In [1]:
from dotenv import load_dotenv, find_dotenv

load_dotenv(find_dotenv(filename="app/.env"))

True

In [2]:
from app.config import settings
import msal

import webbrowser
from urllib.parse import urlparse, parse_qs


In [3]:
app = msal.ConfidentialClientApplication(
    settings.AZURE_CLIENT_ID,
    authority=f"{settings.AZURE_RESOURCE}/{settings.AZURE_TENANT}",
    client_credential=settings.AZURE_CLIENTSECRET,
    )



In [5]:
flow = app.initiate_auth_code_flow(scopes=[], redirect_uri=settings.AZURE_REDIRECT)

In [7]:
flow

{'state': 'HqmzTBKIOgsFuNrL',
 'redirect_uri': 'http://localhost:8050/login',
 'scope': ['openid', 'offline_access', 'profile'],
 'auth_uri': 'https://login.microsoftonline.com/cb64532c-b24e-4107-8e77-8ca4fec9dbf6/oauth2/v2.0/authorize?client_id=066da87c-2d5f-4034-a01a-9d4694ccbd03&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A8050%2Flogin&scope=offline_access+openid+profile&state=HqmzTBKIOgsFuNrL&code_challenge=UUgzTEAU75eocqCwv4ujj2GFKvLICEVB3s5vGG4f--w&code_challenge_method=S256&nonce=f15158a84d07ba96dfa242e3d5c4a2f830a1f009eef7d95321a745c1ee057e5b&client_info=1',
 'code_verifier': 'z_BgsdOj~xvVHX5f3clAIi6rhDP7NWbkwMeSmLoaE0J',
 'nonce': 'JzRVTOxrEhqWtowk',
 'claims_challenge': None}

In [8]:
parsed_url = urlparse(flow['auth_uri'])

param_dict = parse_qs(parsed_url.query)
param_dict

{'client_id': ['066da87c-2d5f-4034-a01a-9d4694ccbd03'],
 'response_type': ['code'],
 'redirect_uri': ['http://localhost:8050/login'],
 'scope': ['offline_access openid profile'],
 'state': ['HqmzTBKIOgsFuNrL'],
 'code_challenge': ['UUgzTEAU75eocqCwv4ujj2GFKvLICEVB3s5vGG4f--w'],
 'code_challenge_method': ['S256'],
 'nonce': ['f15158a84d07ba96dfa242e3d5c4a2f830a1f009eef7d95321a745c1ee057e5b'],
 'client_info': ['1']}

### sending a redirect to FrontEnd

In [9]:
webbrowser.open_new(flow['auth_uri'])

