Add close method to app

Fixes Issue #370 Session/socket never closed, warnings shown

The msal application does not close its resources like eg: self.http_client.
As a result a 'ResourceWarning unclosed <ssl.SSLSocket' is shown when the
app goes out of scope (when warnings are enabled)

This fix adds and explicit close method so developers can cleanly close
the app if they so desire.
In __init__ we trap and close the exception explicitely as users cannot
call close when __init__ fails.
Finally we don't close the http_client if it's externally managed.

Author: Hans Weltar

msal/application.py

@@ -281,7 +281,9 @@ def __init__(
 
         if http_client:
             self.http_client = http_client
+            self.internal_client = False
         else:
+            self.internal_client = True
             self.http_client = requests.Session()
             self.http_client.verify = verify
             self.http_client.proxies = proxies
@@ -301,7 +303,24 @@ def __init__(
 
         # Here the self.authority will not be the same type as authority in input
         try:
-            self.authority = Authority(
+            self.authority = self._build_authority(
+                authority, validate_authority, azure_region)
+        except Exception:
+            self.close()
+            raise
+
+        self.token_cache = token_cache or TokenCache()
+        self._region_configured = azure_region
+        self._region_detected = None
+        self.client, self._regional_client = self._build_client(
+            client_credential, self.authority)
+        self.authority_groups = None
+        self._telemetry_buffer = {}
+        self._telemetry_lock = Lock()
+
+    def _build_authority(authority, validate_authority, azure_region):
+        try:
+            return Authority(
                 authority or "https://login.microsoftonline.com/common/",
                 self.http_client, validate_authority=validate_authority)
         except ValueError:  # Those are explicit authority validation errors
@@ -310,21 +329,12 @@ def __init__(
             if validate_authority and azure_region:
                 # Since caller opts in to use region, here we tolerate connection
                 # errors happened during authority validation at non-region endpoint
-                self.authority = Authority(
+                return Authority(
                     authority or "https://login.microsoftonline.com/common/",
                     self.http_client, validate_authority=False)
             else:
                 raise
 
-        self.token_cache = token_cache or TokenCache()
-        self._region_configured = azure_region
-        self._region_detected = None
-        self.client, self._regional_client = self._build_client(
-            client_credential, self.authority)
-        self.authority_groups = None
-        self._telemetry_buffer = {}
-        self._telemetry_lock = Lock()
-
     def _decorate_scope(
             self, scopes,
             reserved_scope=frozenset(['openid', 'profile', 'offline_access'])):
@@ -1297,6 +1307,11 @@ def _acquire_token_by_username_password_federated(
                 )),
             **kwargs)
 
+    def close(self):
+        """Close the app and any open sockets"""
+        if self.internal_client:
+            self.http_client.close()
+
 
 class PublicClientApplication(ClientApplication):  # browser app or mobile app