Skip to content

Commit a2b28a2

Browse files
fenggafengga
committed
Use unsigned redirect uri for mac broker flows
1 parent 016092e commit a2b28a2

File tree

1 file changed

+9
-13
lines changed

1 file changed

+9
-13
lines changed

msal/broker.py

Lines changed: 9 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,8 @@ class TokenTypeError(ValueError):
5252
# so they have to use a generic placeholder anyway.
5353
# The v-team chose to combine two situations into using same placeholder.
5454

55+
_redirect_uri_on_linux = "https://login.microsoftonline.com/common/oauth2/nativeclient"
56+
5557

5658
def _convert_error(error, client_id):
5759
context = error.get_context() # Available since pymsalruntime 0.0.4
@@ -145,20 +147,19 @@ def _build_msal_runtime_auth_params(client_id, authority):
145147
params.set_additional_parameter("msal_client_ver", __version__)
146148
return params
147149

148-
def _set_redirect_uri_for_linux(params):
150+
def _set_redirect_uri(params):
149151
if sys.platform == "linux":
150-
# This is required by Linux Java Broker to set a non-empty valid redirect_uri
151-
params.set_redirect_uri(
152-
"https://login.microsoftonline.com/common/oauth2/nativeclient"
153-
)
152+
params.set_redirect_uri(_redirect_uri_on_linux)
153+
elif sys.platform == "darwin":
154+
params.set_redirect_uri(_redirect_uri_on_mac)
154155

155156
def _signin_silently(
156157
authority, client_id, scopes, correlation_id=None, claims=None,
157158
enable_msa_pt=False,
158159
auth_scheme=None,
159160
**kwargs):
160161
params = _build_msal_runtime_auth_params(client_id, authority)
161-
_set_redirect_uri_for_linux(params)
162+
_set_redirect_uri(params)
162163
params.set_requested_scopes(scopes)
163164
if claims:
164165
params.set_decoded_claims(claims)
@@ -193,12 +194,7 @@ def _signin_interactively(
193194
**kwargs):
194195
params = _build_msal_runtime_auth_params(client_id, authority)
195196
params.set_requested_scopes(scopes)
196-
params.set_redirect_uri(
197-
_redirect_uri_on_mac if sys.platform == "darwin" else
198-
"https://login.microsoftonline.com/common/oauth2/nativeclient"
199-
# This default redirect_uri value is not currently used by WAM
200-
# but it is required by the MSAL.cpp to be set to a non-empty valid URI.
201-
)
197+
_set_redirect_uri(params)
202198
if prompt:
203199
if prompt == "select_account":
204200
if login_hint:
@@ -248,7 +244,7 @@ def _acquire_token_silently(
248244
if account is None:
249245
return
250246
params = _build_msal_runtime_auth_params(client_id, authority)
251-
_set_redirect_uri_for_linux(params)
247+
_set_redirect_uri(params)
252248
params.set_requested_scopes(scopes)
253249
if claims:
254250
params.set_decoded_claims(claims)

0 commit comments

Comments
 (0)