@azure/communication-common 2.3.2-alpha.20250122.2 → 2.3.2-alpha.20250122.7

package/dist/commonjs/entraTokenCredential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"entraTokenCredential.js","sourceRoot":"","sources":["../../src/entraTokenCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AASlC,yDAAiE;AACjE,kEAKmC;AAEnC,MAAM,yBAAyB,GAAG,4CAA4C,CAAC;AAC/E,MAAM,8BAA8B,GAAG,0CAA0C,CAAC;AAClF,MAAM,sBAAsB,GAAG,yCAAyC,CAAC;AACzE,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;AACtD,MAAM,2BAA2B,GAAG,oCAAoC,CAAC;AACzE,MAAM,6BAA6B,GAAG,oBAAoB,CAAC;AA4B3D;;GAEG;AACH,MAAa,oBAAoB;IAS/B,YAAoB,OAAiD;QAAjD,YAAO,GAAP,OAAO,CAA0C;QAP7D,WAAM,GAAG;YACf,UAAU,EAAE,SAA+B;YAC3C,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;SAC/C,CAAC;QAKA,IAAI,CAAC,MAAM,GAAG,IAAA,uBAAS,EAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAClD,IAAI,CAAC,UAAU,GAAG,IAAA,4CAAuB,GAAE,CAAC;QAC5C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI;YAC3C,kDAAkD;SACnD,CAAC;QAEF,0CAA0C;QAC1C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;IACnC,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,OAAsC;;QAC1D,IAAI,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,0CAAE,OAAO,EAAE,CAAC;YAClC,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;QAC9C,CAAC;QAED,wEAAwE;QACxE,6DAA6D;QAC7D,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,SAAS,CAAC;QACvB,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACxB,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC9B,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,OAAsC;QACnE,MAAM,eAAe,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,EAAC,CAAC,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QAChG,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,QAAQ,CACvD,IAAI,CAAC,OAAO,CAAC,MAAM;YACjB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM;YACrB,CAAC,CAAC,CAAC,kDAAkD,CAAC,EACxD,eAAe,CAChB,CAAC;QACF,MAAM,eAAe,GAAG,IAAI,IAAI,EAAE,CAAC;QACnC,MAAM,cAAc,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;QAEzE,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,GAAG;gBACZ,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;aAC/C,CAAC;QACJ,CAAC;aAAM,IACL,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,KAAK,EAAE;YACjC,KAAK,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,UAAU;YACtC,cAAc,GAAG,eAAe,EAChC,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC5C,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAC7B,KAAK,CAAC,KAAK,EACX,eAAe,CAChB,CAAC;YACF,IAAI,CAAC,MAAM,GAAG;gBACZ,UAAU,EAAE,KAAK,CAAC,KAAK;gBACvB,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC9B,CAAC;IAEM,OAAO;QACZ,IAAI,CAAC,MAAM,GAAG;YACZ,UAAU,EAAE,SAAS;YACrB,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;SAC/C,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAC9B,gBAAwB,EACxB,UAAkB,EAClB,OAA0C;QAE1C,MAAM,OAAO,GAAG,IAAA,0CAAqB,EAAC;YACpC,GAAG,EAAE,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,CAAC;YAC5C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,IAAA,sCAAiB,EAAC;gBACzB,aAAa,EAAE,UAAU,UAAU,EAAE;gBACrC,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,kBAAkB;aAC3B,CAAC;YACF,WAAW,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW;YACjC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;SACzB,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAElF,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CACb,mCAAmC,QAAQ,CAAC,MAAM,WAAW,QAAQ,CAAC,UAAU,EAAE,CACnF,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAA0B,CAAC;QACtE,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK;YAC7B,kBAAkB,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC;SAC3D,CAAC;IACJ,CAAC;IAEO,gBAAgB,CAAC,gBAAwB;QAC/C,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,GAAG,IAAI,CAAC,8BAA8B,EAAE,CAAC;QACrE,MAAM,UAAU,GAAG,GAAG,gBAAgB,GAAG,QAAQ,gBAAgB,UAAU,EAAE,CAAC;QAC9E,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,8BAA8B;QACpC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAC;QACJ,CAAC;aAAM,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,yBAAyB,CAAC,CAAC,EAAE,CAAC;YAC7F,OAAO,CAAC,sBAAsB,EAAE,wBAAwB,CAAC,CAAC;QAC5D,CAAC;aAAM,IACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,8BAA8B,CAAC,CAAC,EACtF,CAAC;YACD,OAAO,CAAC,2BAA2B,EAAE,6BAA6B,CAAC,CAAC;QACtE,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAxID,oDAwIC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { type AccessToken } from \"@azure/core-auth\";\nimport { type TokenCredential } from \"@azure/identity\";\nimport {\n  type TokenCredential as AcsTokenCredential,\n  type CommunicationGetTokenOptions,\n} from \"./communicationTokenCredential.js\";\nimport { type AbortSignalLike } from \"@azure/abort-controller\";\nimport { type Client, getClient } from \"@azure-rest/core-client\";\nimport {\n  type HttpClient,\n  createDefaultHttpClient,\n  createHttpHeaders,\n  createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\n\nconst TeamsExtensionScopePrefix = \"https://auth.msft.communication.azure.com/\";\nconst ComunicationClientsScopePrefix = \"https://communication.azure.com/clients/\";\nconst TeamsExtensionEndpoint = \"/access/teamsPhone/:exchangeAccessToken\";\nconst TeamsExtensionApiVersion = \"2025-03-02-preview\";\nconst ComunicationClientsEndpoint = \"/access/entra/:exchangeAccessToken\";\nconst ComunicationClientsApiVersion = \"2024-04-01-preview\";\n\nexport interface ExchangeTokenResponse {\n  identity: string;\n  accessToken: {\n    token: string;\n    expiresOn: string;\n  };\n}\n\n/**\n * The Entra Communication Token Options.\n */\nexport interface EntraCommunicationTokenCredentialOptions {\n  /**\n   * The Azure Communication Service resource endpoint URL, e.g. https://myResource.communication.azure.com.\n   */\n  resourceEndpoint: string;\n  /**\n   * The Entra ID token credential.\n   */\n  tokenCredential: TokenCredential;\n  /**\n   * The scopes for retrieving the Entra ID access token.\n   */\n  scopes?: string[];\n}\n\n/**\n * Represents a credential that exchanges an Entra token for an Azure Communication Services (ACS) token, enabling access to ACS resources.\n */\nexport class EntraTokenCredential implements AcsTokenCredential {\n  private isPending: Promise<AccessToken> | null;\n  private result = {\n    entraToken: undefined as string | undefined,\n    acsToken: { token: \"\", expiresOnTimestamp: 0 },\n  };\n  private client: Client;\n  private httpClient: HttpClient;\n\n  constructor(private options: EntraCommunicationTokenCredentialOptions) {\n    this.client = getClient(options.resourceEndpoint);\n    this.httpClient = createDefaultHttpClient();\n    this.options = options;\n    this.options.scopes = this.options.scopes || [\n      \"https://communication.azure.com/clients/.default\",\n    ];\n\n    // immediately fetch the token to pre-warm\n    this.isPending = this.getToken();\n  }\n\n  public async getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    if (options?.abortSignal?.aborted) {\n      return { token: \"\", expiresOnTimestamp: 0 };\n    }\n\n    // we're awaiting the token fetch, so we don't want to start another one\n    // however, we're ignoring the new abortSignal, unfortunately\n    if (!this.isPending) {\n      this.isPending = this.getTokenInternal(options);\n    }\n\n    try {\n      await this.isPending;\n    } finally {\n      this.isPending = null;\n    }\n\n    return this.result.acsToken;\n  }\n\n  private async getTokenInternal(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    const getTokenOptions = options?.abortSignal ? { abortSignal: options.abortSignal } : undefined;\n    const token = await this.options.tokenCredential.getToken(\n      this.options.scopes\n        ? this.options.scopes\n        : [\"https://communication.azure.com/clients/.default\"],\n      getTokenOptions,\n    );\n    const currentDateTime = new Date();\n    const tokenExpiresOn = new Date(this.result.acsToken.expiresOnTimestamp);\n\n    if (token === null) {\n      this.result = {\n        entraToken: undefined,\n        acsToken: { token: \"\", expiresOnTimestamp: 0 },\n      };\n    } else if (\n      this.result.acsToken.token === \"\" ||\n      token.token !== this.result.entraToken ||\n      tokenExpiresOn < currentDateTime\n    ) {\n      const acsToken = await this.exchangeEntraToken(\n        this.options.resourceEndpoint,\n        token.token,\n        getTokenOptions,\n      );\n      this.result = {\n        entraToken: token.token,\n        acsToken,\n      };\n    }\n\n    return this.result.acsToken;\n  }\n\n  public dispose(): void {\n    this.result = {\n      entraToken: undefined,\n      acsToken: { token: \"\", expiresOnTimestamp: 0 },\n    };\n  }\n\n  private async exchangeEntraToken(\n    resourceEndpoint: string,\n    entraToken: string,\n    options?: { abortSignal: AbortSignalLike },\n  ): Promise<AccessToken> {\n    const request = createPipelineRequest({\n      url: this.createRequestUri(resourceEndpoint),\n      method: \"POST\",\n      headers: createHttpHeaders({\n        Authorization: `Bearer ${entraToken}`,\n        \"Content-Type\": \"application/json\",\n        Accept: \"application/json\",\n      }),\n      abortSignal: options?.abortSignal,\n      body: JSON.stringify({}),\n    });\n    const response = await this.client.pipeline.sendRequest(this.httpClient, request);\n\n    if (response.status !== 200 || !response.bodyAsText) {\n      throw new Error(\n        `Service request failed. Status: ${response.status}, Body: ${response.bodyAsText}`,\n      );\n    }\n    const json = JSON.parse(response.bodyAsText) as ExchangeTokenResponse;\n    return {\n      token: json.accessToken.token,\n      expiresOnTimestamp: Date.parse(json.accessToken.expiresOn),\n    };\n  }\n\n  private createRequestUri(resourceEndpoint: string): string {\n    const [endpoint, apiVersion] = this.determineEndpointAndApiVersion();\n    const requestUri = `${resourceEndpoint}${endpoint}?api-version=${apiVersion}`;\n    return requestUri;\n  }\n\n  private determineEndpointAndApiVersion(): [string, string] {\n    if (!this.options.scopes || this.options.scopes.length === 0) {\n      throw new Error(\n        `Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`,\n      );\n    } else if (this.options.scopes.every((scope) => scope.startsWith(TeamsExtensionScopePrefix))) {\n      return [TeamsExtensionEndpoint, TeamsExtensionApiVersion];\n    } else if (\n      this.options.scopes.every((scope) => scope.startsWith(ComunicationClientsScopePrefix))\n    ) {\n      return [ComunicationClientsEndpoint, ComunicationClientsApiVersion];\n    } else {\n      throw new Error(\n        `Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`,\n      );\n    }\n  }\n}\n"]}

