@azure/identity-cache-persistence 1.1.2-alpha.20241203.2 → 1.1.2-alpha.20241206.3

package/{types/identity-cache-persistence.d.ts → dist/browser/index.d.ts}

@@ -1,31 +1,29 @@
-import type { IdentityPlugin } from '@azure/identity';
-
-/**
- * A plugin that provides persistent token caching for `@azure/identity`
- * credentials. The plugin API is compatible with `@azure/identity` versions
- * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`
- * function, imported from `@azure/identity`.
- *
- * In order to enable this functionality, you must also pass
- * `tokenCachePersistenceOptions` to your credential constructors with an
- * `enabled` property set to true.
- *
- * Example:
- *
- * ```ts snippet:device_code_credential_example
- * import { DeviceCodeCredential } from "@azure/identity";
- *
- * const credential = new DeviceCodeCredential({
- *   tokenCachePersistenceOptions: {
- *     enabled: true,
- *   },
- * });
- * // We'll use the Microsoft Graph scope as an example
- * const scope = "https://graph.microsoft.com/.default";
- * // Print out part of the access token
- * console.log((await credential.getToken(scope)).token.substring(0, 10), "...");
- * ```
- */
-export declare const cachePersistencePlugin: IdentityPlugin;
-
-export { }
+import type { IdentityPlugin } from "@azure/identity";
+/**
+ * A plugin that provides persistent token caching for `@azure/identity`
+ * credentials. The plugin API is compatible with `@azure/identity` versions
+ * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`
+ * function, imported from `@azure/identity`.
+ *
+ * In order to enable this functionality, you must also pass
+ * `tokenCachePersistenceOptions` to your credential constructors with an
+ * `enabled` property set to true.
+ *
+ * Example:
+ *
+ * ```ts snippet:device_code_credential_example
+ * import { DeviceCodeCredential } from "@azure/identity";
+ *
+ * const credential = new DeviceCodeCredential({
+ *   tokenCachePersistenceOptions: {
+ *     enabled: true,
+ *   },
+ * });
+ * // We'll use the Microsoft Graph scope as an example
+ * const scope = "https://graph.microsoft.com/.default";
+ * // Print out part of the access token
+ * console.log((await credential.getToken(scope)).token.substring(0, 10), "...");
+ * ```
+ */
+export declare const cachePersistencePlugin: IdentityPlugin;
+//# sourceMappingURL=index.d.ts.map

package/dist/browser/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAgC,MAAM,iBAAiB,CAAC;AAwBpF;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,eAAO,MAAM,sBAAsB,EAAE,cAIpC,CAAC"}

package/{dist-esm/src → dist/browser}/index.js

@@ -1,6 +1,6 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
-import { createPersistenceCachePlugin } from "./provider";
+import { createPersistenceCachePlugin } from "./provider.js";
 /**
  * A plugin that provides persistent token caching for `@azure/identity`
  * credentials. The plugin API is compatible with `@azure/identity` versions

package/dist/browser/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,4BAA4B,EAAE,MAAM,eAAe,CAAC;AAuB7D;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,MAAM,CAAC,MAAM,sBAAsB,GAAmB,CAAC,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,kBAAkB,EAAE,GAAG,OAA6B,CAAC;IAE7D,kBAAkB,CAAC,cAAc,CAAC,4BAA4B,CAAC,CAAC;AAClE,CAAC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { IdentityPlugin, TokenCachePersistenceOptions } from \"@azure/identity\";\nimport { createPersistenceCachePlugin } from \"./provider.js\";\n\n/**\n * Plugin context entries for controlling cache plugins.\n */\ninterface CachePluginControl {\n  setPersistence(\n    persistenceFactory: (\n      options?: TokenCachePersistenceOptions,\n      // eslint-disable-next-line @typescript-eslint/consistent-type-imports\n    ) => Promise<import(\"@azure/msal-node\").ICachePlugin>,\n  ): void;\n}\n/**\n * Context options passed to a plugin during initialization.\n *\n * Represents a subset of the context defined in `@azure/identity`\n *\n */\ninterface AzurePluginContext {\n  cachePluginControl: CachePluginControl;\n}\n\n/**\n * A plugin that provides persistent token caching for `@azure/identity`\n * credentials. The plugin API is compatible with `@azure/identity` versions\n * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`\n * function, imported from `@azure/identity`.\n *\n * In order to enable this functionality, you must also pass\n * `tokenCachePersistenceOptions` to your credential constructors with an\n * `enabled` property set to true.\n *\n * Example:\n *\n * ```ts snippet:device_code_credential_example\n * import { DeviceCodeCredential } from \"@azure/identity\";\n *\n * const credential = new DeviceCodeCredential({\n *   tokenCachePersistenceOptions: {\n *     enabled: true,\n *   },\n * });\n * // We'll use the Microsoft Graph scope as an example\n * const scope = \"https://graph.microsoft.com/.default\";\n * // Print out part of the access token\n * console.log((await credential.getToken(scope)).token.substring(0, 10), \"...\");\n * ```\n */\n\nexport const cachePersistencePlugin: IdentityPlugin = (context) => {\n  const { cachePluginControl } = context as AzurePluginContext;\n\n  cachePluginControl.setPersistence(createPersistenceCachePlugin);\n};\n"]}

package/dist/browser/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "module"
+}

package/dist/browser/platforms.d.ts

@@ -0,0 +1,51 @@
+import type { IPersistence as Persistence } from "@azure/msal-node-extensions";
+import type { TokenCachePersistenceOptions } from "@azure/identity";
+/**
+ * Dictionary of values that we use as default as we discover, pick and enable the persistence layer.
+ * @internal
+ */
+export declare const defaultMsalValues: {
+    tokenCache: {
+        name: string;
+        directory: string;
+    };
+    keyRing: {
+        label: string;
+        schema: string;
+        collection: string;
+        attributes: {
+            MsalClientID: string;
+            "Microsoft.Developer.IdentityService": string;
+        };
+        service: string;
+        account: string;
+    };
+    keyChain: {
+        service: string;
+        account: string;
+    };
+};
+/**
+ * Options that are used by the underlying MSAL cache provider.
+ * @internal
+ */
+export type MsalPersistenceOptions = Omit<TokenCachePersistenceOptions, "enabled">;
+/**
+ * A function that returns a persistent token cache instance.
+ * @internal
+ */
+type MsalPersistenceFactory = (options?: MsalPersistenceOptions) => Promise<Persistence>;
+/**
+ * Set of the platforms we attempt to deliver persistence on.
+ *
+ * - On Windows we use DPAPI.
+ * - On OSX (Darwin), we try to use the system's Keychain, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.
+ * - On Linux, we try to use the system's Keyring, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.
+ *
+ * Other platforms _are not supported_ at this time.
+ *
+ * @internal
+ */
+export declare const msalPersistencePlatforms: Partial<Record<NodeJS.Platform, MsalPersistenceFactory>>;
+export {};
+//# sourceMappingURL=platforms.d.ts.map

package/dist/browser/platforms.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"platforms.d.ts","sourceRoot":"","sources":["../../src/platforms.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,YAAY,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAQ/E,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAapE;;;GAGG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;CAwB7B,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,sBAAsB,GAAG,IAAI,CAAC,4BAA4B,EAAE,SAAS,CAAC,CAAC;AAEnF;;;GAGG;AACH,KAAK,sBAAsB,GAAG,CAAC,OAAO,CAAC,EAAE,sBAAsB,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AAazF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,wBAAwB,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CA8C7F,CAAC"}

package/{dist-esm/src → dist/browser}/platforms.js

@@ -3,7 +3,7 @@
 var _a, _b, _c;
 import { __awaiter } from "tslib";
 /* eslint-disable tsdoc/syntax */
-import * as path from "path";
+import path from "node:path";
 import { DataProtectionScope, FilePersistence, FilePersistenceWithDataProtection, KeychainPersistence, LibSecretPersistence, } from "@azure/msal-node-extensions";
 /**
  * Local application data folder

package/dist/browser/platforms.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"platforms.js","sourceRoot":"","sources":["../../src/platforms.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;;AAElC,iCAAiC;AAEjC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,iCAAiC,EACjC,mBAAmB,EACnB,oBAAoB,GACrB,MAAM,6BAA6B,CAAC;AAGrC;;;;;;;GAOG;AACH,MAAM,0BAA0B,GAC9B,MAAA,MAAA,MAAA,OAAO,CAAC,GAAG,CAAC,OAAO,0CAAE,OAAO,mDAAG,cAAc,EAAE,SAAS,CAAC,mCAAI,OAAO,CAAC,GAAG,CAAC,IAAK,CAAC;AAEjF;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,UAAU,EAAE;QACV,IAAI,EAAE,YAAY;QAClB,mBAAmB;QACnB,2CAA2C;QAC3C,+DAA+D;QAC/D,yCAAyC;QACzC,SAAS,EAAE,IAAI,CAAC,IAAI,CAAC,0BAA0B,EAAE,kBAAkB,CAAC;KACrE;IACD,OAAO,EAAE;QACP,KAAK,EAAE,WAAW;QAClB,MAAM,EAAE,YAAY;QACpB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE;YACV,YAAY,EAAE,qCAAqC;YACnD,qCAAqC,EAAE,SAAS;SACjD;QACD,OAAO,EAAE,qCAAqC;QAC9C,OAAO,EAAE,WAAW;KACrB;IACD,QAAQ,EAAE;QACR,OAAO,EAAE,qCAAqC;QAC9C,OAAO,EAAE,WAAW;KACrB;CACF,CAAC;AAcF;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,IAAY;IACtC,OAAO,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AACjE,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAA6D;IAChG,KAAK,EAAE,CAAC,EAAE,IAAI,GAAG,iBAAiB,CAAC,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,EAAwB,EAAE,CACjF,iCAAiC,CAAC,MAAM,CACtC,kBAAkB,CAAC,IAAI,CAAC,EACxB,mBAAmB,CAAC,WAAW,CAChC;IAEH,MAAM,EAAE,YAAmE,EAAE,mDAA9D,UAAkC,EAAE;QACjD,MAAM,EAAE,IAAI,EAAE,6BAA6B,EAAE,GAAG,OAAO,CAAC;QACxD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC,QAAQ,CAAC;QACxD,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,IAAI,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtF,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,mBAAmB,CAAC,MAAM,CAAC,eAAe,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YACxF,sGAAsG;YACtG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;YACzB,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,4DAA4D;YAC5D,sFAAsF;YACtF,IAAI,CAAC,6BAA6B,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YACD,OAAO,eAAe,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,CAAC;IACH,CAAC,CAAA;IAED,KAAK,EAAE,YAAmE,EAAE,mDAA9D,UAAkC,EAAE;QAChD,MAAM,EAAE,IAAI,EAAE,6BAA6B,EAAE,GAAG,OAAO,CAAC;QACxD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC,OAAO,CAAC;QACvD,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,IAAI,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtF,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAAC,eAAe,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YACzF,qGAAqG;YACrG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;YACzB,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,4DAA4D;YAC5D,sFAAsF;YACtF,IAAI,CAAC,6BAA6B,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,eAAe,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,CAAC;IACH,CAAC,CAAA;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/* eslint-disable tsdoc/syntax */\n\nimport path from \"node:path\";\nimport type { IPersistence as Persistence } from \"@azure/msal-node-extensions\";\nimport {\n  DataProtectionScope,\n  FilePersistence,\n  FilePersistenceWithDataProtection,\n  KeychainPersistence,\n  LibSecretPersistence,\n} from \"@azure/msal-node-extensions\";\nimport type { TokenCachePersistenceOptions } from \"@azure/identity\";\n\n/**\n * Local application data folder\n * Expected values:\n * - Darwin: '/Users/user/'\n * - Windows 8+: 'C:\\Users\\user\\AppData\\Local'\n * - Linux: '/home/user/.local/share'\n * @internal\n */\nconst localApplicationDataFolder =\n  process.env.APPDATA?.replace?.(/(.Roaming)*$/, \"\\\\Local\") ?? process.env.HOME!;\n\n/**\n * Dictionary of values that we use as default as we discover, pick and enable the persistence layer.\n * @internal\n */\nexport const defaultMsalValues = {\n  tokenCache: {\n    name: \"msal.cache\",\n    // Expected values:\n    // - Darwin: '/Users/user/.IdentityService'\n    // - Windows 8+: 'C:\\Users\\user\\AppData\\Local\\.IdentityService'\n    // - Linux: '/home/user/.IdentityService'\n    directory: path.join(localApplicationDataFolder, \".IdentityService\"),\n  },\n  keyRing: {\n    label: \"MSALCache\",\n    schema: \"msal.cache\",\n    collection: \"default\",\n    attributes: {\n      MsalClientID: \"Microsoft.Developer.IdentityService\",\n      \"Microsoft.Developer.IdentityService\": \"1.0.0.0\",\n    },\n    service: \"Microsoft.Developer.IdentityService\",\n    account: \"MSALCache\",\n  },\n  keyChain: {\n    service: \"Microsoft.Developer.IdentityService\",\n    account: \"MSALCache\",\n  },\n};\n\n/**\n * Options that are used by the underlying MSAL cache provider.\n * @internal\n */\nexport type MsalPersistenceOptions = Omit<TokenCachePersistenceOptions, \"enabled\">;\n\n/**\n * A function that returns a persistent token cache instance.\n * @internal\n */\ntype MsalPersistenceFactory = (options?: MsalPersistenceOptions) => Promise<Persistence>;\n\n/**\n * Expected responses:\n * - Darwin: '/Users/user/.IdentityService/<name>'\n * - Windows 8+: 'C:\\Users\\user\\AppData\\Local\\.IdentityService\\<name>'\n * - Linux: '/home/user/.IdentityService/<name>'\n * @internal\n */\nfunction getPersistencePath(name: string): string {\n  return path.join(defaultMsalValues.tokenCache.directory, name);\n}\n\n/**\n * Set of the platforms we attempt to deliver persistence on.\n *\n * - On Windows we use DPAPI.\n * - On OSX (Darwin), we try to use the system's Keychain, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.\n * - On Linux, we try to use the system's Keyring, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.\n *\n * Other platforms _are not supported_ at this time.\n *\n * @internal\n */\nexport const msalPersistencePlatforms: Partial<Record<NodeJS.Platform, MsalPersistenceFactory>> = {\n  win32: ({ name = defaultMsalValues.tokenCache.name } = {}): Promise<Persistence> =>\n    FilePersistenceWithDataProtection.create(\n      getPersistencePath(name),\n      DataProtectionScope.CurrentUser,\n    ),\n\n  darwin: async (options: MsalPersistenceOptions = {}): Promise<Persistence> => {\n    const { name, unsafeAllowUnencryptedStorage } = options;\n    const { service, account } = defaultMsalValues.keyChain;\n    const persistencePath = getPersistencePath(name || defaultMsalValues.tokenCache.name);\n\n    try {\n      const persistence = await KeychainPersistence.create(persistencePath, service, account);\n      // If we don't encounter an error when trying to read from the keychain, then we should be good to go.\n      await persistence.load();\n      return persistence;\n    } catch (e: any) {\n      // If we got an error while trying to read from the keyring,\n      // we will proceed only if the user has specified that unencrypted storage is allowed.\n      if (!unsafeAllowUnencryptedStorage) {\n        throw new Error(\"Unable to read from the macOS Keychain.\");\n      }\n      return FilePersistence.create(persistencePath);\n    }\n  },\n\n  linux: async (options: MsalPersistenceOptions = {}): Promise<Persistence> => {\n    const { name, unsafeAllowUnencryptedStorage } = options;\n    const { service, account } = defaultMsalValues.keyRing;\n    const persistencePath = getPersistencePath(name || defaultMsalValues.tokenCache.name);\n\n    try {\n      const persistence = await LibSecretPersistence.create(persistencePath, service, account);\n      // If we don't encounter an error when trying to read from the keyring, then we should be good to go.\n      await persistence.load();\n      return persistence;\n    } catch (e: any) {\n      // If we got an error while trying to read from the keyring,\n      // we will proceed only if the user has specified that unencrypted storage is allowed.\n      if (!unsafeAllowUnencryptedStorage) {\n        throw new Error(\"Unable to read from the system keyring (libsecret).\");\n      }\n      return FilePersistence.create(persistencePath);\n    }\n  },\n};\n"]}

