0

Have a web app developed in Python with the Streamlit framework. Deploying as an Azure app service. Authentication to the app is via AAD.

I'm unable to get details such as name/email address of the logged in user. Most welcome any suggestions (I've tried /.auth/me endpoint, looking at cookie sessions).

Thanks!

Grumpybeard
  • 171
  • 9

2 Answers2

0

The /.auth/me endpoint gives you the information you need, i.e., it is a part of the access token (RS256 encoded) and maybe even decoded as well. You need to include the AppServiceAuthSession cookie in your get request to the endpoint.

This code snippet should work in streamlit:

import requests
from streamlit.server.server import Server
from streamlit.report_thread import get_report_ctx

session_id = get_report_ctx().session_id
session_info = Server.get_current()._get_session_info(session_id)
session_headers = session_info.ws.request.headers
ckks = session_headers['cookie']
ckkd = dict(item.split("=",1) for item in ckks.split("; "))

tokens = requests.get('https://<your_app>.azurewebsites.net/.auth/me',cookies=ckkd)
tokens = tokens.json()
Adam
  • 1
  • Tried, unfortunately tokens is an empty list – Grumpybeard May 10 '22 at 19:48
  • Yeah, that might be a known bug in the Azure App Service: after a deployment, the endpoint returns an empty list. If you log out and log in again, the /.auth/me endpoint should work correctly. – Adam May 12 '22 at 05:15
0

The latest answer from the streamlit forum (answer from Ennui) :

(streamlit version 1.14+)

from streamlit.web.server.websocket_headers import _get_websocket_headers

headers = _get_websocket_headers()

if "X-Ms-Client-Principal-Name" in headers:
    user_email = headers["X-Ms-Client-Principal-Name"]

st.write(headers) # have a look at what else is in the dict
Hargam hedi
  • 51
  • 1
  • 3