Closed mgd722 closed 4 months ago
daenney
commented
1 year ago Hiya! Thanks for the PR, I think the change looks good. Two small follow-up things to do before we merge this:
mgd722
commented
1 year ago Sounds good, those are things I can do, but as a heads up: due to work deadlines and PTO it will likely take until mid/late July.
emer-bestseller
commented
6 months ago Are there any updates on this PR? I am facing the same issue, and this seems like the "proper" fix
singingwolfboy
commented
6 months ago Are there any updates on this PR? I am facing the same issue, and this seems like the "proper" fix
It looks like the author of this PR has not had time to do the necessary work. If this is important to you, you could open a new PR that includes these changes, and the extra work required to get them merged.
mgd722
commented
4 months ago Looks like https://github.com/singingwolfboy/flask-dance/pull/428/ saw this through better than me, and is merged into prod. Closing.
Similarly to the Google behavior (outlined in #143 and #161), Azure will not send a refresh token unless you include the
offline_accessscope. I modeled my changes aftercontrib/google.pyto stay consistent, and this update only sets theauto_refresh_urlif you passoffline=Trueto the blueprint.Closes #232 and #286 with a built-in solution instead of a login redirect.
Important note:
For some reason, oauthlib raises a full-blown exception for a scope mismatch instead of just a warning. Azure removes the
offline_accessscope, so using automatic refreshes you will always get an error like this:The kludgy workaround is to suppress the warning by setting the following environment variable: