Merge pull request #65 from AzureAD/dev

Bringing 2 more PRs into pending release-0.4.1 branch

Author: rayluo

msal/application.py

@@ -271,7 +271,8 @@ def _get_authority_aliases(self, instance):
         if not self.authority_groups:
             resp = requests.get(
                 "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/common/oauth2/authorize",
-                headers={'Accept': 'application/json'})
+                headers={'Accept': 'application/json'},
+                verify=self.verify, proxies=self.proxies, timeout=self.timeout)
             resp.raise_for_status()
             self.authority_groups = [
                 set(group['aliases']) for group in resp.json()['metadata']]
@@ -511,7 +512,7 @@ def acquire_token_by_device_flow(self, flow, **kwargs):
                 **kwargs)
 
     def acquire_token_by_username_password(
-            self, username, password, scopes=None, **kwargs):
+            self, username, password, scopes, **kwargs):
         """Gets a token for a given resource via user credentails.
 
         See this page for constraints of Username Password Flow.