package/dist/browser/provider.d.ts

@@ -0,0 +1,12 @@
+import type { MsalPersistenceOptions } from "./platforms.js";
+import type { IPersistence as Persistence } from "@azure/msal-node-extensions";
+import type { ICachePlugin as CachePlugin } from "@azure/msal-node";
+/**
+ * This is used to gain access to the underlying Persistence instance, which we use for testing
+ *
+ * @returns a raw persistence instance
+ * @internal
+ */
+export declare function createPersistence(options: MsalPersistenceOptions): Promise<Persistence>;
+export declare function createPersistenceCachePlugin(options?: MsalPersistenceOptions): Promise<CachePlugin>;
+//# sourceMappingURL=provider.d.ts.map

package/dist/browser/provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../src/provider.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAE7D,OAAO,KAAK,EAAE,YAAY,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAE/E,OAAO,KAAK,EAAE,YAAY,IAAI,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpE;;;;;GAKG;AACH,wBAAsB,iBAAiB,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,CAAC,CAQ7F;AAED,wBAAsB,4BAA4B,CAChD,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,WAAW,CAAC,CAOtB"}

package/{dist-esm/src → dist/browser}/provider.js

@@ -1,7 +1,7 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 import { __awaiter } from "tslib";
-import { msalPersistencePlatforms } from "./platforms";
+import { msalPersistencePlatforms } from "./platforms.js";
 import { PersistenceCachePlugin } from "@azure/msal-node-extensions";
 /**
  * This is used to gain access to the underlying Persistence instance, which we use for testing

package/dist/browser/provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../src/provider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAGlC,OAAO,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAE1D,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAGrE;;;;;GAKG;AACH,MAAM,UAAgB,iBAAiB,CAAC,OAA+B;;;QACrE,MAAM,WAAW,GAAG,MAAM,CAAA,MAAA,wBAAwB,CAAC,OAAO,CAAC,QAAQ,CAAC,yEAAG,OAAO,CAAC,CAAA,CAAC;QAEhF,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;QAC7E,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;CAAA;AAED,MAAM,UAAgB,4BAA4B,CAChD,OAAgC;;QAEhC,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC;QAE3D,OAAO,IAAI,sBAAsB,CAAC,WAAW,EAAE;YAC7C,WAAW,EAAE,GAAG;YAChB,UAAU,EAAE,EAAE;SACf,CAAC,CAAC;IACL,CAAC;CAAA","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { MsalPersistenceOptions } from \"./platforms.js\";\nimport { msalPersistencePlatforms } from \"./platforms.js\";\nimport type { IPersistence as Persistence } from \"@azure/msal-node-extensions\";\nimport { PersistenceCachePlugin } from \"@azure/msal-node-extensions\";\nimport type { ICachePlugin as CachePlugin } from \"@azure/msal-node\";\n\n/**\n * This is used to gain access to the underlying Persistence instance, which we use for testing\n *\n * @returns a raw persistence instance\n * @internal\n */\nexport async function createPersistence(options: MsalPersistenceOptions): Promise<Persistence> {\n  const persistence = await msalPersistencePlatforms[process.platform]?.(options);\n\n  if (persistence === undefined) {\n    throw new Error(\"no persistence providers are available on this platform\");\n  }\n\n  return persistence;\n}\n\nexport async function createPersistenceCachePlugin(\n  options?: MsalPersistenceOptions,\n): Promise<CachePlugin> {\n  const persistence = await createPersistence(options ?? {});\n\n  return new PersistenceCachePlugin(persistence, {\n    retryNumber: 100,\n    retryDelay: 50,\n  });\n}\n"]}

package/dist/commonjs/index.d.ts

@@ -0,0 +1,29 @@
+import type { IdentityPlugin } from "@azure/identity";
+/**
+ * A plugin that provides persistent token caching for `@azure/identity`
+ * credentials. The plugin API is compatible with `@azure/identity` versions
+ * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`
+ * function, imported from `@azure/identity`.
+ *
+ * In order to enable this functionality, you must also pass
+ * `tokenCachePersistenceOptions` to your credential constructors with an
+ * `enabled` property set to true.
+ *
+ * Example:
+ *
+ * ```ts snippet:device_code_credential_example
+ * import { DeviceCodeCredential } from "@azure/identity";
+ *
+ * const credential = new DeviceCodeCredential({
+ *   tokenCachePersistenceOptions: {
+ *     enabled: true,
+ *   },
+ * });
+ * // We'll use the Microsoft Graph scope as an example
+ * const scope = "https://graph.microsoft.com/.default";
+ * // Print out part of the access token
+ * console.log((await credential.getToken(scope)).token.substring(0, 10), "...");
+ * ```
+ */
+export declare const cachePersistencePlugin: IdentityPlugin;
+//# sourceMappingURL=index.d.ts.map

package/dist/commonjs/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAgC,MAAM,iBAAiB,CAAC;AAwBpF;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,eAAO,MAAM,sBAAsB,EAAE,cAIpC,CAAC"}

package/dist/commonjs/index.js

@@ -0,0 +1,38 @@
+"use strict";
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.cachePersistencePlugin = void 0;
+const provider_js_1 = require("./provider.js");
+/**
+ * A plugin that provides persistent token caching for `@azure/identity`
+ * credentials. The plugin API is compatible with `@azure/identity` versions
+ * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`
+ * function, imported from `@azure/identity`.
+ *
+ * In order to enable this functionality, you must also pass
+ * `tokenCachePersistenceOptions` to your credential constructors with an
+ * `enabled` property set to true.
+ *
+ * Example:
+ *
+ * ```ts snippet:device_code_credential_example
+ * import { DeviceCodeCredential } from "@azure/identity";
+ *
+ * const credential = new DeviceCodeCredential({
+ *   tokenCachePersistenceOptions: {
+ *     enabled: true,
+ *   },
+ * });
+ * // We'll use the Microsoft Graph scope as an example
+ * const scope = "https://graph.microsoft.com/.default";
+ * // Print out part of the access token
+ * console.log((await credential.getToken(scope)).token.substring(0, 10), "...");
+ * ```
+ */
+const cachePersistencePlugin = (context) => {
+    const { cachePluginControl } = context;
+    cachePluginControl.setPersistence(provider_js_1.createPersistenceCachePlugin);
+};
+exports.cachePersistencePlugin = cachePersistencePlugin;
+//# sourceMappingURL=index.js.map

package/dist/commonjs/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAGlC,+CAA6D;AAuB7D;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEI,MAAM,sBAAsB,GAAmB,CAAC,OAAO,EAAE,EAAE;IAChE,MAAM,EAAE,kBAAkB,EAAE,GAAG,OAA6B,CAAC;IAE7D,kBAAkB,CAAC,cAAc,CAAC,0CAA4B,CAAC,CAAC;AAClE,CAAC,CAAC;AAJW,QAAA,sBAAsB,0BAIjC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { IdentityPlugin, TokenCachePersistenceOptions } from \"@azure/identity\";\nimport { createPersistenceCachePlugin } from \"./provider.js\";\n\n/**\n * Plugin context entries for controlling cache plugins.\n */\ninterface CachePluginControl {\n  setPersistence(\n    persistenceFactory: (\n      options?: TokenCachePersistenceOptions,\n      // eslint-disable-next-line @typescript-eslint/consistent-type-imports\n    ) => Promise<import(\"@azure/msal-node\").ICachePlugin>,\n  ): void;\n}\n/**\n * Context options passed to a plugin during initialization.\n *\n * Represents a subset of the context defined in `@azure/identity`\n *\n */\ninterface AzurePluginContext {\n  cachePluginControl: CachePluginControl;\n}\n\n/**\n * A plugin that provides persistent token caching for `@azure/identity`\n * credentials. The plugin API is compatible with `@azure/identity` versions\n * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`\n * function, imported from `@azure/identity`.\n *\n * In order to enable this functionality, you must also pass\n * `tokenCachePersistenceOptions` to your credential constructors with an\n * `enabled` property set to true.\n *\n * Example:\n *\n * ```ts snippet:device_code_credential_example\n * import { DeviceCodeCredential } from \"@azure/identity\";\n *\n * const credential = new DeviceCodeCredential({\n *   tokenCachePersistenceOptions: {\n *     enabled: true,\n *   },\n * });\n * // We'll use the Microsoft Graph scope as an example\n * const scope = \"https://graph.microsoft.com/.default\";\n * // Print out part of the access token\n * console.log((await credential.getToken(scope)).token.substring(0, 10), \"...\");\n * ```\n */\n\nexport const cachePersistencePlugin: IdentityPlugin = (context) => {\n  const { cachePluginControl } = context as AzurePluginContext;\n\n  cachePluginControl.setPersistence(createPersistenceCachePlugin);\n};\n"]}

package/dist/commonjs/package.json

@@ -0,0 +1,3 @@
+{
+  "type": "commonjs"
+}

package/dist/commonjs/platforms.d.ts

@@ -0,0 +1,51 @@
+import type { IPersistence as Persistence } from "@azure/msal-node-extensions";
+import type { TokenCachePersistenceOptions } from "@azure/identity";
+/**
+ * Dictionary of values that we use as default as we discover, pick and enable the persistence layer.
+ * @internal
+ */
+export declare const defaultMsalValues: {
+    tokenCache: {
+        name: string;
+        directory: string;
+    };
+    keyRing: {
+        label: string;
+        schema: string;
+        collection: string;
+        attributes: {
+            MsalClientID: string;
+            "Microsoft.Developer.IdentityService": string;
+        };
+        service: string;
+        account: string;
+    };
+    keyChain: {
+        service: string;
+        account: string;
+    };
+};
+/**
+ * Options that are used by the underlying MSAL cache provider.
+ * @internal
+ */
+export type MsalPersistenceOptions = Omit<TokenCachePersistenceOptions, "enabled">;
+/**
+ * A function that returns a persistent token cache instance.
+ * @internal
+ */
+type MsalPersistenceFactory = (options?: MsalPersistenceOptions) => Promise<Persistence>;
+/**
+ * Set of the platforms we attempt to deliver persistence on.
+ *
+ * - On Windows we use DPAPI.
+ * - On OSX (Darwin), we try to use the system's Keychain, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.
+ * - On Linux, we try to use the system's Keyring, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.
+ *
+ * Other platforms _are not supported_ at this time.
+ *
+ * @internal
+ */
+export declare const msalPersistencePlatforms: Partial<Record<NodeJS.Platform, MsalPersistenceFactory>>;
+export {};
+//# sourceMappingURL=platforms.d.ts.map

package/dist/commonjs/platforms.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"platforms.d.ts","sourceRoot":"","sources":["../../src/platforms.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,YAAY,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAQ/E,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AAapE;;;GAGG;AACH,eAAO,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;CAwB7B,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,sBAAsB,GAAG,IAAI,CAAC,4BAA4B,EAAE,SAAS,CAAC,CAAC;AAEnF;;;GAGG;AACH,KAAK,sBAAsB,GAAG,CAAC,OAAO,CAAC,EAAE,sBAAsB,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AAazF;;;;;;;;;;GAUG;AACH,eAAO,MAAM,wBAAwB,EAAE,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,sBAAsB,CAAC,CA8C7F,CAAC"}

package/dist/commonjs/platforms.js

@@ -0,0 +1,111 @@
+"use strict";
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+var _a, _b, _c;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.msalPersistencePlatforms = exports.defaultMsalValues = void 0;
+const tslib_1 = require("tslib");
+/* eslint-disable tsdoc/syntax */
+const node_path_1 = tslib_1.__importDefault(require("node:path"));
+const msal_node_extensions_1 = require("@azure/msal-node-extensions");
+/**
+ * Local application data folder
+ * Expected values:
+ * - Darwin: '/Users/user/'
+ * - Windows 8+: 'C:\Users\user\AppData\Local'
+ * - Linux: '/home/user/.local/share'
+ * @internal
+ */
+const localApplicationDataFolder = (_c = (_b = (_a = process.env.APPDATA) === null || _a === void 0 ? void 0 : _a.replace) === null || _b === void 0 ? void 0 : _b.call(_a, /(.Roaming)*$/, "\\Local")) !== null && _c !== void 0 ? _c : process.env.HOME;
+/**
+ * Dictionary of values that we use as default as we discover, pick and enable the persistence layer.
+ * @internal
+ */
+exports.defaultMsalValues = {
+    tokenCache: {
+        name: "msal.cache",
+        // Expected values:
+        // - Darwin: '/Users/user/.IdentityService'
+        // - Windows 8+: 'C:\Users\user\AppData\Local\.IdentityService'
+        // - Linux: '/home/user/.IdentityService'
+        directory: node_path_1.default.join(localApplicationDataFolder, ".IdentityService"),
+    },
+    keyRing: {
+        label: "MSALCache",
+        schema: "msal.cache",
+        collection: "default",
+        attributes: {
+            MsalClientID: "Microsoft.Developer.IdentityService",
+            "Microsoft.Developer.IdentityService": "1.0.0.0",
+        },
+        service: "Microsoft.Developer.IdentityService",
+        account: "MSALCache",
+    },
+    keyChain: {
+        service: "Microsoft.Developer.IdentityService",
+        account: "MSALCache",
+    },
+};
+/**
+ * Expected responses:
+ * - Darwin: '/Users/user/.IdentityService/<name>'
+ * - Windows 8+: 'C:\Users\user\AppData\Local\.IdentityService\<name>'
+ * - Linux: '/home/user/.IdentityService/<name>'
+ * @internal
+ */
+function getPersistencePath(name) {
+    return node_path_1.default.join(exports.defaultMsalValues.tokenCache.directory, name);
+}
+/**
+ * Set of the platforms we attempt to deliver persistence on.
+ *
+ * - On Windows we use DPAPI.
+ * - On OSX (Darwin), we try to use the system's Keychain, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.
+ * - On Linux, we try to use the system's Keyring, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.
+ *
+ * Other platforms _are not supported_ at this time.
+ *
+ * @internal
+ */
+exports.msalPersistencePlatforms = {
+    win32: ({ name = exports.defaultMsalValues.tokenCache.name } = {}) => msal_node_extensions_1.FilePersistenceWithDataProtection.create(getPersistencePath(name), msal_node_extensions_1.DataProtectionScope.CurrentUser),
+    darwin: (...args_1) => tslib_1.__awaiter(void 0, [...args_1], void 0, function* (options = {}) {
+        const { name, unsafeAllowUnencryptedStorage } = options;
+        const { service, account } = exports.defaultMsalValues.keyChain;
+        const persistencePath = getPersistencePath(name || exports.defaultMsalValues.tokenCache.name);
+        try {
+            const persistence = yield msal_node_extensions_1.KeychainPersistence.create(persistencePath, service, account);
+            // If we don't encounter an error when trying to read from the keychain, then we should be good to go.
+            yield persistence.load();
+            return persistence;
+        }
+        catch (e) {
+            // If we got an error while trying to read from the keyring,
+            // we will proceed only if the user has specified that unencrypted storage is allowed.
+            if (!unsafeAllowUnencryptedStorage) {
+                throw new Error("Unable to read from the macOS Keychain.");
+            }
+            return msal_node_extensions_1.FilePersistence.create(persistencePath);
+        }
+    }),
+    linux: (...args_1) => tslib_1.__awaiter(void 0, [...args_1], void 0, function* (options = {}) {
+        const { name, unsafeAllowUnencryptedStorage } = options;
+        const { service, account } = exports.defaultMsalValues.keyRing;
+        const persistencePath = getPersistencePath(name || exports.defaultMsalValues.tokenCache.name);
+        try {
+            const persistence = yield msal_node_extensions_1.LibSecretPersistence.create(persistencePath, service, account);
+            // If we don't encounter an error when trying to read from the keyring, then we should be good to go.
+            yield persistence.load();
+            return persistence;
+        }
+        catch (e) {
+            // If we got an error while trying to read from the keyring,
+            // we will proceed only if the user has specified that unencrypted storage is allowed.
+            if (!unsafeAllowUnencryptedStorage) {
+                throw new Error("Unable to read from the system keyring (libsecret).");
+            }
+            return msal_node_extensions_1.FilePersistence.create(persistencePath);
+        }
+    }),
+};
+//# sourceMappingURL=platforms.js.map

package/dist/commonjs/platforms.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"platforms.js","sourceRoot":"","sources":["../../src/platforms.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;;;AAElC,iCAAiC;AAEjC,kEAA6B;AAE7B,sEAMqC;AAGrC;;;;;;;GAOG;AACH,MAAM,0BAA0B,GAC9B,MAAA,MAAA,MAAA,OAAO,CAAC,GAAG,CAAC,OAAO,0CAAE,OAAO,mDAAG,cAAc,EAAE,SAAS,CAAC,mCAAI,OAAO,CAAC,GAAG,CAAC,IAAK,CAAC;AAEjF;;;GAGG;AACU,QAAA,iBAAiB,GAAG;IAC/B,UAAU,EAAE;QACV,IAAI,EAAE,YAAY;QAClB,mBAAmB;QACnB,2CAA2C;QAC3C,+DAA+D;QAC/D,yCAAyC;QACzC,SAAS,EAAE,mBAAI,CAAC,IAAI,CAAC,0BAA0B,EAAE,kBAAkB,CAAC;KACrE;IACD,OAAO,EAAE;QACP,KAAK,EAAE,WAAW;QAClB,MAAM,EAAE,YAAY;QACpB,UAAU,EAAE,SAAS;QACrB,UAAU,EAAE;YACV,YAAY,EAAE,qCAAqC;YACnD,qCAAqC,EAAE,SAAS;SACjD;QACD,OAAO,EAAE,qCAAqC;QAC9C,OAAO,EAAE,WAAW;KACrB;IACD,QAAQ,EAAE;QACR,OAAO,EAAE,qCAAqC;QAC9C,OAAO,EAAE,WAAW;KACrB;CACF,CAAC;AAcF;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,IAAY;IACtC,OAAO,mBAAI,CAAC,IAAI,CAAC,yBAAiB,CAAC,UAAU,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;AACjE,CAAC;AAED;;;;;;;;;;GAUG;AACU,QAAA,wBAAwB,GAA6D;IAChG,KAAK,EAAE,CAAC,EAAE,IAAI,GAAG,yBAAiB,CAAC,UAAU,CAAC,IAAI,EAAE,GAAG,EAAE,EAAwB,EAAE,CACjF,wDAAiC,CAAC,MAAM,CACtC,kBAAkB,CAAC,IAAI,CAAC,EACxB,0CAAmB,CAAC,WAAW,CAChC;IAEH,MAAM,EAAE,YAAmE,EAAE,2DAA9D,UAAkC,EAAE;QACjD,MAAM,EAAE,IAAI,EAAE,6BAA6B,EAAE,GAAG,OAAO,CAAC;QACxD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,yBAAiB,CAAC,QAAQ,CAAC;QACxD,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,IAAI,yBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtF,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,0CAAmB,CAAC,MAAM,CAAC,eAAe,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YACxF,sGAAsG;YACtG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;YACzB,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,4DAA4D;YAC5D,sFAAsF;YACtF,IAAI,CAAC,6BAA6B,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,yCAAyC,CAAC,CAAC;YAC7D,CAAC;YACD,OAAO,sCAAe,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,CAAC;IACH,CAAC,CAAA;IAED,KAAK,EAAE,YAAmE,EAAE,2DAA9D,UAAkC,EAAE;QAChD,MAAM,EAAE,IAAI,EAAE,6BAA6B,EAAE,GAAG,OAAO,CAAC;QACxD,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,yBAAiB,CAAC,OAAO,CAAC;QACvD,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,IAAI,yBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAEtF,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,2CAAoB,CAAC,MAAM,CAAC,eAAe,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;YACzF,qGAAqG;YACrG,MAAM,WAAW,CAAC,IAAI,EAAE,CAAC;YACzB,OAAO,WAAW,CAAC;QACrB,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,4DAA4D;YAC5D,sFAAsF;YACtF,IAAI,CAAC,6BAA6B,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,sCAAe,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACjD,CAAC;IACH,CAAC,CAAA;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/* eslint-disable tsdoc/syntax */\n\nimport path from \"node:path\";\nimport type { IPersistence as Persistence } from \"@azure/msal-node-extensions\";\nimport {\n  DataProtectionScope,\n  FilePersistence,\n  FilePersistenceWithDataProtection,\n  KeychainPersistence,\n  LibSecretPersistence,\n} from \"@azure/msal-node-extensions\";\nimport type { TokenCachePersistenceOptions } from \"@azure/identity\";\n\n/**\n * Local application data folder\n * Expected values:\n * - Darwin: '/Users/user/'\n * - Windows 8+: 'C:\\Users\\user\\AppData\\Local'\n * - Linux: '/home/user/.local/share'\n * @internal\n */\nconst localApplicationDataFolder =\n  process.env.APPDATA?.replace?.(/(.Roaming)*$/, \"\\\\Local\") ?? process.env.HOME!;\n\n/**\n * Dictionary of values that we use as default as we discover, pick and enable the persistence layer.\n * @internal\n */\nexport const defaultMsalValues = {\n  tokenCache: {\n    name: \"msal.cache\",\n    // Expected values:\n    // - Darwin: '/Users/user/.IdentityService'\n    // - Windows 8+: 'C:\\Users\\user\\AppData\\Local\\.IdentityService'\n    // - Linux: '/home/user/.IdentityService'\n    directory: path.join(localApplicationDataFolder, \".IdentityService\"),\n  },\n  keyRing: {\n    label: \"MSALCache\",\n    schema: \"msal.cache\",\n    collection: \"default\",\n    attributes: {\n      MsalClientID: \"Microsoft.Developer.IdentityService\",\n      \"Microsoft.Developer.IdentityService\": \"1.0.0.0\",\n    },\n    service: \"Microsoft.Developer.IdentityService\",\n    account: \"MSALCache\",\n  },\n  keyChain: {\n    service: \"Microsoft.Developer.IdentityService\",\n    account: \"MSALCache\",\n  },\n};\n\n/**\n * Options that are used by the underlying MSAL cache provider.\n * @internal\n */\nexport type MsalPersistenceOptions = Omit<TokenCachePersistenceOptions, \"enabled\">;\n\n/**\n * A function that returns a persistent token cache instance.\n * @internal\n */\ntype MsalPersistenceFactory = (options?: MsalPersistenceOptions) => Promise<Persistence>;\n\n/**\n * Expected responses:\n * - Darwin: '/Users/user/.IdentityService/<name>'\n * - Windows 8+: 'C:\\Users\\user\\AppData\\Local\\.IdentityService\\<name>'\n * - Linux: '/home/user/.IdentityService/<name>'\n * @internal\n */\nfunction getPersistencePath(name: string): string {\n  return path.join(defaultMsalValues.tokenCache.directory, name);\n}\n\n/**\n * Set of the platforms we attempt to deliver persistence on.\n *\n * - On Windows we use DPAPI.\n * - On OSX (Darwin), we try to use the system's Keychain, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.\n * - On Linux, we try to use the system's Keyring, otherwise if the property `unsafeAllowUnencryptedStorage` is set to true, we use an unencrypted file.\n *\n * Other platforms _are not supported_ at this time.\n *\n * @internal\n */\nexport const msalPersistencePlatforms: Partial<Record<NodeJS.Platform, MsalPersistenceFactory>> = {\n  win32: ({ name = defaultMsalValues.tokenCache.name } = {}): Promise<Persistence> =>\n    FilePersistenceWithDataProtection.create(\n      getPersistencePath(name),\n      DataProtectionScope.CurrentUser,\n    ),\n\n  darwin: async (options: MsalPersistenceOptions = {}): Promise<Persistence> => {\n    const { name, unsafeAllowUnencryptedStorage } = options;\n    const { service, account } = defaultMsalValues.keyChain;\n    const persistencePath = getPersistencePath(name || defaultMsalValues.tokenCache.name);\n\n    try {\n      const persistence = await KeychainPersistence.create(persistencePath, service, account);\n      // If we don't encounter an error when trying to read from the keychain, then we should be good to go.\n      await persistence.load();\n      return persistence;\n    } catch (e: any) {\n      // If we got an error while trying to read from the keyring,\n      // we will proceed only if the user has specified that unencrypted storage is allowed.\n      if (!unsafeAllowUnencryptedStorage) {\n        throw new Error(\"Unable to read from the macOS Keychain.\");\n      }\n      return FilePersistence.create(persistencePath);\n    }\n  },\n\n  linux: async (options: MsalPersistenceOptions = {}): Promise<Persistence> => {\n    const { name, unsafeAllowUnencryptedStorage } = options;\n    const { service, account } = defaultMsalValues.keyRing;\n    const persistencePath = getPersistencePath(name || defaultMsalValues.tokenCache.name);\n\n    try {\n      const persistence = await LibSecretPersistence.create(persistencePath, service, account);\n      // If we don't encounter an error when trying to read from the keyring, then we should be good to go.\n      await persistence.load();\n      return persistence;\n    } catch (e: any) {\n      // If we got an error while trying to read from the keyring,\n      // we will proceed only if the user has specified that unencrypted storage is allowed.\n      if (!unsafeAllowUnencryptedStorage) {\n        throw new Error(\"Unable to read from the system keyring (libsecret).\");\n      }\n      return FilePersistence.create(persistencePath);\n    }\n  },\n};\n"]}

