py2docfx 0.1.19.dev2175272__py3-none-any.whl → 0.1.19.dev2192444__py3-none-any.whl

py2docfx/__main__.py

@@ -106,8 +106,8 @@ async def main(argv) -> int:
     
     # create log folder and package log folder
     log_folder = os.path.join(PACKAGE_ROOT, LOG_FOLDER)
-    os.makedirs(log_folder)
-    os.makedirs(os.path.join(log_folder, "package_logs"))
+    os.makedirs(log_folder, exist_ok=True)
+    os.makedirs(os.path.join(log_folder, "package_logs"), exist_ok=True)
     
     py2docfxLogger.decide_global_log_level(verbose, show_warning)
     

py2docfx/convert_prepare/get_source.py

@@ -41,10 +41,11 @@ def update_package_info(executable: str, pkg: PackageInfo, source_folder: str):
 
             setattr(pkg, attr, attr_val)
     else:
-        folder = next(
-            f for f in all_files if path.isdir(f) and f.endswith(".dist-info")
-        )
-        if folder:
+        # Find .dist-info folders
+        dist_info_folders = [f for f in all_files if path.isdir(f) and f.endswith(".dist-info")]
+        
+        if dist_info_folders:
+            folder = dist_info_folders[0]  # Take the first one if multiple exist
             if path.exists(path.join(folder, "METADATA")):
                 with open(
                     path.join(folder, "METADATA"), "r", encoding="utf-8"
@@ -97,6 +98,9 @@ async def get_source(executable: str, pkg: PackageInfo, cnt: int, vststoken=None
             sys.path.insert(0, source_folder)
     elif pkg.install_type == PackageInfo.InstallType.PYPI:
         full_name = pkg.get_combined_name_version()
+        # Ensure the dist directory exists
+        os.makedirs(dist_dir, exist_ok=True)
+        
         await pip_utils.download(
             full_name,
             dist_dir,
@@ -104,25 +108,53 @@ async def get_source(executable: str, pkg: PackageInfo, cnt: int, vststoken=None
             prefer_source_distribution=pkg.prefer_source_distribution,
         )
         # unpack the downloaded wheel file.
-        downloaded_dist_file = path.join(dist_dir, os.listdir(dist_dir)[0])
+        dist_files = os.listdir(dist_dir)
+        if not dist_files:
+            msg = f"No files downloaded to {dist_dir} for package {pkg.name}"
+            py2docfx_logger.error(msg)
+            raise FileNotFoundError(f"No files found in {dist_dir}")
+            
+        downloaded_dist_file = path.join(dist_dir, dist_files[0])
         await pack.unpack_dist(pkg.name, downloaded_dist_file)
         os.remove(downloaded_dist_file)
+        dist_files = os.listdir(dist_dir)
+        if not dist_files:
+            msg = f"No files found in {dist_dir} after unpacking for package {pkg.name}"
+            py2docfx_logger.error(msg)
+            raise FileNotFoundError(f"No files found in {dist_dir} after unpacking")
+            
         source_folder = path.join(
             path.dirname(downloaded_dist_file),
-            os.listdir(dist_dir)[0]
+            dist_files[0]
         )
     elif pkg.install_type == PackageInfo.InstallType.DIST_FILE:
+        # Ensure the dist directory exists
+        os.makedirs(dist_dir, exist_ok=True)
+        
         await pip_utils.download(pkg.location, dist_dir, prefer_source_distribution=False)
         # unpack the downloaded dist file.
-        downloaded_dist_file = path.join(dist_dir, os.listdir(dist_dir)[0])
+        dist_files = os.listdir(dist_dir)
+        if not dist_files:
+            msg = f"No files downloaded to {dist_dir} for package {pkg.name}"
+            py2docfx_logger.error(msg)
+            raise FileNotFoundError(f"No files found in {dist_dir}")
+            
+        downloaded_dist_file = path.join(dist_dir, dist_files[0])
         await pack.unpack_dist(pkg.name, downloaded_dist_file)
         os.remove(downloaded_dist_file)
+        
+        # Check again after unpacking
+        dist_files = os.listdir(dist_dir)
+        if not dist_files:
+            msg = f"No files found in {dist_dir} after unpacking for package {pkg.name}"
+            py2docfx_logger.error(msg)
+            raise FileNotFoundError(f"No files found in {dist_dir} after unpacking")
         if downloaded_dist_file.endswith(".tar.gz"):
             downloaded_dist_file = downloaded_dist_file.rsplit(".", maxsplit=1)[
                 0]
         source_folder = path.join(
             path.dirname(downloaded_dist_file),
-            os.listdir(dist_dir)[0]
+            dist_files[0] if dist_files else ""
         )
     else:
         msg = f"Unknown install type: {pkg.install_type}"

py2docfx/convert_prepare/git.py

@@ -25,7 +25,7 @@ async def clone(repo_location, branch, folder, extra_token=None):
         raise ValueError(msg)
     else:
         # Remove http(s):// from url to record. Further avoid dup-clone.
-        pureURL = re.sub("^\s*https?://", "", repo_location)
+        pureURL = re.sub(r"^\s*https?://", "", repo_location)
 
         if pureURL not in repoMap:
             branch = convertBranch(repo_location, branch, extra_token)

py2docfx/docfx_yaml/logger.py

@@ -77,16 +77,18 @@ def counts_errors_warnings(log_file_path):
                 warning_count += 1
     return warning_count, error_count
 
