@@ -44,7 +44,7 @@ async def user_login(request: web.Request) -> web.Response:
     session[SESSION_REDIRECT] = urljoin(_to, request.match_info.get("to", ""))
 
     msredirect = get_route(request, URI_USER_AUTHORIZED.lstrip("/"))
-    redir = AsyncMSAL(session).build_auth_code_flow(redirect_uri=msredirect)
+    redir = AsyncMSAL(session).initiate_auth_code_flow(redirect_uri=msredirect)
     return web.HTTPFound(redir)
 
 

aiohttp_msal/settings.py

@@ -9,8 +9,6 @@ from aiohttp_msal.settings_base import VAR_REQ, VAR_REQ_HIDE, SettingsBase
 
 if TYPE_CHECKING:
     from redis.asyncio import Redis
-else:
-    Redis = None
 
 
 @attrs.define
@@ -28,7 +26,7 @@ class MSALSettings(SettingsBase):
     "https://login.microsoftonline.com/common"  # For multi-tenant app
     "https://login.microsoftonline.com/Tenant_Name_or_UUID_Here"."""
 
-    DOMAIN: str = "mydomain.com"
+    DOMAIN: str = attrs.field(metadata=VAR_REQ, default="")
     """Your domain. Used by routes & Redis functions."""
 
     COOKIE_NAME: str = "AIOHTTP_SESSION"
@@ -41,7 +39,7 @@ class MSALSettings(SettingsBase):
 
     REDIS: str = "redis://redis1:6379"
     """OPTIONAL: Redis database connection used by app_init_redis_session()."""
-    database: Redis = None  # type: ignore[assignment]
+    database: "Redis" = attrs.field(init=False)
     """Store the Redis connection when using app_init_redis_session()."""
 
 

aiohttp_msal/settings_base.py

@@ -14,11 +14,6 @@ VAR_REQ = {KEY_REQ: True}
 VAR_HIDE = {KEY_HIDE: True}
 
 
-def _is_hidden(atr: attrs.Attribute) -> bool:
-    """Is this field hidden."""
-    return bool(atr.metadata.get(KEY_HIDE))
-
-
 @attrs.define
 class SettingsBase:
     """Retrieve Settings from environment variables.

aiohttp_msal/user_info.py

@@ -1,34 +1,7 @@
 """Graph User Info."""
 
-import asyncio
-from collections.abc import Awaitable, Callable
-from functools import wraps
-from typing import ParamSpec, TypeVar
-
 from aiohttp_msal.msal_async import AsyncMSAL
-
-_T = TypeVar("_T")
-_P = ParamSpec("_P")
-
-
-def retry(func: Callable[_P, Awaitable[_T]]) -> Callable[_P, Awaitable[_T]]:
-    """Retry if tenacity is installed."""
-
-    @wraps(func)
-    async def _retry(*args: _P.args, **kwargs: _P.kwargs) -> _T:
-        """Retry the request."""
-        retries = [2, 4, 8]
-        while True:
-            try:
-                res = await func(*args, **kwargs)
-                return res
-            except Exception as err:
-                if retries:
-                    await asyncio.sleep(retries.pop())
-                else:
-                    raise err
-
-    return _retry
+from aiohttp_msal.utils import retry
 
 
 @retry

aiohttp_msal/utils.py

@@ -0,0 +1,51 @@
+"""Graph User Info."""
+
+import asyncio
+from collections.abc import Awaitable, Callable
+from functools import wraps
+from typing import ParamSpec, TypeVar, Any
+from functools import partial
+
+
+T = TypeVar("T")
+P = ParamSpec("P")
+
+
+def async_wrap(
+    func: Callable[..., T],
+) -> Callable[..., Awaitable[T]]:
+    """Wrap a function doing I/O to run in an executor thread."""
+
+    @wraps(func)
+    async def run(
+        loop: asyncio.AbstractEventLoop | None = None,
+        executor: Any = None,
+        *args: Any,
+        **kwargs: Any,
+    ) -> T:
+        if loop is None:
+            loop = asyncio.get_event_loop()
+        pfunc = partial(func, *args, **kwargs)
+        return await loop.run_in_executor(executor, pfunc)
+
+    return run
+
+
+def retry(func: Callable[P, Awaitable[T]]) -> Callable[P, Awaitable[T]]:
+    """Retry if tenacity is installed."""
+
+    @wraps(func)
+    async def _retry(*args: P.args, **kwargs: P.kwargs) -> T:
+        """Retry the request."""
+        retries = [2, 4, 8]
+        while True:
+            try:
+                res = await func(*args, **kwargs)
+                return res
+            except Exception as err:
+                if retries:
+                    await asyncio.sleep(retries.pop())
+                else:
+                    raise err
+
+    return _retry