True

### MSFT response after login

In [10]:
full_url = "http://localhost:8050/login?code=0.AagALFNky06yB0GOd4yk_snb9nyobQZfLTRAoBqdRpTMvQPzAPU.AgABBAIAAADnfolhJpSnRYB1SVj-Hgd8AgDs_wUA9P_1jEq7ohgyJgnkLu408V_3X_7yYhfaJ1ru_E2-vBYIk66IVfzLDbrUPZSs0a2T3bxEGoFI0pPEwG1Xwch-Aq3wCGBOiUoaVzCnXUq8O3vORu1vls8UvfqxqusSytnaFQ1jvpt5rZIhg4NNnUnmudiLCMNlpEjGF1QGQrqGhMEykR00D-UJr0wRZ9Uk57uJZQPyVnkBN-kp_nz4ZQ2yuEs1dnEq-Sdsmet5vDpe3_yMTPKD2YilB5A9CtWFBQ1VrcjRmYaCDmM0e0CNVMEPTgIn6NReZpT8gU_I1FWGTXvmZk7IC8WGbyeCb6v0FXm36dW1NMlEMXCcurxgElbxQ0xCL1jTdiZ8t8FOKwdgbb3IyVLbbYNBYp3yypwO3aYpd1Skm8YnTuUYTyxBFHG1VCUoruN9fDuKB38PeROCMchRyTS4MIfayQdKH4j8CJ0X28d_APOPz_wrWjRHPBYfFT6p1diMYfaAX0zg749l53KFV7IcnfC4ZXvpO76bipJoA2g_vdux7wLUUEV_gbCQcfbz2gGLNR9cfc-WZCWRKZ65aloq7yzPTS7KC0BQ1o-VefjCBDilwNZRB1GtL-S_rAZUZkGHT0WoY4KGQOyCTG67u5HmG7Lp6q_vssAOjNicfoHB6sypv4fdSa82yjhEG0c812O62NWxQWsd9x2VRZsAe6wkhLQqr-J8EpD75U5to3nkZr7K1GJwTrd7oP54Bj16MCxdy0an2aZe8x1xS_IUVjRsNjKifbMYp_hI5-6pLdUUMP_8jYToEtra3P6Oom_bPF_K-JmBCDpLEis5oYUBEIYHqVGazi-wM9nMmDA-VxnXK9E_f7YSJbS5Zq26Yv6MkSOx6OzjP3Nt3XVa_Pexy2Tt_9_tF7m0swrrCeMHbAE4f3OxC99O7LCiHRY7aFnVmazoRnLvH7iJiic53wvmMb3Qp1SH1fgYA-YmQ1eVggT1w-0NCWhqcMtrkI0DzIqqGm9MZSoXbBVlLj9_CcmxZ8zRJueQ2ctF2MRT-de0qDWXrU9S1Z7m14A8M6rCv0beOy48bO2ttHboFtPuCTewVI3AswButxcgWNZnQ5Sen1Jvt_yIZ7DyDU7DmFJ5_BPg0tgluEtdax2nqZAY-TeRn7Gt_B5aEcvKoJvRtdS2EyLvpBh6BFk4h6LQRiMarnETeFzTlP65-nj4ED0gxNPKJxCr6TAtoCccIAOh1yx5Jdnh70cGU7pu4AaVumY0FgI-eqhJPmwoF3uhMsEM6UlhQ_aWoVVdAza4KEWJCDBxsvhMcVOfBm55cJj4MeJ63QWL9e8_tupWmuK5J49ZRrKIgq_KJTpxAATMgh-b418QygbQX0msptYgBvwDCTRgMjUKzOgr-cYDrkm3GUBu-nBetbaWrPde4RDJ__sQYuXe3TKBAErIaFLErSrG01lRoH3MKRH3_T4p15GqeIAiEyhlLDaf&client_info=eyJ1aWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtNDQ1My05ZjUxYzgzNmU1NWUiLCJ1dGlkIjoiOTE4ODA0MGQtNmM2Ny00YzViLWIxMTItMzZhMzA0YjY2ZGFkIn0&state=HqmzTBKIOgsFuNrL&session_state=f4fb3dc1-9be0-48df-8b0e-2f2cc96bc63e#"
parsed_url = urlparse(full_url)

