feat: add integrated windows authentication support under public clients

[shajia-deshaw]

Overview

Adds support for Integrated Windows Authentication similar to the Java/.NET clients/

Fixes: #31

[rayluo]

Thanks, @shajia-deshaw . Is there any way to test this? Can they be written into test cases?
Anyway, I'll leave this to @ashok672 for reviewing.

[shajia-deshaw]

Sure @rayluo - I can add the test cases shortly (I had this tested with a driver script internally)

from msal import PublicClientApplication
app = PublicClientApplication(
    "<client_id>",
    authority="https://login.microsoftonline.com/<tenant_id>")
token = app.acquire_token_integrated_windows_auth("<upn>")
print(token)

[shajia-deshaw]

I'm not sure how this number is mapped. I just added a random number for IWA btw.

[shajia-deshaw]

The access token returned by IWA did not meet the criteria to be added as an ACCOUNT credential type in the TokenCache i.e. it didn't have client_info in the response. It was being added as a ACCESS_TOKEN credential type. The cache test in the e2e tests were failing because of it since the get_accounts() call didn't return anything and it assumed there was nothing being added to the cache. Hence, I added a special case of iwa to be added to the ACCOUNT credential type.

The other alternative is to add a method for get_access_tokens similar to get_accounts and use it to decide if we need to acquire new tokens silently for the items in cache.

[shajia-deshaw]

Hello folks, just an update - I'm working with my employer to sign the CLA soon.

[shajia-deshaw]

@microsoft-github-policy-service agree company="D. E. Shaw & Co., L.P."

[shajia-deshaw]

Hello @ashok672 - Checking if you had a chance to review the PR? Thanks.

[velulev]

Hello @ashok672 - Checking if you had a chance to review the PR? Thanks.

Hi @ashok672 , please let us know if there is anything else we can help on this with. Thanks.