@azure/identity 1.0.0-preview.1 → 1.0.0-preview.2

package/dist-esm/src/credentials/deviceCodeCredential.d.ts

@@ -0,0 +1,67 @@
+import { TokenCredential, GetTokenOptions, AccessToken } from "@azure/core-http";
+import { IdentityClientOptions } from "../client/identityClient";
+/**
+ * An internal interface that contains the verbatim devicecode response.
+ * This interface does not get exported from the public interface of the
+ * library.
+ */
+export interface DeviceCodeResponse {
+    device_code: string;
+    user_code: string;
+    verification_uri: string;
+    expires_in: number;
+    interval: number;
+    message: string;
+}
+/**
+ * Provides the user code and verification URI where the code must be
+ * entered.  Also provides a message to display to the user which
+ * contains an instruction with these details.
+ */
+export interface DeviceCodeDetails {
+    userCode: string;
+    verificationUri: string;
+    message: string;
+}
+/**
+ * Defines the signature of a callback which will be passed to
+ * DeviceCodeCredential for the purpose of displaying authentication
+ * details to the user.
+ */
+export declare type DeviceCodePromptCallback = (deviceCodeDetails: DeviceCodeDetails) => void;
+/**
+ * Enables authentication to Azure Active Directory using a device code
+ * that the user can enter into https://microsoft.com/devicelogin.
+ */
+export declare class DeviceCodeCredential implements TokenCredential {
+    private identityClient;
+    private tenantId;
+    private clientId;
+    private userPromptCallback;
+    private lastTokenResponse;
+    /**
+     * Creates an instance of DeviceCodeCredential with the details needed
+     * to initiate the device code authorization flow with Azure Active Directory.
+     *
+     * @param tenantId The Azure Active Directory tenant (directory) ID or name.
+     * @param clientId The client (application) ID of an App Registration in the tenant.
+     * @param userPromptCallback A callback function that will be invoked to show
+                                 {@link DeviceCodeDetails} to the user.
+     * @param options Options for configuring the client which makes the authentication request.
+     */
+    constructor(tenantId: string, clientId: string, userPromptCallback: DeviceCodePromptCallback, options?: IdentityClientOptions);
+    private sendDeviceCodeRequest;
+    private pollForToken;
+    /**
+     * Authenticates with Azure Active Directory and returns an {@link AccessToken} if
+     * successful.  If authentication cannot be performed at this time, this method may
+     * return null.  If an error occurs during authentication, an {@link AuthenticationError}
+     * containing failure details will be thrown.
+     *
+     * @param scopes The list of scopes for which the token will have access.
+     * @param options The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=deviceCodeCredential.d.ts.map

package/dist-esm/src/credentials/deviceCodeCredential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deviceCodeCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/deviceCodeCredential.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAS,MAAM,kBAAkB,CAAC;AACxF,OAAO,EAAE,qBAAqB,EAAiC,MAAM,0BAA0B,CAAC;AAGhG;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;;;GAIG;AACH,oBAAY,wBAAwB,GAAG,CAAC,iBAAiB,EAAE,iBAAiB,KAAK,IAAI,CAAC;AAEtF;;;GAGG;AACH,qBAAa,oBAAqB,YAAW,eAAe;IAC1D,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,kBAAkB,CAA2B;IACrD,OAAO,CAAC,iBAAiB,CAA8B;IAEvD;;;;;;;;;OASG;gBAED,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,kBAAkB,EAAE,wBAAwB,EAC5C,OAAO,CAAC,EAAE,qBAAqB;YAQnB,qBAAqB;YA4BrB,YAAY;IAsD1B;;;;;;;;;OASG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAkC/B"}

package/dist-esm/src/credentials/deviceCodeCredential.js

@@ -0,0 +1,139 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import * as tslib_1 from "tslib";
+import qs from "qs";
+import { delay } from "@azure/core-http";
+import { IdentityClient } from "../client/identityClient";
+import { AuthenticationError } from "../client/errors";
+/**
+ * Enables authentication to Azure Active Directory using a device code
+ * that the user can enter into https://microsoft.com/devicelogin.
+ */
+export class DeviceCodeCredential {
+    /**
+     * Creates an instance of DeviceCodeCredential with the details needed
+     * to initiate the device code authorization flow with Azure Active Directory.
+     *
+     * @param tenantId The Azure Active Directory tenant (directory) ID or name.
+     * @param clientId The client (application) ID of an App Registration in the tenant.
+     * @param userPromptCallback A callback function that will be invoked to show
+                                 {@link DeviceCodeDetails} to the user.
+     * @param options Options for configuring the client which makes the authentication request.
+     */
+    constructor(tenantId, clientId, userPromptCallback, options) {
+        this.lastTokenResponse = null;
+        this.identityClient = new IdentityClient(options);
+        this.tenantId = tenantId;
+        this.clientId = clientId;
+        this.userPromptCallback = userPromptCallback;
+    }
+    sendDeviceCodeRequest(scope, options) {
+        return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            const webResource = this.identityClient.createWebResource({
+                url: `${this.identityClient.authorityHost}/${this.tenantId}/oauth2/v2.0/devicecode`,
+                method: "POST",
+                disableJsonStringifyOnBody: true,
+                deserializationMapper: undefined,
+                body: qs.stringify({
+                    client_id: this.clientId,
+                    scope
+                }),
+                headers: {
+                    Accept: "application/json",
+                    "Content-Type": "application/x-www-form-urlencoded"
+                },
+                abortSignal: options && options.abortSignal
+            });
+            const response = yield this.identityClient.sendRequest(webResource);
+            if (!(response.status === 200 || response.status === 201)) {
+                throw new AuthenticationError(response.status, response.bodyAsText);
+            }
+            return response.parsedBody;
+        });
+    }
+    pollForToken(deviceCodeResponse, options) {
+        return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            let tokenResponse = null;
+            const webResource = this.identityClient.createWebResource({
+                url: `${this.identityClient.authorityHost}/${this.tenantId}/oauth2/v2.0/token`,
+                method: "POST",
+                disableJsonStringifyOnBody: true,
+                deserializationMapper: undefined,
+                body: qs.stringify({
+                    grant_type: "urn:ietf:params:oauth:grant-type:device_code",
+                    client_id: this.clientId,
+                    device_code: deviceCodeResponse.device_code
+                }),
+                headers: {
+                    Accept: "application/json",
+                    "Content-Type": "application/x-www-form-urlencoded"
+                },
+                abortSignal: options && options.abortSignal
+            });
+            while (tokenResponse === null) {
+                try {
+                    yield delay(deviceCodeResponse.interval * 1000);
+                    // Check the abort signal before sending the request
+                    if (options && options.abortSignal && options.abortSignal.aborted) {
+                        return null;
+                    }
+                    tokenResponse = yield this.identityClient.sendTokenRequest(webResource);
+                }
+                catch (err) {
+                    if (err instanceof AuthenticationError) {
+                        switch (err.errorResponse.error) {
+                            case "authorization_pending":
+                                break;
+                            case "authorization_declined":
+                                return null;
+                            case "expired_token":
+                                throw err;
+                            case "bad_verification_code":
+                                throw err;
+                        }
+                    }
+                    else {
+                        throw err;
+                    }
+                }
+            }
+            return tokenResponse;
+        });
+    }
+    /**
+     * Authenticates with Azure Active Directory and returns an {@link AccessToken} if
+     * successful.  If authentication cannot be performed at this time, this method may
+     * return null.  If an error occurs during authentication, an {@link AuthenticationError}
+     * containing failure details will be thrown.
+     *
+     * @param scopes The list of scopes for which the token will have access.
+     * @param options The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    getToken(scopes, options) {
+        return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            let tokenResponse = null;
+            let scopeString = typeof scopes === "string" ? scopes : scopes.join(" ");
+            if (scopeString.indexOf("offline_access") < 0) {
+                scopeString += " offline_access";
+            }
+            // Try to use the refresh token first
+            if (this.lastTokenResponse && this.lastTokenResponse.refreshToken) {
+                tokenResponse = yield this.identityClient.refreshAccessToken(this.tenantId, this.clientId, scopeString, this.lastTokenResponse.refreshToken, undefined, // clientSecret not needed for device code auth
+                undefined, options);
+            }
+            if (tokenResponse === null) {
+                const deviceCodeResponse = yield this.sendDeviceCodeRequest(scopeString, options);
+                this.userPromptCallback({
+                    userCode: deviceCodeResponse.user_code,
+                    verificationUri: deviceCodeResponse.verification_uri,
+                    message: deviceCodeResponse.message
+                });
+                tokenResponse = yield this.pollForToken(deviceCodeResponse, options);
+            }
+            this.lastTokenResponse = tokenResponse;
+            return (tokenResponse && tokenResponse.accessToken) || null;
+        });
+    }
+}
+//# sourceMappingURL=deviceCodeCredential.js.map