-def get_warning_error_count():
-    main_log_file_path = os.path.join("logs", "log.txt")
-    warning_count, error_count = counts_errors_warnings(main_log_file_path)
-    
-    log_folder_path = os.path.join("logs", "package_logs")
-    for log_file in os.listdir(log_folder_path):
-        log_file_path = os.path.join(log_folder_path, log_file)
-        warnings, errors = counts_errors_warnings(log_file_path)
-        warning_count += warnings
-        error_count += errors
+def get_warning_error_count():
+    main_log_file_path = os.path.join("logs", "log.txt")
+    warning_count, error_count = counts_errors_warnings(main_log_file_path)
+    
+    log_folder_path = os.path.join("logs", "package_logs")
+    # Check if the directory exists before trying to list its contents
+    if os.path.exists(log_folder_path) and os.path.isdir(log_folder_path):
+        for log_file in os.listdir(log_folder_path):
+            log_file_path = os.path.join(log_folder_path, log_file)
+            warnings, errors = counts_errors_warnings(log_file_path)
+            warning_count += warnings
+            error_count += errors
     
     return warning_count, error_count
 
@@ -118,15 +120,17 @@ def print_out_log_by_log_level(log_list, log_level):
         if log['level'] >= log_level and log['message'] not in ['', '\n', '\r\n']:
             print(log['message'])
 
-def output_log_by_log_level():
-    log_level = get_log_level()
-    main_log_file_path = os.path.join("logs", "log.txt")
-    print_out_log_by_log_level(parse_log(main_log_file_path), log_level)
-    
-    package_logs_folder = os.path.join("logs", "package_logs")
-    for log_file in os.listdir(package_logs_folder):
-        log_file_path = os.path.join(package_logs_folder, log_file)
-        print_out_log_by_log_level(parse_log(log_file_path), log_level)
+def output_log_by_log_level():
+    log_level = get_log_level()
+    main_log_file_path = os.path.join("logs", "log.txt")
+    print_out_log_by_log_level(parse_log(main_log_file_path), log_level)
+    
+    package_logs_folder = os.path.join("logs", "package_logs")
+    # Check if the directory exists before trying to list its contents
+    if os.path.exists(package_logs_folder) and os.path.isdir(package_logs_folder):
+        for log_file in os.listdir(package_logs_folder):
+            log_file_path = os.path.join(package_logs_folder, log_file)
+            print_out_log_by_log_level(parse_log(log_file_path), log_level)
 
 async def run_async_subprocess(exe_path, cmd, logger, cwd=None):
     if cwd is None:

py2docfx/venv/basevenv/Lib/site-packages/certifi/__init__.py

@@ -1,4 +1,4 @@
 from .core import contents, where
 
 __all__ = ["contents", "where"]
-__version__ = "2025.07.14"
+__version__ = "2025.08.03"

py2docfx/venv/venv1/Lib/site-packages/certifi/__init__.py

@@ -1,4 +1,4 @@
 from .core import contents, where
 
 __all__ = ["contents", "where"]
-__version__ = "2025.07.14"
+__version__ = "2025.08.03"

py2docfx/venv/venv1/Lib/site-packages/msal/__main__.py

@@ -300,6 +300,8 @@ def _main():
         instance_discovery=instance_discovery,
         enable_broker_on_windows=enable_broker,
         enable_broker_on_mac=enable_broker,
+        enable_broker_on_linux=enable_broker,
+        enable_broker_on_wsl=enable_broker,
         enable_pii_log=enable_pii_log,
         token_cache=global_cache,
         ) if not is_cca else msal.ConfidentialClientApplication(

py2docfx/venv/venv1/Lib/site-packages/msal/application.py

@@ -21,7 +21,7 @@ from .region import _detect_region
 from .throttled_http_client import ThrottledHttpClient
 from .cloudshell import _is_running_in_cloud_shell
 from .sku import SKU, __version__
-
+from .oauth2cli.authcode import is_wsl
 
 
 logger = logging.getLogger(__name__)
@@ -164,6 +164,8 @@ def _preferred_browser():
             pass  # We may still proceed
     return None
 
+def _is_ssh_cert_or_pop_request(token_type, auth_scheme) -> bool:
+    return token_type == "ssh-cert" or token_type == "pop" or isinstance(auth_scheme, msal.auth_scheme.PopAuthScheme)
 
 class _ClientWithCcsRoutingInfo(Client):
 
@@ -208,6 +210,11 @@ def _msal_extension_check():
         pass  # The optional msal_extensions is not installed. Business as usual.
     except ValueError:
         logger.exception(f"msal_extensions version {v} not in major.minor.patch format")
+    except:
+        logger.exception(
+            "Unable to import msal_extensions during an optional check. "
+            "This exception can be safely ignored."
+            )
 
 
 class ClientApplication(object):
@@ -329,7 +336,7 @@ class ClientApplication(object):
                         "client_assertion": "...a JWT with claims aud, exp, iss, jti, nbf, and sub..."
                     }
 
-            .. admonition:: Supporting reading client cerficates from PFX files
+            .. admonition:: Supporting reading client certificates from PFX files
 
                 *Added in version 1.29.0*:
                 Feed in a dictionary containing the path to a PFX file::
@@ -488,10 +495,13 @@ class ClientApplication(object):
 
             If your app is a command-line app (CLI),
             you would want to persist your http_cache across different CLI runs.
+            The persisted file's format may change due to, but not limited to,
+            `unstable protocol <https://docs.python.org/3/library/pickle.html#data-stream-format>`_,
+            so your implementation shall tolerate unexpected loading errors.
             The following recipe shows a way to do so::
 
