Skip to content

Releases: AzureAD/microsoft-authentication-library-for-python

1.31.0

06 Sep 22:18
Compare
Choose a tag to compare

Highlight

The Broker-on-Mac feature is also blogged here

What's Changed

  • Integration with Broker-on-Mac in #596
  • Change Managed Identity detection logic on Arc in #731
  • Managed Identity supports CAE in #730
  • Support Managed Identity on Azure Container Instance (ACI) with Resource id in #741
  • Other refactoring in #740

Full Changelog: 1.30.0...1.31.0

1.30.0

17 Jul 03:59
Compare
Choose a tag to compare

What's Changed

  • New feature: Support Subject Name/Issuer authentication when using .pfx certificate file. Documentation available in one of the recent purple boxes here. #718
  • New feature: Automatically use SHA256 and PSS padding when using .pfx certificate on non-ADFS, non-OIDC authorities. #722
  • New feature: Expose refresh_on (if any) to fresh or cached response, so that caller may choose to proactively call acquire_token_silent() early. #723
  • Bugfix for token cache search. MSAL 1.27+ customers please upgrade to MSAL 1.30+. #717

Full Changelog: 1.29.0...1.30.0

MSAL Python 1.29.0

22 Jun 02:11
Compare
Choose a tag to compare

Highlight

The Managed Identity feature is also blogged here

What's Changed

  • New feature: Supports Managed Identity for Azure VM, App Service (including Azure Functions, Azure Automation), Service Fabric, Azure Machine Learning, Arc, etc.. Comes with a sample, its configuration via ENV VAR, and its API documentation. (#58, #480, #634, #674)
  • New feature: Support reading ConfidentialClientApplication's cert from a pfx file (#684, #699)
  • New feature: TokenCache class has a new search() method which will return a generator of tokens. The old find() method still exists and returns a list, but MSAL 1.27+ will not call find() anymore. (#693, #644)
  • Change: Re-enable the username password flow to go through broker, if available. (#712)

New Contributors

Full Changelog: 1.28.1...1.29.0

MSAL Python 1.28.1

11 Jun 09:24
Compare
Choose a tag to compare
  • Change: pip install msal[broker] will now pick up the latest PyMsalRuntime 0.16.x which contains a bugfix for being run as administrator. This release fixes #707.

MSAL Python 1.28.0

19 Mar 06:54
Compare
Choose a tag to compare
  • New feature: PublicClientApplication and ConfidentialClientApplication have a new oidc_authority parameter that can be used to specify authority of any generic OpenID Connect authority, typically the customized domain for CIAM. (#676, #678)
  • Dropping Python 2.7

MSAL Python 1.27.0

22 Feb 20:26
Compare
Choose a tag to compare

What's Changed

Release Notes:

  • New feature: remove_tokens_for_client() will remove tokens acquired by acquire_token_for_client() (#640, #650, #666)
  • Performance: Throughput of token-cache-hit happy path is roughly 2x faster (#644)
  • Adjustment: MSAL no longer attempts to validate an ID token's time (#656, #657)
  • Adjustment: Bump upstream broker dependency to 0.14.x
  • Improvement: Better chance to remove accounts from broker (#651)
  • Improvement: Cleaner console output when the http local server is visited in https protocol (#546)
  • Improvement: Reduce a bare except clause (#667)

Note:

  • The previous preview features in previous 1.27.0b2 requires more beta testing, so they did NOT make it to 1.27.0. If you want to beta test 1.27.0b2, follow its own instruction.
  • MSAL Python 1.27 is the last version that still runs on Python 2.7

New Contributors

Full Changelog: 1.26.0...1.27.0

MSAL Python 1.27.0b2

09 Dec 01:39
Compare
Choose a tag to compare
MSAL Python 1.27.0b2 Pre-release
Pre-release

This beta release is a preview for the broker-on-Mac support. You can install it by pip install msal==1.27.0b2. Please refer to this staged API Reference Doc for how to opt into this new feature.

(Note to MSAL maintenance team: The tag was accidentally named "...b1", while the actual version number was "...b2". This is not a problem when we eventually do it right when shipping the stable "1.27.0" in the future.)

MSAL Python 1.26.0

05 Dec 09:05
Compare
Choose a tag to compare
  • Do not auto-detect region if app developer does not opt-in to region (#629, #630)
  • Support Proof-of-Possession (PoP) for Public Client based on broker (#511)

MSAL Python 1.25.0

04 Nov 00:11
Compare
Choose a tag to compare
  • Deprecation: allow_broker will be replaced by enable_broker_on_windows (#613)
  • Bugfix: Device Code Flow (and Username Password Flow) and its subsequent silent request will automatically bypass broker and succeed. (#569)
  • Enhancement: acquire_token_interactive() supports running inside Docker
  • Observability: Successful token response will contain a new token_source field to indicate where the token was obtained from: identity_provider, cache or broker. (#610)

MSAL Python 1.24.1

29 Sep 07:51
Compare
Choose a tag to compare

Includes minor adjustments on handling acquire_token_interactive(). The scope of the issue being addressed was limited to a short-lived sign-in attempt. The potential misuse vector complexity was high, therefore it is unlikely to be reproduced in standard usage scenarios; however, out of abundance of caution, this fix is shipped to align ourselves with Microsoft's policy of secure-by-default.