When a user has signed in to their ArcGIS Online account in ArcGIS for Desktop (File > Sign In) they have access to their AGOL maps and services and have the ability to publish services and run GP tools that need access to AGOL resources. For example, if I am already signed in to AGOL and open the Share Package tool, the username and password parameters are greyed out because the tool recognizes that the user is already authenticated. My assumption is that the tool recognizes the authenticated session and uses the stored token in its request to upload a package. Is that at all accurate?
Is it possible to achieve this with python/arcpy? I would like my add-in to recognize if the application (ArcGIS Desktop) is already authenticated or not, and if so, use the valid token to make future calls to AGOL using the REST API, for example. If the user has not signed in, it would be nice to have access to the small Internet Explorer window that prompts the user for their AGOL credentials when they are using File > Sign In. I believe this method uses OAuth 2.0.
Either way, if my add-in needs access to a user's AGOL account to complete its job, how can I use an existing authentication (if the user has already established one with File > Sign In) without having to build my own dialog to ask the user for their username or password? Going along with this point of not wanting to request a username and password from the user...the Sign In To Portal (Server) tool is a legacy tool at 10.2. The documentation prompts the user to use the File > Sign In method.