Added CHANGES.md to reflect 2.1 version (changed from 3.0)

Added `account.get_authenticated_usernames`

Author: alejcas

CHANGES.md

@@ -2,6 +2,17 @@
 
 Almost every release features a lot of bugfixes but those are not listed here.
 
+## Version 2.1.0 (2025-02-13)
+
+[!IMPORTANT]
+> Removed custom authentication in favour of msal. Old tokens will not work with this version and will require a new authentication flow.
+
+- Account: you can now work with multiple users by changing `account.username` when using auth flow type authorization.
+- Connection methods `get_authorization_url` and `request_token` are now present in the `Account`object. You will no longer need to use the ones from the `Connection` object unless doing something fancy.
+- Account and Connection: the authentication flow has changed and now returns different objects (`get_authorization_url` and `request_token`).
+- TokenBackend: they now inherit from the msal cache system. You can now remove tokens, get access scopes from tokens, add a cryptography manager to encrypt and decrypt and much more.
+- Scopes are now longer stored into the connection. Scopes are only needed when authenticating and will be stored inside the token data on the token backend.
+
 ## Version 2.0.38 (2024-11-19)
 - Added 'on_premises_sam_account_name' to directory.py (Thanks @danpoltawski)
 - TokenBackend: Added DjangoTokenBackend (Thanks @sdelgadoc)

O365/account.py

@@ -180,6 +180,16 @@ def username(self) -> Optional[str]:
         """ Returns the username in use for the account"""
         return self.con.username
 
+    def get_authenticated_usernames(self) -> list[str]:
+        """ Returns a list of usernames that are authenticated and have a valid access or refresh token. """
+        usernames = []
+        for account in self.con.token_backend.get_all_accounts():
+            username = account.get('username')
+            if username and not self.con.token_backend.token_is_expired(username=username, refresh_token=True):
+                usernames.append(username)
+
+        return usernames
+
     @username.setter
     def username(self, username: Optional[str]) -> None:
         """

O365/utils/token.py

@@ -92,6 +92,10 @@ def _get_home_account_id(self, username: str) -> Optional[str]:
             log.debug(f'No account found for username: {username}')
             return None
 
+    def get_all_accounts(self) -> list[dict]:
+        """ Returns a list of all accounts present in the token cache"""
+        return list(self.search(TokenCache.CredentialType.ACCOUNT))
+
     def get_account(self, *, username: Optional[str] = None, home_account_id: Optional[str] = None) -> Optional[dict]:
         """ Gets the account object for the specified username or home_account_id """
         if username and home_account_id:

README.md

@@ -8,6 +8,9 @@
 
 > Detailed usage documentation is [still in progress](https://o365.github.io/python-o365/latest/index.html)
 
+> [!IMPORTANT]
+> With version 2.1 old access tokens will not work and the library will require a new authentication flow to get new access and refresh tokens.
+
 This project aims to make interacting with Microsoft Graph and Office 365 easy to do in a Pythonic way.
 Access to Email, Calendar, Contacts, OneDrive, etc. Are easy to do in a way that feel easy and straight forward to beginners and feels just right to seasoned python programmer.
 
@@ -128,7 +131,7 @@ if not account.is_authenticated:  # will check if there is a token and has not e
 You can only authenticate using oauth authentication because Microsoft deprecated basic auth on November 1st 2018.
 
 > [!IMPORTANT]
-> Until version 3.0 this library was using a custom authentication mechanism. On 3.0 we moved to using **[msal](https://learn.microsoft.com/es-es/entra/identity-platform/msal-overview)** to achieve the authentication.
+> Until version 2.1 this library was using a custom authentication mechanism. On 2.1 we moved to using **[msal](https://learn.microsoft.com/es-es/entra/identity-platform/msal-overview)** to achieve the authentication.
 
 There are currently three authentication methods:
 
@@ -567,7 +570,7 @@ account.username = '[email protected]'
 account.username = '[email protected]'
 #  now every call will use the auth of the user2
 ```
-> This is only possible in version 3.0. Before 3.0 you had to instantiate one Account for each user.
+> This is only possible in version 2.1. Before 2.1 you had to instantiate one Account for each user.
 
 ## Protocols
 Protocols handles the aspects of communications between different APIs.