Pqh3dZddlZddlZddlZddlZddlZddlZddlZddlZdZ ejZ ejddZ dZdZdZd&d Zd d ed fd ZdZdZdZd'dZdZdZdZddedZdgZdZdZdZej@eddZ!deejDe!jGdjIdjKd dZ&d!Z'd"Z(d#Z)d$Z*e+d%k(re*yy)(aMSAL Python Tester Usage 1: Run it on the fly. python -m msal Note: We choose to not define a console script to avoid name conflict. Usage 2: Build an all-in-one executable file for bug bash. shiv -e msal.__main__._main -o msaltest-on-os-name.pyz . Nzmsal_cache.binctjr1ttdj tj SdS)Nw) global_cachehas_state_changedopen_token_cache_filenamewrite serializeN/srv/www/ollama/chat-ollama/venv/lib/python3.12/site-packages/msal/__main__.pyrs=%% $**<+A+A+CD,0r z$04b07795-8ddb-461a-bbee-02f9e1bf7b46z$04f0c124-f2bc-4f59-8241-bf6df9866bbdcFttj|ddy)NT)indent sort_keys)printjsondumps)blobs r print_jsonrs $**T!t 45r c:tdj|dvS)Nz9{} (N/n/F/f or empty means False, otherwise it is True): )NnFf)inputformat)messages r _input_booleanr!s% CJJ7S ) **r c\t|j|jxs|S)N)default)rrstrip)r r#s r _inputr%"s& 0 1 7 7 9 DWDr z Your options:z Your choice? Fc R|sJd|r t|t|dD]&\}}tdj|||(|r td t|} t |}d|cxkrt |kr nn||dz S7#t $r |r|r|cYSYwxYw)Nzoptions must not be empty)startz {}: {}z' Or you can just type in your input.)r enumeraterrintlen ValueError) optionsheaderfooteroption_rendereraccept_nonempty_stringioraw_datachoices r _select_optionsr6%s ///7  f '+:1 l!!!_Q%789: 78 = ]FF*c'l*vz**   2 s')BB&%B&c`tgdddj}d|vr td|S)N)z$https://graph.microsoft.com/.defaultz%https://management.azure.com/.defaultz User.ReadzUser.ReadBasic.Allz_Select a scope (multiple scopes can only be input by manually typing them, delimited by space):Tr.r14https://pas.windows.net/CheckMyAccess/Linux/.defaultz9SSH Cert scope shall be tested by its dedicated functions)r6splitr,scopess r _input_scopesr=:sA  q#  %' >GTUU Mr c\|j}|rt|ddStdy)Nc2dj|d|dS)Nz{}, came from {}usernameaccount_source)ras r rz!_select_account..Ms&8&?&?* qQaOb&cr z0Account(s) already signed in inside MSAL Python:r0r.zRNo account available inside MSAL Python. Use other methods to acquire token first.) get_accountsr6r)appaccountss r _select_accountrHHs4!H cE  bcr c |t|}|r/t|jt|t dyy)zIacquire_token_silent() - with an account already signed into MSAL Python.!Bypass MSAL Python's token cache?)account force_refreshN)rHracquire_token_silent_with_errorr=r!rFrKs r _acquire_token_silentrOSs?c"G366 O()LM7 r c |xs t}tdddddddddgdd d }|dk(rd}nHtdg|jDcgc]}|d  c}zd d}t|tr|d n|}|j ||j |jttfvd|||xsi}|r@d|vr<|jdijd}||k7rtjd|t||Scc}w)zUacquire_token_interactive() - User will be prompted if app opts to do select_account.NzRUnspecified. Proceed silently with a default account (if any), fallback to prompt.)value descriptionnonezEnone. Proceed silently with a default account (if any), or error out.select_accountz.select_account. Prompt with an account picker.c |dS)NrRr r3s r rz,_acquire_token_interactive..es !M"2r zPrompt behavior?rDrQr@zlogin_hint? (If you have multiple signed-in sessions in browser/broker, and you specify a login_hint to match one of them, you will bypass the account picker.)Tr8i)parent_window_handleenable_msa_passthroughportprompt login_hintdataid_token_claimspreferred_usernamez-Signed-in user "%s" does not match login_hint)r=r6rE isinstancedictacquire_token_interactiveCONSOLE_WINDOW_HANDLE client_id _AZURE_CLI_VISUAL_STUDIOgetloggingwarningr) rFr<r\rZr[rCraw_login_hintresultsigned_in_users r _acquire_token_interactiverl]sB  &}F '{|)pq"3cd 3! # $+ ,F!! ( FS-=-=-?