npm - @azure/core-client - Versions diffs - 1.6.0-alpha.20220420.2 → 1.6.0-alpha.20220503.1 - Mend

@azure/core-client 1.6.0-alpha.20220420.2 → 1.6.0-alpha.20220503.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/CHANGELOG.md +3 -7
package/dist/index.js +121 -13
package/dist/index.js.map +1 -1
package/dist-esm/src/authorizeRequestOnClaimChallenge.js +2 -3
package/dist-esm/src/authorizeRequestOnClaimChallenge.js.map +1 -1
package/dist-esm/src/authorizeRequestOnTenantChallenge.js +99 -0
package/dist-esm/src/authorizeRequestOnTenantChallenge.js.map +1 -0
package/dist-esm/src/base64.browser.js.map +1 -1
package/dist-esm/src/index.js +1 -0
package/dist-esm/src/index.js.map +1 -1
package/dist-esm/src/log.js +5 -0
package/dist-esm/src/log.js.map +1 -0
package/dist-esm/src/serviceClient.js +15 -8
package/dist-esm/src/serviceClient.js.map +1 -1
package/package.json +3 -2
package/types/3.1/core-client.d.ts +14 -1
package/types/latest/core-client.d.ts +15 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,16 +1,12 @@
 # Release History
-## 1.6.0 (Unreleased)
+## 1.6.0 (unreleased)
 ### Features Added
-### Breaking Changes
-### Bugs Fixed
-### Other Changes
+- Added a new property endpoint in ServiceClientOptions and mark the baseUri as deprecated to encourage people to use endpoint. See issue link [here](https://github.com/Azure/autorest.typescript/issues/1337)
 - Upgraded our `@azure/core-tracing` dependency to version 1.0
+- Add callbacks to support Storage challenge authentication [PR#21678](https://github.com/Azure/azure-sdk-for-js/pull/21678)
 ## 1.5.0 (2022-02-03)

package/dist/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 var coreRestPipeline = require('@azure/core-rest-pipeline');
-var logger = require('@azure/logger');
+var logger$1 = require('@azure/logger');
 // Copyright (c) Microsoft Corporation.
 /**
@@ -1796,6 +1796,9 @@ function appendQueryParams(url, queryParams, sequenceParams, noOverwrite = false
     return parsedUrl.toString();
 }
+// Copyright (c) Microsoft Corporation.
+const logger = logger$1.createClientLogger("core-client");
 // Copyright (c) Microsoft Corporation.
 /**
  * Initializes a new instance of the ServiceClient.
@@ -1807,13 +1810,16 @@ class ServiceClient {
      * @param options - The service client options that govern the behavior of the client.
      */
     constructor(options = {}) {
-        var _a;
+        var _a, _b;
         this._requestContentType = options.requestContentType;
-        this._baseUri = options.baseUri;
+        this._endpoint = (_a = options.endpoint) !== null && _a !== void 0 ? _a : options.baseUri;
+        if (options.baseUri) {
+            logger.warning("The baseUri option for SDK Clients has been deprecated, please use endpoint instead.");
+        }
         this._allowInsecureConnection = options.allowInsecureConnection;
         this._httpClient = options.httpClient || getCachedDefaultHttpClient();
         this.pipeline = options.pipeline || createDefaultPipeline(options);
-        if ((_a = options.additionalPolicies) === null || _a === void 0 ? void 0 : _a.length) {
+        if ((_b = options.additionalPolicies) === null || _b === void 0 ? void 0 : _b.length) {
             for (const { policy, position } of options.additionalPolicies) {
                 // Sign happens after Retry and is commonly needed to occur
                 // before policies that intercept post-retry.
@@ -1837,14 +1843,14 @@ class ServiceClient {
      * @param operationSpec - The OperationSpec to use to populate the httpRequest.
      */
     async sendOperationRequest(operationArguments, operationSpec) {
-        const baseUri = operationSpec.baseUrl || this._baseUri;
-        if (!baseUri) {
-            throw new Error("If operationSpec.baseUrl is not specified, then the ServiceClient must have a baseUri string property that contains the base URL to use.");
+        const endpoint = operationSpec.baseUrl || this._endpoint;
+        if (!endpoint) {
+            throw new Error("If operationSpec.baseUrl is not specified, then the ServiceClient must have a endpoint string property that contains the base URL to use.");
         }
         // Templatized URLs sometimes reference properties on the ServiceClient child class,
         // so we have to pass `this` below in order to search these properties if they're
         // not part of OperationArguments
-        const url = getRequestUrl(baseUri, operationSpec, operationArguments, this);
+        const url = getRequestUrl(endpoint, operationSpec, operationArguments, this);
         const request = coreRestPipeline.createPipelineRequest({
             url,
         });
@@ -1924,17 +1930,19 @@ function getCredentialScopes(options) {
             ? scopes.map((scope) => new URL(scope).toString())
             : new URL(scopes).toString();
     }
+    if (options.endpoint) {
+        return `${options.endpoint}/.default`;
+    }
     if (options.baseUri) {
         return `${options.baseUri}/.default`;
     }
     if (options.credential && !options.credentialScopes) {
-        throw new Error(`When using credentials, the ServiceClientOptions must contain either a baseUri or a credentialScopes. Unable to create a bearerTokenAuthenticationPolicy`);
+        throw new Error(`When using credentials, the ServiceClientOptions must contain either a endpoint or a credentialScopes. Unable to create a bearerTokenAuthenticationPolicy`);
     }
     return undefined;
 }
 // Copyright (c) Microsoft Corporation.
-const defaultLogger = logger.createClientLogger("authorizeRequestOnClaimChallenge");
 /**
  * Converts: `Bearer a="b", c="d", Bearer d="e", f="g"`.
  * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.
@@ -1978,16 +1986,16 @@ function parseCAEChallenge(challenges) {
  */
 async function authorizeRequestOnClaimChallenge(onChallengeOptions) {
     const { scopes, response } = onChallengeOptions;
-    const logger = onChallengeOptions.logger || defaultLogger;
+    const logger$1 = onChallengeOptions.logger || logger;
     const challenge = response.headers.get("WWW-Authenticate");
     if (!challenge) {
-        logger.info(`The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`);
+        logger$1.info(`The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`);
         return false;
     }
     const challenges = parseCAEChallenge(challenge) || [];
     const parsedChallenge = challenges.find((x) => x.claims);
     if (!parsedChallenge) {
-        logger.info(`The WWW-Authenticate header was missing the necessary "claims" to perform the Continuous Access Evaluation authentication flow.`);
+        logger$1.info(`The WWW-Authenticate header was missing the necessary "claims" to perform the Continuous Access Evaluation authentication flow.`);
         return false;
     }
     const accessToken = await onChallengeOptions.getAccessToken(parsedChallenge.scope ? [parsedChallenge.scope] : scopes, {
@@ -2000,11 +2008,111 @@ async function authorizeRequestOnClaimChallenge(onChallengeOptions) {
     return true;
 }
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+/**
+ * A set of constants used internally when processing requests.
+ */
+const Constants = {
+    DefaultScope: "/.default",
+    /**
+     * Defines constants for use with HTTP headers.
+     */
+    HeaderConstants: {
+        /**
+         * The Authorization header.
+         */
+        AUTHORIZATION: "authorization",
+    },
+};
+/**
+ * Defines a callback to handle auth challenge for Storage APIs.
+ * This implements the bearer challenge process described here: https://docs.microsoft.com/rest/api/storageservices/authorize-with-azure-active-directory#bearer-challenge
+ * Handling has specific features for storage that departs to the general AAD challenge docs.
+ **/
+const authorizeRequestOnTenantChallenge = async (challengeOptions) => {
+    const requestOptions = requestToOptions(challengeOptions.request);
+    const challenge = getChallenge(challengeOptions.response);
+    if (challenge) {
+        const challengeInfo = parseChallenge(challenge);
+        const challengeScopes = buildScopes(challengeOptions, challengeInfo);
+        const tenantId = extractTenantId(challengeInfo);
+        const accessToken = await challengeOptions.getAccessToken(challengeScopes, Object.assign(Object.assign({}, requestOptions), { tenantId }));
+        if (!accessToken) {
+            return false;
+        }
+        challengeOptions.request.headers.set(Constants.HeaderConstants.AUTHORIZATION, `Bearer ${accessToken.token}`);
+        return true;
+    }
+    return false;
+};
+/**
+ * Extracts the tenant id from the challenge information
+ * The tenant id is contained in the authorization_uri as the first
+ * path part.
+ */
+function extractTenantId(challengeInfo) {
+    const parsedAuthUri = new URL(challengeInfo.authorization_uri);
+    const pathSegments = parsedAuthUri.pathname.split("/");
+    const tenantId = pathSegments[1];
+    return tenantId;
+}
+/**
+ * Builds the authentication scopes based on the information that comes in the
+ * challenge information. Scopes url is present in the resource_id, if it is empty
+ * we keep using the original scopes.
+ */
+function buildScopes(challengeOptions, challengeInfo) {
+    if (!challengeInfo.resource_uri) {
+        return challengeOptions.scopes;
+    }
+    const challengeScopes = new URL(challengeInfo.resource_uri);
+    challengeScopes.pathname = Constants.DefaultScope;
+    return [challengeScopes.toString()];
+}
+/**
+ * We will retrieve the challenge only if the response status code was 401,
+ * and if the response contained the header "WWW-Authenticate" with a non-empty value.
+ */
+function getChallenge(response) {
+    const challenge = response.headers.get("WWW-Authenticate");
+    if (response.status === 401 && challenge) {
+        return challenge;
+    }
+    return;
+}
+/**
+ * Converts: `Bearer a="b" c="d"`.
+ * Into: `[ { a: 'b', c: 'd' }]`.
+ *
+ * @internal
+ */
+function parseChallenge(challenge) {
+    const bearerChallenge = challenge.slice("Bearer ".length);
+    const challengeParts = `${bearerChallenge.trim()} `.split(" ").filter((x) => x);
+    const keyValuePairs = challengeParts.map((keyValue) => (([key, value]) => ({ [key]: value }))(keyValue.trim().split("=")));
+    // Key-value pairs to plain object:
+    return keyValuePairs.reduce((a, b) => (Object.assign(Object.assign({}, a), b)), {});
+}
+/**
+ * Extracts the options form a Pipeline Request for later re-use
+ */
+function requestToOptions(request) {
+    return {
+        abortSignal: request.abortSignal,
+        requestOptions: {
+            timeout: request.timeout,
+        },
+        tracingOptions: request.tracingOptions,
+    };
+}
 exports.MapperTypeNames = MapperTypeNames;
 exports.ServiceClient = ServiceClient;
 exports.XML_ATTRKEY = XML_ATTRKEY;
 exports.XML_CHARKEY = XML_CHARKEY;
 exports.authorizeRequestOnClaimChallenge = authorizeRequestOnClaimChallenge;
+exports.authorizeRequestOnTenantChallenge = authorizeRequestOnTenantChallenge;
 exports.createClientPipeline = createClientPipeline;
 exports.createSerializer = createSerializer;
 exports.deserializationPolicy = deserializationPolicy;