search

AzureAD / microsoft-authentication-library-for-python

Microsoft Authentication Library (MSAL) for Python makes it easy to authenticate to Microsoft Entra ID. General docs are available here https://learn.microsoft.com/entra/msal/python/ Stable APIs are documented here https://msal-python.readthedocs.io. Questions can be asked on www.stackoverflow.com with tag "msal" + "python".
https://stackoverflow.com/questions/tagged/azure-ad-msal+python
Other
756 stars 191 forks source link

how to get the access token for the b2c authentication #566

Closed venkataraja705 closed 10 months ago

venkataraja705 commented 1 year ago

Describe the bug A clear and concise description of what the bug is.

To Reproduce import sys # For simplicity, we'll read config file from 1st CLI param sys.argv[1] import json, logging, msal, requests

Optional logging

logging.basicConfig(level=logging.DEBUG) # Enable DEBUG log for entire script

logging.getLogger("msal").setLevel(logging.INFO) # Optionally disable MSAL DEBUG logs

def fun(): with open("parameters.json") as file_obj: js_data = json.load(file_obj)

print(js_data)
# config = json.load(open(sys.argv[1]))
config = js_data

# Create a preferably long-lived app instance which maintains a token cache.
app = msal.PublicClientApplication(
    config["client_id"], authority=config["authority"],
    #allow_broker=True,  # If opted in, you will be guided to meet the prerequisites, when applicable
                        # See also: https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-desktop-acquire-token-wam#wam-value-proposition
    # token_cache=...  # Default cache is in memory only.
                    # You can learn how to use SerializableTokenCache from
                    # https://msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache
    )

# The pattern to acquire a token looks like this.
result = None
print("start-------->")
# Firstly, check the cache to see if this end user has signed in before
accounts = app.get_accounts(username=config.get("username"))
if accounts:
    logging.info("Account(s) exists in cache, probably with token too. Let's try.")
    print("Account(s) already signed in:")
    for a in accounts:
        print(a["username"])
    chosen = accounts[0]  # Assuming the end user chose this one to proceed
    print("Proceed with account: %s" % chosen["username"])
    # Now let's try to find a token in cache for this account
    result = app.acquire_token_silent(config["scope"], account=chosen)
    print("got from cache")
    print(result)

if not result:
    logging.info("No suitable token exists in cache. Let's get a new one from AAD.")
    print("A local browser window will be open for you to sign in. CTRL+C to cancel.")
    result = app.acquire_token_interactive(  # Only works if your app is registered with redirect_uri as http://localhost
        config["scope"],
        login_hint=config.get("username"),
        )
print(result)

Expected behavior I need Access token from the above code but i was getting only toke id

What you see instead I was getting only toke id

rayluo commented 1 year ago

Looks like you pasted your Python script, but did not paste your parameters.json file. So, we cannot really reproduce your situation. We used our own parameters file and did not run into the same issue.

Besides, if this is not a bug report to this library, you can consider post your question on StackOverflow.com