resp = parse_qs(parsed_url.query)
resp = {k: v[0] for k, v in resp.items()}
resp

{'code': '0.AagALFNky06yB0GOd4yk_snb9nyobQZfLTRAoBqdRpTMvQPzAPU.AgABBAIAAADnfolhJpSnRYB1SVj-Hgd8AgDs_wUA9P_1jEq7ohgyJgnkLu408V_3X_7yYhfaJ1ru_E2-vBYIk66IVfzLDbrUPZSs0a2T3bxEGoFI0pPEwG1Xwch-Aq3wCGBOiUoaVzCnXUq8O3vORu1vls8UvfqxqusSytnaFQ1jvpt5rZIhg4NNnUnmudiLCMNlpEjGF1QGQrqGhMEykR00D-UJr0wRZ9Uk57uJZQPyVnkBN-kp_nz4ZQ2yuEs1dnEq-Sdsmet5vDpe3_yMTPKD2YilB5A9CtWFBQ1VrcjRmYaCDmM0e0CNVMEPTgIn6NReZpT8gU_I1FWGTXvmZk7IC8WGbyeCb6v0FXm36dW1NMlEMXCcurxgElbxQ0xCL1jTdiZ8t8FOKwdgbb3IyVLbbYNBYp3yypwO3aYpd1Skm8YnTuUYTyxBFHG1VCUoruN9fDuKB38PeROCMchRyTS4MIfayQdKH4j8CJ0X28d_APOPz_wrWjRHPBYfFT6p1diMYfaAX0zg749l53KFV7IcnfC4ZXvpO76bipJoA2g_vdux7wLUUEV_gbCQcfbz2gGLNR9cfc-WZCWRKZ65aloq7yzPTS7KC0BQ1o-VefjCBDilwNZRB1GtL-S_rAZUZkGHT0WoY4KGQOyCTG67u5HmG7Lp6q_vssAOjNicfoHB6sypv4fdSa82yjhEG0c812O62NWxQWsd9x2VRZsAe6wkhLQqr-J8EpD75U5to3nkZr7K1GJwTrd7oP54Bj16MCxdy0an2aZe8x1xS_IUVjRsNjKifbMYp_hI5-6pLdUUMP_8jYToEtra3P6Oom_bPF_K-JmBCDpLEis5oYUBEIYHqVGazi-wM9nMmDA-VxnXK9E_f7YSJbS5Zq26Yv6MkSOx6OzjP3Nt3XVa_Pexy2Tt_9_tF7m0swrrCeMH

In [11]:
test = app.acquire_token_by_auth_code_flow(auth_code_flow=flow, auth_response=resp)

In [12]:
test

{'token_type': 'Bearer',
 'scope': 'openid profile email',
 'expires_in': 3825,
 'ext_expires_in': 3825,
 'access_token': 'eyJ0eXAiOiJKV1QiLCJub25jZSI6ImdTS1gtRWVWcTNzdU5qMWFMOElObkR1TDZDSlFTRXBaejZSa29YUjdxQWMiLCJhbGciOiJSUzI1NiIsIng1dCI6IkwxS2ZLRklfam5YYndXYzIyeFp4dzFzVUhIMCIsImtpZCI6IkwxS2ZLRklfam5YYndXYzIyeFp4dzFzVUhIMCJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9jYjY0NTMyYy1iMjRlLTQxMDctOGU3Ny04Y2E0ZmVjOWRiZjYvIiwiaWF0IjoxNzE3NTU2ODU5LCJuYmYiOjE3MTc1NTY4NTksImV4cCI6MTcxNzU2MDk4NSwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFZUUFlLzhXQUFBQW5mVUhNNm1lSWUwdDN2eGZIVHpESDE4dlVsL2FBQ1I3SDJCeFdQWjlpLzhaaGc3cTdQNjhUeWs5UVFVRzNMcWpkTU15dWphUTlEbU5pTUVpR2VQOGxQT2FGcVF1ZjFJME01U0psYlRiSXZ0bzRuRWdFOGFKNkF4am9aVnFUL3hFeVpUc3hCUmhEK3p2YUd4c04weFRSOVJHQUhhb2Z0Q3ViS3MwdU83WHVCYz0iLCJhbHRzZWNpZCI6IjE6bGl2ZS5jb206MDAwMzdGRkU2RjhCMjZEMSIsImFtciI6WyJwd2QiLCJtZmEiXSwiYXBwX2Rpc3BsYXluYW1lIjoiVGVzdC1PcGVuSUQtRmxvdyIsImFwcGlkIjoiMDY2ZGE4N2MtMmQ1Zi00MDM0

In [14]:
test.get('id_token_claims').get('preferred_username')

'Jim.levesque8@icloud.com'

In [None]:
tmp_url = 'http://127.0.0.1:8050/login'
parsed_url = urlparse(tmp_url)
print(parsed_url.path.split('/'))
param_dict = parse_qs(parsed_url.query)
print(param_dict)

['', 'login']
{}


In [None]:
param_dict == {}

True

In [None]:
type(param_dict)

dict