# h2,SSKrSSKJr SSKr\R "\5rSrSr Sr Sr \ "\ \ S\/5r /SQrSr"S S \5r"S S \5rS rSrSrg!\a SSKJr N^f=f)N)urlparsezlogin.microsoftonline.uszlogin.chinacloudapi.cnzlogin.microsoftonline.comzlogin-us.microsoftonline.com)z b2clogin.comz b2clogin.cnz b2clogin.usz b2clogin.dez ciamlogin.comz.ciamlogin.comc \rSrSrSrSrSrg)AuthorityBuilder"c\URS5UlURS5Ulg)zA helper to save caller from doing string concatenation. Usage is documented in :func:`application.ClientApplication.__init__`. /N)rstrip _instancestrip_tenant)selfinstancetenants @/var/www/html/env/lib/python3.13/site-packages/msal/authority.py__init__AuthorityBuilder.__init__#s$ "-||C( cNSRURUR5$)Nz https://{}/{})formatr r )r s r__str__AuthorityBuilder.__str__+s%%dnndllCCr)r r N)__name__ __module__ __qualname____firstlineno__rr__static_attributes__rrrr"s )DrrcN\rSrSrSr\"/5rS SjrSrSr S Sjr Sr g) Authority/zThis class represents an (already-validated) authority. Once constructed, it contains members named "*_endpoint" for this instance. TODO: It will also cache the previously-validated authority instances. Nc,X lU(a([RSU5 URU5nO([RSU5 UR XU5n[ UUR5n[RSXg5 USUlUS Ul URS 5Ul [UR5u ol g ![ a6 U(aSRUS9OSRU5S-n[ U5ef=f) a0Creates an authority instance, and also validates it. :param validate_authority: The Authority validation process actually checks two parts: instance (a.k.a. host) and tenant. We always do a tenant discovery. This parameter only controls whether an instance discovery will be performed. z$Initializing with OIDC authority: %sz%Initializing with Entra authority: %szUnable to get OIDC authority configuration for {url} because its OIDC Discovery endpoint is unavailable at {url}/.well-known/openid-configuration )urlzUnable to get authority configuration for {}. Authority would typically be in a format of https://login.microsoftonline.com/your_tenant or https://tenant_name.ciamlogin.com or https://tenant_name.b2clogin.com/tenant.onmicrosoft.com/policy. z> Also please double check your tenant name or GUID is correct.zopenid_config("%s") = %sauthorization_endpointtoken_endpointdevice_authorization_endpointN) _http_clientloggerdebug_initialize_oidc_authority_initialize_entra_authoritytenant_discovery ValueErrorrr#r$getr% canonicalizer) r authority_url http_clientvalidate_authorityinstance_discoveryoidc_authority_urltenant_discovery_endpoint openid_config error_message_s rrAuthority.__init__7s#(  LL?AS T(,(G(G")$ % LL@- P(,(H(H3E)G % ,,)!!#M"  &(A R&34L&M#+,<=-:->->?^-_*()<)<=1k' , &::@&EW&:XV  &T UM]+ + ,s CADc~[U5uo lnUR5S:HUlSUlSUlUS-$)NadfsTz!/.well-known/openid-configuration)r.rloweris_adfs_is_b2c_is_known_to_developer)r r3 authorityrs rr)$Authority._initialize_oidc_authoritygsC+78J+K( =&||~/  '+#!$GGGrc^[U[5(a [U5n[U5unTlnTRR [ 5nUR5S:H=(a U(+TlURRS5n[U4Sj[55=(d7 [U5S:H=(a" USR5RS5TlTR=(d TR=(d U(+TlTR[";nUS;aSR%[&5OUn U (a}U(dvTR (de[)S R%TRUR5TR*U 5n U R-S 5S :Xa[/S U-5eU S n U $UR1SR%U(a[UR5S::aUO URTR(aSOSS9S9R35n U $)Nr:rc3`># UH#nTRRSU-5v M% g7f).N)rendswith).0dr s r 8Authority._initialize_entra_authority..}s+5IDMM " "37 + +5Is+.b2c_)NTz$https://{}/common/discovery/instancez"https://{}{}/oauth2/v2.0/authorizeerrorinvalid_instancezinvalid_instance: The authority you provided, %s, is not whitelisted. If it is indeed your legit customized domain name, you can turn off this check by passing in instance_discovery=Falser4z2{prefix}{version}/.well-known/openid-configurationz/v2.0)prefixversion)path) isinstancerstrr.rrD_CIAM_DOMAIN_SUFFIXr;r<rRsplitanyWELL_KNOWN_B2C_HOSTSlen startswithr=r>WELL_KNOWN_AUTHORITY_HOSTSr WORLD_WIDE_instance_discoveryr&r-r,_replacegeturl) r r/r1r2r?ris_ciampartsis_known_to_microsoftinstance_discovery_endpointpayloadr4s ` rr*%Authority._initialize_entra_authorityps m%5 6 6 .M+7 +F( 4=&--(()<=||~/?K $$S)5IKe*/IeAhnn&6&A&A&&I '+ll&\dll&\J\F\# $ 1K K $|3 'M&S&S ':L $ '%)D)D)4;;MM9>>3!!+ -G {{7#'99 / $ $%%)00K(L %)()2(:(:IPP%,Y^^1D1I6&^^"&,,BGQ);) &( &)(rcURURR;aU=(d5 URR SR URUS9SUS.S9nUR S:wa0UR5 [R"UR5$URRRUR5 0$)Nz 5 @D 3&%%'zz$)),, NN @ @ D DT]] S r) r&r=r>r#r%rr<rr$)TNN)NN) rrrr__doc__setrlrr)r*rvrrrrrr/s5 -0G) $## .>`H/)brrc[U5nURS:XaURRS5n[ U5S:aUS(aUSOSnUR R [5(aIU(aUO1SRUR R[S5S5nXR U4$[ U5S:aUS(aXR US4$[SU-5e)NhttpsrrJrNz{}.onmicrosoft.comra Your given address (%s) should consist of an https url with a minimum of one segment in a path: e.g. https://login.microsoftonline.com/{tenant} or https://{tenant_name}.ciamlogin.com/{tenant} or https://{tenant_name}.b2clogin.com/{tenant_name}.onmicrosoft.com/policy) rschemerRrVrYhostnamerDrUrrsplitr,)authority_or_auth_endpointr?ra first_partrs rr.r.s34I7"$$S)!$UqU1XU1X4    & &': ; ;#-Z3G3N3N""))*=qA!D4FF00&8 8 u:?uQx00%(: :  U %  % &&rc rUR"U4SUSS.0UD6n[R"UR5$)Nparamsz1.0)r#z api-version)r-rorprq)r"r0rckwargsrus rr]r]s? ??# *-eD   D ::dii  rc UR"U40UD6nURS:Xa [R"UR5$SURs=::aS:a3O O0[ SR UURUR55eUR5 [SURUR4-5e)Niiz7OIDC Discovery failed on {}. HTTP status: {}, Error: {}z)Unable to complete OIDC Discovery: %d, %s) r-rmrorprqr,rrn RuntimeError)r4r0rrus rr+r+s ??4 ? ?D 3zz$))$$ d$$RYY %    II    3t7G7G6SS UUr)ro urllib.parser ImportErrorlogging getLoggerrr'AZURE_US_GOVERNMENT AZURE_CHINA AZURE_PUBLICr\ryr[rXrUobjectrrr.r]r+rrrrs "%   8 $1& * (  " " ' Dv D@@F&.!UY"!"sA A+*A+