                 # Just add the following lines at the beginning of your CLI script
-                import sys, atexit, pickle
+                import sys, atexit, pickle, logging
                 http_cache_filename = sys.argv[0] + ".http_cache"
                 try:
                     with open(http_cache_filename, "rb") as f:
@@ -502,6 +512,9 @@ class ClientApplication(object):
                         AttributeError,  # Cache created by a different version of MSAL
                         ):
                     persisted_http_cache = {}  # Recover by starting afresh
+                except:  # Unexpected exceptions
+                    logging.exception("You may want to debug this")
+                    persisted_http_cache = {}  # Recover by starting afresh
                 atexit.register(lambda: pickle.dump(
                     # When exit, flush it back to the file.
                     # It may occasionally overwrite another process's concurrent write,
@@ -706,7 +719,7 @@ class ClientApplication(object):
 
     def is_pop_supported(self):
         """Returns True if this client supports Proof-of-Possession Access Token."""
-        return self._enable_broker
+        return self._enable_broker and sys.platform in ("win32", "darwin")
 
     def _decorate_scope(
             self, scopes,
@@ -1578,10 +1591,12 @@ The reserved list: {}""".format(list(scope_set), list(reserved_scope)))
                     raise ValueError("auth_scheme is not supported in Cloud Shell")
                 return self._acquire_token_by_cloud_shell(scopes, data=data)
 
+            is_ssh_cert_or_pop_request = _is_ssh_cert_or_pop_request(data.get("token_type"), auth_scheme)
+
             if self._enable_broker and account and account.get("account_source") in (
                 _GRANT_TYPE_BROKER,  # Broker successfully established this account previously.
                 None,  # Unknown data from older MSAL. Broker might still work.
-            ):
+            ) and (sys.platform in ("win32", "darwin") or not is_ssh_cert_or_pop_request):
                 from .broker import _acquire_token_silently
                 response = _acquire_token_silently(
                     "https://{}/{}".format(self.authority.instance, self.authority.tenant),
@@ -1828,7 +1843,7 @@ The reserved list: {}""".format(list(scope_set), list(reserved_scope)))
         """
         claims = _merge_claims_challenge_and_capabilities(
                 self._client_capabilities, claims_challenge)
-        if self._enable_broker:
+        if self._enable_broker and sys.platform in ("win32", "darwin"):
             from .broker import _signin_silently
             response = _signin_silently(
                 "https://{}/{}".format(self.authority.instance, self.authority.tenant),
@@ -1925,14 +1940,14 @@ class PublicClientApplication(ClientApplication):  # browser app or mobile app
         *,
         enable_broker_on_windows=None,
         enable_broker_on_mac=None,
+        enable_broker_on_linux=None,
+        enable_broker_on_wsl=None,
         **kwargs):
         """Same as :func:`ClientApplication.__init__`,
         except that ``client_credential`` parameter shall remain ``None``.
 
         .. note::
 
-            You may set enable_broker_on_windows and/or enable_broker_on_mac to True.
-
             **What is a broker, and why use it?**
 
             A broker is a component installed on your device.
@@ -1950,20 +1965,26 @@ class PublicClientApplication(ClientApplication):  # browser app or mobile app
             so that your broker-enabled apps (even a CLI)
             could automatically SSO from a previously established signed-in session.
 
-            **You shall only enable broker when your app:**
+            **How to opt in to use broker?**
 
-            1. is running on supported platforms,
-               and already registered their corresponding redirect_uri
+            1. You can set any combination of the following opt-in parameters to true:
 
-               * ``ms-appx-web://Microsoft.AAD.BrokerPlugin/your_client_id``
-                 if your app is expected to run on Windows 10+
-               * ``msauth.com.msauth.unsignedapp://auth``
-                 if your app is expected to run on Mac
+               +--------------------------+-----------------------------------+------------------------------------------------------------------------------------+
+               | Opt-in flag              | If app will run on                | App has registered this as a Desktop platform redirect URI in Azure Portal         |
+               +==========================+===================================+====================================================================================+
+               | enable_broker_on_windows | Windows 10+                       | ms-appx-web://Microsoft.AAD.BrokerPlugin/your_client_id                            |
+               +--------------------------+-----------------------------------+------------------------------------------------------------------------------------+
+               | enable_broker_on_wsl     | WSL                               | ms-appx-web://Microsoft.AAD.BrokerPlugin/your_client_id                            |
+               +--------------------------+-----------------------------------+------------------------------------------------------------------------------------+
+               | enable_broker_on_mac     | Mac with Company Portal installed | msauth.com.msauth.unsignedapp://auth                                               |
+               +--------------------------+-----------------------------------+------------------------------------------------------------------------------------+
+               | enable_broker_on_linux   | Linux with Intune installed       | ``https://login.microsoftonline.com/common/oauth2/nativeclient`` (MUST be enabled) |
+               +--------------------------+-----------------------------------+------------------------------------------------------------------------------------+
 
-            2. installed broker dependency,
-               e.g. ``pip install msal[broker]>=1.31,<2``.
+            2. Install broker dependency,
+               e.g. ``pip install msal[broker]>=1.33,<2``.
 
-            3. tested with ``acquire_token_interactive()`` and ``acquire_token_silent()``.
+            3. Test with ``acquire_token_interactive()`` and ``acquire_token_silent()``.
 
             **The fallback behaviors of MSAL Python's broker support**
 
@@ -1999,12 +2020,29 @@ class PublicClientApplication(ClientApplication):  # browser app or mobile app
             This parameter defaults to None, which means MSAL will not utilize a broker.
 
             New in MSAL Python 1.31.0.
+
+        :param boolean enable_broker_on_linux:
+            This setting is only effective if your app is running on Linux, including WSL.
+            This parameter defaults to None, which means MSAL will not utilize a broker.
+
+            New in MSAL Python 1.33.0.
+
+        :param boolean enable_broker_on_wsl:
+            This setting is only effective if your app is running on WSL.
+            This parameter defaults to None, which means MSAL will not utilize a broker.
+
+            New in MSAL Python 1.33.0.
         """
         if client_credential is not None:
             raise ValueError("Public Client should not possess credentials")
+
         self._enable_broker = bool(
             enable_broker_on_windows and sys.platform == "win32"
-            or enable_broker_on_mac and sys.platform == "darwin")
+            or enable_broker_on_mac and sys.platform == "darwin"
+            or enable_broker_on_linux and sys.platform == "linux"
+            or enable_broker_on_wsl and is_wsl()
+            )
+
         super(PublicClientApplication, self).__init__(
             client_id, client_credential=None, **kwargs)
 
@@ -2133,6 +2171,8 @@ class PublicClientApplication(ClientApplication):  # browser app or mobile app
             False
             ) and data.get("token_type") != "ssh-cert"  # Work around a known issue as of PyMsalRuntime 0.8
         self._validate_ssh_cert_input_data(data)
+        is_ssh_cert_or_pop_request = _is_ssh_cert_or_pop_request(data.get("token_type"), auth_scheme)
+
         if not on_before_launching_ui:
             on_before_launching_ui = lambda **kwargs: None
         if _is_running_in_cloud_shell() and prompt == "none":
@@ -2141,7 +2181,7 @@ class PublicClientApplication(ClientApplication):  # browser app or mobile app
             return self._acquire_token_by_cloud_shell(scopes, data=data)
         claims = _merge_claims_challenge_and_capabilities(
             self._client_capabilities, claims_challenge)
-        if self._enable_broker:
+        if self._enable_broker and (sys.platform in ("win32", "darwin") or not is_ssh_cert_or_pop_request):
             if parent_window_handle is None:
                 raise ValueError(
                     "parent_window_handle is required when you opted into using broker. "
@@ -2166,7 +2206,9 @@ class PublicClientApplication(ClientApplication):  # browser app or mobile app
                 )
             return self._process_broker_response(response, scopes, data)
 
-        if auth_scheme:
+        if isinstance(auth_scheme, msal.auth_scheme.PopAuthScheme) and sys.platform == "linux":
+            raise ValueError("POP is not supported on Linux")
+        elif auth_scheme:
             raise ValueError(self._AUTH_SCHEME_UNSUPPORTED)
         on_before_launching_ui(ui="browser")
         telemetry_context = self._build_telemetry_context(

py2docfx/venv/venv1/Lib/site-packages/msal/broker.py

@@ -27,6 +27,7 @@ except (ImportError, AttributeError):  # AttributeError happens when a prior pym
     min_ver = {
         "win32": "1.20",
         "darwin": "1.31",
+        "linux": "1.33",
     }.get(sys.platform)
     if min_ver:
         raise ImportError(
@@ -59,8 +60,10 @@ def _convert_error(error, client_id):
             or "AADSTS7000218" in context  # This "request body must contain ... client_secret" is just a symptom of current app has no WAM redirect_uri
             ):
         raise RedirectUriError(  # This would be seen by either the app developer or end user
-            "MsalRuntime needs the current app to register these redirect_uri "
-            "(1) ms-appx-web://Microsoft.AAD.BrokerPlugin/{} (2) {}".format(
+            """MsalRuntime needs the current app to register these redirect_uri
+(1) ms-appx-web://Microsoft.AAD.BrokerPlugin/{}
+(2) {}
+(3) https://login.microsoftonline.com/common/oauth2/nativeclient""".format(
             client_id, _redirect_uri_on_mac))
         # OTOH, AAD would emit other errors when other error handling branch was hit first,
         # so, the AADSTS50011/RedirectUriError is not guaranteed to happen.

py2docfx/venv/venv1/Lib/site-packages/msal/exceptions.py

@@ -27,12 +27,26 @@
 
 class MsalError(Exception):
     # Define the template in Unicode to accommodate possible Unicode variables
-    msg = u'An unspecified error'
+    msg = u'An unspecified error'  # Keeping for backward compatibility
 
-    def __init__(self, *args, **kwargs):
-        super(MsalError, self).__init__(self.msg.format(**kwargs), *args)
-        self.kwargs = kwargs
 
 class MsalServiceError(MsalError):
-    msg = u"{error}: {error_description}"
+    msg = u"{error}: {error_description}"  # Keeping for backward compatibility
+    def __init__(
+        self,
+        *args,
+        error: str, error_description: str,  # Historically required, keeping them for now
+            # 1. We can't simply remove them, or else it will be a breaking change
+            # 2. We may change them to optional without breaking anyone. However,
+            #    such a change will be a one-way change, because once being optional,
+            #    we will never be able to change them (back) to be required.
+            # 3. Since they were required and already exist anyway,
+            #    now we just keep them required "for now",
+            #    just in case that we would use them again.
+            # There is no plan to do #1; and we keep option #2 open; we go with #3.
+        **kwargs,
+    ):
+        super().__init__(*args, **kwargs)
+        self._error = error
+        self._error_description = error_description
 

py2docfx/venv/venv1/Lib/site-packages/msal/managed_identity.py

@@ -2,6 +2,7 @@
 # All rights reserved.
 #
 # This code is licensed under the MIT License.
+import hashlib
 import json
 import logging
 import os
@@ -10,7 +11,7 @@ import sys
 import time
 from urllib.parse import urlparse  # Python 3+
 from collections import UserDict  # Python 3+
-from typing import Optional, Union  # Needed in Python 3.7 & 3.8
+from typing import List, Optional, Union  # Needed in Python 3.7 & 3.8
 from .token_cache import TokenCache
 from .individual_cache import _IndividualCache as IndividualCache
 from .throttled_http_client import ThrottledHttpClientBase, RetryAfterParser
@@ -162,6 +163,7 @@ class ManagedIdentityClient(object):
         http_client,
         token_cache=None,
         http_cache=None,
+        client_capabilities: Optional[List[str]] = None,
     ):
         """Create a managed identity client.
 
