Ray Luo

icon indicating a website link http://stackoverflow.com/users/728675/rayluo icon indicating an email [email protected]

icon company Microsoft icon location Redmond icon location Senior engineer in Azure. Working on Microsoft Authentication Library (MSAL), its extensions library, and their samples, in the Python ecosystem.

Results 242 comments of Ray Luo

Feature Request - IWA pass through capabilities - align with .net

@jorgst Thanks for your nudge. :-) We understand that this issue is currently already the most upvoted feature request in this repo. We will defnitely get around to it. From...

Feature Request - IWA pass through capabilities - align with .net

Sorry, it looks like [our roadmap page](https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Roadmap) does not currently provide future plan anymore. Perhaps we should re-draft a roadmap and/or just point people to our [kanban board](https://github.com/AzureAD/microsoft-authentication-library-for-python/projects/1). /CC: @navyasric...

The acquire_token_silent method sometimes does not return the idtoken and id_token_claims

Hi @arthur00, thanks for bringing this to our attention. Your observation is indeed the case. A more precise description is: 1. `acquire_token_silent()` will return a cached access token and such...

Leverage Code Quality tooling

Thanks! Our off-line conversation also mentioned an [internal docs on onboarding to sonarcloud](https://microsoft.sharepoint.com/teams/ADAL/_layouts/15/Doc.aspx?sourcedoc=%7B0339bdd6-b5e5-4d94-b4c9-ea47127f5023%7D&action=edit&wd=target(MiddleWare%2FSonarcloud.one%7Ca54c5dbc-d2bc-4bdf-a47b-c859bb250015%2FOnboarding+to+Sonarcloud%7C90ae486d-a34d-4990-8d4a-f42629a887b3%2F)&xsdata=MDR8MDF8cmF5bHVvQG1pY3Jvc29mdC5jb218Y2EyZjg2NTBiOWJiNGVkNTkzZmYwOGQ4NzEyMDgwMDN8NzJmOTg4YmY4NmYxNDFhZjkxYWIyZDdjZDAxMWRiNDd8MXwwfDYzNzM4MzczMTc1NDUwODkwMnxVbmtub3dufFRXRnBiR1pzYjNkOGV5SldJam9pTUM0d0xqQXdNREFpTENKUUlqb2lWMmx1TXpJaUxDSkJUaUk2SWsxaGFXd2lMQ0pYVkNJNk1uMD18MTAwMA%3D%3D&sdata=Y01TNGZSYWo0WkhTWmI0ZjM4U0ZHWGttazZHSStONkd5MVN2Y09KbkZnWT0%3D). We will need that when we pick up this task. :-)

example for web api token validation

Hi Cameron, thank you for your valuable question! You clearly did your research. :-) So, what you want is the token validation. And that is NOT the same as "client...

example for web api token validation

Hi @eprigorodov , thank you for the code review on our existing implementation. We love this community voices. :-) With regard to the topic you brought up above, it is...

example for web api token validation

Sorry, not yet. :-(

example for web api token validation

> I implemented my own code to validate the tokens, but ... > Is there any way I can contribute to such a feature? Feel free to share a link...

TokenCache.add calls .modify inefficiently

Such observation is valid. We could use some improvement here. Lucky that, in the expected calling pattern, `acquire_token_silent(...)` would typically hit a token from cache, so the expensive `TokenCache.add()` would...

[Feature Request] Raise MSAL specific error, instead of base error `ValueError`, `RuntimeError`

Thanks for bringing up this thought-provoking topic. Indeed, MSAL tends to use generic exceptions. The `PersistenceError` was actually an exception (pun not intended) to that convention, because there was a...