Rebased

Updated Azure to allow defining authorization_url_params

Fix format for black

Fixed some doc issues with Python Requests preventing the tests passing

Revert "Fixed some doc issues with Python Requests preventing the tests passing"

This reverts commit b9ae3f4.

Author: gchq83514

CHANGELOG.rst

@@ -7,6 +7,7 @@ Changelog
   to include the ``client_id`` in the OAuth token request.
 * Removed Okta pre-set configuration, since it doesn't add any value over
   using ``OAuth2ConsumerBlueprint`` directly.
+* Updated Azure to allow defining ``authorization_url_params`` 
 
 `2.2.0`_ (2019-06-04)
 ---------------------

docs/conf.py

@@ -281,7 +281,7 @@
     "flask": ("http://flask.pocoo.org/docs/", None),
     "flask_login": ("https://flask-login.readthedocs.io/en/latest/", None),
     "werkzeug": ("http://werkzeug.pocoo.org/docs/", None),
-    "requests": ("https://requests.kennethreitz.org/en/latest/", None),
+    "requests": ("http://docs.python-requests.org/en/latest/", None),
     "oauthlib": ("https://oauthlib.readthedocs.io/en/latest/", None),
     "requests_oauthlib": ("https://requests-oauthlib.readthedocs.io/en/latest/", None),
     "sqlalchemy": ("https://docs.sqlalchemy.org/en/latest/", None),

docs/testing.rst

@@ -201,5 +201,5 @@ Provided Pytest Fixture
 
 .. _pytest: https://docs.pytest.org/
 .. _Betamax: https://github.com/betamaxpy/betamax
-.. _Requests: https://requests.kennethreitz.org/
+.. _Requests: http://docs.python-requests.org
 .. _@sigmavirus24: https://github.com/sigmavirus24/

flask_dance/contrib/azure.py

@@ -21,6 +21,7 @@ def make_azure_blueprint(
     redirect_to=None,
     login_url=None,
     authorized_url=None,
+    authorization_url_params=None,
     session_class=None,
     storage=None,
     tenant="common",
@@ -45,6 +46,10 @@ def make_azure_blueprint(
             Defaults to ``/azure``
         authorized_url (str, optional): the URL path for the ``authorized`` view.
             Defaults to ``/azure/authorized``.
+        authorization_url_params (dict, optional): A dict of extra
+            key-value pairs to include in the query string of the
+            ``authorization_url``, beyond those necessary for a standard
+            OAuth 2 authorization grant request.
         session_class (class, optional): The class to use for creating a
             Requests session. Defaults to
             :class:`~flask_dance.consumer.requests.OAuth2Session`.
@@ -78,6 +83,7 @@ def make_azure_blueprint(
         redirect_to=redirect_to,
         login_url=login_url,
         authorized_url=authorized_url,
+        authorization_url_params=authorization_url_params,
         session_class=session_class,
         storage=storage,
     )

tests/contrib/test_azure.py

@@ -26,13 +26,18 @@ def _make_app(*args, **kwargs):
 
 def test_blueprint_factory():
     azure_bp = make_azure_blueprint(
-        client_id="foo", client_secret="bar", scope="user.read", redirect_to="index"
+        client_id="foo",
+        client_secret="bar",
+        scope="user.read",
+        redirect_to="index",
+        authorization_url_params={"prompt": "select_account"},
     )
     assert isinstance(azure_bp, OAuth2ConsumerBlueprint)
     assert azure_bp.session.scope == "user.read"
     assert azure_bp.session.base_url == "https://graph.microsoft.com"
     assert azure_bp.session.client_id == "foo"
     assert azure_bp.client_secret == "bar"
+    assert azure_bp.authorization_url_params["prompt"] == "select_account"
     assert (
         azure_bp.authorization_url
         == "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"
@@ -50,12 +55,14 @@ def test_blueprint_factory_with_organization_tenant():
         scope="user.read",
         redirect_to="index",
         tenant="organizations",
+        authorization_url_params={"prompt": "select_account"},
     )
     assert isinstance(azure_orgs_bp, OAuth2ConsumerBlueprint)
     assert azure_orgs_bp.session.scope == "user.read"
     assert azure_orgs_bp.session.base_url == "https://graph.microsoft.com"
     assert azure_orgs_bp.session.client_id == "foo"
     assert azure_orgs_bp.client_secret == "bar"
+    assert azure_orgs_bp.authorization_url_params["prompt"] == "select_account"
     assert (
         azure_orgs_bp.authorization_url
         == "https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize"