npm - @azure/identity-cache-persistence - Versions diffs - 1.1.2-alpha.20241111.1 → 1.1.2-alpha.20241113.2 - Mend

@azure/identity-cache-persistence 1.1.2-alpha.20241111.1 → 1.1.2-alpha.20241113.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (151) hide show

package/dist-esm/identity/src/credentials/usernamePasswordCredential.js DELETED Viewed

@@ -1,70 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { __awaiter } from "tslib";
-import { createMsalClient } from "../msal/nodeFlows/msalClient";
-import { processMultiTenantRequest, resolveAdditionallyAllowedTenantIds, } from "../util/tenantIdUtils";
-import { CredentialUnavailableError } from "../errors";
-import { credentialLogger } from "../util/logging";
-import { ensureScopes } from "../util/scopeUtils";
-import { tracingClient } from "../util/tracing";
-const logger = credentialLogger("UsernamePasswordCredential");
-/**
- * Enables authentication to Microsoft Entra ID with a user's
- * username and password. This credential requires a high degree of
- * trust so you should only use it when other, more secure credential
- * types can't be used.
- */
-export class UsernamePasswordCredential {
-    /**
-     * Creates an instance of the UsernamePasswordCredential with the details
-     * needed to authenticate against Microsoft Entra ID with a username
-     * and password.
-     *
-     * @param tenantId - The Microsoft Entra tenant (directory).
-     * @param clientId - The client (application) ID of an App Registration in the tenant.
-     * @param username - The user account's e-mail address (user name).
-     * @param password - The user account's account password
-     * @param options - Options for configuring the client which makes the authentication request.
-     */
-    constructor(tenantId, clientId, username, password, options = {}) {
-        if (!tenantId) {
-            throw new CredentialUnavailableError("UsernamePasswordCredential: tenantId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.");
-        }
-        if (!clientId) {
-            throw new CredentialUnavailableError("UsernamePasswordCredential: clientId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.");
-        }
-        if (!username) {
-            throw new CredentialUnavailableError("UsernamePasswordCredential: username is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.");
-        }
-        if (!password) {
-            throw new CredentialUnavailableError("UsernamePasswordCredential: password is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.");
-        }
-        this.tenantId = tenantId;
-        this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
-        this.username = username;
-        this.password = password;
-        this.msalClient = createMsalClient(clientId, this.tenantId, Object.assign(Object.assign({}, options), { tokenCredentialOptions: options !== null && options !== void 0 ? options : {} }));
-    }
-    /**
-     * Authenticates with Microsoft Entra ID and returns an access token if successful.
-     * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
-     *
-     * If the user provided the option `disableAutomaticAuthentication`,
-     * once the token can't be retrieved silently,
-     * this method won't attempt to request user interaction to retrieve the token.
-     *
-     * @param scopes - The list of scopes for which the token will have access.
-     * @param options - The options used to configure any requests this
-     *                TokenCredential implementation might make.
-     */
-    getToken(scopes_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, options = {}) {
-            return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, (newOptions) => __awaiter(this, void 0, void 0, function* () {
-                newOptions.tenantId = processMultiTenantRequest(this.tenantId, newOptions, this.additionallyAllowedTenantIds, logger);
-                const arrayScopes = ensureScopes(scopes);
-                return this.msalClient.getTokenByUsernamePassword(arrayScopes, this.username, this.password, newOptions);
-            }));
-        });
-    }
-}
-//# sourceMappingURL=usernamePasswordCredential.js.map

package/dist-esm/identity/src/credentials/usernamePasswordCredential.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"usernamePasswordCredential.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/usernamePasswordCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAIlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAEvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;AAE9D;;;;;GAKG;AACH,MAAM,OAAO,0BAA0B;IAOrC;;;;;;;;;;OAUG;IACH,YACE,QAAgB,EAChB,QAAgB,EAChB,QAAgB,EAChB,QAAgB,EAChB,UAA6C,EAAE;QAE/C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,gKAAgK,CACjK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,gKAAgK,CACjK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,gKAAgK,CACjK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,gKAAgK,CACjK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,IAAI,CAAC,UAAU,GAAG,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,kCACrD,OAAO,KACV,sBAAsB,EAAE,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,IACrC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;OAWG;IACG,QAAQ;6DAAC,MAAyB,EAAE,UAA2B,EAAE;YACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,CAAO,UAAU,EAAE,EAAE;gBACnB,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;gBAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;gBACzC,OAAO,IAAI,CAAC,UAAU,CAAC,0BAA0B,CAC/C,WAAW,EACX,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,QAAQ,EACb,UAAU,CACX,CAAC;YACJ,CAAC,CAAA,CACF,CAAC;QACJ,CAAC;KAAA;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport type { MsalClient } from \"../msal/nodeFlows/msalClient\";\nimport { createMsalClient } from \"../msal/nodeFlows/msalClient\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\n\nimport { CredentialUnavailableError } from \"../errors\";\nimport type { UsernamePasswordCredentialOptions } from \"./usernamePasswordCredentialOptions\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"UsernamePasswordCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID with a user's\n * username and password. This credential requires a high degree of\n * trust so you should only use it when other, more secure credential\n * types can't be used.\n */\nexport class UsernamePasswordCredential implements TokenCredential {\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private msalClient: MsalClient;\n private username: string;\n private password: string;\n\n /**\n * Creates an instance of the UsernamePasswordCredential with the details\n * needed to authenticate against Microsoft Entra ID with a username\n * and password.\n *\n * @param tenantId - The Microsoft Entra tenant (directory).\n * @param clientId - The client (application) ID of an App Registration in the tenant.\n * @param username - The user account's e-mail address (user name).\n * @param password - The user account's account password\n * @param options - Options for configuring the client which makes the authentication request.\n */\n constructor(\n tenantId: string,\n clientId: string,\n username: string,\n password: string,\n options: UsernamePasswordCredentialOptions = {},\n ) {\n if (!tenantId) {\n throw new CredentialUnavailableError(\n \"UsernamePasswordCredential: tenantId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.\",\n );\n }\n\n if (!clientId) {\n throw new CredentialUnavailableError(\n \"UsernamePasswordCredential: clientId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.\",\n );\n }\n\n if (!username) {\n throw new CredentialUnavailableError(\n \"UsernamePasswordCredential: username is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.\",\n );\n }\n\n if (!password) {\n throw new CredentialUnavailableError(\n \"UsernamePasswordCredential: password is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/usernamepasswordcredential/troubleshoot.\",\n );\n }\n\n this.tenantId = tenantId;\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n this.username = username;\n this.password = password;\n\n this.msalClient = createMsalClient(clientId, this.tenantId, {\n ...options,\n tokenCredentialOptions: options ?? {},\n });\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * If the user provided the option `disableAutomaticAuthentication`,\n * once the token can't be retrieved silently,\n * this method won't attempt to request user interaction to retrieve the token.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n return tracingClient.withSpan(\n `${this.constructor.name}.getToken`,\n options,\n async (newOptions) => {\n newOptions.tenantId = processMultiTenantRequest(\n this.tenantId,\n newOptions,\n this.additionallyAllowedTenantIds,\n logger,\n );\n\n const arrayScopes = ensureScopes(scopes);\n return this.msalClient.getTokenByUsernamePassword(\n arrayScopes,\n this.username,\n this.password,\n newOptions,\n );\n },\n );\n }\n}\n"]}