package/dist-esm/src/credentials/deviceCodeCredential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deviceCodeCredential.js","sourceRoot":"","sources":["../../../src/credentials/deviceCodeCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAElC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAiD,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACxF,OAAO,EAAyB,cAAc,EAAiB,MAAM,0BAA0B,CAAC;AAChG,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAkCvD;;;GAGG;AACH,MAAM,OAAO,oBAAoB;IAO/B;;;;;;;;;OASG;IACH,YACE,QAAgB,EAChB,QAAgB,EAChB,kBAA4C,EAC5C,OAA+B;QAhBzB,sBAAiB,GAAyB,IAAI,CAAC;QAkBrD,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;IAC/C,CAAC;IAEa,qBAAqB,CACjC,KAAa,EACb,OAAyB;;YAEzB,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC;gBACxD,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,IAAI,IAAI,CAAC,QAAQ,yBAAyB;gBACnF,MAAM,EAAE,MAAM;gBACd,0BAA0B,EAAE,IAAI;gBAChC,qBAAqB,EAAE,SAAS;gBAChC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC;oBACjB,SAAS,EAAE,IAAI,CAAC,QAAQ;oBACxB,KAAK;iBACN,CAAC;gBACF,OAAO,EAAE;oBACP,MAAM,EAAE,kBAAkB;oBAC1B,cAAc,EAAE,mCAAmC;iBACpD;gBACD,WAAW,EAAE,OAAO,IAAI,OAAO,CAAC,WAAW;aAC5C,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;YACpE,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,CAAC,EAAE;gBACzD,MAAM,IAAI,mBAAmB,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;aACrE;YAED,OAAO,QAAQ,CAAC,UAAgC,CAAC;QACnD,CAAC;KAAA;IAEa,YAAY,CACxB,kBAAsC,EACtC,OAAyB;;YAEzB,IAAI,aAAa,GAAyB,IAAI,CAAC;YAE/C,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC;gBACxD,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,IAAI,IAAI,CAAC,QAAQ,oBAAoB;gBAC9E,MAAM,EAAE,MAAM;gBACd,0BAA0B,EAAE,IAAI;gBAChC,qBAAqB,EAAE,SAAS;gBAChC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC;oBACjB,UAAU,EAAE,8CAA8C;oBAC1D,SAAS,EAAE,IAAI,CAAC,QAAQ;oBACxB,WAAW,EAAE,kBAAkB,CAAC,WAAW;iBAC5C,CAAC;gBACF,OAAO,EAAE;oBACP,MAAM,EAAE,kBAAkB;oBAC1B,cAAc,EAAE,mCAAmC;iBACpD;gBACD,WAAW,EAAE,OAAO,IAAI,OAAO,CAAC,WAAW;aAC5C,CAAC,CAAC;YAEH,OAAO,aAAa,KAAK,IAAI,EAAE;gBAC7B,IAAI;oBACF,MAAM,KAAK,CAAC,kBAAkB,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC;oBAEhD,oDAAoD;oBACpD,IAAI,OAAO,IAAI,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE;wBACjE,OAAO,IAAI,CAAC;qBACb;oBAED,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;iBACzE;gBAAC,OAAO,GAAG,EAAE;oBACZ,IAAI,GAAG,YAAY,mBAAmB,EAAE;wBACtC,QAAQ,GAAG,CAAC,aAAa,CAAC,KAAK,EAAE;4BAC/B,KAAK,uBAAuB;gCAC1B,MAAM;4BACR,KAAK,wBAAwB;gCAC3B,OAAO,IAAI,CAAC;4BACd,KAAK,eAAe;gCAClB,MAAM,GAAG,CAAC;4BACZ,KAAK,uBAAuB;gCAC1B,MAAM,GAAG,CAAC;yBACb;qBACF;yBAAM;wBACL,MAAM,GAAG,CAAC;qBACX;iBACF;aACF;YAED,OAAO,aAAa,CAAC;QACvB,CAAC;KAAA;IAED;;;;;;;;;OASG;IACU,QAAQ,CACnB,MAAyB,EACzB,OAAyB;;YAEzB,IAAI,aAAa,GAAyB,IAAI,CAAC;YAC/C,IAAI,WAAW,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACzE,IAAI,WAAW,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE;gBAC7C,WAAW,IAAI,iBAAiB,CAAC;aAClC;YAED,qCAAqC;YACrC,IAAI,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE;gBACjE,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAC1D,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,QAAQ,EACb,WAAW,EACX,IAAI,CAAC,iBAAiB,CAAC,YAAY,EACnC,SAAS,EAAE,+CAA+C;gBAC1D,SAAS,EACT,OAAO,CAAC,CAAC;aACZ;YAED,IAAI,aAAa,KAAK,IAAI,EAAE;gBAC1B,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;gBAElF,IAAI,CAAC,kBAAkB,CAAC;oBACtB,QAAQ,EAAE,kBAAkB,CAAC,SAAS;oBACtC,eAAe,EAAE,kBAAkB,CAAC,gBAAgB;oBACpD,OAAO,EAAE,kBAAkB,CAAC,OAAO;iBACpC,CAAC,CAAC;gBAEH,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,kBAAkB,EAAE,OAAO,CAAC,CAAC;aACtE;YAED,IAAI,CAAC,iBAAiB,GAAG,aAAa,CAAC;YACvC,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;QAC9D,CAAC;KAAA;CACF"}

package/dist-esm/src/credentials/environmentCredential.browser.d.ts

@@ -0,0 +1,7 @@
+import { AccessToken, TokenCredential, GetTokenOptions } from "@azure/core-http";
+import { IdentityClientOptions } from "../client/identityClient";
+export declare class EnvironmentCredential implements TokenCredential {
+    constructor(options?: IdentityClientOptions);
+    getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=environmentCredential.browser.d.ts.map

package/dist-esm/src/credentials/environmentCredential.browser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"environmentCredential.browser.d.ts","sourceRoot":"","sources":["../../../src/credentials/environmentCredential.browser.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAIjE,qBAAa,qBAAsB,YAAW,eAAe;gBAC/C,OAAO,CAAC,EAAE,qBAAqB;IAI3C,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAG5F"}

package/dist-esm/src/credentials/environmentCredential.browser.js

@@ -0,0 +1,12 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+const BrowserNotSupportedError = new Error("EnvironmentCredential is not supported in the browser.");
+export class EnvironmentCredential {
+    constructor(options) {
+        throw BrowserNotSupportedError;
+    }
+    getToken(scopes, options) {
+        throw BrowserNotSupportedError;
+    }
+}
+//# sourceMappingURL=environmentCredential.browser.js.map

package/dist-esm/src/credentials/environmentCredential.browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"environmentCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/environmentCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAOlC,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;AAErG,MAAM,OAAO,qBAAqB;IAChC,YAAY,OAA+B;QACzC,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAED,QAAQ,CAAC,MAAyB,EAAE,OAAyB;QAC3D,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF"}

package/dist-esm/src/credentials/environmentCredential.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"environmentCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/environmentCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAU,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACzF,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAGjE;;;;;;;;;;;GAWG;AACH,qBAAa,qBAAsB,YAAW,eAAe;IAC3D,OAAO,CAAC,WAAW,CAAC,CAA8B;IAClD;;;;;;;OAOG;gBACS,OAAO,CAAC,EAAE,qBAAqB;IAc3C;;;;;;;;;OASG;IACH,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAO5F"}
+{"version":3,"file":"environmentCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/environmentCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAGjE;;;;;;;;;;;GAWG;AACH,qBAAa,qBAAsB,YAAW,eAAe;IAC3D,OAAO,CAAC,WAAW,CAAC,CAA8B;IAClD;;;;;;;OAOG;gBACS,OAAO,CAAC,EAAE,qBAAqB;IAU3C;;;;;;;;;OASG;IACH,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAO5F"}

package/dist-esm/src/credentials/environmentCredential.js

@@ -1,6 +1,5 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
-import { isNode } from "@azure/core-http";
 import { ClientSecretCredential } from "./clientSecretCredential";
 /**
  * Enables authentication to Azure Active Directory using client secret
@@ -25,9 +24,6 @@ export class EnvironmentCredential {
      */
     constructor(options) {
         this._credential = undefined;
-        if (!isNode) {
-            throw "EnvironmentCredential is only supported when running in Node.js.";
-        }
         const tenantId = process.env.AZURE_TENANT_ID, clientId = process.env.AZURE_CLIENT_ID, clientSecret = process.env.AZURE_CLIENT_SECRET;
         if (tenantId && clientId && clientSecret) {
             this._credential = new ClientSecretCredential(tenantId, clientId, clientSecret, options);

package/dist-esm/src/credentials/environmentCredential.js.map

@@ -1 +1 @@
-{"version":3,"file":"environmentCredential.js","sourceRoot":"","sources":["../../../src/credentials/environmentCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAgC,MAAM,EAAmB,MAAM,kBAAkB,CAAC;AAEzF,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAElE;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,qBAAqB;IAEhC;;;;;;;OAOG;IACH,YAAY,OAA+B;QATnC,gBAAW,GAAqB,SAAS,CAAC;QAUhD,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,kEAAkE,CAAC;SAC1E;QAED,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,EAC1C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,EACtC,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;QAEjD,IAAI,QAAQ,IAAI,QAAQ,IAAI,YAAY,EAAE;YACxC,IAAI,CAAC,WAAW,GAAG,IAAI,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;SAC1F;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,QAAQ,CAAC,MAAyB,EAAE,OAAyB;QAC3D,IAAI,IAAI,CAAC,WAAW,EAAE;YACpB,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACnD;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF"}
+{"version":3,"file":"environmentCredential.js","sourceRoot":"","sources":["../../../src/credentials/environmentCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAElE;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,qBAAqB;IAEhC;;;;;;;OAOG;IACH,YAAY,OAA+B;QATnC,gBAAW,GAAqB,SAAS,CAAC;QAUhD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,EAC1C,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,EACtC,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;QAEjD,IAAI,QAAQ,IAAI,QAAQ,IAAI,YAAY,EAAE;YACxC,IAAI,CAAC,WAAW,GAAG,IAAI,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;SAC1F;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,QAAQ,CAAC,MAAyB,EAAE,OAAyB;QAC3D,IAAI,IAAI,CAAC,WAAW,EAAE;YACpB,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACnD;QAED,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF"}