package/dist/commonjs/index.d.ts

@@ -1,7 +1,7 @@
 export { CommunicationTokenCredential, CommunicationGetTokenOptions, } from "./communicationTokenCredential.js";
 export { AzureCommunicationTokenCredential } from "./azureCommunicationTokenCredential.js";
-export * from "./credential/index.js";
 export { CommunicationTokenRefreshOptions } from "./autoRefreshTokenCredential.js";
+export { EntraCommunicationTokenCredentialOptions } from "./entraTokenCredential.js";
 export * from "./credential/index.js";
 export * from "./identifierModels.js";
 export * from "./identifierModelSerializer.js";

package/dist/commonjs/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,4BAA4B,EAC5B,4BAA4B,GAC7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAC3F,cAAc,uBAAuB,CAAC;AACtC,OAAO,EAAE,gCAAgC,EAAE,MAAM,iCAAiC,CAAC;AACnF,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,4BAA4B,EAC5B,4BAA4B,GAC7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAC3F,OAAO,EAAE,gCAAgC,EAAE,MAAM,iCAAiC,CAAC;AACnF,OAAO,EAAE,wCAAwC,EAAE,MAAM,2BAA2B,CAAC;AACrF,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC"}

package/dist/commonjs/index.js

@@ -7,7 +7,6 @@ const tslib_1 = require("tslib");
 var azureCommunicationTokenCredential_js_1 = require("./azureCommunicationTokenCredential.js");
 Object.defineProperty(exports, "AzureCommunicationTokenCredential", { enumerable: true, get: function () { return azureCommunicationTokenCredential_js_1.AzureCommunicationTokenCredential; } });
 tslib_1.__exportStar(require("./credential/index.js"), exports);
-tslib_1.__exportStar(require("./credential/index.js"), exports);
 tslib_1.__exportStar(require("./identifierModels.js"), exports);
 tslib_1.__exportStar(require("./identifierModelSerializer.js"), exports);
 //# sourceMappingURL=index.js.map

package/dist/commonjs/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;AAMlC,+FAA2F;AAAlF,yJAAA,iCAAiC,OAAA;AAC1C,gEAAsC;AAEtC,gEAAsC;AACtC,gEAAsC;AACtC,yEAA+C","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport {\n  CommunicationTokenCredential,\n  CommunicationGetTokenOptions,\n} from \"./communicationTokenCredential.js\";\nexport { AzureCommunicationTokenCredential } from \"./azureCommunicationTokenCredential.js\";\nexport * from \"./credential/index.js\";\nexport { CommunicationTokenRefreshOptions } from \"./autoRefreshTokenCredential.js\";\nexport * from \"./credential/index.js\";\nexport * from \"./identifierModels.js\";\nexport * from \"./identifierModelSerializer.js\";\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;AAMlC,+FAA2F;AAAlF,yJAAA,iCAAiC,OAAA;AAG1C,gEAAsC;AACtC,gEAAsC;AACtC,yEAA+C","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport {\n  CommunicationTokenCredential,\n  CommunicationGetTokenOptions,\n} from \"./communicationTokenCredential.js\";\nexport { AzureCommunicationTokenCredential } from \"./azureCommunicationTokenCredential.js\";\nexport { CommunicationTokenRefreshOptions } from \"./autoRefreshTokenCredential.js\";\nexport { EntraCommunicationTokenCredentialOptions } from \"./entraTokenCredential.js\";\nexport * from \"./credential/index.js\";\nexport * from \"./identifierModels.js\";\nexport * from \"./identifierModelSerializer.js\";\n"]}

package/dist/esm/azureCommunicationTokenCredential.d.ts

@@ -1,6 +1,7 @@
 import { type CommunicationTokenRefreshOptions } from "./autoRefreshTokenCredential.js";
 import type { CommunicationGetTokenOptions, CommunicationTokenCredential } from "./communicationTokenCredential.js";
 import type { AccessToken } from "@azure/core-auth";
+import { type EntraCommunicationTokenCredentialOptions } from "./entraTokenCredential.js";
 /**
  * The CommunicationTokenCredential implementation with support for proactive token refresh.
  */
@@ -18,6 +19,11 @@ export declare class AzureCommunicationTokenCredential implements CommunicationT
      * @param refreshOptions - Options to configure refresh and opt-in to proactive refreshing.
      */
     constructor(refreshOptions: CommunicationTokenRefreshOptions);
+    /**
+     * Creates an instance of CommunicationTokenCredential with an Entra ID token credential. In most cases, you might want to use InteractiveBrowserCredential to sign in your user.
+     * @param entraOptions - Options to configure the Entra ID token credential.
+     */
+    constructor(entraOptions: EntraCommunicationTokenCredentialOptions);
     /**
      * Gets an `AccessToken` for the user. Throws if already disposed.
      * @param abortSignal - An implementation of `AbortSignalLike` to cancel the operation.

package/dist/esm/azureCommunicationTokenCredential.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"azureCommunicationTokenCredential.d.ts","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,KAAK,gCAAgC,EACtC,MAAM,iCAAiC,CAAC;AACzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,4BAA4B,EAE7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAIpD;;GAEG;AAEH,qBAAa,iCAAkC,YAAW,4BAA4B;IACpF,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAS;IAEzB;;;OAGG;gBACS,KAAK,EAAE,MAAM;IACzB;;;;OAIG;gBACS,cAAc,EAAE,gCAAgC;IAS5D;;;OAGG;IACU,QAAQ,CAAC,OAAO,CAAC,EAAE,4BAA4B,GAAG,OAAO,CAAC,WAAW,CAAC;IAOnF;;OAEG;IACI,OAAO,IAAI,IAAI;IAKtB,OAAO,CAAC,eAAe;CAKxB"}
+{"version":3,"file":"azureCommunicationTokenCredential.d.ts","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,KAAK,gCAAgC,EACtC,MAAM,iCAAiC,CAAC;AACzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,4BAA4B,EAE7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,OAAO,EACL,KAAK,wCAAwC,EAE9C,MAAM,2BAA2B,CAAC;AAEnC;;GAEG;AAEH,qBAAa,iCAAkC,YAAW,4BAA4B;IACpF,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAS;IAEzB;;;OAGG;gBACS,KAAK,EAAE,MAAM;IACzB;;;;OAIG;gBACS,cAAc,EAAE,gCAAgC;IAC5D;;;OAGG;gBACS,YAAY,EAAE,wCAAwC;IAkBlE;;;OAGG;IACU,QAAQ,CAAC,OAAO,CAAC,EAAE,4BAA4B,GAAG,OAAO,CAAC,WAAW,CAAC;IAOnF;;OAEG;IACI,OAAO,IAAI,IAAI;IAKtB,OAAO,CAAC,eAAe;CAKxB"}

package/dist/esm/azureCommunicationTokenCredential.js

@@ -3,17 +3,21 @@
 import { AutoRefreshTokenCredential, } from "./autoRefreshTokenCredential.js";
 import { StaticTokenCredential } from "./staticTokenCredential.js";
 import { parseToken } from "./tokenParser.js";
+import { EntraTokenCredential, } from "./entraTokenCredential.js";
 /**
  * The CommunicationTokenCredential implementation with support for proactive token refresh.
  */
 export class AzureCommunicationTokenCredential {
-    constructor(tokenOrRefreshOptions) {
+    constructor(tokenOrRefreshOptionsOrEntraOptions) {
         this.disposed = false;
-        if (typeof tokenOrRefreshOptions === "string") {
-            this.tokenCredential = new StaticTokenCredential(parseToken(tokenOrRefreshOptions));
+        if (typeof tokenOrRefreshOptionsOrEntraOptions === "string") {
+            this.tokenCredential = new StaticTokenCredential(parseToken(tokenOrRefreshOptionsOrEntraOptions));
+        }
+        else if ("tokenRefresher" in tokenOrRefreshOptionsOrEntraOptions) {
+            this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptionsOrEntraOptions);
         }
         else {
-            this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptions);
+            this.tokenCredential = new EntraTokenCredential(tokenOrRefreshOptionsOrEntraOptions);
         }
     }
     /**

package/dist/esm/azureCommunicationTokenCredential.js.map

@@ -1 +1 @@
-{"version":3,"file":"azureCommunicationTokenCredential.js","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EACL,0BAA0B,GAE3B,MAAM,iCAAiC,CAAC;AAOzC,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C;;GAEG;AAEH,MAAM,OAAO,iCAAiC;IAe5C,YAAY,qBAAgE;QAbpE,aAAQ,GAAG,KAAK,CAAC;QAcvB,IAAI,OAAO,qBAAqB,KAAK,QAAQ,EAAE,CAAC;YAC9C,IAAI,CAAC,eAAe,GAAG,IAAI,qBAAqB,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC,CAAC;QACtF,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,GAAG,IAAI,0BAA0B,CAAC,qBAAqB,CAAC,CAAC;QAC/E,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CAAC,OAAsC;QAC1D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;IACjC,CAAC;IAEO,eAAe;QACrB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n  AutoRefreshTokenCredential,\n  type CommunicationTokenRefreshOptions,\n} from \"./autoRefreshTokenCredential.js\";\nimport type {\n  CommunicationGetTokenOptions,\n  CommunicationTokenCredential,\n  TokenCredential,\n} from \"./communicationTokenCredential.js\";\nimport type { AccessToken } from \"@azure/core-auth\";\nimport { StaticTokenCredential } from \"./staticTokenCredential.js\";\nimport { parseToken } from \"./tokenParser.js\";\n\n/**\n * The CommunicationTokenCredential implementation with support for proactive token refresh.\n */\n\nexport class AzureCommunicationTokenCredential implements CommunicationTokenCredential {\n  private readonly tokenCredential: TokenCredential;\n  private disposed = false;\n\n  /**\n   * Creates an instance of CommunicationTokenCredential with a static token and no proactive refreshing.\n   * @param token - A user access token issued by Communication Services.\n   */\n  constructor(token: string);\n  /**\n   * Creates an instance of CommunicationTokenCredential with a lambda to get a token and options\n   * to configure proactive refreshing.\n   * @param refreshOptions - Options to configure refresh and opt-in to proactive refreshing.\n   */\n  constructor(refreshOptions: CommunicationTokenRefreshOptions);\n  constructor(tokenOrRefreshOptions: string | CommunicationTokenRefreshOptions) {\n    if (typeof tokenOrRefreshOptions === \"string\") {\n      this.tokenCredential = new StaticTokenCredential(parseToken(tokenOrRefreshOptions));\n    } else {\n      this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptions);\n    }\n  }\n\n  /**\n   * Gets an `AccessToken` for the user. Throws if already disposed.\n   * @param abortSignal - An implementation of `AbortSignalLike` to cancel the operation.\n   */\n  public async getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    this.throwIfDisposed();\n    const token = await this.tokenCredential.getToken(options);\n    this.throwIfDisposed();\n    return token;\n  }\n\n  /**\n   * Disposes the CommunicationTokenCredential and cancels any internal auto-refresh operation.\n   */\n  public dispose(): void {\n    this.disposed = true;\n    this.tokenCredential.dispose();\n  }\n\n  private throwIfDisposed(): void {\n    if (this.disposed) {\n      throw new Error(\"User credential is disposed\");\n    }\n  }\n}\n"]}
+{"version":3,"file":"azureCommunicationTokenCredential.js","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EACL,0BAA0B,GAE3B,MAAM,iCAAiC,CAAC;AAOzC,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAEL,oBAAoB,GACrB,MAAM,2BAA2B,CAAC;AAEnC;;GAEG;AAEH,MAAM,OAAO,iCAAiC;IAoB5C,YACE,mCAG4C;QAtBtC,aAAQ,GAAG,KAAK,CAAC;QAwBvB,IAAI,OAAO,mCAAmC,KAAK,QAAQ,EAAE,CAAC;YAC5D,IAAI,CAAC,eAAe,GAAG,IAAI,qBAAqB,CAC9C,UAAU,CAAC,mCAAmC,CAAC,CAChD,CAAC;QACJ,CAAC;aAAM,IAAI,gBAAgB,IAAI,mCAAmC,EAAE,CAAC;YACnE,IAAI,CAAC,eAAe,GAAG,IAAI,0BAA0B,CAAC,mCAAmC,CAAC,CAAC;QAC7F,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,GAAG,IAAI,oBAAoB,CAAC,mCAAmC,CAAC,CAAC;QACvF,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CAAC,OAAsC;QAC1D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;IACjC,CAAC;IAEO,eAAe;QACrB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n  AutoRefreshTokenCredential,\n  type CommunicationTokenRefreshOptions,\n} from \"./autoRefreshTokenCredential.js\";\nimport type {\n  CommunicationGetTokenOptions,\n  CommunicationTokenCredential,\n  TokenCredential,\n} from \"./communicationTokenCredential.js\";\nimport type { AccessToken } from \"@azure/core-auth\";\nimport { StaticTokenCredential } from \"./staticTokenCredential.js\";\nimport { parseToken } from \"./tokenParser.js\";\nimport {\n  type EntraCommunicationTokenCredentialOptions,\n  EntraTokenCredential,\n} from \"./entraTokenCredential.js\";\n\n/**\n * The CommunicationTokenCredential implementation with support for proactive token refresh.\n */\n\nexport class AzureCommunicationTokenCredential implements CommunicationTokenCredential {\n  private readonly tokenCredential: TokenCredential;\n  private disposed = false;\n\n  /**\n   * Creates an instance of CommunicationTokenCredential with a static token and no proactive refreshing.\n   * @param token - A user access token issued by Communication Services.\n   */\n  constructor(token: string);\n  /**\n   * Creates an instance of CommunicationTokenCredential with a lambda to get a token and options\n   * to configure proactive refreshing.\n   * @param refreshOptions - Options to configure refresh and opt-in to proactive refreshing.\n   */\n  constructor(refreshOptions: CommunicationTokenRefreshOptions);\n  /**\n   * Creates an instance of CommunicationTokenCredential with an Entra ID token credential. In most cases, you might want to use InteractiveBrowserCredential to sign in your user.\n   * @param entraOptions - Options to configure the Entra ID token credential.\n   */\n  constructor(entraOptions: EntraCommunicationTokenCredentialOptions);\n  constructor(\n    tokenOrRefreshOptionsOrEntraOptions:\n      | string\n      | CommunicationTokenRefreshOptions\n      | EntraCommunicationTokenCredentialOptions,\n  ) {\n    if (typeof tokenOrRefreshOptionsOrEntraOptions === \"string\") {\n      this.tokenCredential = new StaticTokenCredential(\n        parseToken(tokenOrRefreshOptionsOrEntraOptions),\n      );\n    } else if (\"tokenRefresher\" in tokenOrRefreshOptionsOrEntraOptions) {\n      this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptionsOrEntraOptions);\n    } else {\n      this.tokenCredential = new EntraTokenCredential(tokenOrRefreshOptionsOrEntraOptions);\n    }\n  }\n\n  /**\n   * Gets an `AccessToken` for the user. Throws if already disposed.\n   * @param abortSignal - An implementation of `AbortSignalLike` to cancel the operation.\n   */\n  public async getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    this.throwIfDisposed();\n    const token = await this.tokenCredential.getToken(options);\n    this.throwIfDisposed();\n    return token;\n  }\n\n  /**\n   * Disposes the CommunicationTokenCredential and cancels any internal auto-refresh operation.\n   */\n  public dispose(): void {\n    this.disposed = true;\n    this.tokenCredential.dispose();\n  }\n\n  private throwIfDisposed(): void {\n    if (this.disposed) {\n      throw new Error(\"User credential is disposed\");\n    }\n  }\n}\n"]}

package/dist/esm/entraTokenCredential.d.ts

@@ -0,0 +1,45 @@
+import { type AccessToken } from "@azure/core-auth";
+import { type TokenCredential } from "@azure/identity";
+import { type TokenCredential as AcsTokenCredential, type CommunicationGetTokenOptions } from "./communicationTokenCredential.js";
+export interface ExchangeTokenResponse {
+    identity: string;
+    accessToken: {
+        token: string;
+        expiresOn: string;
+    };
+}
+/**
+ * The Entra Communication Token Options.
+ */
+export interface EntraCommunicationTokenCredentialOptions {
+    /**
+     * The Azure Communication Service resource endpoint URL, e.g. https://myResource.communication.azure.com.
+     */
+    resourceEndpoint: string;
+    /**
+     * The Entra ID token credential.
+     */
+    tokenCredential: TokenCredential;
+    /**
+     * The scopes for retrieving the Entra ID access token.
+     */
+    scopes?: string[];
+}
+/**
+ * Represents a credential that exchanges an Entra token for an Azure Communication Services (ACS) token, enabling access to ACS resources.
+ */
+export declare class EntraTokenCredential implements AcsTokenCredential {
+    private options;
+    private isPending;
+    private result;
+    private client;
+    private httpClient;
+    constructor(options: EntraCommunicationTokenCredentialOptions);
+    getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken>;
+    private getTokenInternal;
+    dispose(): void;
+    private exchangeEntraToken;
+    private createRequestUri;
+    private determineEndpointAndApiVersion;
+}
+//# sourceMappingURL=entraTokenCredential.d.ts.map

package/dist/esm/entraTokenCredential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"entraTokenCredential.d.ts","sourceRoot":"","sources":["../../src/entraTokenCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EACL,KAAK,eAAe,IAAI,kBAAkB,EAC1C,KAAK,4BAA4B,EAClC,MAAM,mCAAmC,CAAC;AAiB3C,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE;QACX,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,wCAAwC;IACvD;;OAEG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;OAEG;IACH,eAAe,EAAE,eAAe,CAAC;IACjC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,oBAAqB,YAAW,kBAAkB;IASjD,OAAO,CAAC,OAAO;IAR3B,OAAO,CAAC,SAAS,CAA8B;IAC/C,OAAO,CAAC,MAAM,CAGZ;IACF,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,UAAU,CAAa;gBAEX,OAAO,EAAE,wCAAwC;IAYxD,QAAQ,CAAC,OAAO,CAAC,EAAE,4BAA4B,GAAG,OAAO,CAAC,WAAW,CAAC;YAoBrE,gBAAgB;IAmCvB,OAAO,IAAI,IAAI;YAOR,kBAAkB;IA8BhC,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,8BAA8B;CAiBvC"}

package/dist/esm/entraTokenCredential.js

@@ -0,0 +1,120 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { getClient } from "@azure-rest/core-client";
+import { createDefaultHttpClient, createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
+const TeamsExtensionScopePrefix = "https://auth.msft.communication.azure.com/";
+const ComunicationClientsScopePrefix = "https://communication.azure.com/clients/";
+const TeamsExtensionEndpoint = "/access/teamsPhone/:exchangeAccessToken";
+const TeamsExtensionApiVersion = "2025-03-02-preview";
+const ComunicationClientsEndpoint = "/access/entra/:exchangeAccessToken";
+const ComunicationClientsApiVersion = "2024-04-01-preview";
+/**
+ * Represents a credential that exchanges an Entra token for an Azure Communication Services (ACS) token, enabling access to ACS resources.
+ */
+export class EntraTokenCredential {
+    constructor(options) {
+        this.options = options;
+        this.result = {
+            entraToken: undefined,
+            acsToken: { token: "", expiresOnTimestamp: 0 },
+        };
+        this.client = getClient(options.resourceEndpoint);
+        this.httpClient = createDefaultHttpClient();
+        this.options = options;
+        this.options.scopes = this.options.scopes || [
+            "https://communication.azure.com/clients/.default",
+        ];
+        // immediately fetch the token to pre-warm
+        this.isPending = this.getToken();
+    }
+    async getToken(options) {
+        var _a;
+        if ((_a = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a === void 0 ? void 0 : _a.aborted) {
+            return { token: "", expiresOnTimestamp: 0 };
+        }
+        // we're awaiting the token fetch, so we don't want to start another one
+        // however, we're ignoring the new abortSignal, unfortunately
+        if (!this.isPending) {
+            this.isPending = this.getTokenInternal(options);
+        }
+        try {
+            await this.isPending;
+        }
+        finally {
+            this.isPending = null;
+        }
+        return this.result.acsToken;
+    }
+    async getTokenInternal(options) {
+        const getTokenOptions = (options === null || options === void 0 ? void 0 : options.abortSignal) ? { abortSignal: options.abortSignal } : undefined;
+        const token = await this.options.tokenCredential.getToken(this.options.scopes
+            ? this.options.scopes
+            : ["https://communication.azure.com/clients/.default"], getTokenOptions);
+        const currentDateTime = new Date();
+        const tokenExpiresOn = new Date(this.result.acsToken.expiresOnTimestamp);
+        if (token === null) {
+            this.result = {
+                entraToken: undefined,
+                acsToken: { token: "", expiresOnTimestamp: 0 },
+            };
+        }
+        else if (this.result.acsToken.token === "" ||
+            token.token !== this.result.entraToken ||
+            tokenExpiresOn < currentDateTime) {
+            const acsToken = await this.exchangeEntraToken(this.options.resourceEndpoint, token.token, getTokenOptions);
+            this.result = {
+                entraToken: token.token,
+                acsToken,
+            };
+        }
+        return this.result.acsToken;
+    }
+    dispose() {
+        this.result = {
+            entraToken: undefined,
+            acsToken: { token: "", expiresOnTimestamp: 0 },
+        };
+    }
+    async exchangeEntraToken(resourceEndpoint, entraToken, options) {
+        const request = createPipelineRequest({
+            url: this.createRequestUri(resourceEndpoint),
+            method: "POST",
+            headers: createHttpHeaders({
+                Authorization: `Bearer ${entraToken}`,
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            }),
+            abortSignal: options === null || options === void 0 ? void 0 : options.abortSignal,
+            body: JSON.stringify({}),
+        });
+        const response = await this.client.pipeline.sendRequest(this.httpClient, request);
+        if (response.status !== 200 || !response.bodyAsText) {
+            throw new Error(`Service request failed. Status: ${response.status}, Body: ${response.bodyAsText}`);
+        }
+        const json = JSON.parse(response.bodyAsText);
+        return {
+            token: json.accessToken.token,
+            expiresOnTimestamp: Date.parse(json.accessToken.expiresOn),
+        };
+    }
+    createRequestUri(resourceEndpoint) {
+        const [endpoint, apiVersion] = this.determineEndpointAndApiVersion();
+        const requestUri = `${resourceEndpoint}${endpoint}?api-version=${apiVersion}`;
+        return requestUri;
+    }
+    determineEndpointAndApiVersion() {
+        if (!this.options.scopes || this.options.scopes.length === 0) {
+            throw new Error(`Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`);
+        }
+        else if (this.options.scopes.every((scope) => scope.startsWith(TeamsExtensionScopePrefix))) {
+            return [TeamsExtensionEndpoint, TeamsExtensionApiVersion];
+        }
+        else if (this.options.scopes.every((scope) => scope.startsWith(ComunicationClientsScopePrefix))) {
+            return [ComunicationClientsEndpoint, ComunicationClientsApiVersion];
+        }
+        else {
+            throw new Error(`Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`);
+        }
+    }
+}
+//# sourceMappingURL=entraTokenCredential.js.map

package/dist/esm/entraTokenCredential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"entraTokenCredential.js","sourceRoot":"","sources":["../../src/entraTokenCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AASlC,OAAO,EAAe,SAAS,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAEL,uBAAuB,EACvB,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAEnC,MAAM,yBAAyB,GAAG,4CAA4C,CAAC;AAC/E,MAAM,8BAA8B,GAAG,0CAA0C,CAAC;AAClF,MAAM,sBAAsB,GAAG,yCAAyC,CAAC;AACzE,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;AACtD,MAAM,2BAA2B,GAAG,oCAAoC,CAAC;AACzE,MAAM,6BAA6B,GAAG,oBAAoB,CAAC;AA4B3D;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAS/B,YAAoB,OAAiD;QAAjD,YAAO,GAAP,OAAO,CAA0C;QAP7D,WAAM,GAAG;YACf,UAAU,EAAE,SAA+B;YAC3C,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;SAC/C,CAAC;QAKA,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;QAClD,IAAI,CAAC,UAAU,GAAG,uBAAuB,EAAE,CAAC;QAC5C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI;YAC3C,kDAAkD;SACnD,CAAC;QAEF,0CAA0C;QAC1C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;IACnC,CAAC;IAEM,KAAK,CAAC,QAAQ,CAAC,OAAsC;;QAC1D,IAAI,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,0CAAE,OAAO,EAAE,CAAC;YAClC,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;QAC9C,CAAC;QAED,wEAAwE;QACxE,6DAA6D;QAC7D,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,SAAS,CAAC;QACvB,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;QACxB,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC9B,CAAC;IAEO,KAAK,CAAC,gBAAgB,CAAC,OAAsC;QACnE,MAAM,eAAe,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,EAAC,CAAC,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;QAChG,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,eAAe,CAAC,QAAQ,CACvD,IAAI,CAAC,OAAO,CAAC,MAAM;YACjB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM;YACrB,CAAC,CAAC,CAAC,kDAAkD,CAAC,EACxD,eAAe,CAChB,CAAC;QACF,MAAM,eAAe,GAAG,IAAI,IAAI,EAAE,CAAC;QACnC,MAAM,cAAc,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;QAEzE,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,GAAG;gBACZ,UAAU,EAAE,SAAS;gBACrB,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;aAC/C,CAAC;QACJ,CAAC;aAAM,IACL,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,KAAK,EAAE;YACjC,KAAK,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,UAAU;YACtC,cAAc,GAAG,eAAe,EAChC,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC5C,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAC7B,KAAK,CAAC,KAAK,EACX,eAAe,CAChB,CAAC;YACF,IAAI,CAAC,MAAM,GAAG;gBACZ,UAAU,EAAE,KAAK,CAAC,KAAK;gBACvB,QAAQ;aACT,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC9B,CAAC;IAEM,OAAO;QACZ,IAAI,CAAC,MAAM,GAAG;YACZ,UAAU,EAAE,SAAS;YACrB,QAAQ,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE;SAC/C,CAAC;IACJ,CAAC;IAEO,KAAK,CAAC,kBAAkB,CAC9B,gBAAwB,EACxB,UAAkB,EAClB,OAA0C;QAE1C,MAAM,OAAO,GAAG,qBAAqB,CAAC;YACpC,GAAG,EAAE,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,CAAC;YAC5C,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,iBAAiB,CAAC;gBACzB,aAAa,EAAE,UAAU,UAAU,EAAE;gBACrC,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,kBAAkB;aAC3B,CAAC;YACF,WAAW,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW;YACjC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;SACzB,CAAC,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAElF,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CACb,mCAAmC,QAAQ,CAAC,MAAM,WAAW,QAAQ,CAAC,UAAU,EAAE,CACnF,CAAC;QACJ,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAA0B,CAAC;QACtE,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,KAAK;YAC7B,kBAAkB,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC;SAC3D,CAAC;IACJ,CAAC;IAEO,gBAAgB,CAAC,gBAAwB;QAC/C,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,GAAG,IAAI,CAAC,8BAA8B,EAAE,CAAC;QACrE,MAAM,UAAU,GAAG,GAAG,gBAAgB,GAAG,QAAQ,gBAAgB,UAAU,EAAE,CAAC;QAC9E,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,8BAA8B;QACpC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7D,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAC;QACJ,CAAC;aAAM,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,yBAAyB,CAAC,CAAC,EAAE,CAAC;YAC7F,OAAO,CAAC,sBAAsB,EAAE,wBAAwB,CAAC,CAAC;QAC5D,CAAC;aAAM,IACL,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,8BAA8B,CAAC,CAAC,EACtF,CAAC;YACD,OAAO,CAAC,2BAA2B,EAAE,6BAA6B,CAAC,CAAC;QACtE,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,gIAAgI,CACjI,CAAC;QACJ,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { type AccessToken } from \"@azure/core-auth\";\nimport { type TokenCredential } from \"@azure/identity\";\nimport {\n  type TokenCredential as AcsTokenCredential,\n  type CommunicationGetTokenOptions,\n} from \"./communicationTokenCredential.js\";\nimport { type AbortSignalLike } from \"@azure/abort-controller\";\nimport { type Client, getClient } from \"@azure-rest/core-client\";\nimport {\n  type HttpClient,\n  createDefaultHttpClient,\n  createHttpHeaders,\n  createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\n\nconst TeamsExtensionScopePrefix = \"https://auth.msft.communication.azure.com/\";\nconst ComunicationClientsScopePrefix = \"https://communication.azure.com/clients/\";\nconst TeamsExtensionEndpoint = \"/access/teamsPhone/:exchangeAccessToken\";\nconst TeamsExtensionApiVersion = \"2025-03-02-preview\";\nconst ComunicationClientsEndpoint = \"/access/entra/:exchangeAccessToken\";\nconst ComunicationClientsApiVersion = \"2024-04-01-preview\";\n\nexport interface ExchangeTokenResponse {\n  identity: string;\n  accessToken: {\n    token: string;\n    expiresOn: string;\n  };\n}\n\n/**\n * The Entra Communication Token Options.\n */\nexport interface EntraCommunicationTokenCredentialOptions {\n  /**\n   * The Azure Communication Service resource endpoint URL, e.g. https://myResource.communication.azure.com.\n   */\n  resourceEndpoint: string;\n  /**\n   * The Entra ID token credential.\n   */\n  tokenCredential: TokenCredential;\n  /**\n   * The scopes for retrieving the Entra ID access token.\n   */\n  scopes?: string[];\n}\n\n/**\n * Represents a credential that exchanges an Entra token for an Azure Communication Services (ACS) token, enabling access to ACS resources.\n */\nexport class EntraTokenCredential implements AcsTokenCredential {\n  private isPending: Promise<AccessToken> | null;\n  private result = {\n    entraToken: undefined as string | undefined,\n    acsToken: { token: \"\", expiresOnTimestamp: 0 },\n  };\n  private client: Client;\n  private httpClient: HttpClient;\n\n  constructor(private options: EntraCommunicationTokenCredentialOptions) {\n    this.client = getClient(options.resourceEndpoint);\n    this.httpClient = createDefaultHttpClient();\n    this.options = options;\n    this.options.scopes = this.options.scopes || [\n      \"https://communication.azure.com/clients/.default\",\n    ];\n\n    // immediately fetch the token to pre-warm\n    this.isPending = this.getToken();\n  }\n\n  public async getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    if (options?.abortSignal?.aborted) {\n      return { token: \"\", expiresOnTimestamp: 0 };\n    }\n\n    // we're awaiting the token fetch, so we don't want to start another one\n    // however, we're ignoring the new abortSignal, unfortunately\n    if (!this.isPending) {\n      this.isPending = this.getTokenInternal(options);\n    }\n\n    try {\n      await this.isPending;\n    } finally {\n      this.isPending = null;\n    }\n\n    return this.result.acsToken;\n  }\n\n  private async getTokenInternal(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    const getTokenOptions = options?.abortSignal ? { abortSignal: options.abortSignal } : undefined;\n    const token = await this.options.tokenCredential.getToken(\n      this.options.scopes\n        ? this.options.scopes\n        : [\"https://communication.azure.com/clients/.default\"],\n      getTokenOptions,\n    );\n    const currentDateTime = new Date();\n    const tokenExpiresOn = new Date(this.result.acsToken.expiresOnTimestamp);\n\n    if (token === null) {\n      this.result = {\n        entraToken: undefined,\n        acsToken: { token: \"\", expiresOnTimestamp: 0 },\n      };\n    } else if (\n      this.result.acsToken.token === \"\" ||\n      token.token !== this.result.entraToken ||\n      tokenExpiresOn < currentDateTime\n    ) {\n      const acsToken = await this.exchangeEntraToken(\n        this.options.resourceEndpoint,\n        token.token,\n        getTokenOptions,\n      );\n      this.result = {\n        entraToken: token.token,\n        acsToken,\n      };\n    }\n\n    return this.result.acsToken;\n  }\n\n  public dispose(): void {\n    this.result = {\n      entraToken: undefined,\n      acsToken: { token: \"\", expiresOnTimestamp: 0 },\n    };\n  }\n\n  private async exchangeEntraToken(\n    resourceEndpoint: string,\n    entraToken: string,\n    options?: { abortSignal: AbortSignalLike },\n  ): Promise<AccessToken> {\n    const request = createPipelineRequest({\n      url: this.createRequestUri(resourceEndpoint),\n      method: \"POST\",\n      headers: createHttpHeaders({\n        Authorization: `Bearer ${entraToken}`,\n        \"Content-Type\": \"application/json\",\n        Accept: \"application/json\",\n      }),\n      abortSignal: options?.abortSignal,\n      body: JSON.stringify({}),\n    });\n    const response = await this.client.pipeline.sendRequest(this.httpClient, request);\n\n    if (response.status !== 200 || !response.bodyAsText) {\n      throw new Error(\n        `Service request failed. Status: ${response.status}, Body: ${response.bodyAsText}`,\n      );\n    }\n    const json = JSON.parse(response.bodyAsText) as ExchangeTokenResponse;\n    return {\n      token: json.accessToken.token,\n      expiresOnTimestamp: Date.parse(json.accessToken.expiresOn),\n    };\n  }\n\n  private createRequestUri(resourceEndpoint: string): string {\n    const [endpoint, apiVersion] = this.determineEndpointAndApiVersion();\n    const requestUri = `${resourceEndpoint}${endpoint}?api-version=${apiVersion}`;\n    return requestUri;\n  }\n\n  private determineEndpointAndApiVersion(): [string, string] {\n    if (!this.options.scopes || this.options.scopes.length === 0) {\n      throw new Error(\n        `Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`,\n      );\n    } else if (this.options.scopes.every((scope) => scope.startsWith(TeamsExtensionScopePrefix))) {\n      return [TeamsExtensionEndpoint, TeamsExtensionApiVersion];\n    } else if (\n      this.options.scopes.every((scope) => scope.startsWith(ComunicationClientsScopePrefix))\n    ) {\n      return [ComunicationClientsEndpoint, ComunicationClientsApiVersion];\n    } else {\n      throw new Error(\n        `Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`,\n      );\n    }\n  }\n}\n"]}

package/dist/esm/index.d.ts

@@ -1,7 +1,7 @@
 export { CommunicationTokenCredential, CommunicationGetTokenOptions, } from "./communicationTokenCredential.js";
 export { AzureCommunicationTokenCredential } from "./azureCommunicationTokenCredential.js";
-export * from "./credential/index.js";
 export { CommunicationTokenRefreshOptions } from "./autoRefreshTokenCredential.js";
+export { EntraCommunicationTokenCredentialOptions } from "./entraTokenCredential.js";
 export * from "./credential/index.js";
 export * from "./identifierModels.js";
 export * from "./identifierModelSerializer.js";

package/dist/esm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,4BAA4B,EAC5B,4BAA4B,GAC7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAC3F,cAAc,uBAAuB,CAAC;AACtC,OAAO,EAAE,gCAAgC,EAAE,MAAM,iCAAiC,CAAC;AACnF,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,EACL,4BAA4B,EAC5B,4BAA4B,GAC7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAC3F,OAAO,EAAE,gCAAgC,EAAE,MAAM,iCAAiC,CAAC;AACnF,OAAO,EAAE,wCAAwC,EAAE,MAAM,2BAA2B,CAAC;AACrF,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC"}

package/dist/esm/index.js

@@ -2,7 +2,6 @@
 // Licensed under the MIT License.
 export { AzureCommunicationTokenCredential } from "./azureCommunicationTokenCredential.js";
 export * from "./credential/index.js";
-export * from "./credential/index.js";
 export * from "./identifierModels.js";
 export * from "./identifierModelSerializer.js";
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAMlC,OAAO,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAC3F,cAAc,uBAAuB,CAAC;AAEtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport {\n  CommunicationTokenCredential,\n  CommunicationGetTokenOptions,\n} from \"./communicationTokenCredential.js\";\nexport { AzureCommunicationTokenCredential } from \"./azureCommunicationTokenCredential.js\";\nexport * from \"./credential/index.js\";\nexport { CommunicationTokenRefreshOptions } from \"./autoRefreshTokenCredential.js\";\nexport * from \"./credential/index.js\";\nexport * from \"./identifierModels.js\";\nexport * from \"./identifierModelSerializer.js\";\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAMlC,OAAO,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAG3F,cAAc,uBAAuB,CAAC;AACtC,cAAc,uBAAuB,CAAC;AACtC,cAAc,gCAAgC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport {\n  CommunicationTokenCredential,\n  CommunicationGetTokenOptions,\n} from \"./communicationTokenCredential.js\";\nexport { AzureCommunicationTokenCredential } from \"./azureCommunicationTokenCredential.js\";\nexport { CommunicationTokenRefreshOptions } from \"./autoRefreshTokenCredential.js\";\nexport { EntraCommunicationTokenCredentialOptions } from \"./entraTokenCredential.js\";\nexport * from \"./credential/index.js\";\nexport * from \"./identifierModels.js\";\nexport * from \"./identifierModelSerializer.js\";\n"]}

package/dist/react-native/azureCommunicationTokenCredential.d.ts

@@ -1,6 +1,7 @@
 import { type CommunicationTokenRefreshOptions } from "./autoRefreshTokenCredential.js";
 import type { CommunicationGetTokenOptions, CommunicationTokenCredential } from "./communicationTokenCredential.js";
 import type { AccessToken } from "@azure/core-auth";
+import { type EntraCommunicationTokenCredentialOptions } from "./entraTokenCredential.js";
 /**
  * The CommunicationTokenCredential implementation with support for proactive token refresh.
  */
@@ -18,6 +19,11 @@ export declare class AzureCommunicationTokenCredential implements CommunicationT
      * @param refreshOptions - Options to configure refresh and opt-in to proactive refreshing.
      */
     constructor(refreshOptions: CommunicationTokenRefreshOptions);
+    /**
+     * Creates an instance of CommunicationTokenCredential with an Entra ID token credential. In most cases, you might want to use InteractiveBrowserCredential to sign in your user.
+     * @param entraOptions - Options to configure the Entra ID token credential.
+     */
+    constructor(entraOptions: EntraCommunicationTokenCredentialOptions);
     /**
      * Gets an `AccessToken` for the user. Throws if already disposed.
      * @param abortSignal - An implementation of `AbortSignalLike` to cancel the operation.

package/dist/react-native/azureCommunicationTokenCredential.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"azureCommunicationTokenCredential.d.ts","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,KAAK,gCAAgC,EACtC,MAAM,iCAAiC,CAAC;AACzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,4BAA4B,EAE7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAIpD;;GAEG;AAEH,qBAAa,iCAAkC,YAAW,4BAA4B;IACpF,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAS;IAEzB;;;OAGG;gBACS,KAAK,EAAE,MAAM;IACzB;;;;OAIG;gBACS,cAAc,EAAE,gCAAgC;IAS5D;;;OAGG;IACU,QAAQ,CAAC,OAAO,CAAC,EAAE,4BAA4B,GAAG,OAAO,CAAC,WAAW,CAAC;IAOnF;;OAEG;IACI,OAAO,IAAI,IAAI;IAKtB,OAAO,CAAC,eAAe;CAKxB"}
+{"version":3,"file":"azureCommunicationTokenCredential.d.ts","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,KAAK,gCAAgC,EACtC,MAAM,iCAAiC,CAAC;AACzC,OAAO,KAAK,EACV,4BAA4B,EAC5B,4BAA4B,EAE7B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAGpD,OAAO,EACL,KAAK,wCAAwC,EAE9C,MAAM,2BAA2B,CAAC;AAEnC;;GAEG;AAEH,qBAAa,iCAAkC,YAAW,4BAA4B;IACpF,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAS;IAEzB;;;OAGG;gBACS,KAAK,EAAE,MAAM;IACzB;;;;OAIG;gBACS,cAAc,EAAE,gCAAgC;IAC5D;;;OAGG;gBACS,YAAY,EAAE,wCAAwC;IAkBlE;;;OAGG;IACU,QAAQ,CAAC,OAAO,CAAC,EAAE,4BAA4B,GAAG,OAAO,CAAC,WAAW,CAAC;IAOnF;;OAEG;IACI,OAAO,IAAI,IAAI;IAKtB,OAAO,CAAC,eAAe;CAKxB"}

