Azure-Samples
diff --git a/‎msal-device-flow-python/README.md‎
Lines changed: 132 additions & 0 deletions b/‎msal-device-flow-python/README.md‎
Lines changed: 132 additions & 0 deletions
diff --git a/‎msal-device-flow-python/app.py‎
Lines changed: 41 additions & 0 deletions b/‎msal-device-flow-python/app.py‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎msal-device-flow-python/requirements.txt‎
Lines changed: 5 additions & 0 deletions b/‎msal-device-flow-python/requirements.txt‎
Lines changed: 5 additions & 0 deletions
@@ -0,0 +1,132 @@
+<!-- Keeping yaml frontmatter commented out for now
+---
+# Metadata required by https://docs.microsoft.com/samples/browse/
+# Metadata properties: https://review.docs.microsoft.com/help/contribute/samples/process/onboarding?branch=main#add-metadata-to-readme
+languages:
+- Python
+page_type: sample
+name: "Python console application that makes a request to the Graph API via the Device Code flow"
+description: "This Python console application uses the device code flow for authentication and then makes a request to Microsoft Graph for the user's profile data."
+products:
+- azure
+- azure-active-directory
+- ms-graph
+urlFragment: ms-identity-docs-code-app-device-code-python
+---
+-->
+
+# Python | console | user sign-in, protected web API access (Microsoft Graph) | Microsoft identity platform
+
+<!-- Build badges here
+![Build passing.](https://img.shields.io/badge/build-passing-brightgreen.svg) ![Code coverage.](https://img.shields.io/badge/coverage-100%25-brightgreen.svg) ![License.](https://img.shields.io/badge/license-MIT-green.svg)
+-->
+
+This Python console application authenticates a user via the device code flow, and then makes a request to the Graph API as the authenticated user. The response to the request is printed to the terminal.
+
+```console
+$ python3 app.py
+To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXXXXXXXX to authenticate.
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
+ "businessPhones": ["+1 (999) 5551001"],
+ "displayName": "Contoso Employee",
+ "givenName": "Contoso",
+ "jobTitle": "Worker",
+ "mail": "cemployee@contoso.com",
+ "mobilePhone": "1 999-555-1001",
+ "officeLocation": "Contoso Plaza/F30",
+ "preferredLanguage": null,
+ "surname": "Employee",
+ "userPrincipalName": "contoso_employee@contoso.com",
+ "id": "e3a49d8b-d849-48eb-9947-37c1f9589812"
+}
+```
+## Prerequisites
+
+- Azure Active Directory (Azure AD) tenant and the permissions or role required for managing app registrations in the tenant.
+- Python 3
+
+## Setup
+
+### 1. Register the app
+
+First, complete the steps in [Register an application with the Microsoft identity platform](https://docs.microsoft.com/azure/active-directory/develop/quickstart-register-app) to register the application.
+
+Use these settings in your app registration.
+
+| App registration <br/> setting | Value for this sample app | Notes |
+|---------------------------------:|:-----------------------------------------------------------------------------|:---------------------------------------------------------------------------------------------------|
+| **Name** | `Python Device Code Flow App` | Suggested value for this sample. <br/> You can change the app name at any time. |
+| **Supported account types** | **Accounts in this organizational directory only (Single tenant)** | Suggested value for this sample. |
+| **Platform type** | _None_ | No redirect URI required; don't select a platform. |
+| **Allow public client flows** | **Yes** | Required value for this sample. |
+
+> :information_source: **Bold text** in the tables above matches (or is similar to) a UI element in the Azure portal, while `code formatting` indicates a value you enter into a text box in the Azure portal.
+
+### 2. Update code sample with app registration values
+
+```python
+# Full directory URL, in the form of https://login.microsoftonline.com/<tenant>
+"authority": "",
+
+# 'Application (client) ID' of app registration in Azure portal - this value is a GUID
+"client_id": ""
+```
+
+### 3. Install package(s)
+
+To install MSAL libraries:
+
+```bash
+pip install -r requirements.txt
+```
+
+## Run the application
+
+```bash
+python3 app.py
+```
+
+Follow the device code flow instructions that are presented. If everything worked, you should receive a response similar to this:
+
+```json
+{
+ "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
+ "businessPhones": ["+1 (999) 5551001"],
+ "displayName": "Contoso Employee",
+ "givenName": "Contoso",
+ "jobTitle": "Worker",
+ "mail": "cemployee@contoso.com",
+ "mobilePhone": "1 999-555-1001",
+ "officeLocation": "Contoso Plaza/F30",
+ "preferredLanguage": null,
+ "surname": "Employee",
+ "userPrincipalName": "contoso_employee@contoso.com",
+ "id": "e3a49d8b-d849-48eb-9947-37c1f9589812"
+}
+```
+
+## About the code
+
+This Python console application prompts the user to sign in via their device using a code provided by Microsoft Authentication Library (MSAL). Upon successful authentication, the 'Requests' library then makes an HTTP GET request to the Microsoft Graph /me endpoint with the user's access token in the HTTP header. The response from the GET request is then displayed to the console.
+
+## Reporting problems
+
+### Sample app not working?
+
+If you can't get the sample working, you've checked [Stack Overflow](http://stackoverflow.com/questions/tagged/msal), and you've already searched the issues in this sample's repository, open an issue report the problem.
+
+1. Search the [GitHub issues](../../issues) in the repository - your problem might already have been reported or have an answer.
+1. Nothing similar? [Open an issue](../../issues/new) that clearly explains the problem you're having running the sample app.
+
+### All other issues
+
+> :warning: WARNING: Any issue in this repository _not_ limited to running one of its sample apps will be closed without being addressed.
+
+For all other requests, see [Support and help options for developers | Microsoft identity platform](https://docs.microsoft.com/azure/active-directory/develop/developer-support-help-options).
+
+## Contributing
+
+If you'd like to contribute to this sample, see [CONTRIBUTING.MD](/CONTRIBUTING.md).
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information, see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
@@ -0,0 +1,41 @@
+"""
+A Python application that demonstrates how to use the
+Device Code flow to make an API call to Microsoft Graph.
+"""
+
+# Microsoft Authentication Library (MSAL) for Python
+import msal
+
+# Used to allow the app to make the HTTP request to Graph
+import requests
+
+# MSAL configs
+config = {
+ # Full directory URL, in the form of https://login.microsoftonline.com/<tenant>
+ "authority": "",
+ # 'Application (client) ID' of app registration in Azure portal - this value is a GUID
+ "client_id": "",
+}
+
+# Create a MSAL public client application
+msalClientApp = msal.PublicClientApplication(
+ config["client_id"], authority=config["authority"]
+)
+
+# Initialize the Device Code flow for the necessary scope(s)
+deviceFlow = msalClientApp.initiate_device_flow(scopes=["User.Read"])
+
+# Displays a message instructing the user to authenticate via their browser
+print(deviceFlow["message"], flush=True)
+
+# Get the Graph access token from MSAL
+msalResponse = msalClientApp.acquire_token_by_device_flow(deviceFlow)
+
+if "access_token" in msalResponse:
+ # Make an HTTP GET request to the Graph API using the access token and display the response
+ print(
+ requests.get(
+ "https://graph.microsoft.com/v1.0/me",
+ headers={"Authorization": "Bearer " + msalResponse["access_token"]},
+ ).json()
+ )
@@ -0,0 +1,5 @@
+# Microsoft Authentication Library for Python
+msal==1.16.0
+
+# Requests
+requests==2.27.1