package/dist-esm/src/credentials/interactiveBrowserCredential.browser.d.ts

@@ -0,0 +1,32 @@
+import { AccessToken, TokenCredential, GetTokenOptions } from "@azure/core-http";
+import { InteractiveBrowserCredentialOptions } from "./interactiveBrowserCredentialOptions";
+/**
+ * Enables authentication to Azure Active Directory inside of the web browser
+ * using the interactive login flow, either via browser redirects or a popup
+ * window.
+ */
+export declare class InteractiveBrowserCredential implements TokenCredential {
+    private loginStyle;
+    private msalConfig;
+    private msalObject;
+    /**
+     * Creates an instance of the InteractiveBrowserCredential with the
+     * details needed to authenticate against Azure Active Directory with
+     * a user identity.
+     *
+     * @param tenantId The Azure Active Directory tenant (directory) ID.
+     * @param clientId The client (application) ID of an App Registration in the tenant.
+     * @param options Options for configuring the client which makes the authentication request.
+     */
+    constructor(tenantId: string, clientId: string, options?: InteractiveBrowserCredentialOptions);
+    private login;
+    private acquireToken;
+    /**
+     *
+     * @param scopes The list of scopes for which the token will have access.
+     * @param options The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=interactiveBrowserCredential.browser.d.ts.map

package/dist-esm/src/credentials/interactiveBrowserCredential.browser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interactiveBrowserCredential.browser.d.ts","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredential.browser.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAEjF,OAAO,EAAqB,mCAAmC,EAAE,MAAM,uCAAuC,CAAC;AAE/G;;;;GAIG;AACH,qBAAa,4BAA6B,YAAW,eAAe;IAClE,OAAO,CAAC,UAAU,CAAoB;IACtC,OAAO,CAAC,UAAU,CAAqB;IACvC,OAAO,CAAC,UAAU,CAA4B;IAE9C;;;;;;;;OAQG;gBAED,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,mCAAmC;IAyB/C,OAAO,CAAC,KAAK;YAcC,YAAY;IAqC1B;;;;;OAKG;IACG,QAAQ,CACZ,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAkB/B"}

package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js

@@ -0,0 +1,112 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import * as tslib_1 from "tslib";
+import * as msal from "msal";
+import { IdentityClient } from "../client/identityClient";
+/**
+ * Enables authentication to Azure Active Directory inside of the web browser
+ * using the interactive login flow, either via browser redirects or a popup
+ * window.
+ */
+export class InteractiveBrowserCredential {
+    /**
+     * Creates an instance of the InteractiveBrowserCredential with the
+     * details needed to authenticate against Azure Active Directory with
+     * a user identity.
+     *
+     * @param tenantId The Azure Active Directory tenant (directory) ID.
+     * @param clientId The client (application) ID of an App Registration in the tenant.
+     * @param options Options for configuring the client which makes the authentication request.
+     */
+    constructor(tenantId, clientId, options) {
+        options = Object.assign({}, IdentityClient.getDefaultOptions(), options);
+        this.loginStyle = options.loginStyle || "popup";
+        if (["redirect", "popup"].indexOf(this.loginStyle) === -1) {
+            throw new Error(`Invalid loginStyle: ${options.loginStyle}`);
+        }
+        this.msalConfig = {
+            auth: Object.assign({ clientId: clientId, authority: `${options.authorityHost}/${tenantId}` }, options.redirectUri && { redirectUri: options.redirectUri }, options.postLogoutRedirectUri && { redirectUri: options.postLogoutRedirectUri }),
+            cache: {
+                cacheLocation: "localStorage",
+                storeAuthStateInCookie: true
+            }
+        };
+        this.msalObject = new msal.UserAgentApplication(this.msalConfig);
+    }
+    login() {
+        switch (this.loginStyle) {
+            case "redirect": {
+                const loginPromise = new Promise((resolve, reject) => {
+                    this.msalObject.handleRedirectCallback(resolve, reject);
+                });
+                this.msalObject.loginRedirect();
+                return loginPromise;
+            }
+            case "popup":
+                return this.msalObject.loginPopup();
+        }
+    }
+    acquireToken(authParams) {
+        return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            let authResponse;
+            try {
+                authResponse = yield this.msalObject.acquireTokenSilent(authParams);
+            }
+            catch (err) {
+                if (err instanceof msal.AuthError) {
+                    switch (err.errorCode) {
+                        case "consent_required":
+                        case "interaction_required":
+                        case "login_required":
+                            break;
+                        default:
+                            throw err;
+                    }
+                }
+            }
+            let authPromise;
+            if (authResponse === undefined) {
+                switch (this.loginStyle) {
+                    case "redirect":
+                        authPromise = new Promise((resolve, reject) => {
+                            this.msalObject.handleRedirectCallback(resolve, reject);
+                        });
+                        this.msalObject.acquireTokenRedirect(authParams);
+                        break;
+                    case "popup":
+                        authPromise = this.msalObject.acquireTokenPopup(authParams);
+                        break;
+                }
+                authResponse = authPromise && (yield authPromise);
+            }
+            return authResponse;
+        });
+    }
+    /**
+     *
+     * @param scopes The list of scopes for which the token will have access.
+     * @param options The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    getToken(scopes, options // eslint-disable-line @typescript-eslint/no-unused-vars
+    ) {
+        return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            if (!this.msalObject.getAccount()) {
+                yield this.login();
+            }
+            const authResponse = yield this.acquireToken({
+                scopes: Array.isArray(scopes) ? scopes : scopes.split(',')
+            });
+            if (authResponse) {
+                return {
+                    token: authResponse.accessToken,
+                    expiresOnTimestamp: authResponse.expiresOn.getTime()
+                };
+            }
+            else {
+                return null;
+            }
+        });
+    }
+}
+//# sourceMappingURL=interactiveBrowserCredential.browser.js.map

package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interactiveBrowserCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAElC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAG1D;;;;GAIG;AACH,MAAM,OAAO,4BAA4B;IAKvC;;;;;;;;OAQG;IACH,YACE,QAAgB,EAChB,QAAgB,EAChB,OAA6C;QAE7C,OAAO,qBAAQ,cAAc,CAAC,iBAAiB,EAAE,EAAK,OAAO,CAAE,CAAC;QAEhE,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC;QAChD,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE;YACvD,MAAM,IAAI,KAAK,CAAC,uBAAuB,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;SAChE;QAED,IAAI,CAAC,UAAU,GAAG;YAChB,IAAI,kBACF,QAAQ,EAAE,QAAQ,EAClB,SAAS,EAAE,GAAG,OAAO,CAAC,aAAa,IAAI,QAAQ,EAAE,IAC9C,OAAO,CAAC,WAAW,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAC,EAC1D,OAAO,CAAC,qBAAqB,IAAI,EAAE,WAAW,EAAE,OAAO,CAAC,qBAAqB,EAAE,CACnF;YACD,KAAK,EAAE;gBACL,aAAa,EAAE,cAAc;gBAC7B,sBAAsB,EAAE,IAAI;aAC7B;SACF,CAAC;QAEF,IAAI,CAAC,UAAU,GAAG,IAAI,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACnE,CAAC;IAEO,KAAK;QACX,QAAQ,IAAI,CAAC,UAAU,EAAE;YACvB,KAAK,UAAU,CAAC,CAAC;gBACf,MAAM,YAAY,GAAG,IAAI,OAAO,CAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBACtE,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBAC1D,CAAC,CAAC,CAAC;gBACH,IAAI,CAAC,UAAU,CAAC,aAAa,EAAE,CAAC;gBAChC,OAAO,YAAY,CAAC;aACrB;YACD,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;SACvC;IACH,CAAC;IAEa,YAAY,CAAC,UAAyC;;YAClE,IAAI,YAA2C,CAAC;YAChD,IAAI;gBACF,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;aACrE;YAAC,OAAO,GAAG,EAAE;gBACZ,IAAI,GAAG,YAAY,IAAI,CAAC,SAAS,EAAE;oBACjC,QAAQ,GAAG,CAAC,SAAS,EAAE;wBACrB,KAAK,kBAAkB,CAAC;wBACxB,KAAK,sBAAsB,CAAC;wBAC5B,KAAK,gBAAgB;4BACnB,MAAM;wBACR;4BACE,MAAM,GAAG,CAAC;qBACb;iBACF;aACF;YAED,IAAI,WAAmD,CAAC;YACxD,IAAI,YAAY,KAAK,SAAS,EAAE;gBAC9B,QAAQ,IAAI,CAAC,UAAU,EAAE;oBACvB,KAAK,UAAU;wBACb,WAAW,GAAG,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;4BAC5C,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;wBAC1D,CAAC,CAAC,CAAC;wBACH,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;wBACjD,MAAM;oBACR,KAAK,OAAO;wBACV,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC;wBAC5D,MAAM;iBACT;gBAED,YAAY,GAAG,WAAW,KAAI,MAAM,WAAW,CAAA,CAAC;aACjD;YAED,OAAO,YAAY,CAAC;QACtB,CAAC;KAAA;IAED;;;;;OAKG;IACG,QAAQ,CACZ,MAAyB,EACzB,OAAyB,CAAC,wDAAwD;;;YAElF,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,EAAE;gBACjC,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;aACpB;YAED,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC;gBAC3C,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC;aAC3D,CAAC,CAAC;YAEH,IAAI,YAAY,EAAE;gBAChB,OAAO;oBACL,KAAK,EAAE,YAAY,CAAC,WAAW;oBAC/B,kBAAkB,EAAE,YAAY,CAAC,SAAS,CAAC,OAAO,EAAE;iBACrD,CAAC;aACH;iBAAM;gBACL,OAAO,IAAI,CAAC;aACb;QACH,CAAC;KAAA;CACF"}