@@ -192,6 +194,17 @@ class ManagedIdentityClient(object):
             Optional. It has the same characteristics as the
             :paramref:`msal.ClientApplication.http_cache`.
 
+        :param list[str] client_capabilities: (optional)
+            Allows configuration of one or more client capabilities, e.g. ["CP1"].
+
+            Client capability is meant to inform the Microsoft identity platform
+            (STS) what this client is capable for,
+            so STS can decide to turn on certain features.
+
+            Implementation details:
+            Client capability in Managed Identity is relayed as-is
+            via ``xms_cc`` parameter on the wire.
+
         Recipe 1: Hard code a managed identity for your app::
 
             import msal, requests
@@ -237,6 +250,7 @@ class ManagedIdentityClient(object):
             http_cache=http_cache,
         )
         self._token_cache = token_cache or TokenCache()
+        self._client_capabilities = client_capabilities
 
     def _get_instance(self):
         if self.__instance is None:
@@ -265,8 +279,7 @@ class ManagedIdentityClient(object):
             and then a *claims challenge* will be returned by the target resource,
             as a `claims_challenge` directive in the `www-authenticate` header,
             even if the app developer did not opt in for the "CP1" client capability.
-            Upon receiving a `claims_challenge`, MSAL will skip a token cache read,
-            and will attempt to acquire a new token.
+            Upon receiving a `claims_challenge`, MSAL will attempt to acquire a new token.
 
         .. note::
 
@@ -277,12 +290,14 @@ class ManagedIdentityClient(object):
             This is a service-side behavior that cannot be changed by this library.
             `Azure VM docs <https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http>`_
         """
+        access_token_to_refresh = None  # This could become a public parameter in the future
         access_token_from_cache = None
         client_id_in_cache = self._managed_identity.get(
             ManagedIdentity.ID, "SYSTEM_ASSIGNED_MANAGED_IDENTITY")
         now = time.time()
-        if not claims_challenge:  # Then attempt token cache search
-            matches = self._token_cache.find(
+        if True:  # Attempt cache search even if receiving claims_challenge,
+                  # because we want to locate the existing token (if any) and refresh it
+            matches = self._token_cache.search(
                 self._token_cache.CredentialType.ACCESS_TOKEN,
                 target=[resource],
                 query=dict(
@@ -296,6 +311,11 @@ class ManagedIdentityClient(object):
                 expires_in = int(entry["expires_on"]) - now
                 if expires_in < 5*60:  # Then consider it expired
                     continue  # Removal is not necessary, it will be overwritten
+                if claims_challenge and not access_token_to_refresh:
+                    # Since caller did not pinpoint the token causing claims challenge,
+                    # we have to assume it is the first token we found in cache.
+                    access_token_to_refresh = entry["secret"]
+                    break
                 logger.debug("Cache hit an AT")
                 access_token_from_cache = {  # Mimic a real response
                     "access_token": entry["secret"],
@@ -309,7 +329,13 @@ class ManagedIdentityClient(object):
                         break  # With a fallback in hand, we break here to go refresh
                 return access_token_from_cache  # It is still good as new
         try:
-            result = _obtain_token(self._http_client, self._managed_identity, resource)
+            result = _obtain_token(
+                self._http_client, self._managed_identity, resource,
+                access_token_sha256_to_refresh=hashlib.sha256(
+                    access_token_to_refresh.encode("utf-8")).hexdigest()
+                    if access_token_to_refresh else None,
+                client_capabilities=self._client_capabilities,
+            )
             if "access_token" in result:
                 expires_in = result.get("expires_in", 3600)
                 if "refresh_in" not in result and expires_in >= 7200:
@@ -384,8 +410,12 @@ def get_managed_identity_source():
     return DEFAULT_TO_VM
 
 
-def _obtain_token(http_client, managed_identity, resource):
-    # A unified low-level API that talks to different Managed Identity
+def _obtain_token(
+    http_client, managed_identity, resource,
+    *,
+    access_token_sha256_to_refresh: Optional[str] = None,
+    client_capabilities: Optional[List[str]] = None,
+):
     if ("IDENTITY_ENDPOINT" in os.environ and "IDENTITY_HEADER" in os.environ
             and "IDENTITY_SERVER_THUMBPRINT" in os.environ
     ):
@@ -401,6 +431,8 @@ def _obtain_token(http_client, managed_identity, resource):
             os.environ["IDENTITY_HEADER"],
             os.environ["IDENTITY_SERVER_THUMBPRINT"],
             resource,
+            access_token_sha256_to_refresh=access_token_sha256_to_refresh,
+            client_capabilities=client_capabilities,
         )
     if "IDENTITY_ENDPOINT" in os.environ and "IDENTITY_HEADER" in os.environ:
         return _obtain_token_on_app_service(
@@ -552,6 +584,9 @@ def _obtain_token_on_machine_learning(
 
 def _obtain_token_on_service_fabric(
     http_client, endpoint, identity_header, server_thumbprint, resource,
+    *,
+    access_token_sha256_to_refresh: str = None,
+    client_capabilities: Optional[List[str]] = None,
 ):
     """Obtains token for
     `Service Fabric <https://learn.microsoft.com/en-us/azure/service-fabric/>`_
@@ -562,7 +597,12 @@ def _obtain_token_on_service_fabric(
     logger.debug("Obtaining token via managed identity on Azure Service Fabric")
     resp = http_client.get(
         endpoint,
-        params={"api-version": "2019-07-01-preview", "resource": resource},
+        params={k: v for k, v in {
+            "api-version": "2019-07-01-preview",
+            "resource": resource,
+            "token_sha256_to_refresh": access_token_sha256_to_refresh,
+            "xms_cc": ",".join(client_capabilities) if client_capabilities else None,
+            }.items() if v is not None},
         headers={"Secret": identity_header},
         )
     try:
@@ -583,7 +623,7 @@ def _obtain_token_on_service_fabric(
             "ArgumentNullOrEmpty": "invalid_scope",
             }
         return {
-            "error": error_mapping.get(payload["error"]["code"], "invalid_request"),
+            "error": error_mapping.get(error.get("code"), "invalid_request"),
             "error_description": resp.text,
             }
     except json.decoder.JSONDecodeError:

py2docfx/venv/venv1/Lib/site-packages/msal/sku.py

@@ -2,5 +2,5 @@
 """
 