package/dist/react-native/azureCommunicationTokenCredential.js

@@ -3,17 +3,21 @@
 import { AutoRefreshTokenCredential, } from "./autoRefreshTokenCredential.js";
 import { StaticTokenCredential } from "./staticTokenCredential.js";
 import { parseToken } from "./tokenParser.js";
+import { EntraTokenCredential, } from "./entraTokenCredential.js";
 /**
  * The CommunicationTokenCredential implementation with support for proactive token refresh.
  */
 export class AzureCommunicationTokenCredential {
-    constructor(tokenOrRefreshOptions) {
+    constructor(tokenOrRefreshOptionsOrEntraOptions) {
         this.disposed = false;
-        if (typeof tokenOrRefreshOptions === "string") {
-            this.tokenCredential = new StaticTokenCredential(parseToken(tokenOrRefreshOptions));
+        if (typeof tokenOrRefreshOptionsOrEntraOptions === "string") {
+            this.tokenCredential = new StaticTokenCredential(parseToken(tokenOrRefreshOptionsOrEntraOptions));
+        }
+        else if ("tokenRefresher" in tokenOrRefreshOptionsOrEntraOptions) {
+            this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptionsOrEntraOptions);
         }
         else {
-            this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptions);
+            this.tokenCredential = new EntraTokenCredential(tokenOrRefreshOptionsOrEntraOptions);
         }
     }
     /**

package/dist/react-native/azureCommunicationTokenCredential.js.map

@@ -1 +1 @@
-{"version":3,"file":"azureCommunicationTokenCredential.js","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EACL,0BAA0B,GAE3B,MAAM,iCAAiC,CAAC;AAOzC,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAE9C;;GAEG;AAEH,MAAM,OAAO,iCAAiC;IAe5C,YAAY,qBAAgE;QAbpE,aAAQ,GAAG,KAAK,CAAC;QAcvB,IAAI,OAAO,qBAAqB,KAAK,QAAQ,EAAE,CAAC;YAC9C,IAAI,CAAC,eAAe,GAAG,IAAI,qBAAqB,CAAC,UAAU,CAAC,qBAAqB,CAAC,CAAC,CAAC;QACtF,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,GAAG,IAAI,0BAA0B,CAAC,qBAAqB,CAAC,CAAC;QAC/E,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CAAC,OAAsC;QAC1D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;IACjC,CAAC;IAEO,eAAe;QACrB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n  AutoRefreshTokenCredential,\n  type CommunicationTokenRefreshOptions,\n} from \"./autoRefreshTokenCredential.js\";\nimport type {\n  CommunicationGetTokenOptions,\n  CommunicationTokenCredential,\n  TokenCredential,\n} from \"./communicationTokenCredential.js\";\nimport type { AccessToken } from \"@azure/core-auth\";\nimport { StaticTokenCredential } from \"./staticTokenCredential.js\";\nimport { parseToken } from \"./tokenParser.js\";\n\n/**\n * The CommunicationTokenCredential implementation with support for proactive token refresh.\n */\n\nexport class AzureCommunicationTokenCredential implements CommunicationTokenCredential {\n  private readonly tokenCredential: TokenCredential;\n  private disposed = false;\n\n  /**\n   * Creates an instance of CommunicationTokenCredential with a static token and no proactive refreshing.\n   * @param token - A user access token issued by Communication Services.\n   */\n  constructor(token: string);\n  /**\n   * Creates an instance of CommunicationTokenCredential with a lambda to get a token and options\n   * to configure proactive refreshing.\n   * @param refreshOptions - Options to configure refresh and opt-in to proactive refreshing.\n   */\n  constructor(refreshOptions: CommunicationTokenRefreshOptions);\n  constructor(tokenOrRefreshOptions: string | CommunicationTokenRefreshOptions) {\n    if (typeof tokenOrRefreshOptions === \"string\") {\n      this.tokenCredential = new StaticTokenCredential(parseToken(tokenOrRefreshOptions));\n    } else {\n      this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptions);\n    }\n  }\n\n  /**\n   * Gets an `AccessToken` for the user. Throws if already disposed.\n   * @param abortSignal - An implementation of `AbortSignalLike` to cancel the operation.\n   */\n  public async getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    this.throwIfDisposed();\n    const token = await this.tokenCredential.getToken(options);\n    this.throwIfDisposed();\n    return token;\n  }\n\n  /**\n   * Disposes the CommunicationTokenCredential and cancels any internal auto-refresh operation.\n   */\n  public dispose(): void {\n    this.disposed = true;\n    this.tokenCredential.dispose();\n  }\n\n  private throwIfDisposed(): void {\n    if (this.disposed) {\n      throw new Error(\"User credential is disposed\");\n    }\n  }\n}\n"]}
+{"version":3,"file":"azureCommunicationTokenCredential.js","sourceRoot":"","sources":["../../src/azureCommunicationTokenCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EACL,0BAA0B,GAE3B,MAAM,iCAAiC,CAAC;AAOzC,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACnE,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAEL,oBAAoB,GACrB,MAAM,2BAA2B,CAAC;AAEnC;;GAEG;AAEH,MAAM,OAAO,iCAAiC;IAoB5C,YACE,mCAG4C;QAtBtC,aAAQ,GAAG,KAAK,CAAC;QAwBvB,IAAI,OAAO,mCAAmC,KAAK,QAAQ,EAAE,CAAC;YAC5D,IAAI,CAAC,eAAe,GAAG,IAAI,qBAAqB,CAC9C,UAAU,CAAC,mCAAmC,CAAC,CAChD,CAAC;QACJ,CAAC;aAAM,IAAI,gBAAgB,IAAI,mCAAmC,EAAE,CAAC;YACnE,IAAI,CAAC,eAAe,GAAG,IAAI,0BAA0B,CAAC,mCAAmC,CAAC,CAAC;QAC7F,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,eAAe,GAAG,IAAI,oBAAoB,CAAC,mCAAmC,CAAC,CAAC;QACvF,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,QAAQ,CAAC,OAAsC;QAC1D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3D,IAAI,CAAC,eAAe,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;QACrB,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;IACjC,CAAC;IAEO,eAAe;QACrB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n  AutoRefreshTokenCredential,\n  type CommunicationTokenRefreshOptions,\n} from \"./autoRefreshTokenCredential.js\";\nimport type {\n  CommunicationGetTokenOptions,\n  CommunicationTokenCredential,\n  TokenCredential,\n} from \"./communicationTokenCredential.js\";\nimport type { AccessToken } from \"@azure/core-auth\";\nimport { StaticTokenCredential } from \"./staticTokenCredential.js\";\nimport { parseToken } from \"./tokenParser.js\";\nimport {\n  type EntraCommunicationTokenCredentialOptions,\n  EntraTokenCredential,\n} from \"./entraTokenCredential.js\";\n\n/**\n * The CommunicationTokenCredential implementation with support for proactive token refresh.\n */\n\nexport class AzureCommunicationTokenCredential implements CommunicationTokenCredential {\n  private readonly tokenCredential: TokenCredential;\n  private disposed = false;\n\n  /**\n   * Creates an instance of CommunicationTokenCredential with a static token and no proactive refreshing.\n   * @param token - A user access token issued by Communication Services.\n   */\n  constructor(token: string);\n  /**\n   * Creates an instance of CommunicationTokenCredential with a lambda to get a token and options\n   * to configure proactive refreshing.\n   * @param refreshOptions - Options to configure refresh and opt-in to proactive refreshing.\n   */\n  constructor(refreshOptions: CommunicationTokenRefreshOptions);\n  /**\n   * Creates an instance of CommunicationTokenCredential with an Entra ID token credential. In most cases, you might want to use InteractiveBrowserCredential to sign in your user.\n   * @param entraOptions - Options to configure the Entra ID token credential.\n   */\n  constructor(entraOptions: EntraCommunicationTokenCredentialOptions);\n  constructor(\n    tokenOrRefreshOptionsOrEntraOptions:\n      | string\n      | CommunicationTokenRefreshOptions\n      | EntraCommunicationTokenCredentialOptions,\n  ) {\n    if (typeof tokenOrRefreshOptionsOrEntraOptions === \"string\") {\n      this.tokenCredential = new StaticTokenCredential(\n        parseToken(tokenOrRefreshOptionsOrEntraOptions),\n      );\n    } else if (\"tokenRefresher\" in tokenOrRefreshOptionsOrEntraOptions) {\n      this.tokenCredential = new AutoRefreshTokenCredential(tokenOrRefreshOptionsOrEntraOptions);\n    } else {\n      this.tokenCredential = new EntraTokenCredential(tokenOrRefreshOptionsOrEntraOptions);\n    }\n  }\n\n  /**\n   * Gets an `AccessToken` for the user. Throws if already disposed.\n   * @param abortSignal - An implementation of `AbortSignalLike` to cancel the operation.\n   */\n  public async getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken> {\n    this.throwIfDisposed();\n    const token = await this.tokenCredential.getToken(options);\n    this.throwIfDisposed();\n    return token;\n  }\n\n  /**\n   * Disposes the CommunicationTokenCredential and cancels any internal auto-refresh operation.\n   */\n  public dispose(): void {\n    this.disposed = true;\n    this.tokenCredential.dispose();\n  }\n\n  private throwIfDisposed(): void {\n    if (this.disposed) {\n      throw new Error(\"User credential is disposed\");\n    }\n  }\n}\n"]}

