@azure/identity-cache-persistence 1.1.2-alpha.20241111.1 → 1.1.2-alpha.20241113.2

package/dist-esm/identity/src/errors.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../../identity/src/errors.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAyDlC,SAAS,eAAe,CAAC,aAAkB;IACzC,OAAO,CACL,aAAa;QACb,OAAO,aAAa,CAAC,KAAK,KAAK,QAAQ;QACvC,OAAO,aAAa,CAAC,iBAAiB,KAAK,QAAQ,CACpD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,8BAA8B,GAAG,4BAA4B,CAAC;AAE3E;;;;GAIG;AACH,MAAM,OAAO,0BAA2B,SAAQ,KAAK;IACnD,YAAY,OAAgB,EAAE,OAA6B;QACzD,2JAA2J;QAC3J,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;IAC7C,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AAE7D;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAW5C,YACE,UAAkB,EAClB,SAA6C,EAC7C,OAA6B;QAE7B,IAAI,aAAa,GAAkB;YACjC,KAAK,EAAE,SAAS;YAChB,gBAAgB,EAAE,oEAAoE;SACvF,CAAC;QAEF,IAAI,eAAe,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/B,aAAa,GAAG,wCAAwC,CAAC,SAAS,CAAC,CAAC;QACtE,CAAC;aAAM,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC;gBACH,iEAAiE;gBACjE,uBAAuB;gBACvB,MAAM,kBAAkB,GAAuB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBACrE,aAAa,GAAG,wCAAwC,CAAC,kBAAkB,CAAC,CAAC;YAC/E,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;oBACvB,aAAa,GAAG;wBACd,KAAK,EAAE,iBAAiB;wBACxB,gBAAgB,EAAE,0DAA0D,SAAS,EAAE;qBACxF,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,aAAa,GAAG;wBACd,KAAK,EAAE,eAAe;wBACtB,gBAAgB,EAAE,oDAAoD,SAAS,EAAE;qBAClF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,aAAa,GAAG;gBACd,KAAK,EAAE,eAAe;gBACtB,gBAAgB,EAAE,oEAAoE;aACvF,CAAC;QACJ,CAAC;QAED,KAAK,CACH,GAAG,aAAa,CAAC,KAAK,iBAAiB,UAAU,oBAAoB,aAAa,CAAC,gBAAgB,GAAG;QACtG,2JAA2J;QAC3J,OAAO,CACR,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QAEnC,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gCAAgC,GAAG,8BAA8B,CAAC;AAE/E;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IAOrD,YAAY,MAAa,EAAE,YAAqB;QAC9C,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,KAAK,CAAC,GAAG,YAAY,KAAK,WAAW,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,gCAAgC,CAAC;IAC/C,CAAC;CACF;AAED,SAAS,wCAAwC,CAAC,SAA6B;IAC7E,OAAO;QACL,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,gBAAgB,EAAE,SAAS,CAAC,iBAAiB;QAC7C,aAAa,EAAE,SAAS,CAAC,cAAc;QACvC,UAAU,EAAE,SAAS,CAAC,WAAW;QACjC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,OAAO,EAAE,SAAS,CAAC,QAAQ;KAC5B,CAAC;AACJ,CAAC;AAwBD;;GAEG;AACH,MAAM,OAAO,2BAA4B,SAAQ,KAAK;IAUpD;IACE;;OAEG;IACH,OAA2C;QAE3C,KAAK,CACH,OAAO,CAAC,OAAO;QACf,2JAA2J;QAC3J,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CACrD,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;QAC/C,IAAI,CAAC,IAAI,GAAG,6BAA6B,CAAC;IAC5C,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { GetTokenOptions } from \"@azure/core-auth\";\n\n/**\n * See the official documentation for more details:\n *\n * https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#error-response-1\n *\n * NOTE: This documentation is for v1 OAuth support but the same error\n * response details still apply to v2.\n */\nexport interface ErrorResponse {\n  /**\n   * The string identifier for the error.\n   */\n  error: string;\n\n  /**\n   * The error's description.\n   */\n  errorDescription: string;\n\n  /**\n   * An array of codes pertaining to the error(s) that occurred.\n   */\n  errorCodes?: number[];\n\n  /**\n   * The timestamp at which the error occurred.\n   */\n  timestamp?: string;\n\n  /**\n   * The trace identifier for this error occurrence.\n   */\n  traceId?: string;\n\n  /**\n   * The correlation ID to be used for tracking the source of the error.\n   */\n  correlationId?: string;\n}\n\n/**\n * Used for internal deserialization of OAuth responses. Public model is ErrorResponse\n * @internal\n */\nexport interface OAuthErrorResponse {\n  error: string;\n  error_description: string;\n  error_codes?: number[];\n  timestamp?: string;\n  trace_id?: string;\n  correlation_id?: string;\n}\n\nfunction isErrorResponse(errorResponse: any): errorResponse is OAuthErrorResponse {\n  return (\n    errorResponse &&\n    typeof errorResponse.error === \"string\" &&\n    typeof errorResponse.error_description === \"string\"\n  );\n}\n\n/**\n * The Error.name value of an CredentialUnavailable\n */\nexport const CredentialUnavailableErrorName = \"CredentialUnavailableError\";\n\n/**\n * This signifies that the credential that was tried in a chained credential\n * was not available to be used as the credential. Rather than treating this as\n * an error that should halt the chain, it's caught and the chain continues\n */\nexport class CredentialUnavailableError extends Error {\n  constructor(message?: string, options?: { cause?: unknown }) {\n    // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property\n    super(message, options);\n    this.name = CredentialUnavailableErrorName;\n  }\n}\n\n/**\n * The Error.name value of an AuthenticationError\n */\nexport const AuthenticationErrorName = \"AuthenticationError\";\n\n/**\n * Provides details about a failure to authenticate with Azure Active\n * Directory.  The `errorResponse` field contains more details about\n * the specific failure.\n */\nexport class AuthenticationError extends Error {\n  /**\n   * The HTTP status code returned from the authentication request.\n   */\n  public readonly statusCode: number;\n\n  /**\n   * The error response details.\n   */\n  public readonly errorResponse: ErrorResponse;\n\n  constructor(\n    statusCode: number,\n    errorBody: object | string | undefined | null,\n    options?: { cause?: unknown },\n  ) {\n    let errorResponse: ErrorResponse = {\n      error: \"unknown\",\n      errorDescription: \"An unknown error occurred and no additional details are available.\",\n    };\n\n    if (isErrorResponse(errorBody)) {\n      errorResponse = convertOAuthErrorResponseToErrorResponse(errorBody);\n    } else if (typeof errorBody === \"string\") {\n      try {\n        // Most error responses will contain JSON-formatted error details\n        // in the response body\n        const oauthErrorResponse: OAuthErrorResponse = JSON.parse(errorBody);\n        errorResponse = convertOAuthErrorResponseToErrorResponse(oauthErrorResponse);\n      } catch (e: any) {\n        if (statusCode === 400) {\n          errorResponse = {\n            error: \"invalid_request\",\n            errorDescription: `The service indicated that the request was invalid.\\n\\n${errorBody}`,\n          };\n        } else {\n          errorResponse = {\n            error: \"unknown_error\",\n            errorDescription: `An unknown error has occurred. Response body:\\n\\n${errorBody}`,\n          };\n        }\n      }\n    } else {\n      errorResponse = {\n        error: \"unknown_error\",\n        errorDescription: \"An unknown error occurred and no additional details are available.\",\n      };\n    }\n\n    super(\n      `${errorResponse.error} Status code: ${statusCode}\\nMore details:\\n${errorResponse.errorDescription},`,\n      // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property\n      options,\n    );\n    this.statusCode = statusCode;\n    this.errorResponse = errorResponse;\n\n    // Ensure that this type reports the correct name\n    this.name = AuthenticationErrorName;\n  }\n}\n\n/**\n * The Error.name value of an AggregateAuthenticationError\n */\nexport const AggregateAuthenticationErrorName = \"AggregateAuthenticationError\";\n\n/**\n * Provides an `errors` array containing {@link AuthenticationError} instance\n * for authentication failures from credentials in a {@link ChainedTokenCredential}.\n */\nexport class AggregateAuthenticationError extends Error {\n  /**\n   * The array of error objects that were thrown while trying to authenticate\n   * with the credentials in a {@link ChainedTokenCredential}.\n   */\n  public errors: any[];\n\n  constructor(errors: any[], errorMessage?: string) {\n    const errorDetail = errors.join(\"\\n\");\n    super(`${errorMessage}\\n${errorDetail}`);\n    this.errors = errors;\n\n    // Ensure that this type reports the correct name\n    this.name = AggregateAuthenticationErrorName;\n  }\n}\n\nfunction convertOAuthErrorResponseToErrorResponse(errorBody: OAuthErrorResponse): ErrorResponse {\n  return {\n    error: errorBody.error,\n    errorDescription: errorBody.error_description,\n    correlationId: errorBody.correlation_id,\n    errorCodes: errorBody.error_codes,\n    timestamp: errorBody.timestamp,\n    traceId: errorBody.trace_id,\n  };\n}\n\n/**\n * Optional parameters to the {@link AuthenticationRequiredError}\n */\nexport interface AuthenticationRequiredErrorOptions {\n  /**\n   * The list of scopes for which the token will have access.\n   */\n  scopes: string[];\n  /**\n   * The options passed to the getToken request.\n   */\n  getTokenOptions?: GetTokenOptions;\n  /**\n   * The message of the error.\n   */\n  message?: string;\n  /**\n   * The underlying cause, if any, that caused the authentication to fail.\n   */\n  cause?: unknown;\n}\n\n/**\n * Error used to enforce authentication after trying to retrieve a token silently.\n */\nexport class AuthenticationRequiredError extends Error {\n  /**\n   * The list of scopes for which the token will have access.\n   */\n  public scopes: string[];\n  /**\n   * The options passed to the getToken request.\n   */\n  public getTokenOptions?: GetTokenOptions;\n\n  constructor(\n    /**\n     * Optional parameters. A message can be specified. The {@link GetTokenOptions} of the request can also be specified to more easily associate the error with the received parameters.\n     */\n    options: AuthenticationRequiredErrorOptions,\n  ) {\n    super(\n      options.message,\n      // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property\n      options.cause ? { cause: options.cause } : undefined,\n    );\n    this.scopes = options.scopes;\n    this.getTokenOptions = options.getTokenOptions;\n    this.name = \"AuthenticationRequiredError\";\n  }\n}\n"]}

package/dist-esm/identity/src/index.js

@@ -1,34 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export * from "./plugins/consumer";
-import { DefaultAzureCredential } from "./credentials/defaultAzureCredential";
-export { AuthenticationError, AggregateAuthenticationError, AuthenticationErrorName, AggregateAuthenticationErrorName, CredentialUnavailableError, CredentialUnavailableErrorName, AuthenticationRequiredError, } from "./errors";
-export { serializeAuthenticationRecord, deserializeAuthenticationRecord } from "./msal/utils";
-export { ChainedTokenCredential } from "./credentials/chainedTokenCredential";
-export { ClientSecretCredential } from "./credentials/clientSecretCredential";
-export { DefaultAzureCredential } from "./credentials/defaultAzureCredential";
-export { EnvironmentCredential } from "./credentials/environmentCredential";
-export { ClientCertificateCredential, } from "./credentials/clientCertificateCredential";
-export { ClientAssertionCredential } from "./credentials/clientAssertionCredential";
-export { AzureCliCredential } from "./credentials/azureCliCredential";
-export { AzureDeveloperCliCredential } from "./credentials/azureDeveloperCliCredential";
-export { InteractiveBrowserCredential } from "./credentials/interactiveBrowserCredential";
-export { ManagedIdentityCredential, } from "./credentials/managedIdentityCredential";
-export { DeviceCodeCredential } from "./credentials/deviceCodeCredential";
-export { AzurePipelinesCredential as AzurePipelinesCredential } from "./credentials/azurePipelinesCredential";
-export { AuthorizationCodeCredential } from "./credentials/authorizationCodeCredential";
-export { AzurePowerShellCredential } from "./credentials/azurePowerShellCredential";
-export { UsernamePasswordCredential } from "./credentials/usernamePasswordCredential";
-export { VisualStudioCodeCredential } from "./credentials/visualStudioCodeCredential";
-export { OnBehalfOfCredential } from "./credentials/onBehalfOfCredential";
-export { WorkloadIdentityCredential } from "./credentials/workloadIdentityCredential";
-export { logger } from "./util/logging";
-export { AzureAuthorityHosts } from "./constants";
-/**
- * Returns a new instance of the {@link DefaultAzureCredential}.
- */
-export function getDefaultAzureCredential() {
-    return new DefaultAzureCredential();
-}
-export { getBearerTokenProvider } from "./tokenProvider";
-//# sourceMappingURL=index.js.map

package/dist-esm/identity/src/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../identity/src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,cAAc,oBAAoB,CAAC;AAKnC,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAE9E,OAAO,EACL,mBAAmB,EAEnB,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC9B,2BAA2B,GAE5B,MAAM,UAAU,CAAC;AAGlB,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,cAAc,CAAC;AAe9F,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAE9E,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAG9E,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAO9E,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAG5E,OAAO,EACL,2BAA2B,GAI5B,MAAM,2CAA2C,CAAC;AAEnD,OAAO,EAAE,yBAAyB,EAAE,MAAM,yCAAyC,CAAC;AAGpF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AAEtE,OAAO,EAAE,2BAA2B,EAAE,MAAM,2CAA2C,CAAC;AAExF,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EACL,yBAAyB,GAI1B,MAAM,yCAAyC,CAAC;AACjD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAM1E,OAAO,EAAE,wBAAwB,IAAI,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AAE9G,OAAO,EAAE,2BAA2B,EAAE,MAAM,2CAA2C,CAAC;AAExF,OAAO,EAAE,yBAAyB,EAAE,MAAM,yCAAyC,CAAC;AAQpF,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAEtF,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAEtF,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAMtF,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAExC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,UAAU,yBAAyB;IACvC,OAAO,IAAI,sBAAsB,EAAE,CAAC;AACtC,CAAC;AAED,OAAO,EAAE,sBAAsB,EAAiC,MAAM,iBAAiB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport * from \"./plugins/consumer\";\n\nexport { IdentityPlugin } from \"./plugins/provider\";\n\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential\";\n\nexport {\n  AuthenticationError,\n  ErrorResponse,\n  AggregateAuthenticationError,\n  AuthenticationErrorName,\n  AggregateAuthenticationErrorName,\n  CredentialUnavailableError,\n  CredentialUnavailableErrorName,\n  AuthenticationRequiredError,\n  AuthenticationRequiredErrorOptions,\n} from \"./errors\";\n\nexport { AuthenticationRecord } from \"./msal/types\";\nexport { serializeAuthenticationRecord, deserializeAuthenticationRecord } from \"./msal/utils\";\nexport { TokenCredentialOptions } from \"./tokenCredentialOptions\";\nexport { MultiTenantTokenCredentialOptions } from \"./credentials/multiTenantTokenCredentialOptions\";\nexport { AuthorityValidationOptions } from \"./credentials/authorityValidationOptions\";\n// TODO: Export again once we're ready to release this feature.\n// export { RegionalAuthority } from \"./regionalAuthority\";\n\nexport { BrokerAuthOptions } from \"./credentials/brokerAuthOptions\";\nexport {\n  BrokerOptions,\n  BrokerEnabledOptions,\n  BrokerDisabledOptions,\n} from \"./msal/nodeFlows/brokerOptions\";\nexport { InteractiveCredentialOptions } from \"./credentials/interactiveCredentialOptions\";\n\nexport { ChainedTokenCredential } from \"./credentials/chainedTokenCredential\";\n\nexport { ClientSecretCredential } from \"./credentials/clientSecretCredential\";\nexport { ClientSecretCredentialOptions } from \"./credentials/clientSecretCredentialOptions\";\n\nexport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential\";\nexport {\n  DefaultAzureCredentialOptions,\n  DefaultAzureCredentialClientIdOptions,\n  DefaultAzureCredentialResourceIdOptions,\n} from \"./credentials/defaultAzureCredentialOptions\";\n\nexport { EnvironmentCredential } from \"./credentials/environmentCredential\";\nexport { EnvironmentCredentialOptions } from \"./credentials/environmentCredentialOptions\";\n\nexport {\n  ClientCertificateCredential,\n  ClientCertificateCredentialPEMConfiguration,\n  ClientCertificatePEMCertificatePath,\n  ClientCertificatePEMCertificate,\n} from \"./credentials/clientCertificateCredential\";\nexport { ClientCertificateCredentialOptions } from \"./credentials/clientCertificateCredentialOptions\";\nexport { ClientAssertionCredential } from \"./credentials/clientAssertionCredential\";\nexport { ClientAssertionCredentialOptions } from \"./credentials/clientAssertionCredentialOptions\";\nexport { CredentialPersistenceOptions } from \"./credentials/credentialPersistenceOptions\";\nexport { AzureCliCredential } from \"./credentials/azureCliCredential\";\nexport { AzureCliCredentialOptions } from \"./credentials/azureCliCredentialOptions\";\nexport { AzureDeveloperCliCredential } from \"./credentials/azureDeveloperCliCredential\";\nexport { AzureDeveloperCliCredentialOptions } from \"./credentials/azureDeveloperCliCredentialOptions\";\nexport { InteractiveBrowserCredential } from \"./credentials/interactiveBrowserCredential\";\nexport {\n  InteractiveBrowserCredentialNodeOptions,\n  InteractiveBrowserCredentialInBrowserOptions,\n  BrowserLoginStyle,\n} from \"./credentials/interactiveBrowserCredentialOptions\";\nexport {\n  ManagedIdentityCredential,\n  ManagedIdentityCredentialClientIdOptions,\n  ManagedIdentityCredentialResourceIdOptions,\n  ManagedIdentityCredentialObjectIdOptions,\n} from \"./credentials/managedIdentityCredential\";\nexport { DeviceCodeCredential } from \"./credentials/deviceCodeCredential\";\nexport {\n  DeviceCodePromptCallback,\n  DeviceCodeInfo,\n} from \"./credentials/deviceCodeCredentialOptions\";\nexport { DeviceCodeCredentialOptions } from \"./credentials/deviceCodeCredentialOptions\";\nexport { AzurePipelinesCredential as AzurePipelinesCredential } from \"./credentials/azurePipelinesCredential\";\nexport { AzurePipelinesCredentialOptions as AzurePipelinesCredentialOptions } from \"./credentials/azurePipelinesCredentialOptions\";\nexport { AuthorizationCodeCredential } from \"./credentials/authorizationCodeCredential\";\nexport { AuthorizationCodeCredentialOptions } from \"./credentials/authorizationCodeCredentialOptions\";\nexport { AzurePowerShellCredential } from \"./credentials/azurePowerShellCredential\";\nexport { AzurePowerShellCredentialOptions } from \"./credentials/azurePowerShellCredentialOptions\";\nexport {\n  OnBehalfOfCredentialOptions,\n  OnBehalfOfCredentialSecretOptions,\n  OnBehalfOfCredentialCertificateOptions,\n  OnBehalfOfCredentialAssertionOptions,\n} from \"./credentials/onBehalfOfCredentialOptions\";\nexport { UsernamePasswordCredential } from \"./credentials/usernamePasswordCredential\";\nexport { UsernamePasswordCredentialOptions } from \"./credentials/usernamePasswordCredentialOptions\";\nexport { VisualStudioCodeCredential } from \"./credentials/visualStudioCodeCredential\";\nexport { VisualStudioCodeCredentialOptions } from \"./credentials/visualStudioCodeCredentialOptions\";\nexport { OnBehalfOfCredential } from \"./credentials/onBehalfOfCredential\";\nexport { WorkloadIdentityCredential } from \"./credentials/workloadIdentityCredential\";\nexport { WorkloadIdentityCredentialOptions } from \"./credentials/workloadIdentityCredentialOptions\";\nexport { BrowserCustomizationOptions } from \"./credentials/browserCustomizationOptions\";\nexport { TokenCachePersistenceOptions } from \"./msal/nodeFlows/tokenCachePersistenceOptions\";\n\nexport { TokenCredential, GetTokenOptions, AccessToken } from \"@azure/core-auth\";\nexport { logger } from \"./util/logging\";\n\nexport { AzureAuthorityHosts } from \"./constants\";\n\n/**\n * Returns a new instance of the {@link DefaultAzureCredential}.\n */\nexport function getDefaultAzureCredential(): TokenCredential {\n  return new DefaultAzureCredential();\n}\n\nexport { getBearerTokenProvider, GetBearerTokenProviderOptions } from \"./tokenProvider\";\n"]}

package/dist-esm/identity/src/msal/msal.js

@@ -1,5 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import * as msalCommon from "@azure/msal-node";
-export { msalCommon };
-//# sourceMappingURL=msal.js.map

package/dist-esm/identity/src/msal/msal.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"msal.js","sourceRoot":"","sources":["../../../../../identity/src/msal/msal.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,UAAU,MAAM,kBAAkB,CAAC;AAE/C,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport * as msalCommon from \"@azure/msal-node\";\n\nexport { msalCommon };\n"]}

package/dist-esm/identity/src/msal/nodeFlows/brokerOptions.js

@@ -1,2 +0,0 @@
-export {};
-//# sourceMappingURL=brokerOptions.js.map

package/dist-esm/identity/src/msal/nodeFlows/brokerOptions.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"brokerOptions.js","sourceRoot":"","sources":["../../../../../../identity/src/msal/nodeFlows/brokerOptions.ts"],"names":[],"mappings":"","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n/**\n * Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.\n */\nexport type BrokerOptions = BrokerEnabledOptions | BrokerDisabledOptions;\n\n/**\n * Parameters when WAM broker authentication is disabled.\n */\nexport interface BrokerDisabledOptions {\n  /**\n   * If set to true, broker will be enabled for WAM support on Windows.\n   */\n  enabled: false;\n\n  /**\n   * If set to true, MSA account will be passed through, required for WAM authentication.\n   */\n  legacyEnableMsaPassthrough?: undefined;\n  /**\n   * Window handle for parent window, required for WAM authentication.\n   */\n  parentWindowHandle: undefined;\n}\n\n/**\n * Parameters when WAM broker authentication is enabled.\n */\nexport interface BrokerEnabledOptions {\n  /**\n   * If set to true, broker will be enabled for WAM support on Windows.\n   */\n  enabled: true;\n  /**\n   * If set to true, MSA account will be passed through, required for WAM authentication.\n   */\n  legacyEnableMsaPassthrough?: boolean;\n  /**\n   * Window handle for parent window, required for WAM authentication.\n   */\n  parentWindowHandle: Uint8Array;\n\n  /**\n   * If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication.\n   * Default is set to false.\n   */\n  useDefaultBrokerAccount?: boolean;\n}\n"]}

package/dist-esm/identity/src/msal/nodeFlows/msalClient.js

@@ -1,511 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { __awaiter } from "tslib";
-import * as msal from "@azure/msal-node";
-import { credentialLogger, formatSuccess } from "../../util/logging";
-import { msalPlugins } from "./msalPlugins";
-import { defaultLoggerCallback, ensureValidMsalToken, getAuthority, getAuthorityHost, getKnownAuthorities, getMSALLogLevel, handleMsalError, msalToPublic, publicToMsal, } from "../utils";
-import { AuthenticationRequiredError } from "../../errors";
-import { IdentityClient } from "../../client/identityClient";
-import { calculateRegionalAuthority } from "../../regionalAuthority";
-import { getLogLevel } from "@azure/logger";
-import open from "open";
-import { resolveTenantId } from "../../util/tenantIdUtils";
-/**
- * The default logger used if no logger was passed in by the credential.