package/dist-esm/identity/src/credentials/usernamePasswordCredentialOptions.js DELETED Viewed

@@ -1,4 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export {};
-//# sourceMappingURL=usernamePasswordCredentialOptions.js.map

package/dist-esm/identity/src/credentials/usernamePasswordCredentialOptions.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"usernamePasswordCredentialOptions.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/usernamePasswordCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions\";\n\n/**\n * Defines options for the {@link UsernamePasswordCredential} class.\n */\nexport interface UsernamePasswordCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n CredentialPersistenceOptions,\n AuthorityValidationOptions {}\n"]}

package/dist-esm/identity/src/credentials/visualStudioCodeCredential.js DELETED Viewed

@@ -1,195 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { __awaiter } from "tslib";
-import { credentialLogger, formatError, formatSuccess } from "../util/logging";
-import { processMultiTenantRequest, resolveAdditionallyAllowedTenantIds, } from "../util/tenantIdUtils";
-import { AzureAuthorityHosts } from "../constants";
-import { CredentialUnavailableError } from "../errors";
-import { IdentityClient } from "../client/identityClient";
-import { checkTenantId } from "../util/tenantIdUtils";
-import fs from "fs";
-import os from "os";
-import path from "path";
-const CommonTenantId = "common";
-const AzureAccountClientId = "aebc6443-996d-45c2-90f0-388ff96faa56"; // VSC: 'aebc6443-996d-45c2-90f0-388ff96faa56'
-const logger = credentialLogger("VisualStudioCodeCredential");
-let findCredentials = undefined;
-export const vsCodeCredentialControl = {
-    setVsCodeCredentialFinder(finder) {
-        findCredentials = finder;
-    },
-};
-// Map of unsupported Tenant IDs and the errors we will be throwing.
-const unsupportedTenantIds = {
-    adfs: "The VisualStudioCodeCredential does not support authentication with ADFS tenants.",
-};
-function checkUnsupportedTenant(tenantId) {
-    // If the Tenant ID isn't supported, we throw.
-    const unsupportedTenantError = unsupportedTenantIds[tenantId];
-    if (unsupportedTenantError) {
-        throw new CredentialUnavailableError(unsupportedTenantError);
-    }
-}
-const mapVSCodeAuthorityHosts = {
-    AzureCloud: AzureAuthorityHosts.AzurePublicCloud,
-    AzureChina: AzureAuthorityHosts.AzureChina,
-    AzureGermanCloud: AzureAuthorityHosts.AzureGermany,
-    AzureUSGovernment: AzureAuthorityHosts.AzureGovernment,
-};
-/**
- * Attempts to load a specific property from the VSCode configurations of the current OS.
- * If it fails at any point, returns undefined.
- */
-export function getPropertyFromVSCode(property) {
-    const settingsPath = ["User", "settings.json"];
-    // Eventually we can add more folders for more versions of VSCode.
-    const vsCodeFolder = "Code";
-    const homedir = os.homedir();
-    function loadProperty(...pathSegments) {
-        const fullPath = path.join(...pathSegments, vsCodeFolder, ...settingsPath);
-        const settings = JSON.parse(fs.readFileSync(fullPath, { encoding: "utf8" }));
-        return settings[property];
-    }
-    try {
-        let appData;
-        switch (process.platform) {
-            case "win32":
-                appData = process.env.APPDATA;
-                return appData ? loadProperty(appData) : undefined;
-            case "darwin":
-                return loadProperty(homedir, "Library", "Application Support");
-            case "linux":
-                return loadProperty(homedir, ".config");
-            default:
-                return;
-        }
-    }
-    catch (e) {
-        logger.info(`Failed to load the Visual Studio Code configuration file. Error: ${e.message}`);
-        return;
-    }
-}
-/**
- * Connects to Azure using the credential provided by the VSCode extension 'Azure Account'.
- * Once the user has logged in via the extension, this credential can share the same refresh token
- * that is cached by the extension.
- *
- * It's a [known issue](https://github.com/Azure/azure-sdk-for-js/issues/20500) that this credential doesn't
- * work with [Azure Account extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azure-account)
- * versions newer than **0.9.11**. A long-term fix to this problem is in progress. In the meantime, consider
- * authenticating with {@link AzureCliCredential}.
- */
-export class VisualStudioCodeCredential {
-    /**
-     * Creates an instance of VisualStudioCodeCredential to use for automatically authenticating via VSCode.
-     *
-     * **Note**: `VisualStudioCodeCredential` is provided by a plugin package:
-     * `@azure/identity-vscode`. If this package is not installed and registered
-     * using the plugin API (`useIdentityPlugin`), then authentication using
-     * `VisualStudioCodeCredential` will not be available.
-     *
-     * @param options - Options for configuring the client which makes the authentication request.
-     */
-    constructor(options) {
-        // We want to make sure we use the one assigned by the user on the VSCode settings.
-        // Or just `AzureCloud` by default.
-        this.cloudName = (getPropertyFromVSCode("azure.cloud") || "AzureCloud");
-        // Picking an authority host based on the cloud name.
-        const authorityHost = mapVSCodeAuthorityHosts[this.cloudName];
-        this.identityClient = new IdentityClient(Object.assign({ authorityHost }, options));
-        if (options && options.tenantId) {
-            checkTenantId(logger, options.tenantId);
-            this.tenantId = options.tenantId;
-        }
-        else {
-            this.tenantId = CommonTenantId;
-        }
-        this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
-        checkUnsupportedTenant(this.tenantId);
-    }
-    /**
-     * Runs preparations for any further getToken request.
-     */
-    prepare() {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Attempts to load the tenant from the VSCode configuration file.
-            const settingsTenant = getPropertyFromVSCode("azure.tenant");
-            if (settingsTenant) {
-                this.tenantId = settingsTenant;
-            }
-            checkUnsupportedTenant(this.tenantId);
-        });
-    }
-    /**
-     * Runs preparations for any further getToken, but only once.
-     */
-    prepareOnce() {
-        if (!this.preparePromise) {
-            this.preparePromise = this.prepare();
-        }
-        return this.preparePromise;
-    }
-    /**
-     * Returns the token found by searching VSCode's authentication cache or
-     * returns null if no token could be found.
-     *
-     * @param scopes - The list of scopes for which the token will have access.
-     * @param options - The options used to configure any requests this
-     *                `TokenCredential` implementation might make.
-     */
-    getToken(scopes, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
-            yield this.prepareOnce();
-            const tenantId = processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds, logger) || this.tenantId;
-            if (findCredentials === undefined) {
-                throw new CredentialUnavailableError([
-                    "No implementation of `VisualStudioCodeCredential` is available.",
-                    "You must install the identity-vscode plugin package (`npm install --save-dev @azure/identity-vscode`)",
-                    "and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling",
-                    "`useIdentityPlugin(vsCodePlugin)` before creating a `VisualStudioCodeCredential`.",
-                    "To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.",
-                ].join(" "));
-            }
-            let scopeString = typeof scopes === "string" ? scopes : scopes.join(" ");
-            // Check to make sure the scope we get back is a valid scope
-            if (!scopeString.match(/^[0-9a-zA-Z-.:/]+$/)) {
-                const error = new Error("Invalid scope was specified by the user or calling client");
-                logger.getToken.info(formatError(scopes, error));
-                throw error;
-            }
-            if (scopeString.indexOf("offline_access") < 0) {
-                scopeString += " offline_access";
-            }
-            // findCredentials returns an array similar to:
-            // [
-            //   {
-            //     account: "",
-            //     password: "",
-            //   },
-            //   /* ... */
-            // ]
-            const credentials = yield findCredentials();
-            // If we can't find the credential based on the name, we'll pick the first one available.
-            const { password: refreshToken } = (_b = (_a = credentials.find(({ account }) => account === this.cloudName)) !== null && _a !== void 0 ? _a : credentials[0]) !== null && _b !== void 0 ? _b : {};
-            if (refreshToken) {
-                const tokenResponse = yield this.identityClient.refreshAccessToken(tenantId, AzureAccountClientId, scopeString, refreshToken, undefined);
-                if (tokenResponse) {
-                    logger.getToken.info(formatSuccess(scopes));
-                    return tokenResponse.accessToken;
-                }
-                else {
-                    const error = new CredentialUnavailableError("Could not retrieve the token associated with Visual Studio Code. Have you connected using the 'Azure Account' extension recently? To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.");
-                    logger.getToken.info(formatError(scopes, error));
-                    throw error;
-                }
-            }
-            else {
-                const error = new CredentialUnavailableError("Could not retrieve the token associated with Visual Studio Code. Did you connect using the 'Azure Account' extension? To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.");
-                logger.getToken.info(formatError(scopes, error));
-                throw error;
-            }
-        });
-    }
-}
-//# sourceMappingURL=visualStudioCodeCredential.js.map

package/dist-esm/identity/src/credentials/visualStudioCodeCredential.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"visualStudioCodeCredential.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/visualStudioCodeCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/E,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAG1D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,MAAM,cAAc,GAAG,QAAQ,CAAC;AAChC,MAAM,oBAAoB,GAAG,sCAAsC,CAAC,CAAC,8CAA8C;AACnH,MAAM,MAAM,GAAG,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;AAE9D,IAAI,eAAe,GAAuC,SAAS,CAAC;AAEpE,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,yBAAyB,CAAC,MAA8B;QACtD,eAAe,GAAG,MAAM,CAAC;IAC3B,CAAC;CACF,CAAC;AAEF,oEAAoE;AACpE,MAAM,oBAAoB,GAA2B;IACnD,IAAI,EAAE,mFAAmF;CAC1F,CAAC;AAEF,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,8CAA8C;IAC9C,MAAM,sBAAsB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAC9D,IAAI,sBAAsB,EAAE,CAAC;QAC3B,MAAM,IAAI,0BAA0B,CAAC,sBAAsB,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC;AAID,MAAM,uBAAuB,GAAqC;IAChE,UAAU,EAAE,mBAAmB,CAAC,gBAAgB;IAChD,UAAU,EAAE,mBAAmB,CAAC,UAAU;IAC1C,gBAAgB,EAAE,mBAAmB,CAAC,YAAY;IAClD,iBAAiB,EAAE,mBAAmB,CAAC,eAAe;CACvD,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAC/C,kEAAkE;IAClE,MAAM,YAAY,GAAG,MAAM,CAAC;IAC5B,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;IAE7B,SAAS,YAAY,CAAC,GAAG,YAAsB;QAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,YAAY,EAAE,YAAY,EAAE,GAAG,YAAY,CAAC,CAAC;QAC3E,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC;QAC7E,OAAO,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,CAAC;QACH,IAAI,OAAe,CAAC;QACpB,QAAQ,OAAO,CAAC,QAAQ,EAAE,CAAC;YACzB,KAAK,OAAO;gBACV,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAQ,CAAC;gBAC/B,OAAO,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACrD,KAAK,QAAQ;gBACX,OAAO,YAAY,CAAC,OAAO,EAAE,SAAS,EAAE,qBAAqB,CAAC,CAAC;YACjE,KAAK,OAAO;gBACV,OAAO,YAAY,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAC1C;gBACE,OAAO;QACX,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC7F,OAAO;IACT,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,OAAO,0BAA0B;IAMrC;;;;;;;;;OASG;IACH,YAAY,OAA2C;QACrD,mFAAmF;QACnF,mCAAmC;QACnC,IAAI,CAAC,SAAS,GAAG,CAAC,qBAAqB,CAAC,aAAa,CAAC,IAAI,YAAY,CAAqB,CAAC;QAE5F,qDAAqD;QACrD,MAAM,aAAa,GAAG,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAE9D,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,iBACtC,aAAa,IACV,OAAO,EACV,CAAC;QAEH,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YAChC,aAAa,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACnC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QACjC,CAAC;QAED,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACW,OAAO;;YACnB,kEAAkE;YAClE,MAAM,cAAc,GAAG,qBAAqB,CAAC,cAAc,CAAC,CAAC;YAC7D,IAAI,cAAc,EAAE,CAAC;gBACnB,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;YACjC,CAAC;YACD,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,CAAC;KAAA;IAOD;;OAEG;IACK,WAAW;QACjB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;QACvC,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;;;;;;OAOG;IACU,QAAQ,CACnB,MAAyB,EACzB,OAAyB;;;YAEzB,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;YAEzB,MAAM,QAAQ,GACZ,yBAAyB,CACvB,IAAI,CAAC,QAAQ,EACb,OAAO,EACP,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,IAAI,IAAI,CAAC,QAAQ,CAAC;YAErB,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;gBAClC,MAAM,IAAI,0BAA0B,CAClC;oBACE,iEAAiE;oBACjE,uGAAuG;oBACvG,mFAAmF;oBACnF,mFAAmF;oBACnF,wFAAwF;iBACzF,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;YACJ,CAAC;YAED,IAAI,WAAW,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAEzE,4DAA4D;YAC5D,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAC7C,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;gBACrF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;gBACjD,MAAM,KAAK,CAAC;YACd,CAAC;YAED,IAAI,WAAW,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC9C,WAAW,IAAI,iBAAiB,CAAC;YACnC,CAAC;YAED,+CAA+C;YAC/C,IAAI;YACJ,MAAM;YACN,mBAAmB;YACnB,oBAAoB;YACpB,OAAO;YACP,cAAc;YACd,IAAI;YACJ,MAAM,WAAW,GAAG,MAAM,eAAe,EAAE,CAAC;YAE5C,yFAAyF;YACzF,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAC9B,MAAA,MAAA,WAAW,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,SAAS,CAAC,mCAAI,WAAW,CAAC,CAAC,CAAC,mCAAI,EAAE,CAAC;YAExF,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAChE,QAAQ,EACR,oBAAoB,EACpB,WAAW,EACX,YAAY,EACZ,SAAS,CACV,CAAC;gBAEF,IAAI,aAAa,EAAE,CAAC;oBAClB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC5C,OAAO,aAAa,CAAC,WAAW,CAAC;gBACnC,CAAC;qBAAM,CAAC;oBACN,MAAM,KAAK,GAAG,IAAI,0BAA0B,CAC1C,0NAA0N,CAC3N,CAAC;oBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;oBACjD,MAAM,KAAK,CAAC;gBACd,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,KAAK,GAAG,IAAI,0BAA0B,CAC1C,8MAA8M,CAC/M,CAAC;gBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;gBACjD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC;KAAA;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { AzureAuthorityHosts } from \"../constants\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport { IdentityClient } from \"../client/identityClient\";\nimport type { VisualStudioCodeCredentialOptions } from \"./visualStudioCodeCredentialOptions\";\nimport type { VSCodeCredentialFinder } from \"./visualStudioCodeCredentialPlugin\";\nimport { checkTenantId } from \"../util/tenantIdUtils\";\nimport fs from \"fs\";\nimport os from \"os\";\nimport path from \"path\";\n\nconst CommonTenantId = \"common\";\nconst AzureAccountClientId = \"aebc6443-996d-45c2-90f0-388ff96faa56\"; // VSC: 'aebc6443-996d-45c2-90f0-388ff96faa56'\nconst logger = credentialLogger(\"VisualStudioCodeCredential\");\n\nlet findCredentials: VSCodeCredentialFinder | undefined = undefined;\n\nexport const vsCodeCredentialControl = {\n setVsCodeCredentialFinder(finder: VSCodeCredentialFinder): void {\n findCredentials = finder;\n },\n};\n\n// Map of unsupported Tenant IDs and the errors we will be throwing.\nconst unsupportedTenantIds: Record<string, string> = {\n adfs: \"The VisualStudioCodeCredential does not support authentication with ADFS tenants.\",\n};\n\nfunction checkUnsupportedTenant(tenantId: string): void {\n // If the Tenant ID isn't supported, we throw.\n const unsupportedTenantError = unsupportedTenantIds[tenantId];\n if (unsupportedTenantError) {\n throw new CredentialUnavailableError(unsupportedTenantError);\n }\n}\n\ntype VSCodeCloudNames = \"AzureCloud\" | \"AzureChina\" | \"AzureGermanCloud\" | \"AzureUSGovernment\";\n\nconst mapVSCodeAuthorityHosts: Record<VSCodeCloudNames, string> = {\n AzureCloud: AzureAuthorityHosts.AzurePublicCloud,\n AzureChina: AzureAuthorityHosts.AzureChina,\n AzureGermanCloud: AzureAuthorityHosts.AzureGermany,\n AzureUSGovernment: AzureAuthorityHosts.AzureGovernment,\n};\n\n/**\n * Attempts to load a specific property from the VSCode configurations of the current OS.\n * If it fails at any point, returns undefined.\n */\nexport function getPropertyFromVSCode(property: string): string | undefined {\n const settingsPath = [\"User\", \"settings.json\"];\n // Eventually we can add more folders for more versions of VSCode.\n const vsCodeFolder = \"Code\";\n const homedir = os.homedir();\n\n function loadProperty(...pathSegments: string[]): string | undefined {\n const fullPath = path.join(...pathSegments, vsCodeFolder, ...settingsPath);\n const settings = JSON.parse(fs.readFileSync(fullPath, { encoding: \"utf8\" }));\n return settings[property];\n }\n\n try {\n let appData: string;\n switch (process.platform) {\n case \"win32\":\n appData = process.env.APPDATA!;\n return appData ? loadProperty(appData) : undefined;\n case \"darwin\":\n return loadProperty(homedir, \"Library\", \"Application Support\");\n case \"linux\":\n return loadProperty(homedir, \".config\");\n default:\n return;\n }\n } catch (e: any) {\n logger.info(`Failed to load the Visual Studio Code configuration file. Error: ${e.message}`);\n return;\n }\n}\n\n/**\n * Connects to Azure using the credential provided by the VSCode extension 'Azure Account'.\n * Once the user has logged in via the extension, this credential can share the same refresh token\n * that is cached by the extension.\n *\n * It's a [known issue](https://github.com/Azure/azure-sdk-for-js/issues/20500) that this credential doesn't\n * work with [Azure Account extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azure-account)\n * versions newer than **0.9.11**. A long-term fix to this problem is in progress. In the meantime, consider\n * authenticating with {@link AzureCliCredential}.\n */\nexport class VisualStudioCodeCredential implements TokenCredential {\n private identityClient: IdentityClient;\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private cloudName: VSCodeCloudNames;\n\n /**\n * Creates an instance of VisualStudioCodeCredential to use for automatically authenticating via VSCode.\n *\n * **Note**: `VisualStudioCodeCredential` is provided by a plugin package:\n * `@azure/identity-vscode`. If this package is not installed and registered\n * using the plugin API (`useIdentityPlugin`), then authentication using\n * `VisualStudioCodeCredential` will not be available.\n *\n * @param options - Options for configuring the client which makes the authentication request.\n */\n constructor(options?: VisualStudioCodeCredentialOptions) {\n // We want to make sure we use the one assigned by the user on the VSCode settings.\n // Or just `AzureCloud` by default.\n this.cloudName = (getPropertyFromVSCode(\"azure.cloud\") || \"AzureCloud\") as VSCodeCloudNames;\n\n // Picking an authority host based on the cloud name.\n const authorityHost = mapVSCodeAuthorityHosts[this.cloudName];\n\n this.identityClient = new IdentityClient({\n authorityHost,\n ...options,\n });\n\n if (options && options.tenantId) {\n checkTenantId(logger, options.tenantId);\n this.tenantId = options.tenantId;\n } else {\n this.tenantId = CommonTenantId;\n }\n\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n checkUnsupportedTenant(this.tenantId);\n }\n\n /**\n * Runs preparations for any further getToken request.\n */\n private async prepare(): Promise<void> {\n // Attempts to load the tenant from the VSCode configuration file.\n const settingsTenant = getPropertyFromVSCode(\"azure.tenant\");\n if (settingsTenant) {\n this.tenantId = settingsTenant;\n }\n checkUnsupportedTenant(this.tenantId);\n }\n\n /**\n * The promise of the single preparation that will be executed at the first getToken request for an instance of this class.\n */\n private preparePromise: Promise<void> | undefined;\n\n /**\n * Runs preparations for any further getToken, but only once.\n */\n private prepareOnce(): Promise<void> | undefined {\n if (!this.preparePromise) {\n this.preparePromise = this.prepare();\n }\n return this.preparePromise;\n }\n\n /**\n * Returns the token found by searching VSCode's authentication cache or\n * returns null if no token could be found.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * `TokenCredential` implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options?: GetTokenOptions,\n ): Promise<AccessToken> {\n await this.prepareOnce();\n\n const tenantId =\n processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n logger,\n ) || this.tenantId;\n\n if (findCredentials === undefined) {\n throw new CredentialUnavailableError(\n [\n \"No implementation of `VisualStudioCodeCredential` is available.\",\n \"You must install the identity-vscode plugin package (`npm install --save-dev @azure/identity-vscode`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(vsCodePlugin)` before creating a `VisualStudioCodeCredential`.\",\n \"To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.\",\n ].join(\" \"),\n );\n }\n\n let scopeString = typeof scopes === \"string\" ? scopes : scopes.join(\" \");\n\n // Check to make sure the scope we get back is a valid scope\n if (!scopeString.match(/^[0-9a-zA-Z-.:/]+$/)) {\n const error = new Error(\"Invalid scope was specified by the user or calling client\");\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n\n if (scopeString.indexOf(\"offline_access\") < 0) {\n scopeString += \" offline_access\";\n }\n\n // findCredentials returns an array similar to:\n // [\n // {\n // account: \"\",\n // password: \"\",\n // },\n // /* ... */\n // ]\n const credentials = await findCredentials();\n\n // If we can't find the credential based on the name, we'll pick the first one available.\n const { password: refreshToken } =\n credentials.find(({ account }) => account === this.cloudName) ?? credentials[0] ?? {};\n\n if (refreshToken) {\n const tokenResponse = await this.identityClient.refreshAccessToken(\n tenantId,\n AzureAccountClientId,\n scopeString,\n refreshToken,\n undefined,\n );\n\n if (tokenResponse) {\n logger.getToken.info(formatSuccess(scopes));\n return tokenResponse.accessToken;\n } else {\n const error = new CredentialUnavailableError(\n \"Could not retrieve the token associated with Visual Studio Code. Have you connected using the 'Azure Account' extension recently? To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n } else {\n const error = new CredentialUnavailableError(\n \"Could not retrieve the token associated with Visual Studio Code. Did you connect using the 'Azure Account' extension? To troubleshoot, visit https://aka.ms/azsdk/js/identity/vscodecredential/troubleshoot.\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n }\n}\n"]}

