Skip to content

Sync changes #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jul 26, 2024
Merged

Sync changes #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
92c5e94
CI Update
Jul 17, 2024
9dda604
Merge pull request #95 from MicrosoftDocs/smoke-test
localden Jul 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
85 changes: 52 additions & 33 deletions python/docs-ref-autogen/msal/msal.application.ClientApplication.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,52 +26,71 @@ constructor:
- <xref:str>
- name: client_credential
description: "For <xref:msal.application.PublicClientApplication>, you use *None*\
\ here.\nFor <xref:msal.application.ConfidentialClientApplication>,\nit can\
\ be a string containing client secret,\nor an X509 certificate container in\
\ here.\n\nFor <xref:msal.application.ConfidentialClientApplication>,\nit supports\
\ many different input formats for different scenarios.\n\n\n\n## Support using\
\ a client secret.Just feed in a string, such as `\"your client secret\"`.\n\
\n\n\n## Support using a certificate in X.509 (.pem) formatFeed in a dict in\
\ this form:\n\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\"\
: [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\"\
: \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\n\
\ {\n \"private_key\": \"...-----BEGIN PRIVATE KEY-----... in PEM format\"\
,\n \"thumbprint\": \"A1B2C3D4E5F6...\",\n \"public_certificate\"\
: \"...-----BEGIN CERTIFICATE-----... (Optional. See below.)\",\n \"passphrase\"\
: \"Passphrase if the private_key is encrypted (Optional. Added in version 1.6.0)\"\
,\n }\n ````\n\nMSAL Python requires a \"private_key\" in PEM format.\n\
If your cert is in a PKCS12 (.pfx) format, you can also\n[convert it to PEM\
\ and get the thumbprint](https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L101-L123).\n\
\nThe thumbprint is available in your app's registration in Azure Portal.\n\
Alternatively, you can [calculate the thumbprint](https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L94-L97).\n\
\n*Added in version 0.5.0*:\npublic_certificate (optional) is public key certificate\n\
which will be sent through 'x5c' JWT header only for\nsubject name and issuer\
\ authentication to support cert auto rolls.\n\nPer [specs](https://tools.ietf.org/html/rfc7515#section-4.1.6),\n\
\"the certificate containing\nthe public key corresponding to the key used to\
,\n \"thumbprint\": \"A1B2C3D4E5F6...\",\n \"passphrase\": \"Passphrase\
\ if the private_key is encrypted (Optional. Added in version 1.6.0)\",\n \
\ }\n ````\n\nMSAL Python requires a \"private_key\" in PEM format.\nIf your\
\ cert is in PKCS12 (.pfx) format,\nyou can convert it to X.509 (.pem) format,\n\
by `openssl pkcs12 -in file.pfx -out file.pem -nodes`.The thumbprint is available\
\ in your app's registration in Azure Portal.\nAlternatively, you can [calculate\
\ the thumbprint](https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L94-L97).\n\
\n\n\n## Support Subject Name/Issuer Auth with a cert in .pem[Subject Name/Issuer\
\ Auth](https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/60)\n\
is an approach to allow easier certificate rotation.*Added in version 0.5.0*:\n\
\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\"\
: [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\": \"default\"\
, \"force\": false, \"linenos\": false} -->\n\n````default\n\n {\n \"\
private_key\": \"...-----BEGIN PRIVATE KEY-----... in PEM format\",\n \
\ \"thumbprint\": \"A1B2C3D4E5F6...\",\n \"public_certificate\": \"...-----BEGIN\
\ CERTIFICATE-----...\",\n \"passphrase\": \"Passphrase if the private_key\
\ is encrypted (Optional. Added in version 1.6.0)\",\n }\n ````\n\n`public_certificate`\
\ (optional) is public key certificate\nwhich will be sent through 'x5c' JWT\
\ header only for\nsubject name and issuer authentication to support cert auto\
\ rolls.Per [specs](https://tools.ietf.org/html/rfc7515#section-4.1.6),\n\"\
the certificate containing\nthe public key corresponding to the key used to\
