Open bgavrilMS opened 1 year ago
Blindly sending arbitrary query parameters into all discovery and token calls would risk a potential future conflict of same param "foo" being used by different HTTP requests but have different meaning. As an example, one http request may expect an api-version=1.0 and another expects an api-version=2.0, this can't be solved by one common query parameter.
Currently, MSAL Python covers all the known scenarios with dedicate support.
Consistency item with other MSALs - support extra query parameters. This is a map of key value strings which are applied to every HTTP call that MSAL makes, .e.g.
{"key1":"val1", "key2","val2"}
It is applied to every HTTP call (including discovery and /token calls) that MSAL makes, irrespective of it being GET or POST, by adding these parameters to the URL. The /authorize URI that MSAL computes must also have these params. Conficts are resolved by favoring extra query params.
When using a broker, the extra query parameters are passed on to the broker's property bag. See https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/blob/main/src/client/Microsoft.Identity.Client/Platforms/Features/RuntimeBroker/WamAdapters.cs#L188
Scenarios: