Describe the bug

MSAL makes an HTTP request for every Authority creation:

https://login.microsoftonline.com/54826b22-38d6-4fb2-bad9-b7b93a3e9c5a/v2.0/.well-known/openid-configuration

The code responsible for the HTTP request is

Impact

This extra network request doubles the number of network requests for Azure CLI commands and makes each Azure CLI command almost x1 slower (ARM -> AAD+ARM).

As each Azure CLI command runs in a separate process, it is not possible for Azure CLI to reuse Authority.

Possible solution

• MSAL can cache the result so that the HTTP request is not always invoked.
• MSAL can have a switch to turn off tenant_discovery and use the default authorization_endpoint and token_endpoint to avoid this network call.

  microsoft-authentication-library-for-python/msal/authority.py

  Lines 93 to 94 in 84cb2cf

  	self.authorization_endpoint = openid_config['authorization_endpoint']
  	self.token_endpoint = openid_config['token_endpoint']