From eff7698e0775b61e867316fb8cbae05b01f9ba36 Mon Sep 17 00:00:00 2001
From: Xinyu Xu <xinyuxu@microsoft.com>
Date: Tue, 26 Aug 2025 17:25:27 -0700
Subject: [PATCH 1/2] set redirect uri for broker silent flow

---
 msal/broker.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/msal/broker.py b/msal/broker.py
index 5ce25bcd..4baf549c 100644
--- a/msal/broker.py
+++ b/msal/broker.py
@@ -151,6 +151,11 @@ def _signin_silently(
         auth_scheme=None,
         **kwargs):
     params = _build_msal_runtime_auth_params(client_id, authority)
+    if sys.platform == "linux":
+        # This is required by Linux Java Broker to set a non-empty valid redirect_uri
+        params.set_redirect_uri(
+            "https://login.microsoftonline.com/common/oauth2/nativeclient"
+        )
     params.set_requested_scopes(scopes)
     if claims:
         params.set_decoded_claims(claims)
@@ -240,6 +245,11 @@ def _acquire_token_silently(
     if account is None:
         return
     params = _build_msal_runtime_auth_params(client_id, authority)
+    if sys.platform == "linux":
+        # This is required by Linux Java Broker to set a non-empty valid redirect_uri
+        params.set_redirect_uri(
+            "https://login.microsoftonline.com/common/oauth2/nativeclient"
+        )
     params.set_requested_scopes(scopes)
     if claims:
         params.set_decoded_claims(claims)

From 80466b2a12e06bf7d77917b7a0dbd704fc53897c Mon Sep 17 00:00:00 2001
From: Xinyu Xu <xinyuxu@microsoft.com>
Date: Wed, 27 Aug 2025 17:20:20 -0700
Subject: [PATCH 2/2] address comment

---
 msal/broker.py | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/msal/broker.py b/msal/broker.py
index 4baf549c..b595608b 100644
--- a/msal/broker.py
+++ b/msal/broker.py
@@ -145,17 +145,20 @@ def _build_msal_runtime_auth_params(client_id, authority):
     params.set_additional_parameter("msal_client_ver", __version__)
     return params
 
+def _set_redirect_uri_for_linux(params):
+    if sys.platform == "linux":
+        # This is required by Linux Java Broker to set a non-empty valid redirect_uri
+        params.set_redirect_uri(
+            "https://login.microsoftonline.com/common/oauth2/nativeclient"
+        )
+
 def _signin_silently(
         authority, client_id, scopes, correlation_id=None, claims=None,
         enable_msa_pt=False,
         auth_scheme=None,
         **kwargs):
     params = _build_msal_runtime_auth_params(client_id, authority)
-    if sys.platform == "linux":
-        # This is required by Linux Java Broker to set a non-empty valid redirect_uri
-        params.set_redirect_uri(
-            "https://login.microsoftonline.com/common/oauth2/nativeclient"
-        )
+    _set_redirect_uri_for_linux(params)
     params.set_requested_scopes(scopes)
     if claims:
         params.set_decoded_claims(claims)
@@ -245,11 +248,7 @@ def _acquire_token_silently(
     if account is None:
         return
     params = _build_msal_runtime_auth_params(client_id, authority)
-    if sys.platform == "linux":
-        # This is required by Linux Java Broker to set a non-empty valid redirect_uri
-        params.set_redirect_uri(
-            "https://login.microsoftonline.com/common/oauth2/nativeclient"
-        )
+    _set_redirect_uri_for_linux(params)
     params.set_requested_scopes(scopes)
     if claims:
         params.set_decoded_claims(claims)