 # The __init__.py will import this. Not the other way around.
-__version__ = "1.32.3"
+__version__ = "1.33.0"
 SKU = "MSAL.Python"

py2docfx/venv/venv1/Lib/site-packages/msal/throttled_http_client.py

@@ -66,7 +66,10 @@ class NormalizedResponse(Response):
     # self.raise_for_status = raw_response.raise_for_status
     def raise_for_status(self):
         if self.status_code >= 400:
-            raise MsalServiceError("HTTP Error: {}".format(self.status_code))
+            raise MsalServiceError(
+                "HTTP Error: {}".format(self.status_code),
+                error=None, error_description=None,  #  Historically required, keeping them for now
+            )
 
 
 class ThrottledHttpClientBase(object):

{py2docfx-0.1.19.dev2175272.dist-info → py2docfx-0.1.19.dev2192444.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: py2docfx
-Version: 0.1.19.dev2175272
+Version: 0.1.19.dev2192444
 Summary: A package built based on Sphinx which download source code package and generate yaml files supported by docfx.
 Author: Microsoft Corporation
 License: MIT License

{py2docfx-0.1.19.dev2175272.dist-info → py2docfx-0.1.19.dev2192444.dist-info}/RECORD

@@ -1,13 +1,13 @@
 py2docfx/__init__.py,sha256=kPRhPGPC1JknDotkksG428c1iIgfFr_4_7Jm-llrowY,72
-py2docfx/__main__.py,sha256=DWLEx3XbEmDbGrwe1QWm5dBW_a8FJdzp_7uQeXaEgN0,5928
+py2docfx/__main__.py,sha256=NDKRx5RhLJP6Z6zFEdGZJje69jxPaGeHLU_2e5GYUO4,5958
 py2docfx/convert_prepare/__init__.py,sha256=XxtxrP0kmW3ZBHIAoxsPDEHzcgeC0WSnole8Lk6CjKs,11
 py2docfx/convert_prepare/arg_parser.py,sha256=Wa1iK8a0Gb3QqaS4X7nUPGvh-7mWhuBS9IVbmnjC770,7606
 py2docfx/convert_prepare/constants.py,sha256=RC5DqNkqWvx4hb91FrajZ1R9dBFLxcPyoEJ43jdm36E,102
 py2docfx/convert_prepare/environment.py,sha256=CF8g2hnpwFXsTfvp1O8lwYpR848iCK8bDM2UAWqibEQ,7286
 py2docfx/convert_prepare/generate_conf.py,sha256=wqs6iyElzJarH-20_qEL9zvZvt5xfBMsGXSXPSZy6wg,2295
 py2docfx/convert_prepare/generate_document.py,sha256=iTOCMBwkfvZEj5dlEGUq4qynUodaYxJuIrG9R5eGk38,2949
-py2docfx/convert_prepare/get_source.py,sha256=p7ktERW-OtA02O1RnikKb8EYmuUVKrqAlznOA-IvCDw,5441
-py2docfx/convert_prepare/git.py,sha256=Qb6uexUo3KKwp2Hq9Q27gMU4Z2P8ZBk7JcSmxBfFCBY,6491
+py2docfx/convert_prepare/get_source.py,sha256=I_-QXXFFraMruDf13xlkwGAs5hDuv-wAjW3w-ylOw2Q,6930
+py2docfx/convert_prepare/git.py,sha256=Cq76ooxejKlVJiJWWbBhbLZ_JvxqN2ka12L8jkl80b4,6492
 py2docfx/convert_prepare/install_package.py,sha256=aJxQBwLRPTIKpdtLVl-SaXPaF_OX_H1ZtWmcKD8Zzuk,274
 py2docfx/convert_prepare/pack.py,sha256=Jjj9ps8ESoKUFmSk6VgNmxOwMhuwirnQ-rhqigH-4VY,1578
 py2docfx/convert_prepare/package_info.py,sha256=-zrMNeAkHxxzLRjBl1kRehUJy_ugc16yns-xdcAHQIQ,7711
@@ -65,7 +65,7 @@ py2docfx/docfx_yaml/convert_enum.py,sha256=HX6qdjDbdbBblx-TH41JXBLIJY3wzL3if-qnL
 py2docfx/docfx_yaml/convert_module.py,sha256=GptO1MRwaQ2Qbu724F0kCDDQQTZe7mWOtrOp3Rzgl-I,2259
 py2docfx/docfx_yaml/convert_package.py,sha256=Ep7PmvoLInDvY6OU5dveR6iVwyzGRkW3q6lX7yGJ0JE,2109
 py2docfx/docfx_yaml/directives.py,sha256=zVVuNM_6AU9G6sbqL1UAyHHgPe7bkBWbthXI-PO5ez0,879
-py2docfx/docfx_yaml/logger.py,sha256=gz416vqSqmsD91qLOCLAzomczlCfWqGXFJFRzLlVbJE,6503
+py2docfx/docfx_yaml/logger.py,sha256=V09O17R0YFvLFKKc5-aSXWO4iFufQzpgaxMa6EzNqHM,6817
 py2docfx/docfx_yaml/miss_reference.py,sha256=NHoQtas0kvFsJXaR4fsk7kHjwV4aJobrr_Q30HaUc_I,2450
