Metadata-Version: 2.4
Name: mgc-token-tools
Version: 0.1.2
Summary: Token management tools for the Microsoft Graph CLI (mgc)
Requires-Python: >=3.10
Description-Content-Type: text/markdown

# mgc-token-tools
> Token management tools for the Microsoft Graph CLI (`mgc`)

!WIP! - This project is a work-in-progress and may not be functional.  

## Features
This repository provides both a library and a command-line utility for interfacing
with the token cache generated by `mgc`.

The cli (`mtt`) provides the following features (and more!):
- Status command to identify the current signed-in user, application in-use, and scopes provided by that application (`status`)
- Alises for useful first-party Microsoft clients (`aliases`)
- Print an access or refresh token from the OS keyring for a specific client (via the client id) to pass to another tool (AAD-Internals, RoadTools etc) (`dump`)
- [FOCI client](https://github.com/secureworks/family-of-client-ids-research/tree/main) login similar to `Invoke-RefreshTo<X>` commands provided by [TokenTactics](https://github.com/rvrsh3ll/TokenTactics) (`refresh-to`)
- Store a correctly-formatted access or refresh token sourced outside `mgc` in the `mgc` token cache (`insert`)
- Switch between applications with valid access tokens (`switch`)

## Command-line Usage
```
usage: mtt [-h] subcommand ...

Utilities for the Microsoft Graph CLI (mgc)

positional arguments:
  subcommand
    login       Login to Microsoft Graph
    logout      Delete the token cache and authentication record
    list        Print all MSAL tokens currently stored in the keyring
    aliases     List alias for application client ids
    dump        Print an MSAL token from the keyring
    refresh-to  Pass a refresh token or use an existing cached refresh token to login to
                another foci client
    insert      Insert a token aquired through other means into the token cache
    status      Print current client_id and tenant_id
    switch      Switch to another client with available access tokens

options:
  -h, --help    show this help message and exit
```

## Installation & Requirements
The script has no external *python* dependencies, but does use the [security](https://ss64.com/mac/security.html) command on MacOS or [secret-tool](https://manpages.ubuntu.com/manpages/mantic/man1/secret-tool.1.html) on Linux for keyring access. 

### Installation from PyPI
```bash
# with pip
pip install mgc-token-tools

# with uv for library or project-specific usage
uv add mgc-token-tools

# with uv for non-project-specific access to the cli
uv tool add mgc-token-tools
```

### Keyring Support
So far, this has been tested with MacOS Keychain and GNOME Keyring on Linux.