package/dist-esm/src/credentials/interactiveBrowserCredential.d.ts

@@ -0,0 +1,12 @@
+import { TokenCredential, GetTokenOptions, AccessToken } from "@azure/core-http";
+import { InteractiveBrowserCredentialOptions } from "./interactiveBrowserCredentialOptions";
+/**
+ * Enables authentication to Azure Active Directory inside of the web browser
+ * using the interactive login flow, either via browser redirects or a popup
+ * window.  This credential is not currently supported in Node.js.
+ */
+export declare class InteractiveBrowserCredential implements TokenCredential {
+    constructor(tenantId: string, clientId: string, options?: InteractiveBrowserCredentialOptions);
+    getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=interactiveBrowserCredential.d.ts.map

package/dist-esm/src/credentials/interactiveBrowserCredential.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interactiveBrowserCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredential.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,mCAAmC,EAAE,MAAM,uCAAuC,CAAC;AAI5F;;;;GAIG;AACH,qBAAa,4BAA6B,YAAW,eAAe;gBAEhE,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,mCAAmC;IAKxC,QAAQ,CACb,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAG/B"}

package/dist-esm/src/credentials/interactiveBrowserCredential.js

@@ -0,0 +1,17 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+const BrowserNotSupportedError = new Error("InteractiveBrowserCredential is not supported in Node.js.");
+/**
+ * Enables authentication to Azure Active Directory inside of the web browser
+ * using the interactive login flow, either via browser redirects or a popup
+ * window.  This credential is not currently supported in Node.js.
+ */
+export class InteractiveBrowserCredential {
+    constructor(tenantId, clientId, options) {
+        throw BrowserNotSupportedError;
+    }
+    getToken(scopes, options) {
+        throw BrowserNotSupportedError;
+    }
+}
+//# sourceMappingURL=interactiveBrowserCredential.js.map

package/dist-esm/src/credentials/interactiveBrowserCredential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interactiveBrowserCredential.js","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAOlC,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;AAExG;;;;GAIG;AACH,MAAM,OAAO,4BAA4B;IACvC,YACE,QAAgB,EAChB,QAAgB,EAChB,OAA6C;QAE7C,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ,CACb,MAAyB,EACzB,OAAyB;QAEzB,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF"}

package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.d.ts

@@ -0,0 +1,24 @@
+import { IdentityClientOptions } from "../client/identityClient";
+export declare type BrowserLoginStyle = "redirect" | "popup";
+/**
+ * Defines options for the InteractiveBrowserCredential class.
+ */
+export interface InteractiveBrowserCredentialOptions extends IdentityClientOptions {
+    /**
+     * Specifies whether a redirect or a popup window should be used to
+     * initiate the user authentication flow. Possible values are "redirect"
+     * or "popup" (default).
+     */
+    loginStyle?: BrowserLoginStyle;
+    /**
+     * Gets the redirect URI of the application. This should be same as the value
+     * in the application registration portal.  Defaults to `window.location.href`.
+     */
+    redirectUri?: string | (() => string);
+    /**
+     * Gets the URI to which the user will be redirected when logging out.
+     * Defaults to `window.location.href`.
+     */
+    postLogoutRedirectUri?: string | (() => string);
+}
+//# sourceMappingURL=interactiveBrowserCredentialOptions.d.ts.map

package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interactiveBrowserCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,oBAAY,iBAAiB,GAAG,UAAU,GAAG,OAAO,CAAC;AAErD;;GAEG;AACH,MAAM,WAAW,mCAAoC,SAAQ,qBAAqB;IAChF;;;;OAIG;IACH,UAAU,CAAC,EAAE,iBAAiB,CAAC;IAE/B;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,CAAC,MAAM,MAAM,CAAC,CAAC;IAEtC;;;OAGG;IACH,qBAAqB,CAAC,EAAE,MAAM,GAAG,CAAC,MAAM,MAAM,CAAC,CAAC;CACjD"}

package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.js

@@ -0,0 +1,3 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+//# sourceMappingURL=interactiveBrowserCredentialOptions.js.map

package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interactiveBrowserCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC"}

