Merge pull request #147 from AzureAD/release-0.6.0

Release 0.6.0

adal/__init__.py

@@ -27,7 +27,7 @@
 
 # pylint: disable=wrong-import-position
 
-__version__ = '0.5.1'
+__version__ = '0.6.0'
 
 import logging
 

adal/authentication_context.py

@@ -47,7 +47,7 @@ class AuthenticationContext(object):
 
     def __init__(
             self, authority, validate_authority=None, cache=None,
-            api_version='1.0', timeout=None, enable_pii=False):
+            api_version='1.0', timeout=None, enable_pii=False, verify_ssl=None, proxies=None):
         '''Creates a new AuthenticationContext object.
 
         By default the authority will be checked against a list of known Azure
@@ -75,11 +75,20 @@ def __init__(
             read timeout) <timeouts>` tuple.
         :param enable_pii: (optional) Unless this is set to True,
             there will be no Personally Identifiable Information (PII) written in log.
+        :param verify_ssl: (optional) requests verify. Either a boolean, in which case it 
+            controls whether we verify the server's TLS certificate, or a string, in which 
+            case it must be a path to a CA bundle to use. If this value is not provided, and 
+            ADAL_PYTHON_SSL_NO_VERIFY env varaible is set, behavior is equivalent to 
+            verify_ssl=False.
+        :param proxies: (optional) requests proxies. Dictionary mapping protocol to the URL 
+            of the proxy. See http://docs.python-requests.org/en/master/user/advanced/#proxies
+            for details.
         '''
         self.authority = Authority(authority, validate_authority is None or validate_authority)
         self._oauth2client = None
         self.correlation_id = None
-        env_value = os.environ.get('ADAL_PYTHON_SSL_NO_VERIFY')
+        env_verify = 'ADAL_PYTHON_SSL_NO_VERIFY' not in os.environ
+        verify = verify_ssl if verify_ssl is not None else env_verify
         if api_version is not None:
             warnings.warn(
                 """The default behavior of including api-version=1.0 on the wire
@@ -94,7 +103,8 @@ def __init__(
         self._call_context = {
             'options': GLOBAL_ADAL_OPTIONS,
             'api_version': api_version,
-            'verify_ssl': None if env_value is None else not env_value, # mainly for tracing through proxy
+            'verify_ssl': verify,
+            'proxies':proxies,
             'timeout':timeout,
             "enable_pii": enable_pii,
             }
@@ -110,9 +120,9 @@ def options(self):
     def options(self, val):
         self._call_context['options'] = val
 
-    def _acquire_token(self, token_func):
+    def _acquire_token(self, token_func, correlation_id=None):
         self._call_context['log_context'] = log.create_log_context(
-            self.correlation_id, self._call_context.get('enable_pii', False))
+            correlation_id or self.correlation_id, self._call_context.get('enable_pii', False))
         self.authority.validate(self._call_context)
         return token_func(self)
 
@@ -263,9 +273,6 @@ def acquire_token_with_device_code(self, resource, user_code_info, client_id):
         :returns: dict with several keys, include "accessToken" and
             "refreshToken".
         '''
-        self._call_context['log_context'] = log.create_log_context(
-            self.correlation_id, self._call_context.get('enable_pii', False))
-
         def token_func(self):
             token_request = TokenRequest(self._call_context, self, client_id, resource)
 
@@ -280,7 +287,7 @@ def token_func(self):
 
             return token
 
-        return self._acquire_token(token_func)
+        return self._acquire_token(token_func, user_code_info.get('correlation_id', None))
 
     def cancel_request_to_get_token_with_device_code(self, user_code_info):
         '''Cancels the polling request to get token with device code. 

adal/authority.py

@@ -115,7 +115,8 @@ def _perform_dynamic_instance_discovery(self):
 
         try:
             resp = requests.get(discovery_endpoint.geturl(), headers=get_options['headers'],
-                                verify=self._call_context.get('verify_ssl', None))
+                                verify=self._call_context.get('verify_ssl', None),
+                                proxies=self._call_context.get('proxies', None))
             util.log_return_correlation_id(self._log, operation, resp)
         except Exception:
             self._log.exception("%(operation)s request failed",

adal/code_request.py

@@ -32,7 +32,6 @@
 OAUTH2_PARAMETERS = constants.OAuth2.Parameters
 
 class CodeRequest(object):
-    """description of class"""
     def __init__(self, call_context, authentication_context, client_id, 
                  resource):
         self._log = log.Logger("CodeRequest", call_context['log_context'])