- */
-const msalLogger = credentialLogger("MsalClient");
-/**
- * A call to open(), but mockable
- * @internal
- */
-export const interactiveBrowserMockable = {
-    open,
-};
-/**
- * Generates the configuration for MSAL (Microsoft Authentication Library).
- *
- * @param clientId - The client ID of the application.
- * @param  tenantId - The tenant ID of the Azure Active Directory.
- * @param  msalClientOptions - Optional. Additional options for creating the MSAL client.
- * @returns  The MSAL configuration object.
- */
-export function generateMsalConfiguration(clientId, tenantId, msalClientOptions = {}) {
-    var _a, _b, _c;
-    const resolvedTenant = resolveTenantId((_a = msalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger, tenantId, clientId);
-    // TODO: move and reuse getIdentityClientAuthorityHost
-    const authority = getAuthority(resolvedTenant, getAuthorityHost(msalClientOptions));
-    const httpClient = new IdentityClient(Object.assign(Object.assign({}, msalClientOptions.tokenCredentialOptions), { authorityHost: authority, loggingOptions: msalClientOptions.loggingOptions }));
-    const msalConfig = {
-        auth: {
-            clientId,
-            authority,
-            knownAuthorities: getKnownAuthorities(resolvedTenant, authority, msalClientOptions.disableInstanceDiscovery),
-        },
-        system: {
-            networkClient: httpClient,
-            loggerOptions: {
-                loggerCallback: defaultLoggerCallback((_b = msalClientOptions.logger) !== null && _b !== void 0 ? _b : msalLogger),
-                logLevel: getMSALLogLevel(getLogLevel()),
-                piiLoggingEnabled: (_c = msalClientOptions.loggingOptions) === null || _c === void 0 ? void 0 : _c.enableUnsafeSupportLogging,
-            },
-        },
-    };
-    return msalConfig;
-}
-/**
- * Creates an instance of the MSAL (Microsoft Authentication Library) client.
- *
- * @param clientId - The client ID of the application.
- * @param tenantId - The tenant ID of the Azure Active Directory.
- * @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.
- * @returns An instance of the MSAL client.
- *
- * @public
- */
-export function createMsalClient(clientId, tenantId, createMsalClientOptions = {}) {
-    var _a;
-    const state = {
-        msalConfig: generateMsalConfiguration(clientId, tenantId, createMsalClientOptions),
-        cachedAccount: createMsalClientOptions.authenticationRecord
-            ? publicToMsal(createMsalClientOptions.authenticationRecord)
-            : null,
-        pluginConfiguration: msalPlugins.generatePluginConfiguration(createMsalClientOptions),
-        logger: (_a = createMsalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger,
-    };
-    const publicApps = new Map();
-    function getPublicApp() {
-        return __awaiter(this, arguments, void 0, function* (options = {}) {
-            const appKey = options.enableCae ? "CAE" : "default";
-            let publicClientApp = publicApps.get(appKey);
-            if (publicClientApp) {
-                state.logger.getToken.info("Existing PublicClientApplication found in cache, returning it.");
-                return publicClientApp;
-            }
-            // Initialize a new app and cache it
-            state.logger.getToken.info(`Creating new PublicClientApplication with CAE ${options.enableCae ? "enabled" : "disabled"}.`);
-            const cachePlugin = options.enableCae
-                ? state.pluginConfiguration.cache.cachePluginCae
-                : state.pluginConfiguration.cache.cachePlugin;
-            state.msalConfig.auth.clientCapabilities = options.enableCae ? ["cp1"] : undefined;
-            publicClientApp = new msal.PublicClientApplication(Object.assign(Object.assign({}, state.msalConfig), { broker: { nativeBrokerPlugin: state.pluginConfiguration.broker.nativeBrokerPlugin }, cache: { cachePlugin: yield cachePlugin } }));
-            publicApps.set(appKey, publicClientApp);
-            return publicClientApp;
-        });
-    }
-    const confidentialApps = new Map();
-    function getConfidentialApp() {
-        return __awaiter(this, arguments, void 0, function* (options = {}) {
-            const appKey = options.enableCae ? "CAE" : "default";
-            let confidentialClientApp = confidentialApps.get(appKey);
-            if (confidentialClientApp) {
-                state.logger.getToken.info("Existing ConfidentialClientApplication found in cache, returning it.");
-                return confidentialClientApp;
-            }
-            // Initialize a new app and cache it
-            state.logger.getToken.info(`Creating new ConfidentialClientApplication with CAE ${options.enableCae ? "enabled" : "disabled"}.`);
-            const cachePlugin = options.enableCae
-                ? state.pluginConfiguration.cache.cachePluginCae
-                : state.pluginConfiguration.cache.cachePlugin;
-            state.msalConfig.auth.clientCapabilities = options.enableCae ? ["cp1"] : undefined;
-            confidentialClientApp = new msal.ConfidentialClientApplication(Object.assign(Object.assign({}, state.msalConfig), { broker: { nativeBrokerPlugin: state.pluginConfiguration.broker.nativeBrokerPlugin }, cache: { cachePlugin: yield cachePlugin } }));
-            confidentialApps.set(appKey, confidentialClientApp);
-            return confidentialClientApp;
-        });
-    }
-    function getTokenSilent(app_1, scopes_1) {
-        return __awaiter(this, arguments, void 0, function* (app, scopes, options = {}) {
-            if (state.cachedAccount === null) {
-                state.logger.getToken.info("No cached account found in local state, attempting to load it from MSAL cache.");
-                const cache = app.getTokenCache();
-                const accounts = yield cache.getAllAccounts();
-                if (accounts === undefined || accounts.length === 0) {
-                    throw new AuthenticationRequiredError({ scopes });
-                }
-                if (accounts.length > 1) {
-                    state.logger
-                        .info(`More than one account was found authenticated for this Client ID and Tenant ID.
