From c0bc4f10ce94ac4f8a283cc4cede108f68abbd03 Mon Sep 17 00:00:00 2001 From: Abhidnya Patil Date: Mon, 13 Apr 2020 14:49:42 -0700 Subject: [PATCH 1/3] Adding support for passing domain hint --- msal/application.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/msal/application.py b/msal/application.py index a036b80d..30faf733 100644 --- a/msal/application.py +++ b/msal/application.py @@ -230,6 +230,7 @@ def get_authorization_request_url( response_type="code", # Can be "token" if you use Implicit Grant prompt=None, nonce=None, + domain_hint=None, # type: Optional[str] **kwargs): """Constructs a URL for you to start a Authorization Code Grant. @@ -251,6 +252,9 @@ def get_authorization_request_url( :param nonce: A cryptographically random value used to mitigate replay attacks. See also `OIDC specs `_. + :param domain_hint: + Provides a hint about the tenant or domain that the user should use to sign in. The value + of the domain hint is a registered domain for the tenant. :return: The authorization url as a string. """ """ # TBD: this would only be meaningful in a new acquire_token_interactive() @@ -280,7 +284,7 @@ def get_authorization_request_url( redirect_uri=redirect_uri, state=state, login_hint=login_hint, prompt=prompt, scope=decorate_scope(scopes, self.client_id), - nonce=nonce, + nonce=nonce, domain_hint=domain_hint, ) def acquire_token_by_authorization_code( From 93e2a004d18cdb1de0370d18e127e60771b91f8a Mon Sep 17 00:00:00 2001 From: Abhidnya Patil Date: Mon, 13 Apr 2020 15:26:27 -0700 Subject: [PATCH 2/3] Adding url for more information --- msal/application.py | 1 + 1 file changed, 1 insertion(+) diff --git a/msal/application.py b/msal/application.py index 30faf733..7daaa43b 100644 --- a/msal/application.py +++ b/msal/application.py @@ -255,6 +255,7 @@ def get_authorization_request_url( :param domain_hint: Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant. + https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code :return: The authorization url as a string. """ """ # TBD: this would only be meaningful in a new acquire_token_interactive() From dc2d27c1ef42fd5ef9b97dbfe657f27705f35d3b Mon Sep 17 00:00:00 2001 From: Abhidnya Patil Date: Tue, 14 Apr 2020 12:44:33 -0700 Subject: [PATCH 3/3] Modifying refernce doc string --- msal/application.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/msal/application.py b/msal/application.py index 7daaa43b..57e1c4a9 100644 --- a/msal/application.py +++ b/msal/application.py @@ -253,9 +253,11 @@ def get_authorization_request_url( A cryptographically random value used to mitigate replay attacks. See also `OIDC specs `_. :param domain_hint: - Provides a hint about the tenant or domain that the user should use to sign in. The value - of the domain hint is a registered domain for the tenant. + Can be one of "consumers" or "organizations" or your tenant domain "contoso.com". + If included, it will skip the email-based discovery process that user goes + through on the sign-in page, leading to a slightly more streamlined user experience. https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-authorization-code + https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-oapx/86fb452d-e34a-494e-ac61-e526e263b6d8 :return: The authorization url as a string. """ """ # TBD: this would only be meaningful in a new acquire_token_interactive() @@ -285,7 +287,8 @@ def get_authorization_request_url( redirect_uri=redirect_uri, state=state, login_hint=login_hint, prompt=prompt, scope=decorate_scope(scopes, self.client_id), - nonce=nonce, domain_hint=domain_hint, + nonce=nonce, + domain_hint=domain_hint, ) def acquire_token_by_authorization_code(