E2e test for refresh_in behavior

Author: rayluo

tests/test_e2e.py

@@ -185,12 +185,14 @@ def _test_acquire_token_interactive(
             self, client_id=None, authority=None, scope=None, port=None,
             username_uri="",  # But you would want to provide one
             data=None,  # Needed by ssh-cert feature
+            login_hint=None,
             **ignored):
         assert client_id and authority and scope
         self.app = msal.PublicClientApplication(
             client_id, authority=authority, http_client=MinimalHttpClient())
         result = self.app.acquire_token_interactive(
             scope,
+            login_hint=login_hint,
             timeout=120,
             port=port,
             welcome_template=  # This is an undocumented feature for testing
@@ -212,6 +214,29 @@ def _test_acquire_token_interactive(
         return result  # For further testing
 
 
+class RefreshInBehavior(E2eTestCase):
+    def test_refresh_in_should_be_available(self):
+        """The refresh_in claim in an AT will only be issued when:
+
+        * An MSAL library is in allowlist
+        * token lifetime > 2 hours. configured by token lifetime policy for your app
+        """
+        result = self._test_acquire_token_interactive(
+            client_id="880ed52d-22df-4916-8077-53b393439e02",
+            authority="https://login.microsoftonline.com/msidlab6.onmicrosoft.com",
+            scope=["https://msidlab6-my.sharepoint.com/.default"],
+            username_uri="https://msidlab.com/api/user/[email protected]",
+            login_hint="[email protected]",
+            )
+        self.assertNotIn("refresh_in", result.keys(), "Should filter out refresh_in")
+        _, token_in_cache = self.app.token_cache._cache["AccessToken"].popitem()
+        self.assertIn(
+            "refresh_on",
+            token_in_cache.keys(),
+            "refresh_on should be in cached AT {}".format(
+                json.dumps(token_in_cache, indent=4)))
+
+
 class SshCertTestCase(E2eTestCase):
     _JWK1 = """{"kty":"RSA", "n":"2tNr73xwcj6lH7bqRZrFzgSLj7OeLfbn8216uOMDHuaZ6TEUBDN8Uz0ve8jAlKsP9CQFCSVoSNovdE-fs7c15MxEGHjDcNKLWonznximj8pDGZQjVdfK-7mG6P6z-lgVcLuYu5JcWU_PeEqIKg5llOaz-qeQ4LEDS4T1D2qWRGpAra4rJX1-kmrWmX_XIamq30C9EIO0gGuT4rc2hJBWQ-4-FnE1NXmy125wfT3NdotAJGq5lMIfhjfglDbJCwhc8Oe17ORjO3FsB5CLuBRpYmP7Nzn66lRY3Fe11Xz8AEBl3anKFSJcTvlMnFtu3EpD-eiaHfTgRBU7CztGQqVbiQ", "e":"AQAB"}"""
     _JWK2 = """{"kty":"RSA", "n":"72u07mew8rw-ssw3tUs9clKstGO2lvD7ZNxJU7OPNKz5PGYx3gjkhUmtNah4I4FP0DuF1ogb_qSS5eD86w10Wb1ftjWcoY8zjNO9V3ph-Q2tMQWdDW5kLdeU3-EDzc0HQeou9E0udqmfQoPbuXFQcOkdcbh3eeYejs8sWn3TQprXRwGh_TRYi-CAurXXLxQ8rp-pltUVRIr1B63fXmXhMeCAGwCPEFX9FRRs-YHUszUJl9F9-E0nmdOitiAkKfCC9LhwB9_xKtjmHUM9VaEC9jWOcdvXZutwEoW2XPMOg0Ky-s197F9rfpgHle2gBrXsbvVMvS0D-wXg6vsq6BAHzQ", "e":"AQAB"}"""