D6ifddlmZddlmZddlmZdZ d ddddddddddddd dZed Zy) )g) LocalProxy)OAuth2ConsumerBlueprintz,Steven MARTINS Ncommon) scope redirect_url redirect_to login_urlauthorized_url session_classstoragetenantprompt domain_hint login_hint rule_kwargsc  |xsgd}d| d}d| d}i}| r| |d<| r| |d<| r| |d<tdtf|||d ||d |vr|nd |||||||| d d jd<djd<jfd}S)a= Make a blueprint for authenticating with Azure AD using OAuth 2. This requires a client ID and client secret from Azure AD. You should either pass them to this constructor, or make sure that your Flask application config defines them, using the variables :envvar:`AZURE_OAUTH_CLIENT_ID` and :envvar:`AZURE_OAUTH_CLIENT_SECRET`. Args: client_id (str): The client ID for your application on Azure AD. client_secret (str): The client secret for your application on Azure AD scope (str, optional): comma-separated list of scopes for the OAuth token. If the ``offline_access`` scope is included, automatic token refresh will be enabled. `See the Azure documentation for more information. `_ redirect_url (str): the URL to redirect to after the authentication dance is complete redirect_to (str): if ``redirect_url`` is not defined, the name of the view to redirect to after the authentication dance is complete. The actual URL will be determined by :func:`flask.url_for` login_url (str, optional): the URL path for the ``login`` view. Defaults to ``/azure`` authorized_url (str, optional): the URL path for the ``authorized`` view. Defaults to ``/azure/authorized``. session_class (class, optional): The class to use for creating a Requests session. Defaults to :class:`~flask_dance.consumer.requests.OAuth2Session`. storage: A token storage class, or an instance of a token storage class, to use for this blueprint. Defaults to :class:`~flask_dance.consumer.storage.session.SessionStorage`. tenant: Determine which accounts are allowed to authenticate with Azure. `See the Azure documentation for more information about this parameter. `_ Defaults to ``common``. prompt (str, optional): Indicate the type of user interaction that is required. Valid values are ``login``, ``select_account``, ``consent``, ``admin_consent``. Learn more about the options `here. `_ Defaults to ``None`` domain_hint (str, optional): Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain_hint is a registered domain for the tenant. If the tenant is federated to an on-premises directory, AAD redirects to the specified tenant federation server. Defaults to ``None`` login_hint (str, optional): Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know their username ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim. Defaults to ``None`` rule_kwargs (dict, optional): Additional arguments that should be passed when adding the login and authorized routes. Defaults to ``None``. :rtype: :class:`~flask_dance.consumer.OAuth2ConsumerBlueprint` :returns: A :doc:`blueprint ` to attach to your Flask app. )openidemailprofilez User.Readz"https://login.microsoftonline.com/z/oauth2/v2.0/tokenz/oauth2/v2.0/authorizerrrazurezhttps://graph.microsoft.comoffline_accessN) client_id client_secretrbase_urlauthorization_url token_urlauto_refresh_urlrr r r authorization_url_paramsr r rAZURE_OAUTH_CLIENT_IDrAZURE_OAUTH_CLIENT_SECRETrc0jt_yN)sessionrflask_dance_azure)azure_bps\/home/azureuser/techstart-app/venv/lib/python3.12/site-packages/flask_dance/contrib/azure.pyset_applocal_sessionz2make_azure_blueprint..set_applocal_sessionss&..)r__name__ from_configbefore_app_request)rrrrr r r r r rrrrrrrrr(r&s @r'make_azure_blueprintr- sP  @@E4VHr0zs 1..r))NN) flaskrwerkzeug.localrflask_dance.consumerr__maintainer__r-rr/r)r'r5s[%8?n    nb ./r)