-However, no "authenticationRecord" has been provided for this credential,
-therefore we're unable to pick between these accounts.
-A new login attempt will be requested, to ensure the correct account is picked.
-To work with multiple accounts for the same Client ID and Tenant ID, please provide an "authenticationRecord" when initializing a credential to prevent this from happening.`);
-                    throw new AuthenticationRequiredError({ scopes });
-                }
-                state.cachedAccount = accounts[0];
-            }
-            // Keep track and reuse the claims we received across challenges
-            if (options.claims) {
-                state.cachedClaims = options.claims;
-            }
-            const silentRequest = {
-                account: state.cachedAccount,
-                scopes,
-                claims: state.cachedClaims,
-            };
-            if (state.pluginConfiguration.broker.isEnabled) {
-                silentRequest.tokenQueryParameters || (silentRequest.tokenQueryParameters = {});
-                if (state.pluginConfiguration.broker.enableMsaPassthrough) {
-                    silentRequest.tokenQueryParameters["msal_request_type"] = "consumer_passthrough";
-                }
-            }
-            if (options.proofOfPossessionOptions) {
-                silentRequest.shrNonce = options.proofOfPossessionOptions.nonce;
-                silentRequest.authenticationScheme = "pop";
-                silentRequest.resourceRequestMethod = options.proofOfPossessionOptions.resourceRequestMethod;
-                silentRequest.resourceRequestUri = options.proofOfPossessionOptions.resourceRequestUrl;
-            }
-            state.logger.getToken.info("Attempting to acquire token silently");
-            return app.acquireTokenSilent(silentRequest);
-        });
-    }
-    /**
-     * Builds an authority URL for the given request. The authority may be different than the one used when creating the MSAL client
-     * if the user is creating cross-tenant requests
-     */
-    function calculateRequestAuthority(options) {
-        if (options === null || options === void 0 ? void 0 : options.tenantId) {
-            return getAuthority(options.tenantId, getAuthorityHost(createMsalClientOptions));
-        }
-        return state.msalConfig.auth.authority;
-    }
-    /**
-     * Performs silent authentication using MSAL to acquire an access token.
-     * If silent authentication fails, falls back to interactive authentication.
-     *
-     * @param msalApp - The MSAL application instance.
-     * @param scopes - The scopes for which to acquire the access token.
-     * @param options - The options for acquiring the access token.
-     * @param onAuthenticationRequired - A callback function to handle interactive authentication when silent authentication fails.
-     * @returns A promise that resolves to an AccessToken object containing the access token and its expiration timestamp.
-     */
-    function withSilentAuthentication(msalApp, scopes, options, onAuthenticationRequired) {
-        return __awaiter(this, void 0, void 0, function* () {
-            var _a, _b;
-            let response = null;
-            try {
-                response = yield getTokenSilent(msalApp, scopes, options);
-            }
-            catch (e) {
-                if (e.name !== "AuthenticationRequiredError") {
-                    throw e;
-                }
-                if (options.disableAutomaticAuthentication) {
-                    throw new AuthenticationRequiredError({
-                        scopes,
-                        getTokenOptions: options,
-                        message: "Automatic authentication has been disabled. You may call the authentication() method.",
-                    });
-                }
-            }
-            // Silent authentication failed
-            if (response === null) {
-                try {
-                    response = yield onAuthenticationRequired();
-                }
-                catch (err) {
-                    throw handleMsalError(scopes, err, options);
-                }
-            }
-            // At this point we should have a token, process it
-            ensureValidMsalToken(scopes, response, options);
-            state.cachedAccount = (_a = response === null || response === void 0 ? void 0 : response.account) !== null && _a !== void 0 ? _a : null;
-            state.logger.getToken.info(formatSuccess(scopes));
-            return {
-                token: response.accessToken,
-                expiresOnTimestamp: response.expiresOn.getTime(),
-                refreshAfterTimestamp: (_b = response.refreshOn) === null || _b === void 0 ? void 0 : _b.getTime(),
-                tokenType: response.tokenType,
-            };
-        });
-    }
-    function getTokenByClientSecret(scopes_1, clientSecret_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, clientSecret, options = {}) {
-            var _a;
-            state.logger.getToken.info(`Attempting to acquire token using client secret`);
-            state.msalConfig.auth.clientSecret = clientSecret;
-            const msalApp = yield getConfidentialApp(options);
-            try {
-                const response = yield msalApp.acquireTokenByClientCredential({
-                    scopes,
-                    authority: calculateRequestAuthority(options),
-                    azureRegion: calculateRegionalAuthority(),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                });
-                ensureValidMsalToken(scopes, response, options);
-                state.logger.getToken.info(formatSuccess(scopes));
-                return {
-                    token: response.accessToken,
-                    expiresOnTimestamp: response.expiresOn.getTime(),
-                    refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
-                    tokenType: response.tokenType,
-                };
-            }
-            catch (err) {
-                throw handleMsalError(scopes, err, options);
-            }
-        });
-    }
-    function getTokenByClientAssertion(scopes_1, clientAssertion_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, clientAssertion, options = {}) {
-            var _a;
-            state.logger.getToken.info(`Attempting to acquire token using client assertion`);
-            state.msalConfig.auth.clientAssertion = clientAssertion;
-            const msalApp = yield getConfidentialApp(options);
-            try {
-                const response = yield msalApp.acquireTokenByClientCredential({
-                    scopes,
-                    authority: calculateRequestAuthority(options),
-                    azureRegion: calculateRegionalAuthority(),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                    clientAssertion,
-                });
-                ensureValidMsalToken(scopes, response, options);
-                state.logger.getToken.info(formatSuccess(scopes));
-                return {
-                    token: response.accessToken,
-                    expiresOnTimestamp: response.expiresOn.getTime(),
-                    refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
-                    tokenType: response.tokenType,
-                };
-            }
