Merge pull request #415 from microsoft/shem/enable_cae_by_default

Enable CAE by Default
microsoft · Aug 21, 2024 · 84c3d9e · 84c3d9e
2 parents 7489b6f + 25bdc12
commit 84c3d9e
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 12 deletions.
diff --git a/.gitignore b/.gitignore
@@ -50,6 +50,7 @@ coverage.xml
 *.py,cover
 .hypothesis/
 .pytest_cache/
+.idea/
 
 # Translations
 *.mo

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+
+## [1.1.0] - 2023-10-31
+
+### Added
+Enabled CAE by default
+
 ## [1.0.0] - 2023-10-31
 
 ### Added

diff --git a/kiota_authentication_azure/_version.py b/kiota_authentication_azure/_version.py
@@ -1 +1 @@
-VERSION: str = '1.0.0'
+VERSION: str = '1.1.0'
diff --git a/kiota_authentication_azure/azure_identity_access_token_provider.py b/kiota_authentication_azure/azure_identity_access_token_provider.py
@@ -33,6 +33,7 @@ def __init__(
         options: Optional[Dict],
         scopes: List[str] = [],
         allowed_hosts: List[str] = [],
+        is_cae_enabled: bool = True,
     ) -> None:
         if not credentials:
             raise ValueError("Parameter credentials cannot be null")
@@ -45,10 +46,13 @@ def __init__(
         self._credentials = credentials
         self._scopes = scopes
         self._options = options
+        self._is_cae_enabled = is_cae_enabled
         self._allowed_hosts_validator = AllowedHostsValidator(allowed_hosts)
 
     async def get_authorization_token(
-        self, uri: str, additional_authentication_context: Dict[str, Any] = {}
+        self,
+        uri: str,
+        additional_authentication_context: Dict[str, Any] = {},
     ) -> str:
         """This method is called by the BaseBearerTokenAuthenticationProvider class to get the
         access token.
@@ -97,10 +101,15 @@ async def get_authorization_token(
 
             if self._options:
                 result = self._credentials.get_token(
-                    *self._scopes, claims=decoded_claim, **self._options
+                    *self._scopes,
+                    claims=decoded_claim,
+                    is_cae_enabled=self._is_cae_enabled,
+                    **self._options
                 )
             else:
-                result = self._credentials.get_token(*self._scopes, claims=decoded_claim)
+                result = self._credentials.get_token(
+                    *self._scopes, claims=decoded_claim, is_cae_enabled=self._is_cae_enabled
+                )
 
             if inspect.isawaitable(result):
                 result = await result

diff --git a/kiota_authentication_azure/azure_identity_authentication_provider.py b/kiota_authentication_azure/azure_identity_authentication_provider.py
@@ -17,6 +17,7 @@ def __init__(
         options: Optional[Dict] = None,
         scopes: List[str] = [],
         allowed_hosts: List[str] = [],
+        is_cae_enabled: bool = True,
     ) -> None:
         """[summary]
 
@@ -30,5 +31,7 @@ def __init__(
                 authentication.
         """
         super().__init__(
-            AzureIdentityAccessTokenProvider(credentials, options, scopes, allowed_hosts)
+            AzureIdentityAccessTokenProvider(
+                credentials, options, scopes, allowed_hosts, is_cae_enabled=is_cae_enabled
+            )
         )
diff --git a/tests/test_azure_identity_authentication_provider.py b/tests/test_azure_identity_authentication_provider.py
@@ -6,7 +6,6 @@
 )
 from unittest.mock import MagicMock
 
-
 from .helpers import DummyAsyncAzureTokenCredential, DummySyncAzureTokenCredential
 
 
@@ -24,20 +23,24 @@ async def test_valid_instantiation_without_options():
     assert isinstance(auth_provider, AzureIdentityAuthenticationProvider)
     assert 'authorization' in request_info.request_headers
 
+
 @pytest.mark.asyncio
 async def test_adds_claim_to_the_token_context(mocker):
     credential = DummyAsyncAzureTokenCredential()
     mocker.patch.object(credential, 'get_token', autospec=True)
     auth_provider = AzureIdentityAuthenticationProvider(credential)
-    
+
     request_info = RequestInformation()
     request_info.url = "https://graph.microsoft.com"
     await auth_provider.authenticate_request(
-        request_info,
-        {"claims": "eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTY1MjgxMzUwOCJ9fX0="}
-        )
+        request_info, {
+            "claims":
+            "eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTY1MjgxMzUwOCJ9fX0="
+        }
+    )
     assert isinstance(auth_provider, AzureIdentityAuthenticationProvider)
     credential.get_token.assert_called_once_with(
         'https://graph.microsoft.com/.default',
-        claims = """{"access_token":{"nbf":{"essential":true, "value":"1652813508"}}}"""
-    )
+        claims="""{"access_token":{"nbf":{"essential":true, "value":"1652813508"}}}""",
+        is_cae_enabled=True
+    )