package/dist/commonjs/provider.d.ts

@@ -0,0 +1,12 @@
+import type { MsalPersistenceOptions } from "./platforms.js";
+import type { IPersistence as Persistence } from "@azure/msal-node-extensions";
+import type { ICachePlugin as CachePlugin } from "@azure/msal-node";
+/**
+ * This is used to gain access to the underlying Persistence instance, which we use for testing
+ *
+ * @returns a raw persistence instance
+ * @internal
+ */
+export declare function createPersistence(options: MsalPersistenceOptions): Promise<Persistence>;
+export declare function createPersistenceCachePlugin(options?: MsalPersistenceOptions): Promise<CachePlugin>;
+//# sourceMappingURL=provider.d.ts.map

package/dist/commonjs/provider.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../src/provider.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,gBAAgB,CAAC;AAE7D,OAAO,KAAK,EAAE,YAAY,IAAI,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAE/E,OAAO,KAAK,EAAE,YAAY,IAAI,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpE;;;;;GAKG;AACH,wBAAsB,iBAAiB,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,WAAW,CAAC,CAQ7F;AAED,wBAAsB,4BAA4B,CAChD,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,WAAW,CAAC,CAOtB"}

package/dist/commonjs/provider.js

@@ -0,0 +1,35 @@
+"use strict";
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createPersistence = createPersistence;
+exports.createPersistenceCachePlugin = createPersistenceCachePlugin;
+const tslib_1 = require("tslib");
+const platforms_js_1 = require("./platforms.js");
+const msal_node_extensions_1 = require("@azure/msal-node-extensions");
+/**
+ * This is used to gain access to the underlying Persistence instance, which we use for testing
+ *
+ * @returns a raw persistence instance
+ * @internal
+ */
+function createPersistence(options) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        var _a;
+        const persistence = yield ((_a = platforms_js_1.msalPersistencePlatforms[process.platform]) === null || _a === void 0 ? void 0 : _a.call(platforms_js_1.msalPersistencePlatforms, options));
+        if (persistence === undefined) {
+            throw new Error("no persistence providers are available on this platform");
+        }
+        return persistence;
+    });
+}
+function createPersistenceCachePlugin(options) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const persistence = yield createPersistence(options !== null && options !== void 0 ? options : {});
+        return new msal_node_extensions_1.PersistenceCachePlugin(persistence, {
+            retryNumber: 100,
+            retryDelay: 50,
+        });
+    });
+}
+//# sourceMappingURL=provider.js.map

package/dist/commonjs/provider.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../src/provider.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AAclC,8CAQC;AAED,oEASC;;AA9BD,iDAA0D;AAE1D,sEAAqE;AAGrE;;;;;GAKG;AACH,SAAsB,iBAAiB,CAAC,OAA+B;;;QACrE,MAAM,WAAW,GAAG,MAAM,CAAA,MAAA,uCAAwB,CAAC,OAAO,CAAC,QAAQ,CAAC,wFAAG,OAAO,CAAC,CAAA,CAAC;QAEhF,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC9B,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;QAC7E,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;CAAA;AAED,SAAsB,4BAA4B,CAChD,OAAgC;;QAEhC,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC,CAAC;QAE3D,OAAO,IAAI,6CAAsB,CAAC,WAAW,EAAE;YAC7C,WAAW,EAAE,GAAG;YAChB,UAAU,EAAE,EAAE;SACf,CAAC,CAAC;IACL,CAAC;CAAA","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { MsalPersistenceOptions } from \"./platforms.js\";\nimport { msalPersistencePlatforms } from \"./platforms.js\";\nimport type { IPersistence as Persistence } from \"@azure/msal-node-extensions\";\nimport { PersistenceCachePlugin } from \"@azure/msal-node-extensions\";\nimport type { ICachePlugin as CachePlugin } from \"@azure/msal-node\";\n\n/**\n * This is used to gain access to the underlying Persistence instance, which we use for testing\n *\n * @returns a raw persistence instance\n * @internal\n */\nexport async function createPersistence(options: MsalPersistenceOptions): Promise<Persistence> {\n  const persistence = await msalPersistencePlatforms[process.platform]?.(options);\n\n  if (persistence === undefined) {\n    throw new Error(\"no persistence providers are available on this platform\");\n  }\n\n  return persistence;\n}\n\nexport async function createPersistenceCachePlugin(\n  options?: MsalPersistenceOptions,\n): Promise<CachePlugin> {\n  const persistence = await createPersistence(options ?? {});\n\n  return new PersistenceCachePlugin(persistence, {\n    retryNumber: 100,\n    retryDelay: 50,\n  });\n}\n"]}

package/dist/commonjs/tsdoc-metadata.json

@@ -0,0 +1,11 @@
+// This file is read by tools that parse documentation comments conforming to the TSDoc standard.
+// It should be published with your NPM package.  It should not be tracked by Git.
+{
+  "tsdocVersion": "0.12",
+  "toolPackages": [
+    {
+      "packageName": "@microsoft/api-extractor",
+      "packageVersion": "7.48.0"
+    }
+  ]
+}

package/dist/esm/index.d.ts

@@ -0,0 +1,29 @@
+import type { IdentityPlugin } from "@azure/identity";
+/**
+ * A plugin that provides persistent token caching for `@azure/identity`
+ * credentials. The plugin API is compatible with `@azure/identity` versions
+ * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`
+ * function, imported from `@azure/identity`.
+ *
+ * In order to enable this functionality, you must also pass
+ * `tokenCachePersistenceOptions` to your credential constructors with an
+ * `enabled` property set to true.
+ *
+ * Example:
+ *
+ * ```ts snippet:device_code_credential_example
+ * import { DeviceCodeCredential } from "@azure/identity";
+ *
+ * const credential = new DeviceCodeCredential({
+ *   tokenCachePersistenceOptions: {
+ *     enabled: true,
+ *   },
+ * });
+ * // We'll use the Microsoft Graph scope as an example
+ * const scope = "https://graph.microsoft.com/.default";
+ * // Print out part of the access token
+ * console.log((await credential.getToken(scope)).token.substring(0, 10), "...");
+ * ```
+ */
+export declare const cachePersistencePlugin: IdentityPlugin;
+//# sourceMappingURL=index.d.ts.map

package/dist/esm/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAgC,MAAM,iBAAiB,CAAC;AAwBpF;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,eAAO,MAAM,sBAAsB,EAAE,cAIpC,CAAC"}

package/dist/esm/index.js

@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { createPersistenceCachePlugin } from "./provider.js";
+/**
+ * A plugin that provides persistent token caching for `@azure/identity`
+ * credentials. The plugin API is compatible with `@azure/identity` versions
+ * 2.0.0 and later. Load this plugin using the `useIdentityPlugin`
+ * function, imported from `@azure/identity`.
+ *
+ * In order to enable this functionality, you must also pass
+ * `tokenCachePersistenceOptions` to your credential constructors with an
+ * `enabled` property set to true.
+ *
+ * Example:
+ *
+ * ```ts snippet:device_code_credential_example
+ * import { DeviceCodeCredential } from "@azure/identity";
+ *
+ * const credential = new DeviceCodeCredential({
+ *   tokenCachePersistenceOptions: {
+ *     enabled: true,
+ *   },
+ * });
+ * // We'll use the Microsoft Graph scope as an example
+ * const scope = "https://graph.microsoft.com/.default";
+ * // Print out part of the access token
+ * console.log((await credential.getToken(scope)).token.substring(0, 10), "...");
+ * ```
+ */
+export const cachePersistencePlugin = (context) => {
+    const { cachePluginControl } = context;
+    cachePluginControl.setPersistence(createPersistenceCachePlugin);
+};
+//# sourceMappingURL=index.js.map