-            catch (err) {
-                throw handleMsalError(scopes, err, options);
-            }
-        });
-    }
-    function getTokenByClientCertificate(scopes_1, certificate_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, certificate, options = {}) {
-            var _a;
-            state.logger.getToken.info(`Attempting to acquire token using client certificate`);
-            state.msalConfig.auth.clientCertificate = certificate;
-            const msalApp = yield getConfidentialApp(options);
-            try {
-                const response = yield msalApp.acquireTokenByClientCredential({
-                    scopes,
-                    authority: calculateRequestAuthority(options),
-                    azureRegion: calculateRegionalAuthority(),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                });
-                ensureValidMsalToken(scopes, response, options);
-                state.logger.getToken.info(formatSuccess(scopes));
-                return {
-                    token: response.accessToken,
-                    expiresOnTimestamp: response.expiresOn.getTime(),
-                    refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
-                    tokenType: response.tokenType,
-                };
-            }
-            catch (err) {
-                throw handleMsalError(scopes, err, options);
-            }
-        });
-    }
-    function getTokenByDeviceCode(scopes_1, deviceCodeCallback_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, deviceCodeCallback, options = {}) {
-            state.logger.getToken.info(`Attempting to acquire token using device code`);
-            const msalApp = yield getPublicApp(options);
-            return withSilentAuthentication(msalApp, scopes, options, () => {
-                var _a, _b;
-                const requestOptions = {
-                    scopes,
-                    cancel: (_b = (_a = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a === void 0 ? void 0 : _a.aborted) !== null && _b !== void 0 ? _b : false,
-                    deviceCodeCallback,
-                    authority: calculateRequestAuthority(options),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                };
-                const deviceCodeRequest = msalApp.acquireTokenByDeviceCode(requestOptions);
-                if (options.abortSignal) {
-                    options.abortSignal.addEventListener("abort", () => {
-                        requestOptions.cancel = true;
-                    });
-                }
-                return deviceCodeRequest;
-            });
-        });
-    }
-    function getTokenByUsernamePassword(scopes_1, username_1, password_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, username, password, options = {}) {
-            state.logger.getToken.info(`Attempting to acquire token using username and password`);
-            const msalApp = yield getPublicApp(options);
-            return withSilentAuthentication(msalApp, scopes, options, () => {
-                const requestOptions = {
-                    scopes,
-                    username,
-                    password,
-                    authority: calculateRequestAuthority(options),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                };
-                return msalApp.acquireTokenByUsernamePassword(requestOptions);
-            });
-        });
-    }
-    function getActiveAccount() {
-        if (!state.cachedAccount) {
-            return undefined;
-        }
-        return msalToPublic(clientId, state.cachedAccount);
-    }
-    function getTokenByAuthorizationCode(scopes_1, redirectUri_1, authorizationCode_1, clientSecret_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, redirectUri, authorizationCode, clientSecret, options = {}) {
-            state.logger.getToken.info(`Attempting to acquire token using authorization code`);
-            let msalApp;
-            if (clientSecret) {
-                // If a client secret is provided, we need to use a confidential client application
-                // See https://learn.microsoft.com/entra/identity-platform/v2-oauth2-auth-code-flow#request-an-access-token-with-a-client_secret
-                state.msalConfig.auth.clientSecret = clientSecret;
-                msalApp = yield getConfidentialApp(options);
-            }
-            else {
-                msalApp = yield getPublicApp(options);
-            }
-            return withSilentAuthentication(msalApp, scopes, options, () => {
-                return msalApp.acquireTokenByCode({
-                    scopes,
-                    redirectUri,
-                    code: authorizationCode,
-                    authority: calculateRequestAuthority(options),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                });
-            });
-        });
-    }
-    function getTokenOnBehalfOf(scopes_1, userAssertionToken_1, clientCredentials_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, userAssertionToken, clientCredentials, options = {}) {
-            var _a;
-            msalLogger.getToken.info(`Attempting to acquire token on behalf of another user`);
-            if (typeof clientCredentials === "string") {
-                // Client secret
-                msalLogger.getToken.info(`Using client secret for on behalf of flow`);
-                state.msalConfig.auth.clientSecret = clientCredentials;
-            }
-            else if (typeof clientCredentials === "function") {
-                // Client Assertion
-                msalLogger.getToken.info(`Using client assertion callback for on behalf of flow`);
-                state.msalConfig.auth.clientAssertion = clientCredentials;
-            }
-            else {
-                // Client certificate
-                msalLogger.getToken.info(`Using client certificate for on behalf of flow`);
-                state.msalConfig.auth.clientCertificate = clientCredentials;
-            }
-            const msalApp = yield getConfidentialApp(options);
-            try {
-                const response = yield msalApp.acquireTokenOnBehalfOf({
-                    scopes,
-                    authority: calculateRequestAuthority(options),
-                    claims: options.claims,
-                    oboAssertion: userAssertionToken,
-                });
-                ensureValidMsalToken(scopes, response, options);
-                msalLogger.getToken.info(formatSuccess(scopes));
-                return {
-                    token: response.accessToken,
-                    expiresOnTimestamp: response.expiresOn.getTime(),
-                    refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
-                    tokenType: response.tokenType,
-                };
-            }
-            catch (err) {
-                throw handleMsalError(scopes, err, options);
-            }
-        });
-    }
-    function getTokenByInteractiveRequest(scopes_1) {
-        return __awaiter(this, arguments, void 0, function* (scopes, options = {}) {
-            msalLogger.getToken.info(`Attempting to acquire token interactively`);
-            const app = yield getPublicApp(options);
-            /**
-             * A helper function that supports brokered authentication through the MSAL's public application.
