diff --git a/app.py b/app.py index bfa3fa8..784cb72 100644 --- a/app.py +++ b/app.py @@ -21,6 +21,9 @@ app.teardown_appcontext(db.close_db) app.cli.add_command(db.init_db_command) app.register_blueprint(auth.bp) +# first time start up masl token acquire for test purposes (raises if not successful) +calendar_interface.get_access_token() + @app.route('/') @auth.login_required def index(): diff --git a/calendar_interface.py b/calendar_interface.py index b1c0faa..dcd514b 100644 --- a/calendar_interface.py +++ b/calendar_interface.py @@ -17,28 +17,29 @@ WEEKDAYS= {0:"Mo", 1:"Di", 2:"Mi", 3:"Do", 4: "Fr", 5:"Sa", 6: "So"} # logging.getLogger("msal").setLevel(logging.INFO) # Optionally disable MSAL DEBUG logs -def get_access_token(): +# Create a preferably long-lived app instance which maintains a token cache. +app = msal.ConfidentialClientApplication( + MsalConfig.CLIENT_ID, authority=MsalConfig.AUTHORITY, + client_credential=MsalConfig.SECRET, + # token_cache=... # Default cache is in memory only. + # You can learn how to use SerializableTokenCache from + # https:#msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache + ) - # Create a preferably long-lived app instance which maintains a token cache. - app = msal.ConfidentialClientApplication( - MsalConfig.CLIENT_ID, authority=MsalConfig.AUTHORITY, - client_credential=MsalConfig.SECRET, - # token_cache=... # Default cache is in memory only. - # You can learn how to use SerializableTokenCache from - # https:#msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache - ) +def get_access_token(): + global app # The pattern to acquire a token looks like this. result = None # Firstly, looks up a token from cache # Since we are looking for token for the current app, NOT for an end user, - # notice we give account parameter as None. # TODO: token never exists in cache; make app long living + # notice we give account parameter as None. result = app.acquire_token_silent(MsalConfig.SCOPE, account=None) if result is None: logging.info("No suitable token exists in cache. Let's get a new one from AAD.") - return app.acquire_token_for_client(scopes=MsalConfig.SCOPE) + result= app.acquire_token_for_client(scopes=MsalConfig.SCOPE) else: logging.info("Token was found in cache.") @@ -46,7 +47,7 @@ def get_access_token(): logging.error(result.get("error")) logging.error(result.get("error_description")) logging.error(result.get("correlation_id")) # You may need this when reporting a bug - raise AssertionError("No access token present") + raise AssertionError("Was not able to get an access token. Check msal auth.") return result diff --git a/config.py b/config.py index be9a94e..17ba75c 100644 --- a/config.py +++ b/config.py @@ -14,7 +14,6 @@ class Config(DefaultConfig): USER_ID = "simone.profus@propedal.at" CALENDAR_ID = "AAMkADY0MDg1MTVjLTg5ZjItNGQxYS04MGQ3LWY2NjJmYjM0YmZhOQBGAAAAAADXD7SdVoWYQI4RYXbBumMEBwAf_ngZxs71RonY3GuLL8TVAAAAAAEGAAAf_ngZxs71RonY3GuLL8TVAADHFxN2AAA=" # calendar id - determined by /users/id/calendars - class ProductionConfig(Config): SECRET_KEY = '\xacI4\x077\x16?Q\xb4")\xdb\x066\x95\x11i\x0b\x0c&\xb6rP\'' SECURITY_PASSWORD_SALT = '>\xe3\x9bz\xfd\xbc[\xe22\xcfK\xca\x88!\xd8\xd5,\xd0\x95\x0c\x02\xad\xfa\x9d'