diff --git a/adal/authentication_context.py b/adal/authentication_context.py index 205dc7be..355c8765 100644 --- a/adal/authentication_context.py +++ b/adal/authentication_context.py @@ -179,7 +179,7 @@ def token_func(self): def acquire_token_with_authorization_code(self, authorization_code, redirect_uri, resource, - client_id, client_secret): + client_id, client_secret=None): '''Gets a token for a given resource via auhtorization code for a server app. @@ -190,8 +190,9 @@ def acquire_token_with_authorization_code(self, authorization_code, :param str resource: A URI that identifies the resource for which the token is valid. :param str client_id: The OAuth client id of the calling application. - :param str client_secret: The OAuth client secret of the calling - application. + :param str client_secret: (only for confidential clients)The OAuth + client secret of the calling application. This parameter if not set, + defaults to None :returns: dict with several keys, include "accessToken" and "refreshToken". ''' diff --git a/adal/token_request.py b/adal/token_request.py index 27906484..b375326a 100644 --- a/adal/token_request.py +++ b/adal/token_request.py @@ -327,12 +327,13 @@ def get_token_with_authorization_code(self, authorization_code, client_secret): self._log.exception('Attempt to look for token in cache resulted in Error') oauth_parameters = self._create_oauth_parameters(OAUTH2_GRANT_TYPE.AUTHORIZATION_CODE) oauth_parameters[OAUTH2_PARAMETERS.CODE] = authorization_code - oauth_parameters[OAUTH2_PARAMETERS.CLIENT_SECRET] = client_secret - + if client_secret is not None: + oauth_parameters[OAUTH2_PARAMETERS.CLIENT_SECRET] = client_secret token = self._oauth_get_token(oauth_parameters) self._cache_driver.add(token) return token + def _get_token_with_refresh_token(self, refresh_token, resource, client_secret): self._log.info("Getting a new token from a refresh token")