\ digitally sign the\nJWS MUST be the first certificate. This MAY be followed\
\ by\nadditional certificates, with each subsequent certificate being the\n\
one used to certify the previous one.\"\nHowever, your certificate's issuer\
\ may use a different order.\nSo, if your attempt ends up with an error AADSTS700027\
\ -\n\"The provided signature value did not match the expected signature value\"\
,\nyou may try use only the leaf cert (in PEM/str format) instead.\n\n*Added\
\ in version 1.13.0*:\nIt can also be a completely pre-signed assertion that\
\ you've assembled yourself.\nSimply pass a container containing only the key\
\ \"client_assertion\", like this:\n\n<!-- literal_block {\"ids\": [], \"classes\"\
,\nyou may try use only the leaf cert (in PEM/str format) instead.\n\n\n\n##\
\ Supporting raw assertion obtained from elsewhere*Added in version 1.13.0*:\n\
It can also be a completely pre-signed assertion that you've assembled yourself.\n\
Simply pass a container containing only the key \"client_assertion\", like this:\n\
\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\"\
: [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\": \"default\"\
, \"force\": false, \"linenos\": false} -->\n\n````default\n\n {\n \"\
client_assertion\": \"...a JWT with claims aud, exp, iss, jti, nbf, and sub...\"\
\n }\n ````\n\n\n\n## Supporting reading client cerficates from PFX files*Added\
\ in version 1.29.0*:\nFeed in a dictionary containing the path to a PFX file:\n\
\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\"\
: [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\": \"default\"\
, \"force\": false, \"linenos\": false} -->\n\n````default\n\n {\n \"\
private_key_pfx_path\": \"/path/to/your.pfx\",\n \"passphrase\": \"Passphrase\
\ if the private_key is encrypted (Optional)\",\n }\n ````\n\nThe following\
\ command will generate a .pfx file from your .key and .pem file:\n\n<!-- literal_block\
\ {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\": [], \"backrefs\"\
: [], \"xml:space\": \"preserve\", \"language\": \"default\", \"force\": false,\
\ \"linenos\": false} -->\n\n````default\n\n openssl pkcs12 -export -out certificate.pfx\
\ -inkey privateKey.key -in certificate.pem\n ````\n\n\n\n## Support Subject\
\ Name/Issuer Auth with a cert in .pfx*Added in version 1.30.0*:\nIf your .pfx\
\ file contains both the private key and public cert,\nyou can opt in for Subject\
\ Name/Issuer Auth like this:\n\n<!-- literal_block {\"ids\": [], \"classes\"\
: [], \"names\": [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\"\
, \"language\": \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\
\n {\n \"client_assertion\": \"...a JWT with claims aud, exp, iss, jti,\
\ nbf, and sub...\"\n }\n ````\n\n\n\n## Supporting reading client cerficates\
\ from PFX files*Added in version 1.29.0*:\nFeed in a dictionary containing\
\ the path to a PFX file:\n\n<!-- literal_block {\"ids\": [], \"classes\": [],\
\ \"names\": [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\"\
, \"language\": \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\
\n {\n \"private_key_pfx_path\": \"/path/to/your.pfx\",\n \"passphrase\"\
: \"Passphrase if the private_key is encrypted (Optional. Added in version 1.6.0)\"\
,\n }\n ````\n\nThe following command will generate a .pfx file from your\
\ .key and .pem file:\n\n<!-- literal_block {\"ids\": [], \"classes\": [], \"\
names\": [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\"\
, \"language\": \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\
\n openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.pem\n\
\ ````"
\n {\n \"private_key_pfx_path\": \"/path/to/your.pfx\",\n \"public_certificate\"\
: True,\n \"passphrase\": \"Passphrase if the private_key is encrypted\
\ (Optional)\",\n }\n ````"
defaultValue: None
types:
- <xref:typing.Union>[<xref:dict>, <xref:str>]
- <xref:typing.Union>[<xref:dict>, <xref:str>, <xref:None>]
- name: client_claims
description: "*Added in version 0.5.0*:\nIt is a dictionary of extra claims that\