package/dist-esm/identity/src/credentials/visualStudioCodeCredentialOptions.js DELETED Viewed

@@ -1,4 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export {};
-//# sourceMappingURL=visualStudioCodeCredentialOptions.js.map

package/dist-esm/identity/src/credentials/visualStudioCodeCredentialOptions.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"visualStudioCodeCredentialOptions.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/visualStudioCodeCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions\";\n\n/**\n * Provides options to configure the Visual Studio Code credential.\n */\nexport interface VisualStudioCodeCredentialOptions extends MultiTenantTokenCredentialOptions {\n /**\n * Optionally pass in a Tenant ID to be used as part of the credential\n */\n tenantId?: string;\n}\n"]}

package/dist-esm/identity/src/credentials/visualStudioCodeCredentialPlugin.js DELETED Viewed

@@ -1,4 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export {};
-//# sourceMappingURL=visualStudioCodeCredentialPlugin.js.map

package/dist-esm/identity/src/credentials/visualStudioCodeCredentialPlugin.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"visualStudioCodeCredentialPlugin.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/visualStudioCodeCredentialPlugin.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * A function that searches for credentials in the Visual Studio Code credential store.\n *\n * @returns an array of credentials (username and password)\n * @internal\n */\nexport type VSCodeCredentialFinder = () => Promise<Array<{ account: string; password: string }>>;\n"]}

package/dist-esm/identity/src/credentials/workloadIdentityCredential.js DELETED Viewed

@@ -1,119 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { __awaiter } from "tslib";
-import { credentialLogger, processEnvVars } from "../util/logging";
-import { ClientAssertionCredential } from "./clientAssertionCredential";
-import { CredentialUnavailableError } from "../errors";
-import { checkTenantId } from "../util/tenantIdUtils";
-import { readFile } from "fs/promises";
-const credentialName = "WorkloadIdentityCredential";
-/**
- * Contains the list of all supported environment variable names so that an
- * appropriate error message can be generated when no credentials can be
- * configured.
- *
- * @internal
- */
-export const SupportedWorkloadEnvironmentVariables = [
-    "AZURE_TENANT_ID",
-    "AZURE_CLIENT_ID",
-    "AZURE_FEDERATED_TOKEN_FILE",
-];
-const logger = credentialLogger(credentialName);
-/**
- * Workload Identity authentication is a feature in Azure that allows applications running on virtual machines (VMs)
- * to access other Azure resources without the need for a service principal or managed identity. With Workload Identity
- * authentication, applications authenticate themselves using their own identity, rather than using a shared service
- * principal or managed identity. Under the hood, Workload Identity authentication uses the concept of Service Account
- * Credentials (SACs), which are automatically created by Azure and stored securely in the VM. By using Workload
- * Identity authentication, you can avoid the need to manage and rotate service principals or managed identities for
- * each application on each VM. Additionally, because SACs are created automatically and managed by Azure, you don't
- * need to worry about storing and securing sensitive credentials themselves.
- * The WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Azure Kubernetes and acquires
- * a token using the SACs available in the Azure Kubernetes environment.
- * Refer to <a href="https://learn.microsoft.com/azure/aks/workload-identity-overview">Microsoft Entra
- * Workload ID</a> for more information.
- */
-export class WorkloadIdentityCredential {
-    /**
-     * WorkloadIdentityCredential supports Microsoft Entra Workload ID on Kubernetes.
-     *
-     * @param options - The identity client options to use for authentication.
-     */
-    constructor(options) {
-        this.azureFederatedTokenFileContent = undefined;
-        this.cacheDate = undefined;
-        // Logging environment variables for error details
-        const assignedEnv = processEnvVars(SupportedWorkloadEnvironmentVariables).assigned.join(", ");
-        logger.info(`Found the following environment variables: ${assignedEnv}`);
-        const workloadIdentityCredentialOptions = options !== null && options !== void 0 ? options : {};
-        const tenantId = workloadIdentityCredentialOptions.tenantId || process.env.AZURE_TENANT_ID;
-        const clientId = workloadIdentityCredentialOptions.clientId || process.env.AZURE_CLIENT_ID;
-        this.federatedTokenFilePath =
-            workloadIdentityCredentialOptions.tokenFilePath || process.env.AZURE_FEDERATED_TOKEN_FILE;
-        if (tenantId) {
-            checkTenantId(logger, tenantId);
-        }
-        if (!clientId) {
-            throw new CredentialUnavailableError(`${credentialName}: is unavailable. clientId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - "AZURE_CLIENT_ID".
-        See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`);
-        }
-        if (!tenantId) {
-            throw new CredentialUnavailableError(`${credentialName}: is unavailable. tenantId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - "AZURE_TENANT_ID".
-        See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`);
-        }
-        if (!this.federatedTokenFilePath) {
-            throw new CredentialUnavailableError(`${credentialName}: is unavailable. federatedTokenFilePath is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - "AZURE_FEDERATED_TOKEN_FILE".
-        See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`);
-        }
-        logger.info(`Invoking ClientAssertionCredential with tenant ID: ${tenantId}, clientId: ${workloadIdentityCredentialOptions.clientId} and federated token path: [REDACTED]`);
-        this.client = new ClientAssertionCredential(tenantId, clientId, this.readFileContents.bind(this), options);
-    }
-    /**
-     * Authenticates with Microsoft Entra ID and returns an access token if successful.
-     * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
-     *
-     * @param scopes - The list of scopes for which the token will have access.
-     * @param options - The options used to configure any requests this
-     *                TokenCredential implementation might make.
-     */
-    getToken(scopes, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (!this.client) {
-                const errorMessage = `${credentialName}: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters.
-      In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables -
-      "AZURE_TENANT_ID",
-      "AZURE_CLIENT_ID",
-      "AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`;
-                logger.info(errorMessage);
-                throw new CredentialUnavailableError(errorMessage);
-            }
-            logger.info("Invoking getToken() of Client Assertion Credential");
-            return this.client.getToken(scopes, options);
-        });
-    }
-    readFileContents() {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Cached assertions expire after 5 minutes
-            if (this.cacheDate !== undefined && Date.now() - this.cacheDate >= 1000 * 60 * 5) {
-                this.azureFederatedTokenFileContent = undefined;
-            }
-            if (!this.federatedTokenFilePath) {
-                throw new CredentialUnavailableError(`${credentialName}: is unavailable. Invalid file path provided ${this.federatedTokenFilePath}.`);
-            }
-            if (!this.azureFederatedTokenFileContent) {
-                const file = yield readFile(this.federatedTokenFilePath, "utf8");
-                const value = file.trim();
-                if (!value) {
-                    throw new CredentialUnavailableError(`${credentialName}: is unavailable. No content on the file ${this.federatedTokenFilePath}.`);
-                }
-                else {
-                    this.azureFederatedTokenFileContent = value;
-                    this.cacheDate = Date.now();
-                }
-            }
-            return this.azureFederatedTokenFileContent;
-        });
-    }
-}
-//# sourceMappingURL=workloadIdentityCredential.js.map

package/dist-esm/identity/src/credentials/workloadIdentityCredential.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"workloadIdentityCredential.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/workloadIdentityCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAGlC,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAEnE,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAEvD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,MAAM,cAAc,GAAG,4BAA4B,CAAC;AACpD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,qCAAqC,GAAG;IACnD,iBAAiB;IACjB,iBAAiB;IACjB,4BAA4B;CAC7B,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAChD;;;;;;;;;;;;;GAaG;AACH,MAAM,OAAO,0BAA0B;IAMrC;;;;OAIG;IACH,YAAY,OAA2C;QAT/C,mCAA8B,GAAuB,SAAS,CAAC;QAC/D,cAAS,GAAuB,SAAS,CAAC;QAShD,kDAAkD;QAClD,MAAM,WAAW,GAAG,cAAc,CAAC,qCAAqC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9F,MAAM,CAAC,IAAI,CAAC,8CAA8C,WAAW,EAAE,CAAC,CAAC;QAEzE,MAAM,iCAAiC,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC;QACxD,MAAM,QAAQ,GAAG,iCAAiC,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC3F,MAAM,QAAQ,GAAG,iCAAiC,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC3F,IAAI,CAAC,sBAAsB;YACzB,iCAAiC,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;QAC5F,IAAI,QAAQ,EAAE,CAAC;YACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc;qIAC4G,CAC9H,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc;qIAC4G,CAC9H,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;YACjC,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc;qIAC4G,CAC9H,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CACT,sDAAsD,QAAQ,eAAe,iCAAiC,CAAC,QAAQ,uCAAuC,CAC/J,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,yBAAyB,CACzC,QAAQ,EACR,QAAQ,EACR,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAChC,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACU,QAAQ,CACnB,MAAyB,EACzB,OAAyB;;YAEzB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;gBACjB,MAAM,YAAY,GAAG,GAAG,cAAc;;;;iKAIqH,CAAC;gBAC5J,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;gBAC1B,MAAM,IAAI,0BAA0B,CAAC,YAAY,CAAC,CAAC;YACrD,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;YAClE,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC/C,CAAC;KAAA;IAEa,gBAAgB;;YAC5B,2CAA2C;YAC3C,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;gBACjF,IAAI,CAAC,8BAA8B,GAAG,SAAS,CAAC;YAClD,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBACjC,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc,gDAAgD,IAAI,CAAC,sBAAsB,GAAG,CAChG,CAAC;YACJ,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC;gBACzC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC;gBACjE,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc,4CAA4C,IAAI,CAAC,sBAAsB,GAAG,CAC5F,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,8BAA8B,GAAG,KAAK,CAAC;oBAC5C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;gBAC9B,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC,8BAA8B,CAAC;QAC7C,CAAC;KAAA;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, processEnvVars } from \"../util/logging\";\n\nimport { ClientAssertionCredential } from \"./clientAssertionCredential\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport type { WorkloadIdentityCredentialOptions } from \"./workloadIdentityCredentialOptions\";\nimport { checkTenantId } from \"../util/tenantIdUtils\";\nimport { readFile } from \"fs/promises\";\n\nconst credentialName = \"WorkloadIdentityCredential\";\n/**\n * Contains the list of all supported environment variable names so that an\n * appropriate error message can be generated when no credentials can be\n * configured.\n *\n * @internal\n */\nexport const SupportedWorkloadEnvironmentVariables = [\n \"AZURE_TENANT_ID\",\n \"AZURE_CLIENT_ID\",\n \"AZURE_FEDERATED_TOKEN_FILE\",\n];\nconst logger = credentialLogger(credentialName);\n/**\n * Workload Identity authentication is a feature in Azure that allows applications running on virtual machines (VMs)\n * to access other Azure resources without the need for a service principal or managed identity. With Workload Identity\n * authentication, applications authenticate themselves using their own identity, rather than using a shared service\n * principal or managed identity. Under the hood, Workload Identity authentication uses the concept of Service Account\n * Credentials (SACs), which are automatically created by Azure and stored securely in the VM. By using Workload\n * Identity authentication, you can avoid the need to manage and rotate service principals or managed identities for\n * each application on each VM. Additionally, because SACs are created automatically and managed by Azure, you don't\n * need to worry about storing and securing sensitive credentials themselves.\n * The WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Azure Kubernetes and acquires\n * a token using the SACs available in the Azure Kubernetes environment.\n * Refer to <a href=\"https://learn.microsoft.com/azure/aks/workload-identity-overview\">Microsoft Entra\n * Workload ID</a> for more information.\n */\nexport class WorkloadIdentityCredential implements TokenCredential {\n private client: ClientAssertionCredential | undefined;\n private azureFederatedTokenFileContent: string | undefined = undefined;\n private cacheDate: number | undefined = undefined;\n private federatedTokenFilePath: string | undefined;\n\n /**\n * WorkloadIdentityCredential supports Microsoft Entra Workload ID on Kubernetes.\n *\n * @param options - The identity client options to use for authentication.\n */\n constructor(options?: WorkloadIdentityCredentialOptions) {\n // Logging environment variables for error details\n const assignedEnv = processEnvVars(SupportedWorkloadEnvironmentVariables).assigned.join(\", \");\n logger.info(`Found the following environment variables: ${assignedEnv}`);\n\n const workloadIdentityCredentialOptions = options ?? {};\n const tenantId = workloadIdentityCredentialOptions.tenantId || process.env.AZURE_TENANT_ID;\n const clientId = workloadIdentityCredentialOptions.clientId || process.env.AZURE_CLIENT_ID;\n this.federatedTokenFilePath =\n workloadIdentityCredentialOptions.tokenFilePath || process.env.AZURE_FEDERATED_TOKEN_FILE;\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n if (!clientId) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. clientId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - \"AZURE_CLIENT_ID\".\n See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`,\n );\n }\n\n if (!tenantId) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. tenantId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - \"AZURE_TENANT_ID\".\n See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`,\n );\n }\n\n if (!this.federatedTokenFilePath) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. federatedTokenFilePath is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - \"AZURE_FEDERATED_TOKEN_FILE\".\n See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`,\n );\n }\n\n logger.info(\n `Invoking ClientAssertionCredential with tenant ID: ${tenantId}, clientId: ${workloadIdentityCredentialOptions.clientId} and federated token path: [REDACTED]`,\n );\n this.client = new ClientAssertionCredential(\n tenantId,\n clientId,\n this.readFileContents.bind(this),\n options,\n );\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options?: GetTokenOptions,\n ): Promise<AccessToken | null> {\n if (!this.client) {\n const errorMessage = `${credentialName}: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters. \n In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables - \n \"AZURE_TENANT_ID\",\n \"AZURE_CLIENT_ID\",\n \"AZURE_FEDERATED_TOKEN_FILE\". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`;\n logger.info(errorMessage);\n throw new CredentialUnavailableError(errorMessage);\n }\n logger.info(\"Invoking getToken() of Client Assertion Credential\");\n return this.client.getToken(scopes, options);\n }\n\n private async readFileContents(): Promise<string> {\n // Cached assertions expire after 5 minutes\n if (this.cacheDate !== undefined && Date.now() - this.cacheDate >= 1000 * 60 * 5) {\n this.azureFederatedTokenFileContent = undefined;\n }\n if (!this.federatedTokenFilePath) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. Invalid file path provided ${this.federatedTokenFilePath}.`,\n );\n }\n if (!this.azureFederatedTokenFileContent) {\n const file = await readFile(this.federatedTokenFilePath, \"utf8\");\n const value = file.trim();\n if (!value) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. No content on the file ${this.federatedTokenFilePath}.`,\n );\n } else {\n this.azureFederatedTokenFileContent = value;\n this.cacheDate = Date.now();\n }\n }\n return this.azureFederatedTokenFileContent;\n }\n}\n"]}

package/dist-esm/identity/src/credentials/workloadIdentityCredentialOptions.js DELETED Viewed

@@ -1,4 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export {};
-//# sourceMappingURL=workloadIdentityCredentialOptions.js.map

package/dist-esm/identity/src/credentials/workloadIdentityCredentialOptions.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"workloadIdentityCredentialOptions.js","sourceRoot":"","sources":["../../../../../identity/src/credentials/workloadIdentityCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions\";\n\n/**\n * Options for the {@link WorkloadIdentityCredential}\n */\nexport interface WorkloadIdentityCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n AuthorityValidationOptions {\n /**\n * ID of the application's Microsoft Entra tenant. Also called its directory ID.\n */\n tenantId?: string;\n /**\n * The client ID of a Microsoft Entra app registration.\n */\n clientId?: string;\n /**\n * The path to a file containing a Kubernetes service account token that authenticates the identity.\n */\n tokenFilePath?: string;\n}\n"]}

package/dist-esm/identity/src/errors.js DELETED Viewed

@@ -1,123 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-function isErrorResponse(errorResponse) {
-    return (errorResponse &&
-        typeof errorResponse.error === "string" &&
-        typeof errorResponse.error_description === "string");
-}
-/**
- * The Error.name value of an CredentialUnavailable
- */
-export const CredentialUnavailableErrorName = "CredentialUnavailableError";
-/**
- * This signifies that the credential that was tried in a chained credential
- * was not available to be used as the credential. Rather than treating this as
- * an error that should halt the chain, it's caught and the chain continues
- */
-export class CredentialUnavailableError extends Error {
-    constructor(message, options) {
-        // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property
-        super(message, options);
-        this.name = CredentialUnavailableErrorName;
-    }
-}
-/**
- * The Error.name value of an AuthenticationError
- */
-export const AuthenticationErrorName = "AuthenticationError";
-/**
- * Provides details about a failure to authenticate with Azure Active
- * Directory.  The `errorResponse` field contains more details about
- * the specific failure.
- */
-export class AuthenticationError extends Error {
-    constructor(statusCode, errorBody, options) {
-        let errorResponse = {
-            error: "unknown",
-            errorDescription: "An unknown error occurred and no additional details are available.",
-        };
-        if (isErrorResponse(errorBody)) {
-            errorResponse = convertOAuthErrorResponseToErrorResponse(errorBody);
-        }
-        else if (typeof errorBody === "string") {
-            try {
-                // Most error responses will contain JSON-formatted error details
-                // in the response body
-                const oauthErrorResponse = JSON.parse(errorBody);
-                errorResponse = convertOAuthErrorResponseToErrorResponse(oauthErrorResponse);
-            }
-            catch (e) {
-                if (statusCode === 400) {
-                    errorResponse = {
-                        error: "invalid_request",
-                        errorDescription: `The service indicated that the request was invalid.\n\n${errorBody}`,
-                    };
-                }
-                else {
-                    errorResponse = {
-                        error: "unknown_error",
-                        errorDescription: `An unknown error has occurred. Response body:\n\n${errorBody}`,
-                    };
-                }
-            }
-        }
-        else {
-            errorResponse = {
-                error: "unknown_error",
-                errorDescription: "An unknown error occurred and no additional details are available.",
-            };
-        }
-        super(`${errorResponse.error} Status code: ${statusCode}\nMore details:\n${errorResponse.errorDescription},`,
-        // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property
-        options);
-        this.statusCode = statusCode;
-        this.errorResponse = errorResponse;
-        // Ensure that this type reports the correct name
-        this.name = AuthenticationErrorName;
-    }
-}
-/**
- * The Error.name value of an AggregateAuthenticationError
- */
-export const AggregateAuthenticationErrorName = "AggregateAuthenticationError";
-/**
- * Provides an `errors` array containing {@link AuthenticationError} instance
- * for authentication failures from credentials in a {@link ChainedTokenCredential}.
- */
-export class AggregateAuthenticationError extends Error {
-    constructor(errors, errorMessage) {
-        const errorDetail = errors.join("\n");
-        super(`${errorMessage}\n${errorDetail}`);
-        this.errors = errors;
-        // Ensure that this type reports the correct name
-        this.name = AggregateAuthenticationErrorName;
-    }
-}
-function convertOAuthErrorResponseToErrorResponse(errorBody) {
-    return {
-        error: errorBody.error,
-        errorDescription: errorBody.error_description,
-        correlationId: errorBody.correlation_id,
-        errorCodes: errorBody.error_codes,
-        timestamp: errorBody.timestamp,
-        traceId: errorBody.trace_id,
-    };
-}
-/**
- * Error used to enforce authentication after trying to retrieve a token silently.
- */
-export class AuthenticationRequiredError extends Error {
-    constructor(
-    /**
-     * Optional parameters. A message can be specified. The {@link GetTokenOptions} of the request can also be specified to more easily associate the error with the received parameters.
-     */
-    options) {
-        super(options.message,
-        // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property
-        options.cause ? { cause: options.cause } : undefined);
-        this.scopes = options.scopes;
-        this.getTokenOptions = options.getTokenOptions;
-        this.name = "AuthenticationRequiredError";
-    }
-}
-//# sourceMappingURL=errors.js.map