@a m@ @u#' 4>nd3S^J/Yg  * * 66"}} 1 *4:2+ F'61$5r:>>?ST Z ' OOK^ \v M'As D ct|jtdtjdt y)zacquire_token_by_username_password() - See constraints here: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows#constraints-for-ropcz username: z password: r;N)r"acquire_token_by_username_passwordr%getpassr=)rFs r #_acquire_token_by_username_passwordrps5s55|gool;MO6UVr c|jt}t|dtjj t d|j|}t|y)zNacquire_token_by_device_flow() - Note that this one does not go through brokerr;r zNAfter you completed the step above, press ENTER in this console to continue...N) initiate_device_flowr=rsysstdoutflushracquire_token_by_device_flowr)rFflowrjs r _acquire_token_by_device_flowrxsT  # #=? # ;D $y/JJ Z[  - -d 3Fvr aw{"kty":"RSA", "n":"2tNr73xwcj6lH7bqRZrFzgSLj7OeLfbn8216uOMDHuaZ6TEUBDN8Uz0ve8jAlKsP9CQFCSVoSNovdE-fs7c15MxEGHjDcNKLWonznximj8pDGZQjVdfK-7mG6P6z-lgVcLuYu5JcWU_PeEqIKg5llOaz-qeQ4LEDS4T1D2qWRGpAra4rJX1-kmrWmX_XIamq30C9EIO0gGuT4rc2hJBWQ-4-FnE1NXmy125wfT3NdotAJGq5lMIfhjfglDbJCwhc8Oe17ORjO3FsB5CLuBRpYmP7Nzn66lRY3Fe11Xz8AEBl3anKFSJcTvlMnFtu3EpD-eiaHfTgRBU7CztGQqVbiQ", "e":"AQAB"}ssh-certkey1) token_typekey_idreq_cnfr9ct|}|r_|jt|tt d}t ||r+|j ddk7rtjdyyyy)zFAcquire an SSH Cert silently- This typically only works with Azure CLIrJ)r\rLr{ryzUnable to acquire an ssh-cert.N) rHacquire_token_silent_SSH_CERT_SCOPE_SSH_CERT_DATAr!rrfrgerror)rFrKrjs r _acquire_ssh_cert_silentlyrslc"G))  ()LM * 6 fjj.*< MM: ;=6r ct|tt}|jddk7rt j dyy)zLAcquire an SSH Cert interactively - This typically only works with Azure CLIr<r\r{ryzUnable to acquire an ssh-certN)rlrrrfrgr)rFrjs r _acquire_ssh_cert_interactivers3 'O. YF zz,:- 56.r z+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA-AAAAAAAAsw)kidxms_kslpopzutf-8=cdg}t||t}t||jddk7rt j dyy)zLAcquire a POP token interactively - This typically only works with Azure CLIz-6256c85f-0aad-4d50-b960-e6e9b21efe35/.defaultrr{rzUnable to acquire a pop tokenN)rl _POP_DATArrfrgr)rF POP_SCOPErjs r _acquire_pop_token_interactiversC@AI 'II NFv zz,5( 56)r c|t|}|r/|j|tdj|dyy)zoremove_account() - Invalidate account and/or token(s) from cache, so that acquire_token_silent() would be resetz@Account "{}" and/or its token(s) are signed out from MSAL Pythonr@N)rHremove_accountrrrNs r _remove_accountrs=c"G 7# PWWX_`jXklmr c|jrdnd}tdj|tjy)Exitzjhttps://identitydivision.visualstudio.com/Engineering/_queries/query/79b3a352-a775-406f-87cd-a487c382a8ed/zXhttps://github.com/AzureAD/microsoft-authentication-library-for-python/issues/new/choosez2Bye. If you found a bug, please report it here: {}N)_enable_brokerrrrsexit)rFbug_links r _exitrs:    ub  > E Eh OPHHJr c tdjtjt dddddjt dgddd }|d dk(rUt jjt r2 tjtt d jt td dtdddddgddd }t!d}t!d}|r |r t!dnd }tj"t%|t&r|dn|t gddd||t}|r$t)j*t(j, t t.t0t2t4t6t8t:t<t>g dd } ||F#t$rYwxYw#t@$r }t)jBd!|Yd}~5d}~wtD$rtd"YNwxYw)#Nz4Welcome to the Msal Python {} Tester (Experimental) emptyz. !F)r z1What token cache state do you want to begin with?F)r0r.r1r5rz+Azure CLI (Correctly configured for MSA-PT))rcnamez/Visual Studio (Correctly configured for MSA-PT)z$95de633a-083e-42f5-b444-a4295d8e9314zAWhiteboard Services (Non MSA-PT app. Accepts AAD & MSA accounts.)c |dS)Nrr rBs r rz_main..rr zGImpersonate this app (or you can type in the client_id of your own app)TzWEnable broker? It will error out later if your app has not registered some redirect URIzEnable MSAL Python's DEBUG log?zEnable PII in broker's log?rc)z(https://login.microsoftonline.com/commonz/https://login.microsoftonline.com/organizationsz;https://login.microsoftonline.com/microsoft.onmicrosoft.comz:https://login.microsoftonline.com/msidlab4.onmicrosoft.comz+https://login.microsoftonline.com/consumerszKInput authority (Note that MSA-PT apps would NOT use the /common authority)r8) authorityenable_broker_on_windowsenable_pii_log token_cache)levelc|jSN)__doc__)rs r rz_main..s r zMSAL Python APIs:rDzInvalid input: %sAborted)#rrmsal __version__r6rospathexistsr deserializerreadIOErrorrdrer!PublicClientApplicationr_r`rg basicConfigDEBUGrOrlrprxrrrrrr,rKeyboardInterrupt) cache_choice chosen_app enable_brokerenable_debug_logrrFfunces r _mainrs A H HIYIY Z["!V  "KKQ6-L/   $ ,B$&L H(RWW^^rs==<<<(*t**, 0 4 76* E(0CUX$ *  d!FV  F *fOIJ <7 < tzz+$?@ 'v'' (;(;G(DELLWU\\]`a  7nEN z Gr