\ would be signed by\nby this <xref:msal.application.ConfidentialClientApplication>\
Expand Down
85 changes: 52 additions & 33 deletions python/docs-ref-autogen/msal/msal.application.ConfidentialClientApplication.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,52 +26,71 @@ constructor:
- <xref:str>
- name: client_credential
description: "For <xref:msal.application.PublicClientApplication>, you use *None*\
\ here.\nFor <xref:msal.application.ConfidentialClientApplication>,\nit can\
\ be a string containing client secret,\nor an X509 certificate container in\
\ here.\n\nFor <xref:msal.application.ConfidentialClientApplication>,\nit supports\
\ many different input formats for different scenarios.\n\n\n\n## Support using\
\ a client secret.Just feed in a string, such as `\"your client secret\"`.\n\
\n\n\n## Support using a certificate in X.509 (.pem) formatFeed in a dict in\
\ this form:\n\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\"\
: [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\"\
: \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\n\
\ {\n \"private_key\": \"...-----BEGIN PRIVATE KEY-----... in PEM format\"\
,\n \"thumbprint\": \"A1B2C3D4E5F6...\",\n \"public_certificate\"\
: \"...-----BEGIN CERTIFICATE-----... (Optional. See below.)\",\n \"passphrase\"\
: \"Passphrase if the private_key is encrypted (Optional. Added in version 1.6.0)\"\
,\n }\n ````\n\nMSAL Python requires a \"private_key\" in PEM format.\n\
If your cert is in a PKCS12 (.pfx) format, you can also\n[convert it to PEM\
\ and get the thumbprint](https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L101-L123).\n\
\nThe thumbprint is available in your app's registration in Azure Portal.\n\
Alternatively, you can [calculate the thumbprint](https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L94-L97).\n\
\n*Added in version 0.5.0*:\npublic_certificate (optional) is public key certificate\n\
which will be sent through 'x5c' JWT header only for\nsubject name and issuer\
\ authentication to support cert auto rolls.\n\nPer [specs](https://tools.ietf.org/html/rfc7515#section-4.1.6),\n\
\"the certificate containing\nthe public key corresponding to the key used to\
,\n \"thumbprint\": \"A1B2C3D4E5F6...\",\n \"passphrase\": \"Passphrase\
\ if the private_key is encrypted (Optional. Added in version 1.6.0)\",\n \
\ }\n ````\n\nMSAL Python requires a \"private_key\" in PEM format.\nIf your\
\ cert is in PKCS12 (.pfx) format,\nyou can convert it to X.509 (.pem) format,\n\
by `openssl pkcs12 -in file.pfx -out file.pem -nodes`.The thumbprint is available\
\ in your app's registration in Azure Portal.\nAlternatively, you can [calculate\
\ the thumbprint](https://github.com/Azure/azure-sdk-for-python/blob/07d10639d7e47f4852eaeb74aef5d569db499d6e/sdk/identity/azure-identity/azure/identity/_credentials/certificate.py#L94-L97).\n\
\n\n\n## Support Subject Name/Issuer Auth with a cert in .pem[Subject Name/Issuer\
\ Auth](https://github.com/AzureAD/microsoft-authentication-library-for-python/issues/60)\n\
is an approach to allow easier certificate rotation.*Added in version 0.5.0*:\n\
\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\"\
: [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\": \"default\"\
, \"force\": false, \"linenos\": false} -->\n\n````default\n\n {\n \"\
private_key\": \"...-----BEGIN PRIVATE KEY-----... in PEM format\",\n \
\ \"thumbprint\": \"A1B2C3D4E5F6...\",\n \"public_certificate\": \"...-----BEGIN\
\ CERTIFICATE-----...\",\n \"passphrase\": \"Passphrase if the private_key\
\ is encrypted (Optional. Added in version 1.6.0)\",\n }\n ````\n\n`public_certificate`\
\ (optional) is public key certificate\nwhich will be sent through 'x5c' JWT\
\ header only for\nsubject name and issuer authentication to support cert auto\
\ rolls.Per [specs](https://tools.ietf.org/html/rfc7515#section-4.1.6),\n\"\
the certificate containing\nthe public key corresponding to the key used to\
\ digitally sign the\nJWS MUST be the first certificate. This MAY be followed\
\ by\nadditional certificates, with each subsequent certificate being the\n\
