Azure AD Workload Identity uses Kubernetes primitives to associate managed identities for Azure resources and identities in Azure Active Directory (AAD) with pods.
New feature: Supports Managed Identity for Azure VM, App Service (including Azure Functions, Azure Automation), Service Fabric, Azure Machine Learning, Arc, etc.. Comes with a sample, its configuration via ENV VAR, and its API documentation. (#58, #480, #634, #674)
New feature: Support reading ConfidentialClientApplication's cert from a pfx file (#684, #699)
New feature: TokenCache class has a new search() method which will return a generator of tokens. The old find() method still exists and returns a list, but MSAL 1.27+ will not call find() anymore. (#693, #644)
Change: Re-enable the username password flow to go through broker, if available. (#712)
Change: pip install msal[broker] will now pick up the latest PyMsalRuntime 0.16.x which contains a bugfix for being run as administrator. This release fixes #707.
MSAL Python 1.28.0
New feature: PublicClientApplication and ConfidentialClientApplication have a new oidc_authority parameter that can be used to specify authority of any generic OpenID Connect authority, typically the customized domain for CIAM. (#676, #678)
Dropping Python 2.7
MSAL Python 1.27.0
What's Changed
Release Notes:
New feature: remove_tokens_for_client() will remove tokens acquired by acquire_token_for_client() (#640, #650, #666)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the all group with 2 updates in the /examples/msal-python directory: azure-keyvault-secrets and msal.
Updates
azure-keyvault-secrets
from 4.7.0 to 4.8.0Commits
7561277
[Key Vault] Prepare for data-plane library releases (#34409)ef19493
[Key Vault] Handlecryptography
RSA keys without local key material (#34330)ddbe1ed
[Key Vault] Removex509_thumbprint_string
property (#34386)d7ed3e0
[Key Vault] Support 7.5 API version in Keys (#34233)f412402
[Key Vault] Support 7.5 API version in Administration (#34057)fa3b6d1
[Key Vault] Support 7.5 API version in Certificates (#34187)fc82782
[Key Vault] Support 7.5 API version in Secrets (#34230)d717767
NO_CI enable strict_sphinx where libraries are passing already9900995
[Key Vault] Prepare forstrict-sphinx
(#33969)0f9eb9c
[Key Vault] Remove direct uses ofasyncio.sleep
(#33819)Updates
msal
from 1.22.0 to 1.30.0Release notes
Sourced from msal's releases.
... (truncated)
Commits
3279f04
MSAL 1.30.03a4f44f
Expose refresh_on (if any) to fresh or cached response57dce47
Using SHA256 and PSS paddingf9f2e7f
Merge remote-tracking branch 'oauth2cli/dev' into sha256-pss2c335d2
Support SHA256 thumbprint788b400
Backport the lazy-loading of dependency8404254
Merge branch 'dev' into perf-retune3ceb1c8
Re-optimize the O(1) code pathbf44364
Support SNI via PFXc1fedad
Merge branch 'dev' into bugfix-token-cache-searchDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show