-             *
-             * When options.useDefaultBrokerAccount is true, the method will attempt to authenticate using the default broker account.
-             * If the default broker account is not available, the method will fall back to interactive authentication.
-             */
-            function getBrokeredToken(useDefaultBrokerAccount) {
-                return __awaiter(this, void 0, void 0, function* () {
-                    var _a;
-                    msalLogger.verbose("Authentication will resume through the broker");
-                    const interactiveRequest = createBaseInteractiveRequest();
-                    if (state.pluginConfiguration.broker.parentWindowHandle) {
-                        interactiveRequest.windowHandle = Buffer.from(state.pluginConfiguration.broker.parentWindowHandle);
-                    }
-                    else {
-                        // this is a bug, as the pluginConfiguration handler should validate this case.
-                        msalLogger.warning("Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.");
-                    }
-                    if (state.pluginConfiguration.broker.enableMsaPassthrough) {
-                        ((_a = interactiveRequest.tokenQueryParameters) !== null && _a !== void 0 ? _a : (interactiveRequest.tokenQueryParameters = {}))["msal_request_type"] =
-                            "consumer_passthrough";
-                    }
-                    if (useDefaultBrokerAccount) {
-                        interactiveRequest.prompt = "none";
-                        msalLogger.verbose("Attempting broker authentication using the default broker account");
-                    }
-                    else {
-                        msalLogger.verbose("Attempting broker authentication without the default broker account");
-                    }
-                    if (options.proofOfPossessionOptions) {
-                        interactiveRequest.shrNonce = options.proofOfPossessionOptions.nonce;
-                        interactiveRequest.authenticationScheme = "pop";
-                        interactiveRequest.resourceRequestMethod =
-                            options.proofOfPossessionOptions.resourceRequestMethod;
-                        interactiveRequest.resourceRequestUri = options.proofOfPossessionOptions.resourceRequestUrl;
-                    }
-                    try {
-                        return yield app.acquireTokenInteractive(interactiveRequest);
-                    }
-                    catch (e) {
-                        msalLogger.verbose(`Failed to authenticate through the broker: ${e.message}`);
-                        // If we tried to use the default broker account and failed, fall back to interactive authentication
-                        if (useDefaultBrokerAccount) {
-                            return getBrokeredToken(/* useDefaultBrokerAccount: */ false);
-                        }
-                        else {
-                            throw e;
-                        }
-                    }
-                });
-            }
-            function createBaseInteractiveRequest() {
-                var _a, _b;
-                return {
-                    openBrowser: (url) => __awaiter(this, void 0, void 0, function* () {
-                        yield interactiveBrowserMockable.open(url, { wait: true, newInstance: true });
-                    }),
-                    scopes,
-                    authority: calculateRequestAuthority(options),
-                    claims: options === null || options === void 0 ? void 0 : options.claims,
-                    loginHint: options === null || options === void 0 ? void 0 : options.loginHint,
-                    errorTemplate: (_a = options === null || options === void 0 ? void 0 : options.browserCustomizationOptions) === null || _a === void 0 ? void 0 : _a.errorMessage,
-                    successTemplate: (_b = options === null || options === void 0 ? void 0 : options.browserCustomizationOptions) === null || _b === void 0 ? void 0 : _b.successMessage,
-                };
-            }
-            return withSilentAuthentication(app, scopes, options, () => __awaiter(this, void 0, void 0, function* () {
-                var _a;
-                const interactiveRequest = createBaseInteractiveRequest();
-                if (state.pluginConfiguration.broker.isEnabled) {
-                    return getBrokeredToken((_a = state.pluginConfiguration.broker.useDefaultBrokerAccount) !== null && _a !== void 0 ? _a : false);
-                }
-                if (options.proofOfPossessionOptions) {
-                    interactiveRequest.shrNonce = options.proofOfPossessionOptions.nonce;
-                    interactiveRequest.authenticationScheme = "pop";
-                    interactiveRequest.resourceRequestMethod =
-                        options.proofOfPossessionOptions.resourceRequestMethod;
-                    interactiveRequest.resourceRequestUri = options.proofOfPossessionOptions.resourceRequestUrl;
-                }
-                return app.acquireTokenInteractive(interactiveRequest);
-            }));
-        });
-    }
-    return {
-        getActiveAccount,
-        getTokenByClientSecret,
-        getTokenByClientAssertion,
-        getTokenByClientCertificate,
-        getTokenByDeviceCode,
-        getTokenByUsernamePassword,
-        getTokenByAuthorizationCode,
-        getTokenOnBehalfOf,
-        getTokenByInteractiveRequest,
-    };
-}
-//# sourceMappingURL=msalClient.js.map