make msal app instance long living

app.py

@@ -21,6 +21,9 @@ app.teardown_appcontext(db.close_db)
 app.cli.add_command(db.init_db_command)
 app.register_blueprint(auth.bp)
 
+# first time start up masl token acquire for test purposes (raises if not successful)
+calendar_interface.get_access_token()
+
 @app.route('/')
 @auth.login_required
 def index():

calendar_interface.py

@@ -17,28 +17,29 @@ WEEKDAYS= {0:"Mo", 1:"Di", 2:"Mi", 3:"Do", 4: "Fr", 5:"Sa", 6: "So"}
 
 # logging.getLogger("msal").setLevel(logging.INFO)  # Optionally disable MSAL DEBUG logs
 
-def get_access_token():
+# Create a preferably long-lived app instance which maintains a token cache.
+app = msal.ConfidentialClientApplication(
+    MsalConfig.CLIENT_ID, authority=MsalConfig.AUTHORITY,
+    client_credential=MsalConfig.SECRET,
+    # token_cache=...  # Default cache is in memory only.
+                    # You can learn how to use SerializableTokenCache from
+                    # https:#msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache
+    )
 
-    # Create a preferably long-lived app instance which maintains a token cache.
-    app = msal.ConfidentialClientApplication(
-        MsalConfig.CLIENT_ID, authority=MsalConfig.AUTHORITY,
-        client_credential=MsalConfig.SECRET,
-        # token_cache=...  # Default cache is in memory only.
-                        # You can learn how to use SerializableTokenCache from
-                        # https:#msal-python.readthedocs.io/en/latest/#msal.SerializableTokenCache
-        )
+def get_access_token():
+    global app
 
     # The pattern to acquire a token looks like this.
     result = None
 
     # Firstly, looks up a token from cache
     # Since we are looking for token for the current app, NOT for an end user,
-    # notice we give account parameter as None. # TODO: token never exists in cache; make app long living
+    # notice we give account parameter as None.
     result = app.acquire_token_silent(MsalConfig.SCOPE, account=None)
 
     if result is None:
         logging.info("No suitable token exists in cache. Let's get a new one from AAD.")
-        return app.acquire_token_for_client(scopes=MsalConfig.SCOPE)
+        result= app.acquire_token_for_client(scopes=MsalConfig.SCOPE)
     else:
         logging.info("Token was found in cache.")
 
@@ -46,7 +47,7 @@ def get_access_token():
         logging.error(result.get("error"))
         logging.error(result.get("error_description"))
         logging.error(result.get("correlation_id"))  # You may need this when reporting a bug
-        raise AssertionError("No access token present")
+        raise AssertionError("Was not able to get an access token. Check msal auth.")
 
     return result
 

config.py

@@ -14,7 +14,6 @@ class Config(DefaultConfig):
     USER_ID = "simone.profus@propedal.at"
     CALENDAR_ID = "AAMkADY0MDg1MTVjLTg5ZjItNGQxYS04MGQ3LWY2NjJmYjM0YmZhOQBGAAAAAADXD7SdVoWYQI4RYXbBumMEBwAf_ngZxs71RonY3GuLL8TVAAAAAAEGAAAf_ngZxs71RonY3GuLL8TVAADHFxN2AAA=" # calendar id -  determined by /users/id/calendars
 
-
 class ProductionConfig(Config):
     SECRET_KEY = '\xacI4\x077\x16?Q\xb4")\xdb\x066\x95\x11i\x0b\x0c&\xb6rP\''
     SECURITY_PASSWORD_SALT = '>\xe3\x9bz\xfd\xbc[\xe22\xcfK\xca\x88!\xd8\xd5,\xd0\x95\x0c\x02\xad\xfa\x9d'