package/dist-esm/src/credentials/managedIdentityCredential.browser.d.ts

@@ -0,0 +1,7 @@
+import { AccessToken, GetTokenOptions, TokenCredential } from "@azure/core-http";
+import { IdentityClientOptions } from "../client/identityClient";
+export declare class ManagedIdentityCredential implements TokenCredential {
+    constructor(clientId?: string, options?: IdentityClientOptions);
+    getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=managedIdentityCredential.browser.d.ts.map

package/dist-esm/src/credentials/managedIdentityCredential.browser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"managedIdentityCredential.browser.d.ts","sourceRoot":"","sources":["../../../src/credentials/managedIdentityCredential.browser.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAIjE,qBAAa,yBAA0B,YAAW,eAAe;gBACnD,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,qBAAqB;IAIjD,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAG/B"}

package/dist-esm/src/credentials/managedIdentityCredential.browser.js

@@ -0,0 +1,15 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import * as tslib_1 from "tslib";
+const BrowserNotSupportedError = new Error("ManagedIdentityCredential is not supported in the browser.");
+export class ManagedIdentityCredential {
+    constructor(clientId, options) {
+        throw BrowserNotSupportedError;
+    }
+    getToken(scopes, options) {
+        return tslib_1.__awaiter(this, void 0, void 0, function* () {
+            throw BrowserNotSupportedError;
+        });
+    }
+}
+//# sourceMappingURL=managedIdentityCredential.browser.js.map

package/dist-esm/src/credentials/managedIdentityCredential.browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"managedIdentityCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/managedIdentityCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAOlC,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;AAEzG,MAAM,OAAO,yBAAyB;IACpC,YAAY,QAAiB,EAAE,OAA+B;QAC5D,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEY,QAAQ,CACnB,MAAyB,EACzB,OAAyB;;YAEzB,MAAM,wBAAwB,CAAC;QACjC,CAAC;KAAA;CACF"}

package/dist-esm/src/credentials/managedIdentityCredential.d.ts

@@ -1,5 +1,8 @@
 import { AccessToken, GetTokenOptions, TokenCredential } from "@azure/core-http";
 import { IdentityClientOptions } from "../client/identityClient";
+export declare const ImdsEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token";
+export declare const ImdsApiVersion = "2018-02-01";
+export declare const AppServiceMsiApiVersion = "2017-09-01";
 /**
  * Attempts authentication using a managed identity that has been assigned
  * to the deployment environment.  This authentication type works in Azure VMs,
@@ -11,9 +14,15 @@ import { IdentityClientOptions } from "../client/identityClient";
  */
 export declare class ManagedIdentityCredential implements TokenCredential {
     private identityClient;
-    private _clientId;
+    private clientId;
     private isEndpointUnavailable;
     constructor(clientId?: string, options?: IdentityClientOptions);
+    private mapScopesToResource;
+    private createImdsAuthRequest;
+    private createAppServiceMsiAuthRequest;
+    private createCloudShellMsiAuthRequest;
+    private pingImdsEndpoint;
+    private authenticateManagedIdentity;
     /**
      * Authenticates with Azure Active Directory and returns an {@link AccessToken} if
      * successful.  If authentication cannot be performed at this time, this method may

package/dist-esm/src/credentials/managedIdentityCredential.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"managedIdentityCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/managedIdentityCredential.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,qBAAqB,EAAkB,MAAM,0BAA0B,CAAC;AAEjF;;;;;;;;GAQG;AACH,qBAAa,yBAA0B,YAAW,eAAe;IAC/D,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,SAAS,CAAqB;IACtC,OAAO,CAAC,qBAAqB,CAAwB;gBAEzC,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,qBAAqB;IAK9D;;;;;;;;;OASG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAsB/B"}
+{"version":3,"file":"managedIdentityCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/managedIdentityCredential.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,WAAW,EACX,eAAe,EAGf,eAAe,EAChB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,qBAAqB,EAAkB,MAAM,0BAA0B,CAAC;AAGjF,eAAO,MAAM,YAAY,0DAA0D,CAAC;AACpF,eAAO,MAAM,cAAc,eAAe,CAAC;AAC3C,eAAO,MAAM,uBAAuB,eAAe,CAAC;AAEpD;;;;;;;;GAQG;AACH,qBAAa,yBAA0B,YAAW,eAAe;IAC/D,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAqB;IACrC,OAAO,CAAC,qBAAqB,CAAwB;gBAEzC,QAAQ,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,qBAAqB;IAK9D,OAAO,CAAC,mBAAmB;IAmB3B,OAAO,CAAC,qBAAqB;IAqB7B,OAAO,CAAC,8BAA8B;IAqBtC,OAAO,CAAC,8BAA8B;YAqBxB,gBAAgB;YA6BhB,2BAA2B;IAgDzC;;;;;;;;;OASG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAsB/B"}