Sourced from msal's releases.

1.30.0

What's Changed

• New feature: Support Subject Name/Issuer authentication when using .pfx certificate file. Documentation available in one of the recent purple boxes here. AzureAD/microsoft-authentication-library-for-python#718
• New feature: Automatically use SHA256 and PSS padding when using .pfx certificate on non-ADFS, non-OIDC authorities. AzureAD/microsoft-authentication-library-for-python#722
• New feature: Expose refresh_on (if any) to fresh or cached response, so that caller may choose to proactively call acquire_token_silent() early. AzureAD/microsoft-authentication-library-for-python#723
• Bugfix for token cache search. MSAL 1.27+ customers please upgrade to MSAL 1.30+. AzureAD/microsoft-authentication-library-for-python#717

Full Changelog: AzureAD/microsoft-authentication-library-for-python@1.29.0...1.30.0

MSAL Python 1.29.0

What's Changed

• New feature: Supports Managed Identity for Azure VM, App Service (including Azure Functions, Azure Automation), Service Fabric, Azure Machine Learning, Arc, etc.. Comes with a sample, its configuration via ENV VAR, and its API documentation. (#58, #480, #634, #674)
• New feature: Support reading ConfidentialClientApplication's cert from a pfx file (#684, #699)
• New feature: TokenCache class has a new search() method which will return a generator of tokens. The old find() method still exists and returns a list, but MSAL 1.27+ will not call find() anymore. (#693, #644)
• Change: Re-enable the username password flow to go through broker, if available. (#712)

New Contributors

• @​fengga made their first contribution in AzureAD/microsoft-authentication-library-for-python#712

Full Changelog: AzureAD/microsoft-authentication-library-for-python@1.28.1...1.29.0

MSAL Python 1.28.1

• Change: pip install msal[broker] will now pick up the latest PyMsalRuntime 0.16.x which contains a bugfix for being run as administrator. This release fixes #707.

MSAL Python 1.28.0

• New feature: PublicClientApplication and ConfidentialClientApplication have a new oidc_authority parameter that can be used to specify authority of any generic OpenID Connect authority, typically the customized domain for CIAM. (#676, #678)
• Dropping Python 2.7

MSAL Python 1.27.0

What's Changed

Release Notes:

• New feature: remove_tokens_for_client() will remove tokens acquired by acquire_token_for_client() (#640, #650, #666)
• Performance: Throughput of token-cache-hit happy path is roughly 2x faster (#644)
• Adjustment: MSAL no longer attempts to validate an ID token's time (#656, #657)
• Adjustment: Bump upstream broker dependency to 0.14.x
• Improvement: Better chance to remove accounts from broker (#651)
• Improvement: Cleaner console output when the http local server is visited in https protocol (#546)
• Improvement: Reduce a bare except clause (#667)

Note:

• The previous preview features in previous 1.27.0b2 requires more beta testing, so they did NOT make it to 1.27.0. If you want to beta test 1.27.0b2, follow its own instruction.
• MSAL Python 1.27 is the last version that still runs on Python 2.7

New Contributors

• @​Singletoned made their first contribution in AzureAD/microsoft-authentication-library-for-python#667

Full Changelog: AzureAD/microsoft-authentication-library-for-python@1.26.0...1.27.0

... (truncated)

• 3279f04 MSAL 1.30.0
• 3a4f44f Expose refresh_on (if any) to fresh or cached response
• 57dce47 Using SHA256 and PSS padding
• f9f2e7f Merge remote-tracking branch 'oauth2cli/dev' into sha256-pss
• 2c335d2 Support SHA256 thumbprint
• 788b400 Backport the lazy-loading of dependency
• 8404254 Merge branch 'dev' into perf-retune
• 3ceb1c8 Re-optimize the O(1) code path
• bf44364 Support SNI via PFX
• c1fedad Merge branch 'dev' into bugfix-token-cache-search
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)