one used to certify the previous one.\"\nHowever, your certificate's issuer\
\ may use a different order.\nSo, if your attempt ends up with an error AADSTS700027\
\ -\n\"The provided signature value did not match the expected signature value\"\
,\nyou may try use only the leaf cert (in PEM/str format) instead.\n\n*Added\
\ in version 1.13.0*:\nIt can also be a completely pre-signed assertion that\
\ you've assembled yourself.\nSimply pass a container containing only the key\
\ \"client_assertion\", like this:\n\n<!-- literal_block {\"ids\": [], \"classes\"\
,\nyou may try use only the leaf cert (in PEM/str format) instead.\n\n\n\n##\
\ Supporting raw assertion obtained from elsewhere*Added in version 1.13.0*:\n\
It can also be a completely pre-signed assertion that you've assembled yourself.\n\
Simply pass a container containing only the key \"client_assertion\", like this:\n\
\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\"\
: [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\": \"default\"\
, \"force\": false, \"linenos\": false} -->\n\n````default\n\n {\n \"\
client_assertion\": \"...a JWT with claims aud, exp, iss, jti, nbf, and sub...\"\
\n }\n ````\n\n\n\n## Supporting reading client cerficates from PFX files*Added\
\ in version 1.29.0*:\nFeed in a dictionary containing the path to a PFX file:\n\
\n<!-- literal_block {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\"\
: [], \"backrefs\": [], \"xml:space\": \"preserve\", \"language\": \"default\"\
, \"force\": false, \"linenos\": false} -->\n\n````default\n\n {\n \"\
private_key_pfx_path\": \"/path/to/your.pfx\",\n \"passphrase\": \"Passphrase\
\ if the private_key is encrypted (Optional)\",\n }\n ````\n\nThe following\
\ command will generate a .pfx file from your .key and .pem file:\n\n<!-- literal_block\
\ {\"ids\": [], \"classes\": [], \"names\": [], \"dupnames\": [], \"backrefs\"\
: [], \"xml:space\": \"preserve\", \"language\": \"default\", \"force\": false,\
\ \"linenos\": false} -->\n\n````default\n\n openssl pkcs12 -export -out certificate.pfx\
\ -inkey privateKey.key -in certificate.pem\n ````\n\n\n\n## Support Subject\
\ Name/Issuer Auth with a cert in .pfx*Added in version 1.30.0*:\nIf your .pfx\
\ file contains both the private key and public cert,\nyou can opt in for Subject\
\ Name/Issuer Auth like this:\n\n<!-- literal_block {\"ids\": [], \"classes\"\
: [], \"names\": [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\"\
, \"language\": \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\
\n {\n \"client_assertion\": \"...a JWT with claims aud, exp, iss, jti,\
\ nbf, and sub...\"\n }\n ````\n\n\n\n## Supporting reading client cerficates\
\ from PFX files*Added in version 1.29.0*:\nFeed in a dictionary containing\
\ the path to a PFX file:\n\n<!-- literal_block {\"ids\": [], \"classes\": [],\
\ \"names\": [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\"\
, \"language\": \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\
\n {\n \"private_key_pfx_path\": \"/path/to/your.pfx\",\n \"passphrase\"\
: \"Passphrase if the private_key is encrypted (Optional. Added in version 1.6.0)\"\
,\n }\n ````\n\nThe following command will generate a .pfx file from your\
\ .key and .pem file:\n\n<!-- literal_block {\"ids\": [], \"classes\": [], \"\
names\": [], \"dupnames\": [], \"backrefs\": [], \"xml:space\": \"preserve\"\
, \"language\": \"default\", \"force\": false, \"linenos\": false} -->\n\n````default\n\
\n openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.pem\n\
\ ````"
\n {\n \"private_key_pfx_path\": \"/path/to/your.pfx\",\n \"public_certificate\"\
: True,\n \"passphrase\": \"Passphrase if the private_key is encrypted\
\ (Optional)\",\n }\n ````"
defaultValue: None
types:
- <xref:typing.Union>[<xref:dict>, <xref:str>]
- <xref:typing.Union>[<xref:dict>, <xref:str>, <xref:None>]
- name: client_claims
description: "*Added in version 0.5.0*:\nIt is a dictionary of extra claims that\
\ would be signed by\nby this <xref:msal.application.ConfidentialClientApplication>\
Expand Down