adal/mex.py

@@ -79,7 +79,8 @@ def discover(self):
         try:
             operation = "Mex Get"
             resp = requests.get(self._url, headers=options['headers'],
-                                verify=self._call_context.get('verify_ssl', None))
+                                verify=self._call_context.get('verify_ssl', None),
+                                proxies=self._call_context.get('proxies', None))
             util.log_return_correlation_id(self._log, operation, resp)
         except Exception:
             self._log.exception(

adal/oauth2_client.py

@@ -264,6 +264,7 @@ def get_token(self, oauth_parameters):
                                  data=url_encoded_token_request, 
                                  headers=post_options['headers'],
                                  verify=self._call_context.get('verify_ssl', None),
+                                 proxies=self._call_context.get('proxies', None),
                                  timeout=self._call_context.get('timeout', None))
 
             util.log_return_correlation_id(self._log, operation, resp)
@@ -298,14 +299,17 @@ def get_user_code_info(self, oauth_parameters):
                                  data=url_encoded_code_request, 
                                  headers=post_options['headers'],
                                  verify=self._call_context.get('verify_ssl', None),
+                                 proxies=self._call_context.get('proxies', None),
                                  timeout=self._call_context.get('timeout', None))
             util.log_return_correlation_id(self._log, operation, resp)
         except Exception:
             self._log.exception("%(operation)s request failed", {"operation": operation})
             raise
 
         if util.is_http_success(resp.status_code):
-            return self._handle_get_device_code_response(resp.text)
+            user_code_info = self._handle_get_device_code_response(resp.text)
+            user_code_info['correlation_id'] = resp.headers.get('client-request-id')
+            return user_code_info
         else:
             if resp.status_code == 429:
                 resp.raise_for_status()  # Will raise requests.exceptions.HTTPError
@@ -337,6 +341,7 @@ def get_token_with_polling(self, oauth_parameters, refresh_internal, expires_in)
             resp = requests.post(
                 token_url.geturl(), 
                 data=url_encoded_code_request, headers=post_options['headers'],
+                proxies=self._call_context.get('proxies', None),
                 verify=self._call_context.get('verify_ssl', None))
             if resp.status_code == 429:
                 resp.raise_for_status()  # Will raise requests.exceptions.HTTPError

adal/token_request.py

@@ -319,12 +319,19 @@ def get_token_with_client_credentials(self, client_secret):
     def get_token_with_authorization_code(self, authorization_code, client_secret):
 
         self._log.info("Getting token with auth code.")
-
+        try:
+            token = self._find_token_from_cache()
+            if token:
+                return token
+        except AdalError:
+            self._log.exception('Attempt to look for token in cache resulted in Error')
         oauth_parameters = self._create_oauth_parameters(OAUTH2_GRANT_TYPE.AUTHORIZATION_CODE)
         oauth_parameters[OAUTH2_PARAMETERS.CODE] = authorization_code
         oauth_parameters[OAUTH2_PARAMETERS.CLIENT_SECRET] = client_secret
 
-        return self._oauth_get_token(oauth_parameters)
+        token = self._oauth_get_token(oauth_parameters)
+        self._cache_driver.add(token)
+        return token
 
     def _get_token_with_refresh_token(self, refresh_token, resource, client_secret):
 

adal/user_realm.py

@@ -143,6 +143,7 @@ def discover(self):
 
         operation = 'User Realm Discovery'
         resp = requests.get(user_realm_url.geturl(), headers=options['headers'],
+                            proxies=self._call_context.get('proxies', None),
                             verify=self._call_context.get('verify_ssl', None))
         util.log_return_correlation_id(self._log, operation, resp)
 

adal/wstrust_request.py

@@ -147,6 +147,7 @@ def acquire_token(self, username, password):
         resp = requests.post(self._wstrust_endpoint_url, headers=options['headers'], data=rst,
                              allow_redirects=True,
                              verify=self._call_context.get('verify_ssl', None),
+                             proxies=self._call_context.get('proxies', None),
                              timeout=self._call_context.get('timeout', None))
 
         util.log_return_correlation_id(self._log, operation, resp)

