Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/rayluo/python-webapp-quart

A web app sample written for Quart web framework, powered by Identity library
https://github.com/rayluo/python-webapp-quart

auth authentication entra entra-id identity quart

Last synced: 7 months ago
JSON representation

A web app sample written for Quart web framework, powered by Identity library

Awesome Lists containing this project

README 

          
# Integrating Microsoft Entra ID with a Python web application written in Quart



This is a multi-purpose [Quart](https://palletsprojects.com/p/quart/) web app sample.

Write your app like this once, and the same implementation will support 4x2=8 scenarios.



|                | Microsoft Entra ID | External ID | External ID with Custom Domain | Azure AD B2C |

|----------------|--------------------|-------------|--------------------------------|--------------|

| Web App Sign-In & Sign-Out |   ✓    |      ✓      |                ✓               |       ✓      |

| Web App Calls a web API |     ✓     |      ✓      |                ✓               |       ✓      |



![Topology](https://raw.githubusercontent.com/Azure-Samples/ms-identity-python-webapp-django/main/static/topology.png)



## Getting Started



### Prerequisites



1. Have [Python](https://python.org) 3.8+ installed

1. Clone from this repo

   or download its zip package, and then start using it or build on top of it.

1. `cd project_name`

1. Run `pip install -r requirements.txt` to install dependencies

1.  Run `quart run -h localhost` and then browse to http://localhost:5000

   You may need to change to a different port to match your redirect_uri setup.



### How to configure and use this sample



  

    

    Microsoft Entra ID

    Microsoft Entra External ID

    Microsoft Entra External ID with Custom Domain

    Azure AD B2C

  



  

    App Registration

    



Following only the step 1, 2 and 3  of this

[Quickstart: Add sign-in with Microsoft to a Python web app](https://learn.microsoft.com/entra/identity-platform/quickstart-web-app-python-sign-in?tabs=windows)



    



Follow only the page 1 of this [Tutorial: Prepare your customer tenant ...](https://learn.microsoft.com/entra/external-id/customers/tutorial-web-app-python-flask-prepare-tenant)



    



Coming soon.



    



Following only the step 1 and 2 (including 2.1 and 2.2) of this

[Configure authentication in a sample Python web app by using Azure AD B2C](https://learn.microsoft.com/azure/active-directory-b2c/configure-authentication-sample-python-web-app?tabs=linux)



  



  

    Configuration

    



Copy this [Entra ID template](.env.sample.entra-id)

as `.env` and then modify `.env` with your app's settings.



    



Copy this [External ID template](.env.sample.external-id)

as `.env` and then modify `.env` with your app's settings.



    



Copy this [External ID with Custom Domain template](.env.sample.external-id-custom-domain)

as `.env` and then modify `.env` with your app's settings.



    



Copy this [Azure AD B2C template](.env.sample.b2c)

as `.env` and then modify `.env` with your app's settings.



  



  

    



Do not reverse the order of the configuration steps above.

If you put your app credentials into the template and then copy it into `.env`,

you risk accidentally committing your templates with credentials into Version Control System.



  



  

    Web App Sign In & Sign Out

    



With the basic configuration above,

you can now browse to the index page of this sample to try the sign-in/sign-out experience.



  



  

    Web App Calls a web API

    



Add the web API's *endpoint* into your `.env` file.

Also add the *scopes* it needs, separated by space.

The following example is the settings needed to call the Microsoft Graph API.

You may need to replace the their values with your own API endpoint and its scope..



```ini

ENDPOINT=https://graph.microsoft.com/v1.0/me

SCOPE=User.Read

```



Now restart this sample and try its "Call API" experience.



  



  

    



Deploy to

[Azure App Service](https://azure.microsoft.com/en-us/products/app-service)



    



* Follow the ["Quickstart: Deploy a Python (Django or Flask) web app to Azure App Service"](https://learn.microsoft.com/en-us/azure/app-service/quickstart-python),

  but replace its sample app (which does not do user sign-in) with this web app.

* [Configure your app's settings](https://learn.microsoft.com/en-us/azure/app-service/configure-common?tabs=portal#configure-app-settings)

  to define environment variables mentioned in the **Configuration** row of this table.

* If your session is NOT stored in a centralized location,

  you shall turn on "session affinity" (a.k.a. "ARR affinity") in your

  [App Service Web App's Configuration](https://learn.microsoft.com/en-us/azure/app-service/configure-common?tabs=portal#configure-general-settings)



  



## How to build this sample (or a new web project) from scratch



You can follow the

[instructions for Quart, from the underlying library](https://identity-library.readthedocs.io/en/latest/quart.html).



You can refer to the

source code of this sample

to pick up other minor details, such as how to modify `app.py` accordingly,

and how to add templates for the new view (and for the existing `index()` view).