npm - @azure/core-client - Versions diffs - 1.9.3-alpha.20240920.2 → 1.9.3-alpha.20240925.5 - Mend

@azure/core-client 1.9.3-alpha.20240920.2 → 1.9.3-alpha.20240925.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/dist/browser/authorizeRequestOnClaimChallenge.d.ts CHANGED Viewed

@@ -19,12 +19,15 @@ export interface CAEChallenge {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/browser/authorizeRequestOnClaimChallenge.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}

package/dist/browser/authorizeRequestOnClaimChallenge.js CHANGED Viewed

@@ -23,12 +23,15 @@ export function parseCAEChallenge(challenges) {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/browser/authorizeRequestOnClaimChallenge.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,MAAM,IAAI,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,oBAAoB,CAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const ~~bearerTokenAuthenticationPolicy~~ = bearerTokenAuthenticationPolicy({\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,MAAM,IAAI,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,oBAAoB,CAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts snippet:authorize_request_on_claim_challenge\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const policy = bearerTokenAuthenticationPolicy({\n * challengeCallbacks: {\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,\n * },\n * scopes: [\"https://service/.default\"],\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}

package/dist/commonjs/authorizeRequestOnClaimChallenge.d.ts CHANGED Viewed

@@ -19,12 +19,15 @@ export interface CAEChallenge {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/commonjs/authorizeRequestOnClaimChallenge.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}

package/dist/commonjs/authorizeRequestOnClaimChallenge.js CHANGED Viewed

@@ -27,12 +27,15 @@ function parseCAEChallenge(challenges) {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/commonjs/authorizeRequestOnClaimChallenge.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AAYlC,8CAUC;~~AAoCD~~,4EAoCC;~~AA3FD~~,qCAAsD;AACtD,2CAAmD;AAEnD;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACI,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,eAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,IAAA,gCAAoB,EAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const ~~bearerTokenAuthenticationPolicy~~ = bearerTokenAuthenticationPolicy({\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AAYlC,8CAUC;AAuCD,4EAoCC;AA9FD,qCAAsD;AACtD,2CAAmD;AAEnD;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACI,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,eAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,IAAA,gCAAoB,EAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts snippet:authorize_request_on_claim_challenge\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const policy = bearerTokenAuthenticationPolicy({\n * challengeCallbacks: {\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,\n * },\n * scopes: [\"https://service/.default\"],\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}

package/dist/core-client.d.ts CHANGED Viewed

@@ -35,12 +35,15 @@ export declare interface AdditionalPolicyConfig {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/esm/authorizeRequestOnClaimChallenge.d.ts CHANGED Viewed

@@ -19,12 +19,15 @@ export interface CAEChallenge {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/esm/authorizeRequestOnClaimChallenge.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}

package/dist/esm/authorizeRequestOnClaimChallenge.js CHANGED Viewed

@@ -23,12 +23,15 @@ export function parseCAEChallenge(challenges) {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/esm/authorizeRequestOnClaimChallenge.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,MAAM,IAAI,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,oBAAoB,CAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const ~~bearerTokenAuthenticationPolicy~~ = bearerTokenAuthenticationPolicy({\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,MAAM,IAAI,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,oBAAoB,CAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts snippet:authorize_request_on_claim_challenge\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const policy = bearerTokenAuthenticationPolicy({\n * challengeCallbacks: {\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,\n * },\n * scopes: [\"https://service/.default\"],\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}

package/dist/react-native/authorizeRequestOnClaimChallenge.d.ts CHANGED Viewed

@@ -19,12 +19,15 @@ export interface CAEChallenge {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/react-native/authorizeRequestOnClaimChallenge.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.d.ts","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,kCAAkC,EAAE,MAAM,2BAA2B,CAAC;AAI/E;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,GAAG,EAAE,CAU3D;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;CAChB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,wBAAsB,gCAAgC,CACpD,kBAAkB,EAAE,kCAAkC,GACrD,OAAO,CAAC,OAAO,CAAC,CAkClB"}

package/dist/react-native/authorizeRequestOnClaimChallenge.js CHANGED Viewed

@@ -23,12 +23,15 @@ export function parseCAEChallenge(challenges) {
  *
  * Call the `bearerTokenAuthenticationPolicy` with the following options:
  *
- * ```ts
+ * ```ts snippet:authorize_request_on_claim_challenge
  * import { bearerTokenAuthenticationPolicy } from "@azure/core-rest-pipeline";
  * import { authorizeRequestOnClaimChallenge } from "@azure/core-client";
  *
- * const bearerTokenAuthenticationPolicy = bearerTokenAuthenticationPolicy({
- *   authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge
+ * const policy = bearerTokenAuthenticationPolicy({
+ *   challengeCallbacks: {
+ *     authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,
+ *   },
+ *   scopes: ["https://service/.default"],
  * });
  * ```
  *

package/dist/react-native/authorizeRequestOnClaimChallenge.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,MAAM,IAAI,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD~~;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG~~;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,oBAAoB,CAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const ~~bearerTokenAuthenticationPolicy~~ = bearerTokenAuthenticationPolicy({\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}
1	+ {"version":3,"file":"authorizeRequestOnClaimChallenge.js","sourceRoot":"","sources":["../../src/authorizeRequestOnClaimChallenge.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,MAAM,IAAI,gBAAgB,EAAE,MAAM,UAAU,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAEnD;;;;;GAKG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAkB;IAClD,MAAM,gBAAgB,GAAG,KAAK,UAAU,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACtF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE;QACxC,MAAM,cAAc,GAAG,GAAG,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7E,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CACpD,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CACpE,CAAC;QACF,mCAAmC;QACnC,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,iCAAM,CAAC,GAAK,CAAC,EAAG,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC;AAUD;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,kBAAsD;IAEtD,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAAC;IAChD,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,IAAI,gBAAgB,CAAC;IAE7D,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAC3D,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CACT,kHAAkH,CACnH,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,UAAU,GAAmB,iBAAiB,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEtE,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CACT,iIAAiI,CAClI,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,kBAAkB,CAAC,cAAc,CACzD,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,EACxD;QACE,MAAM,EAAE,oBAAoB,CAAC,eAAe,CAAC,MAAM,CAAC;KACrD,CACF,CAAC;IAEF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,WAAW,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthorizeRequestOnChallengeOptions } from \"@azure/core-rest-pipeline\";\nimport { logger as coreClientLogger } from \"./log.js\";\nimport { decodeStringToString } from \"./base64.js\";\n\n/*\n Converts: `Bearer a=\"b\", c=\"d\", Bearer d=\"e\", f=\"g\"`.\n * Into: `[ { a: 'b', c: 'd' }, { d: 'e', f: 'g' } ]`.\n \n @internal\n /\nexport function parseCAEChallenge(challenges: string): any[] {\n const bearerChallenges = `, ${challenges.trim()}`.split(\", Bearer \").filter((x) => x);\n return bearerChallenges.map((challenge) => {\n const challengeParts = `${challenge.trim()}, `.split('\", ').filter((x) => x);\n const keyValuePairs = challengeParts.map((keyValue) =>\n (([key, value]) => ({ [key]: value }))(keyValue.trim().split('=\"')),\n );\n // Key-value pairs to plain object:\n return keyValuePairs.reduce((a, b) => ({ ...a, ...b }), {});\n });\n}\n\n/\n CAE Challenge structure\n /\nexport interface CAEChallenge {\n scope: string;\n claims: string;\n}\n\n/\n This function can be used as a callback for the `bearerTokenAuthenticationPolicy` of `@azure/core-rest-pipeline`, to support CAE challenges:\n * [Continuous Access Evaluation](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation).\n \n Call the `bearerTokenAuthenticationPolicy` with the following options:\n \n ```ts snippet:authorize_request_on_claim_challenge\n * import { bearerTokenAuthenticationPolicy } from \"@azure/core-rest-pipeline\";\n * import { authorizeRequestOnClaimChallenge } from \"@azure/core-client\";\n \n const policy = bearerTokenAuthenticationPolicy({\n * challengeCallbacks: {\n * authorizeRequestOnChallenge: authorizeRequestOnClaimChallenge,\n * },\n * scopes: [\"https://service/.default\"],\n * });\n * ```\n \n Once provided, the `bearerTokenAuthenticationPolicy` policy will internally handle Continuous Access Evaluation (CAE) challenges.