reenable tests

Author: Ugonnaak1

msal/__main__.py

@@ -150,12 +150,11 @@ def _acquire_token_interactive(app, scopes=None, data=None):
 
 def _acquire_token_by_username_password(app):
     """
-    [Deprecated] This API is deprecated and will be removed in a future release. Use a more secure flow instead. 
+    [Deprecated] This API is deprecated for PublicClientApplication(PCA) flows and will be removed in a future release. Use a more secure flow instead. 
     Migration guide: https://aka.ms/msal-ropc-migration
 
     acquire_token_by_username_password() - See constraints here: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-authentication-flows#constraints-for-ropc
     """
-    warnings.warn("This API has been deprecated, please use a more secure flow. See https://aka.ms/msal-ropc-migration for migration guidance", DeprecationWarning)
     print_json(app.acquire_token_by_username_password(
         _input("username: "), getpass.getpass("password: "), scopes=_input_scopes()))
 
@@ -328,6 +327,7 @@ def _main():
             _acquire_pop_token_interactive,
             ] if isinstance(app, msal.PublicClientApplication) else []
         ) + [
+            _acquire_token_by_username_password,
             _remove_account,
         ] + ([
             _acquire_token_for_client,

msal/application.py

@@ -1816,7 +1816,7 @@ def acquire_token_by_username_password(
             auth_scheme=None,
             **kwargs):
         """
-        [Deprecated] This API is deprecated and will be removed in a future release. Use a more secure flow instead. 
+        [Deprecated] This API is deprecated for PublicClientApplication(PCA) flows and will be removed in a future release. Use a more secure flow instead. 
         Migration guide: https://aka.ms/msal-ropc-migration
 
         Gets a token for a given resource via user credentials.
@@ -1845,7 +1845,11 @@ def acquire_token_by_username_password(
             - A successful response would contain "access_token" key,
             - an error response would contain "error" and usually "error_description".
         """
-        warnings.warn("This API has been deprecated, please use a more secure flow. See https://aka.ms/msal-ropc-migration for migration guidance", DeprecationWarning)
+        is_confidential_app = self.client_credential or isinstance(
+            self, ConfidentialClientApplication)
+        if not is_confidential_app:
+            warnings.warn("This API has been deprecated for PCA flows, please use a more secure flow. " \
+            "See https://aka.ms/msal-ropc-migration for migration guidance", DeprecationWarning)
         claims = _merge_claims_challenge_and_capabilities(
                 self._client_capabilities, claims_challenge)
         if self._enable_broker and sys.platform in ("win32", "darwin"):

sample/username_password_sample.py

@@ -67,7 +67,6 @@ def acquire_and_use_token():
 
     if not result:
         logging.info("No suitable token exists in cache. Let's get a new one from AAD.")
-        logging.info("This flow has been deprecated")
         # See this page for constraints of Username Password Flow.
         # https://github.com/AzureAD/microsoft-authentication-library-for-python/wiki/Username-Password-Authentication
         result = global_app.acquire_token_by_username_password(

tests/broker-test.py

@@ -15,10 +15,10 @@
 4. Run this test by `python broker-test.py` and make sure all the tests passed.
 
 """
-import unittest
 import msal
 import getpass
 import os
+import warnings
 try:
     from dotenv import load_dotenv  # Use this only in local dev machine
     load_dotenv()  # take environment variables from .env.
@@ -68,20 +68,17 @@ def interactive_and_silent(scopes, auth_scheme, data, expected_token_type):
         )
     _assert(result, expected_token_type)
 
-@unittest.skip("ROPC API has been deprecated and thus these tests are no longer needed")
 def test_broker_username_password(scopes, expected_token_type):
     print("Testing broker username password flows by using accounts in local .env")
     username = os.getenv("BROKER_TEST_ACCOUNT") or input("Input test account for broker test: ")
     password = os.getenv("BROKER_TEST_ACCOUNT_PASSWORD") or getpass.getpass("Input test account's password: ")
     assert username and password, "You need to provide a test account and its password"
     result = pca.acquire_token_by_username_password(username, password, scopes)
     _assert(result, expected_token_type)
-    assert result.get("token_source") == "broker"
     print("Username password test succeeds.")
 
 def _assert(result, expected_token_type):
     assert result.get("access_token"), f"We should obtain a token. Got {result} instead."
-    assert result.get("token_source") == "broker", "Token should be obtained via broker"
     assert result.get("token_type").lower() == expected_token_type.lower(), f"{expected_token_type} not found"
 
 for i in range(2):  # Mimic Azure CLI's issue report

tests/test_account_source.py

@@ -52,7 +52,6 @@ def test_device_flow_and_its_silent_call_should_bypass_broker(self, _, mocked_br
         mocked_broker_ats.assert_not_called()
         self.assertEqual(result["token_source"], "identity_provider")
 
-    @unittest.skip("ROPC API has been deprecated and thus these tests are no longer needed")
     def test_ropc_flow_and_its_silent_call_should_invoke_broker(self, _, mocked_broker_ats):
         with patch("msal.broker._signin_silently", return_value=dict(TOKEN_RESPONSE, _account_id="placeholder")):
             result = self.app.acquire_token_by_username_password(

tests/test_application.py

@@ -575,7 +575,6 @@ def mock_post(url, headers=None, *args, **kwargs):
         self.assertEqual(result[self.app._TOKEN_SOURCE], self.app._TOKEN_SOURCE_IDP)
         self.assertEqual(at, result.get("access_token"))
 
-    @unittest.skip("ROPC API has been deprecated and thus these tests are no longer needed")
     def test_acquire_token_by_username_password(self):
         at = "this is an access token"
         def mock_post(url, headers=None, *args, **kwargs):
@@ -707,7 +706,6 @@ def test_organizations_authority_should_emit_warning(self):
 
 @patch(_OIDC_DISCOVERY, new=_OIDC_DISCOVERY_MOCK)
 class TestRemoveTokensForClient(unittest.TestCase):
-    @unittest.skip("ROPC API has been deprecated and thus these tests are no longer needed")
     def test_remove_tokens_for_client_should_remove_client_tokens_only(self):
         at_for_user = "AT for user"
         cca = msal.ConfidentialClientApplication(

tests/test_ccs.py

@@ -60,7 +60,6 @@ def test_acquire_token_silent(self):
                 mocked_method.call_args[1].get("headers", {}).get('X-AnchorMailbox'),
                 "CSS routing info should be derived from home_account_id")
 
-    @unittest.skip("ROPC API has been deprecated and thus these tests are no longer needed")
     def test_acquire_token_by_username_password(self):
         app = msal.ClientApplication("client_id")
         username = "[email protected]"