contributing.md

@@ -0,0 +1,126 @@
+# CONTRIBUTING
+
+Azure Active Directory SDK projects welcomes new contributors.  This document will guide you
+through the process.
+
+### CONTRIBUTOR LICENSE AGREEMENT
+
+Please visit [https://cla.microsoft.com/](https://cla.microsoft.com/) and sign the Contributor License
+Agreement.  You only need to do that once. We can not look at your code until you've submitted this request.
+
+
+### FORK
+
+Fork the project [on GitHub][] and check out
+your copy.
+
+Example for ADAL Python:
+
+```
+$ git clone git@github.com:username/azure-activedirectory-library-for-python.git
+$ cd azure-activedirectory-library-for-python
+$ git remote add upstream git@github.com:AzureAD/azure-activedirectory-library-for-python.git
+```
+
+Now decide if you want your feature or bug fix to go into the dev branch
+or the master branch.  **All bug fixes and new features should go into the dev branch.**
+
+The master branch is effectively frozen; patches that change the SDKs
+protocols or API surface area or affect the run-time behavior of the SDK will be rejected.
+
+Some of our SDKs have bundled dependencies that are not part of the project proper.  Any changes to files in those directories or its subdirectories should be sent to their respective
+projects.  Do not send your patch to us, we cannot accept it.
+
+In case of doubt, open an issue in the [issue tracker][].
+
+Especially do so if you plan to work on a major change in functionality.  Nothing is more
+frustrating than seeing your hard work go to waste because your vision
+does not align with our goals for the SDK.
+
+
+### BRANCH
+
+Okay, so you have decided on the proper branch.  Create a feature branch
+and start hacking:
+
+```
+$ git checkout -b my-feature-branch 
+```
+
+### COMMIT
+
+Make sure git knows your name and email address:
+
+```
+$ git config --global user.name "J. Random User"
+$ git config --global user.email "j.random.user@example.com"
+```
+
+Writing good commit logs is important.  A commit log should describe what
+changed and why.  Follow these guidelines when writing one:
+
+1. The first line should be 50 characters or less and contain a short
+   description of the change prefixed with the name of the changed
+   subsystem (e.g. "net: add localAddress and localPort to Socket").
+2. Keep the second line blank.
+3. Wrap all other lines at 72 columns.
+
+A good commit log looks like this:
+
+```
+fix: explaining the commit in one line
+
+Body of commit message is a few lines of text, explaining things
+in more detail, possibly giving some background about the issue
+being fixed, etc etc.
+
+The body of the commit message can be several paragraphs, and
+please do proper word-wrap and keep columns shorter than about
+72 characters or so. That way `git log` will show things
+nicely even when it is indented.
+```
+
+The header line should be meaningful; it is what other people see when they
+run `git shortlog` or `git log --oneline`.
+
+Check the output of `git log --oneline files_that_you_changed` to find out
+what directories your changes touch.
+
+
+### REBASE
+
+Use `git rebase` (not `git merge`) to sync your work from time to time.
+
+```
+$ git fetch upstream
+$ git rebase upstream/v0.1  # or upstream/master
+```
+
+
+### TEST
+
+Bug fixes and features should come with tests.  Add your tests in the
+test directory. This varies by repository but often follows the same convention of /src/test.  Look at other tests to see how they should be
+structured (license boilerplate, common includes, etc.).
+
+
+Make sure that all tests pass.
+
+
+### PUSH
+
+```
+$ git push origin my-feature-branch
+```
+
+Go to https://github.com/username/azure-activedirectory-library-for-***.git and select your feature branch.  Click
+the 'Pull Request' button and fill out the form.
+
+Pull requests are usually reviewed within a few days.  If there are comments
+to address, apply your changes in a separate commit and push that to your
+feature branch.  Post a comment in the pull request afterwards; GitHub does
+not send out notifications when you add commits.
+
+
+[on GitHub]: https://github.com/AzureAD/azure-activedirectory-library-for-python
+[issue tracker]: https://github.com/AzureAD/azure-activedirectory-library-for-python/issues

docs/Makefile

@@ -0,0 +1,20 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line.
+SPHINXOPTS    =
+SPHINXBUILD   = sphinx-build
+SPHINXPROJ    = ADALPython
+SOURCEDIR     = source
+BUILDDIR      = build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

docs/make.bat

@@ -0,0 +1,36 @@
+@ECHO OFF
+
+pushd %~dp0
+
+REM Command file for Sphinx documentation
+
+if "%SPHINXBUILD%" == "" (
+	set SPHINXBUILD=sphinx-build
+)
+set SOURCEDIR=source
+set BUILDDIR=build
+set SPHINXPROJ=ADALPython
+
+if "%1" == "" goto help
+
+%SPHINXBUILD% >NUL 2>NUL
+if errorlevel 9009 (
+	echo.
+	echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
+	echo.installed, then set the SPHINXBUILD environment variable to point
+	echo.to the full path of the 'sphinx-build' executable. Alternatively you
+	echo.may add the Sphinx directory to PATH.
+	echo.
+	echo.If you don't have Sphinx installed, grab it from
+	echo.http://sphinx-doc.org/
+	exit /b 1
+)
+
+%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
+goto end
+
+:help
+%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
+
+:end
+popd