\n * When it can't complete a challenge it will return the 401 (unauthorized) response from ARM.\n \n Example challenge with claims:\n \n ```\n * Bearer authorization_uri=\"https://login.windows-ppe.net/\", error=\"invalid_token\",\n * error_description=\"User session has been revoked\",\n * claims=\"eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=\"\n * ```\n */\nexport async function authorizeRequestOnClaimChallenge(\n onChallengeOptions: AuthorizeRequestOnChallengeOptions,\n): Promise<boolean> {\n const { scopes, response } = onChallengeOptions;\n const logger = onChallengeOptions.logger \|\| coreClientLogger;\n\n const challenge = response.headers.get(\"WWW-Authenticate\");\n if (!challenge) {\n logger.info(\n `The WWW-Authenticate header was missing. Failed to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n const challenges: CAEChallenge[] = parseCAEChallenge(challenge) \|\| [];\n\n const parsedChallenge = challenges.find((x) => x.claims);\n if (!parsedChallenge) {\n logger.info(\n `The WWW-Authenticate header was missing the necessary \"claims\" to perform the Continuous Access Evaluation authentication flow.`,\n );\n return false;\n }\n\n const accessToken = await onChallengeOptions.getAccessToken(\n parsedChallenge.scope ? [parsedChallenge.scope] : scopes,\n {\n claims: decodeStringToString(parsedChallenge.claims),\n },\n );\n\n if (!accessToken) {\n return false;\n }\n\n onChallengeOptions.request.headers.set(\"Authorization\", `Bearer ${accessToken.token}`);\n return true;\n}\n"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@azure/core-client",
-  "version": "1.9.3-alpha.20240920.2",
+  "version": "1.9.3-alpha.20240925.5",
   "description": "Core library for interfacing with AutoRest generated code",
   "sdk-type": "client",
   "type": "module",
@@ -53,11 +53,11 @@
   "scripts": {
     "build:samples": "echo Obsolete",
     "build:test": "echo skipped. actual commands inlined in browser test scripts",
-    "build": "npm run clean && tshy && dev-tool run extract-api",
+    "build": "npm run clean && dev-tool run build-package && dev-tool run extract-api",
     "check-format": "dev-tool run vendored prettier --list-different --config ../../../.prettierrc.json --ignore-path ../../../.prettierignore \"src/**/*.{ts,cts,mts}\" \"test/**/*.{ts,cts,mts}\" \"*.{js,cjs,mjs,json}\"",
     "clean": "rimraf --glob dist* temp types *.tgz *.log",
     "execute:samples": "echo skipped",
-    "extract-api": "tshy && dev-tool run extract-api",
+    "extract-api": "dev-tool run build-package && dev-tool run extract-api",
     "format": "dev-tool run vendored prettier --write --config ../../../.prettierrc.json --ignore-path ../../../.prettierignore \"src/**/*.{ts,cts,mts}\" \"test/**/*.{ts,cts,mts}\" \"*.{js,cjs,mjs,json}\"",
     "integration-test:browser": "echo skipped",
     "integration-test:node": "echo skipped",
@@ -66,11 +66,12 @@
     "lint": "eslint package.json api-extractor.json src test",
     "pack": "npm pack 2>&1",
     "test:browser": "npm run clean && npm run unit-test:browser && npm run integration-test:browser",
-    "test:node": "npm run clean && tshy && npm run unit-test:node && npm run integration-test:node",
-    "test": "npm run clean && tshy && npm run unit-test:node && npm run unit-test:browser && npm run integration-test",
-    "unit-test:browser": "npm run clean && tshy && dev-tool run build-test && dev-tool run test:vitest --no-test-proxy --browser",
+    "test:node": "npm run clean && dev-tool run build-package && npm run unit-test:node && npm run integration-test:node",
+    "test": "npm run clean && dev-tool run build-package && npm run unit-test:node && npm run unit-test:browser && npm run integration-test",
+    "unit-test:browser": "npm run clean && dev-tool run build-package && dev-tool run build-test && dev-tool run test:vitest --no-test-proxy --browser",
     "unit-test:node": "dev-tool run test:vitest --no-test-proxy",
-    "unit-test": "npm run unit-test:node && npm run unit-test:browser"
+    "unit-test": "npm run unit-test:node && npm run unit-test:browser",
+    "update-snippets": "dev-tool run update-snippets"
   },
   "dependencies": {
     "@azure/abort-controller": "^2.0.0",
@@ -92,7 +93,6 @@
     "eslint": "^9.9.0",
     "playwright": "^1.41.2",
     "rimraf": "^5.0.5",
-    "tshy": "^2.0.0",
     "typescript": "~5.6.2",
     "vitest": "^2.0.5"
   },