{aiohttp_msal-1.0.1.dist-info → aiohttp_msal-1.0.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: aiohttp-msal
-Version: 1.0.1
+Version: 1.0.3
 Summary: Helper Library to use the Microsoft Authentication Library (MSAL) with aiohttp
 Keywords: aiohttp,asyncio,msal,oauth
 Author: Johann Kellerman

aiohttp_msal-1.0.3.dist-info/RECORD

@@ -0,0 +1,11 @@
+aiohttp_msal/__init__.py,sha256=hnyifyJykI7NMvM93KrHIsTlrrfCVUrpKdbRKL6Gubw,4027
+aiohttp_msal/msal_async.py,sha256=urQvaMTi0mJnCboCsj8A9F9VpWcjPOYaechpZ5XrnbY,8153
+aiohttp_msal/redis_tools.py,sha256=6kCw0_zDQcvIcsJaPfG-zHUvT3vzkrNySNTV5y1tckE,6539
+aiohttp_msal/routes.py,sha256=WyLBuoPMkkG6Cx4gFUu_ER71FyJbeXKhOQRQu5ALG2M,8138
+aiohttp_msal/settings.py,sha256=sArlq9vBDMsikLf9sTRw-UXE2_QRK_G-kzmtHvZcbwA,1559
+aiohttp_msal/settings_base.py,sha256=WBI7HS780i9zKWUy1ZnztDbRsfoDMVr3K-otHZOhNCc,3026
+aiohttp_msal/user_info.py,sha256=lxjFxjm16rvC-0LS81y7SG5pCOa5Zl0s62uxi97yu_k,1171
+aiohttp_msal/utils.py,sha256=SgGpE1eFdVh48FaKvtbnQqJKTReXa9OPBKiYGY7SYq8,1303
+aiohttp_msal-1.0.3.dist-info/WHEEL,sha256=4n27za1eEkOnA7dNjN6C5-O2rUiw6iapszm14Uj-Qmk,79
+aiohttp_msal-1.0.3.dist-info/METADATA,sha256=raujaCawOODO6HYM79crhTECU28f_IjlkzIPmR8ck48,4514
+aiohttp_msal-1.0.3.dist-info/RECORD,,

aiohttp_msal-1.0.1.dist-info/RECORD

@@ -1,10 +0,0 @@
-aiohttp_msal/__init__.py,sha256=hnyifyJykI7NMvM93KrHIsTlrrfCVUrpKdbRKL6Gubw,4027
-aiohttp_msal/msal_async.py,sha256=p0OkF48ZDmCAUYN4qjn3UdMyH1oS4iBQSB5Z_C3yIBU,8816
-aiohttp_msal/redis_tools.py,sha256=6kCw0_zDQcvIcsJaPfG-zHUvT3vzkrNySNTV5y1tckE,6539
-aiohttp_msal/routes.py,sha256=8wU2jU9qSlqH5fq9kvkBZHAgrxQdmB-DvtQC-WlXbh0,8135
-aiohttp_msal/settings.py,sha256=ttbqGb2X1r7DsLvKb1AlDDKBYZWjIwHLHI-Sa-8K-lI,1562
-aiohttp_msal/settings_base.py,sha256=tRbjgphR1tvHCrFCcfOUhoFAyUnq_XnJBVO4NNiPdNg,3150
-aiohttp_msal/user_info.py,sha256=tO-vA_kxPseHseWxNlhGc_NlDfgJGdf1OMCaGmvDf8Q,1875
-aiohttp_msal-1.0.1.dist-info/WHEEL,sha256=4n27za1eEkOnA7dNjN6C5-O2rUiw6iapszm14Uj-Qmk,79
-aiohttp_msal-1.0.1.dist-info/METADATA,sha256=NJEzFuQyWHai3QcqvyTfeAWWfjq98nucwoYFt3qIOvc,4514
-aiohttp_msal-1.0.1.dist-info/RECORD,,