Hi, I am struggling to fix the deprecation warning of msal Azure authentication for a self-hosted app. So far I have been using get_authorization_request_url and acquire_token_by_authorization_code. Which work like a charm, when passing the url query parameter code from the redirect into get_authorization_request_url.
For the new flow method, I need to pass the resulting dict from initiate_auth_code_flow into acquire_token_by_auth_code_flow after the redirect. How to do this properly?
My problem is that the redirect opens a new Streamlit session. I use
st.write(f"<a href='{auth_url}' target='_self'>Click to Login</a>", unsafe_allow_html=True)
Here is what I tried
st.session_state doesnot work, as I get a new session after redirect- I considered storing into a dict with
@st.cache_resource, but in order to do so, I would need some static information as key to reference it. IP address could work, but according to here Streamlit does not yet provide the IP - Finally, I used
streamlit_cookies_controllerto store it in a browser cookie, but this raises other problems.
Is there an official way to ensure that all browser tabs use the same streamlit session and hence share st.session_state? That would be the easiest and most elegant solution.
Feedback would be very much appreciated.
I am using Streamlit 1.40.2, msal 1.31.1 and Python 3.12
PS: example code is here