 py2docfx/docfx_yaml/nodes.py,sha256=tBDi35jLJArlobl07DKOkmH2qz7dudXLp_kTUfR_r2w,412
 py2docfx/docfx_yaml/parameter_utils.py,sha256=04wQCtbS-G2hWM5UGkL22s10LZLUbqbh3RM9rWGOToI,10897
@@ -166,7 +166,7 @@ py2docfx/venv/basevenv/Lib/site-packages/babel/messages/mofile.py,sha256=Qf0X-vI
 py2docfx/venv/basevenv/Lib/site-packages/babel/messages/plurals.py,sha256=jsEnofU5b4PZKIloX0MjchYSxD3r1RRZ_GfEVRuETWQ,7495
 py2docfx/venv/basevenv/Lib/site-packages/babel/messages/pofile.py,sha256=lMllxTXYRBa3m8wVsxXsJsayjCOePKYYZtFSZU5DVF4,25955
 py2docfx/venv/basevenv/Lib/site-packages/babel/messages/setuptools_frontend.py,sha256=m1l9NHuawj1pSncZeC82cUJfdwxib_C7JSUb_2EhbUM,3485
-py2docfx/venv/basevenv/Lib/site-packages/certifi/__init__.py,sha256=dvNDUdAXp-hzoYcf09PXzLmHIlPfypaBQPFp5esDXyo,94
+py2docfx/venv/basevenv/Lib/site-packages/certifi/__init__.py,sha256=0a5ro4KTYep37Oo0Z8TycCPXaDlOEtvuj2pNWZ_1t8Y,94
 py2docfx/venv/basevenv/Lib/site-packages/certifi/__main__.py,sha256=xBBoj905TUWBLRGANOcf7oi6e-3dMP4cEoG9OyMs11g,243
 py2docfx/venv/basevenv/Lib/site-packages/certifi/core.py,sha256=XFXycndG5pf37ayeF8N32HUuDafsyhkVMbO4BAPWHa0,3394
 py2docfx/venv/basevenv/Lib/site-packages/certifi/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -2081,7 +2081,7 @@ py2docfx/venv/venv1/Lib/site-packages/cachetools/__init__.py,sha256=cutUU6fB1bIM
 py2docfx/venv/venv1/Lib/site-packages/cachetools/_decorators.py,sha256=4_u0GL89t2BOLGwnK8CueiFtyHKK2zydoHj9aqnsMM4,3832
 py2docfx/venv/venv1/Lib/site-packages/cachetools/func.py,sha256=aOVfSkuNWMRADpkHZGK7LeJ_VZ8wljzbRwIAliOuhAg,3719
 py2docfx/venv/venv1/Lib/site-packages/cachetools/keys.py,sha256=AOgfoi-oioBOnEEk115_9qs0HKISrYnbcV4F0hyZ1yk,1777
-py2docfx/venv/venv1/Lib/site-packages/certifi/__init__.py,sha256=dvNDUdAXp-hzoYcf09PXzLmHIlPfypaBQPFp5esDXyo,94
+py2docfx/venv/venv1/Lib/site-packages/certifi/__init__.py,sha256=0a5ro4KTYep37Oo0Z8TycCPXaDlOEtvuj2pNWZ_1t8Y,94
 py2docfx/venv/venv1/Lib/site-packages/certifi/__main__.py,sha256=xBBoj905TUWBLRGANOcf7oi6e-3dMP4cEoG9OyMs11g,243
 py2docfx/venv/venv1/Lib/site-packages/certifi/core.py,sha256=XFXycndG5pf37ayeF8N32HUuDafsyhkVMbO4BAPWHa0,3394
 py2docfx/venv/venv1/Lib/site-packages/certifi/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -2553,20 +2553,20 @@ py2docfx/venv/venv1/Lib/site-packages/jwt/types.py,sha256=VnhGv_VFu5a7_mrPoSCB7H
 py2docfx/venv/venv1/Lib/site-packages/jwt/utils.py,sha256=hxOjvDBheBYhz-RIPiEz7Q88dSUSTMzEdKE_Ww2VdJw,3640
 py2docfx/venv/venv1/Lib/site-packages/jwt/warnings.py,sha256=50XWOnyNsIaqzUJTk6XHNiIDykiL763GYA92MjTKmok,59
 py2docfx/venv/venv1/Lib/site-packages/msal/__init__.py,sha256=U8y4dCI4xqYgP0iQA19EQsm7ESUqitGR-xySLGX66EA,2089
-py2docfx/venv/venv1/Lib/site-packages/msal/__main__.py,sha256=-YBiU8k7_BdDr9BatP0xWQNsUj_ZEnZLLD8CMBAPBIg,16426
-py2docfx/venv/venv1/Lib/site-packages/msal/application.py,sha256=H7nh9zlX5jPRJ_2wLdfHfbl6cqNzRynHZJfUFST6vfI,126774
+py2docfx/venv/venv1/Lib/site-packages/msal/__main__.py,sha256=gk_iJRPMl-9Zq8qx-wylPHiT_h1suhIeR0ir1wR9160,16516
+py2docfx/venv/venv1/Lib/site-packages/msal/application.py,sha256=snKVtshd4wU5UVERSqB2uKuVRU272YoEoF5qsbok-CM,130378
 py2docfx/venv/venv1/Lib/site-packages/msal/auth_scheme.py,sha256=biI1W2ZEV2u5cQpsF1JK2ykLuyTCKaRZicgOa2kQqaA,1505
