diff --git a/office365/runtime/auth/authentication_context.py b/office365/runtime/auth/authentication_context.py index aa373045..f0222593 100644 --- a/office365/runtime/auth/authentication_context.py +++ b/office365/runtime/auth/authentication_context.py @@ -184,8 +184,9 @@ def with_credentials(self, credentials, **kwargs): provider = NtlmProvider(credentials.userName, credentials.password) else: browser_mode = kwargs.get("browser_mode", False) + environment = kwargs.get("environment") provider = SamlTokenProvider( - self.url, credentials.userName, credentials.password, browser_mode + self.url, credentials.userName, credentials.password, browser_mode, environment ) else: raise ValueError("Unknown credential type") diff --git a/office365/runtime/auth/providers/saml_token_provider.py b/office365/runtime/auth/providers/saml_token_provider.py index 503e4035..5a28c1d9 100644 --- a/office365/runtime/auth/providers/saml_token_provider.py +++ b/office365/runtime/auth/providers/saml_token_provider.py @@ -40,7 +40,7 @@ def is_valid_auth_cookies(values): class SamlTokenProvider(AuthenticationProvider, office365.logger.LoggerContext): - def __init__(self, url, username, password, browser_mode): + def __init__(self, url, username, password, browser_mode, environment='commercial'): """ SAML Security Token Service provider (claims-based authentication) @@ -48,11 +48,14 @@ def __init__(self, url, username, password, browser_mode): :param str username: Typically a UPN in the form of an email address :param str password: The password :param bool browser_mode: + :param str environment: The Office 365 Cloud Environment endpoint used for authentication. + By default, this will be set to commercial ('commercial', 'GCCH') """ # Security Token Service info - self._sts_profile = STSProfile(resolve_base_url(url)) + self._sts_profile = STSProfile(resolve_base_url(url), environment) # Obtain authentication cookies, using the browser mode self._browser_mode = browser_mode + self._environment = environment # Last occurred error self.error = "" self._username = username diff --git a/office365/runtime/auth/sts_profile.py b/office365/runtime/auth/sts_profile.py index b29c0877..6ce8ed3d 100644 --- a/office365/runtime/auth/sts_profile.py +++ b/office365/runtime/auth/sts_profile.py @@ -4,13 +4,16 @@ class STSProfile(object): - def __init__(self, authority_url): + def __init__(self, authority_url, environment): """ :type authority_url: str """ self.authorityUrl = authority_url - self.serviceUrl = "https://login.microsoftonline.com" + if environment == "GCCH": + self.serviceUrl = "https://login.microsoftonline.us" + else: + self.serviceUrl = "https://login.microsoftonline.com" self.securityTokenServicePath = "extSTS.srf" self.userRealmServicePath = "GetUserRealm.srf" self.tokenIssuer = "urn:federation:MicrosoftOnline" diff --git a/office365/sharepoint/client_context.py b/office365/sharepoint/client_context.py index 35ee766f..b3debb22 100644 --- a/office365/sharepoint/client_context.py +++ b/office365/sharepoint/client_context.py @@ -137,20 +137,23 @@ def with_access_token(self, token_func): return self def with_user_credentials( - self, username, password, allow_ntlm=False, browser_mode=False + self, username, password, allow_ntlm=False, browser_mode=False, environment='commercial' ): - # type: (str, str, bool, bool) -> Self + # type: (str, str, bool, bool, str) -> Self """ Initializes a client to acquire a token via user credentials. :param str username: Typically, a UPN in the form of an email address :param str password: The password :param bool allow_ntlm: Flag indicates whether NTLM scheme is enabled. Disabled by default :param bool browser_mode: + :param str environment: The Office 365 Cloud Environment endpoint used for authentication. + By default, this will be set to commercial ('commercial', 'GCCH') """ self.authentication_context.with_credentials( UserCredential(username, password), allow_ntlm=allow_ntlm, browser_mode=browser_mode, + environment=environment ) return self