package/dist/react-native/entraTokenCredential.d.ts

@@ -0,0 +1,45 @@
+import { type AccessToken } from "@azure/core-auth";
+import { type TokenCredential } from "@azure/identity";
+import { type TokenCredential as AcsTokenCredential, type CommunicationGetTokenOptions } from "./communicationTokenCredential.js";
+export interface ExchangeTokenResponse {
+    identity: string;
+    accessToken: {
+        token: string;
+        expiresOn: string;
+    };
+}
+/**
+ * The Entra Communication Token Options.
+ */
+export interface EntraCommunicationTokenCredentialOptions {
+    /**
+     * The Azure Communication Service resource endpoint URL, e.g. https://myResource.communication.azure.com.
+     */
+    resourceEndpoint: string;
+    /**
+     * The Entra ID token credential.
+     */
+    tokenCredential: TokenCredential;
+    /**
+     * The scopes for retrieving the Entra ID access token.
+     */
+    scopes?: string[];
+}
+/**
+ * Represents a credential that exchanges an Entra token for an Azure Communication Services (ACS) token, enabling access to ACS resources.
+ */
+export declare class EntraTokenCredential implements AcsTokenCredential {
+    private options;
+    private isPending;
+    private result;
+    private client;
+    private httpClient;
+    constructor(options: EntraCommunicationTokenCredentialOptions);
+    getToken(options?: CommunicationGetTokenOptions): Promise<AccessToken>;
+    private getTokenInternal;
+    dispose(): void;
+    private exchangeEntraToken;
+    private createRequestUri;
+    private determineEndpointAndApiVersion;
+}
+//# sourceMappingURL=entraTokenCredential.d.ts.map

package/dist/react-native/entraTokenCredential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"entraTokenCredential.d.ts","sourceRoot":"","sources":["../../src/entraTokenCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,KAAK,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EACL,KAAK,eAAe,IAAI,kBAAkB,EAC1C,KAAK,4BAA4B,EAClC,MAAM,mCAAmC,CAAC;AAiB3C,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE;QACX,KAAK,EAAE,MAAM,CAAC;QACd,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,wCAAwC;IACvD;;OAEG;IACH,gBAAgB,EAAE,MAAM,CAAC;IACzB;;OAEG;IACH,eAAe,EAAE,eAAe,CAAC;IACjC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED;;GAEG;AACH,qBAAa,oBAAqB,YAAW,kBAAkB;IASjD,OAAO,CAAC,OAAO;IAR3B,OAAO,CAAC,SAAS,CAA8B;IAC/C,OAAO,CAAC,MAAM,CAGZ;IACF,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,UAAU,CAAa;gBAEX,OAAO,EAAE,wCAAwC;IAYxD,QAAQ,CAAC,OAAO,CAAC,EAAE,4BAA4B,GAAG,OAAO,CAAC,WAAW,CAAC;YAoBrE,gBAAgB;IAmCvB,OAAO,IAAI,IAAI;YAOR,kBAAkB;IA8BhC,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,8BAA8B;CAiBvC"}

package/dist/react-native/entraTokenCredential.js

@@ -0,0 +1,120 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { getClient } from "@azure-rest/core-client";
+import { createDefaultHttpClient, createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
+const TeamsExtensionScopePrefix = "https://auth.msft.communication.azure.com/";
+const ComunicationClientsScopePrefix = "https://communication.azure.com/clients/";
+const TeamsExtensionEndpoint = "/access/teamsPhone/:exchangeAccessToken";
+const TeamsExtensionApiVersion = "2025-03-02-preview";
+const ComunicationClientsEndpoint = "/access/entra/:exchangeAccessToken";
+const ComunicationClientsApiVersion = "2024-04-01-preview";
+/**
+ * Represents a credential that exchanges an Entra token for an Azure Communication Services (ACS) token, enabling access to ACS resources.
+ */
+export class EntraTokenCredential {
+    constructor(options) {
+        this.options = options;
+        this.result = {
+            entraToken: undefined,
+            acsToken: { token: "", expiresOnTimestamp: 0 },
+        };
+        this.client = getClient(options.resourceEndpoint);
+        this.httpClient = createDefaultHttpClient();
+        this.options = options;
+        this.options.scopes = this.options.scopes || [
+            "https://communication.azure.com/clients/.default",
+        ];
+        // immediately fetch the token to pre-warm
+        this.isPending = this.getToken();
+    }
+    async getToken(options) {
+        var _a;
+        if ((_a = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a === void 0 ? void 0 : _a.aborted) {
+            return { token: "", expiresOnTimestamp: 0 };
+        }
+        // we're awaiting the token fetch, so we don't want to start another one
+        // however, we're ignoring the new abortSignal, unfortunately
+        if (!this.isPending) {
+            this.isPending = this.getTokenInternal(options);
+        }
+        try {
+            await this.isPending;
+        }
+        finally {
+            this.isPending = null;
+        }
+        return this.result.acsToken;
+    }
+    async getTokenInternal(options) {
+        const getTokenOptions = (options === null || options === void 0 ? void 0 : options.abortSignal) ? { abortSignal: options.abortSignal } : undefined;
+        const token = await this.options.tokenCredential.getToken(this.options.scopes
+            ? this.options.scopes
+            : ["https://communication.azure.com/clients/.default"], getTokenOptions);
+        const currentDateTime = new Date();
+        const tokenExpiresOn = new Date(this.result.acsToken.expiresOnTimestamp);
+        if (token === null) {
+            this.result = {
+                entraToken: undefined,
+                acsToken: { token: "", expiresOnTimestamp: 0 },
+            };
+        }
+        else if (this.result.acsToken.token === "" ||
+            token.token !== this.result.entraToken ||
+            tokenExpiresOn < currentDateTime) {
+            const acsToken = await this.exchangeEntraToken(this.options.resourceEndpoint, token.token, getTokenOptions);
+            this.result = {
+                entraToken: token.token,
+                acsToken,
+            };
+        }
+        return this.result.acsToken;
+    }
+    dispose() {
+        this.result = {
+            entraToken: undefined,
+            acsToken: { token: "", expiresOnTimestamp: 0 },
+        };
+    }
+    async exchangeEntraToken(resourceEndpoint, entraToken, options) {
+        const request = createPipelineRequest({
+            url: this.createRequestUri(resourceEndpoint),
+            method: "POST",
+            headers: createHttpHeaders({
+                Authorization: `Bearer ${entraToken}`,
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            }),
+            abortSignal: options === null || options === void 0 ? void 0 : options.abortSignal,
+            body: JSON.stringify({}),
+        });
+        const response = await this.client.pipeline.sendRequest(this.httpClient, request);
+        if (response.status !== 200 || !response.bodyAsText) {
+            throw new Error(`Service request failed. Status: ${response.status}, Body: ${response.bodyAsText}`);
+        }
+        const json = JSON.parse(response.bodyAsText);
+        return {
+            token: json.accessToken.token,
+            expiresOnTimestamp: Date.parse(json.accessToken.expiresOn),
+        };
+    }
+    createRequestUri(resourceEndpoint) {
+        const [endpoint, apiVersion] = this.determineEndpointAndApiVersion();
+        const requestUri = `${resourceEndpoint}${endpoint}?api-version=${apiVersion}`;
+        return requestUri;
+    }
+    determineEndpointAndApiVersion() {
+        if (!this.options.scopes || this.options.scopes.length === 0) {
+            throw new Error(`Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`);
+        }
+        else if (this.options.scopes.every((scope) => scope.startsWith(TeamsExtensionScopePrefix))) {
+            return [TeamsExtensionEndpoint, TeamsExtensionApiVersion];
+        }
+        else if (this.options.scopes.every((scope) => scope.startsWith(ComunicationClientsScopePrefix))) {
+            return [ComunicationClientsEndpoint, ComunicationClientsApiVersion];
+        }
+        else {
+            throw new Error(`Scopes validation failed. Ensure all scopes start with either {TeamsExtensionScopePrefix} or {ComunicationClientsScopePrefix}.`);
+        }
+    }
+}
+//# sourceMappingURL=entraTokenCredential.js.map