 py2docfx/venv/venv1/Lib/site-packages/msal/authority.py,sha256=gT86mPhoxmVQ0aU6hOyOcMnXGKpbxDWKhNRWcPgQXAc,11314
-py2docfx/venv/venv1/Lib/site-packages/msal/broker.py,sha256=0vdtCJNE8Km4gIslTGk4P520_tPJBs2NmtSwR_HzwwI,12877
+py2docfx/venv/venv1/Lib/site-packages/msal/broker.py,sha256=fdcLXhnWAizF3LrJVqJHsnavamTByeGczLjVaJDcXrM,12956
 py2docfx/venv/venv1/Lib/site-packages/msal/cloudshell.py,sha256=KXTRgX5zfRuNqRfVQs_buS8gU9N40sc2C5rBi79bnBk,5319
-py2docfx/venv/venv1/Lib/site-packages/msal/exceptions.py,sha256=JMpyFIblPqIsSp79zkAFBqN-kFPRFenHE3xlvM0LIKM,1702
+py2docfx/venv/venv1/Lib/site-packages/msal/exceptions.py,sha256=UqFHnCfSKXYZVlZEZDHvBCRe3-0b-YoGUS9PilsJcvY,2518
 py2docfx/venv/venv1/Lib/site-packages/msal/individual_cache.py,sha256=K2e72EP3eEoDvGQc9OWY1rvQxJmO4IOqcaG-F7cHuJk,13090
-py2docfx/venv/venv1/Lib/site-packages/msal/managed_identity.py,sha256=UOLOIp_BTc15yKCnXGx6HUVz1f-6aIFK6vlQRgpTqS0,30307
+py2docfx/venv/venv1/Lib/site-packages/msal/managed_identity.py,sha256=F_Q_MCrO7tx2kQBRJA1UVN9oTmr2XYShExPNRwDzlZk,32212
 py2docfx/venv/venv1/Lib/site-packages/msal/mex.py,sha256=_oub-3zNJUpt1KTRt_XUMxEMTOjHhLZQjzb_VLFHVHc,6455
 py2docfx/venv/venv1/Lib/site-packages/msal/region.py,sha256=N7Z43sbwjnQfoUQC6TBR8xy3v1oY_rI8hH0-AfiXa8g,1738
-py2docfx/venv/venv1/Lib/site-packages/msal/sku.py,sha256=QB4T4aueGD3mzQxhqrHlD2qaGIune6vLImkzUAKxEdE,183
+py2docfx/venv/venv1/Lib/site-packages/msal/sku.py,sha256=aPQf6TUIo37-jimfXpnetT7rrJ8vjmyJbbcBefjDQR8,183
 py2docfx/venv/venv1/Lib/site-packages/msal/telemetry.py,sha256=ePllJwgA14s-n70prBndAoyiQAMYy1aVam6VXexU0Ac,3192
-py2docfx/venv/venv1/Lib/site-packages/msal/throttled_http_client.py,sha256=fZzy7UtFhDV9hJvQavUEGgV_wJqcKXOz1HQHgjPYzMQ,8892
+py2docfx/venv/venv1/Lib/site-packages/msal/throttled_http_client.py,sha256=No8Z2zGQhyxBMFi_mum1S1sCyB7_IaN258JM0vHAhIA,9023
 py2docfx/venv/venv1/Lib/site-packages/msal/token_cache.py,sha256=C7wT4_VXQ3dDYxVIEv-Dm_m0Xo2ZJFXWkH21XnUVLcU,20713
 py2docfx/venv/venv1/Lib/site-packages/msal/wstrust_request.py,sha256=2S5eKxmK8fklnirBGewtdhkcA7O8JvE1KhJ8-c9k4yw,6098
 py2docfx/venv/venv1/Lib/site-packages/msal/wstrust_response.py,sha256=QfmdjMEf1vED8vGmtIMWI1UvspUHtFJ8ACjMfecje2g,4599
@@ -3913,7 +3913,7 @@ py2docfx/venv/venv1/Lib/site-packages/wheel/_commands/convert.py,sha256=0wSJMU0m
 py2docfx/venv/venv1/Lib/site-packages/wheel/_commands/pack.py,sha256=o3iwjfRHl7N9ul-M2kHbewLJZnqBLAWf0tzUCwoiTMw,3078
 py2docfx/venv/venv1/Lib/site-packages/wheel/_commands/tags.py,sha256=Rv2ySVb8-qX3osKp3uJgxcIMXkjt43XUD0-zvC6KvnY,4775
 py2docfx/venv/venv1/Lib/site-packages/wheel/_commands/unpack.py,sha256=Y_J7ynxPSoFFTT7H0fMgbBlVErwyDGcObgme5MBuz58,1021
-py2docfx-0.1.19.dev2175272.dist-info/METADATA,sha256=zuREflD-XzP7oy4SQ5UB-Wt6UqacXrdzo1Jw7LvfCww,548
-py2docfx-0.1.19.dev2175272.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-py2docfx-0.1.19.dev2175272.dist-info/top_level.txt,sha256=5dH2uP81dczt_qQJ38wiZ-gzoVWasfiJALWRSjdbnYU,9
-py2docfx-0.1.19.dev2175272.dist-info/RECORD,,
+py2docfx-0.1.19.dev2192444.dist-info/METADATA,sha256=MCJHbQ0eJXL1aKxUwM6tcI_20MWWar1J5QUqgG5_Hzo,548
+py2docfx-0.1.19.dev2192444.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+py2docfx-0.1.19.dev2192444.dist-info/top_level.txt,sha256=5dH2uP81dczt_qQJ38wiZ-gzoVWasfiJALWRSjdbnYU,9
+py2docfx-0.1.19.dev2192444.dist-info/RECORD,,