npm - @azure/identity - Versions diffs - 2.0.0-alpha.20210930.2 → 2.0.0-alpha.20211007.2 - Mend

@azure/identity 2.0.0-alpha.20210930.2 → 2.0.0-alpha.20211007.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @azure/identity might be problematic. Click here for more details.

Files changed (55) hide show

package/dist-esm/src/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,cAAc,oBAAoB,CAAC;AAKnC,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAG9E,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,cAAc,CAAC;~~AAE9F~~,OAAO,EAAE,~~iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAGxD,OAAO,EAAE,~~sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EACL,sBAAsB,EAEvB,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EACL,qBAAqB,EAEtB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAE9E,OAAO,EAAE,2BAA2B,EAAE,MAAM,2CAA2C,CAAC;AAGxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AAEtE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EAAE,yBAAyB,EAAE,MAAM,yCAAyC,CAAC;AACpF,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAM1E,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAEtF,OAAO,EAAE,2BAA2B,EAAE,MAAM,2CAA2C,CAAC;AACxF,OAAO,EAAE,yBAAyB,EAAE,MAAM,yCAAyC,CAAC;AAEpF,OAAO,EACL,qBAAqB,EAEtB,MAAM,qCAAqC,CAAC;AAE7C,OAAO,EACL,0BAA0B,EAE3B,MAAM,0CAA0C,CAAC;AAElD,OAAO,EACL,oBAAoB,EAGrB,MAAM,oCAAoC,CAAC;AAK5C,OAAO,EACL,mBAAmB,EAEnB,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC/B,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAExC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,UAAU,yBAAyB;IACvC,OAAO,IAAI,sBAAsB,EAAE,CAAC;AACtC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nexport * from \"./plugins/consumer\";\n\nexport { IdentityPlugin } from \"./plugins/provider\";\n\nimport { TokenCredential } from \"@azure/core-auth\";\nimport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential\";\n\nexport { AuthenticationRecord } from \"./msal/types\";\nexport { AuthenticationRequiredError } from \"./msal/errors\";\nexport { serializeAuthenticationRecord, deserializeAuthenticationRecord } from \"./msal/utils\";\nexport { TokenCredentialOptions } from \"./client/identityClient\";\~~nexport~~ { RegionalAuthority } from \"./regionalAuthority\";\nexport { InteractiveCredentialOptions } from \"./credentials/interactiveCredentialOptions\";\n\nexport { ChainedTokenCredential } from \"./credentials/chainedTokenCredential\";\nexport {\n DefaultAzureCredential,\n DefaultAzureCredentialOptions\n} from \"./credentials/defaultAzureCredential\";\nexport {\n EnvironmentCredential,\n EnvironmentCredentialOptions\n} from \"./credentials/environmentCredential\";\nexport { ClientSecretCredential } from \"./credentials/clientSecretCredential\";\nexport { ClientSecretCredentialOptions } from \"./credentials/clientSecretCredentialOptions\";\nexport { ClientCertificateCredential } from \"./credentials/clientCertificateCredential\";\nexport { ClientCertificateCredentialOptions } from \"./credentials/clientCertificateCredentialOptions\";\nexport { CredentialPersistenceOptions } from \"./credentials/credentialPersistenceOptions\";\nexport { AzureCliCredential } from \"./credentials/azureCliCredential\";\nexport { AzureCliCredentialOptions } from \"./credentials/azureCliCredentialOptions\";\nexport { InteractiveBrowserCredential } from \"./credentials/interactiveBrowserCredential\";\nexport {\n InteractiveBrowserCredentialOptions,\n InteractiveBrowserCredentialBrowserOptions,\n BrowserLoginStyle\n} from \"./credentials/interactiveBrowserCredentialOptions\";\nexport { ManagedIdentityCredential } from \"./credentials/managedIdentityCredential\";\nexport { DeviceCodeCredential } from \"./credentials/deviceCodeCredential\";\nexport {\n DeviceCodePromptCallback,\n DeviceCodeInfo\n} from \"./credentials/deviceCodeCredentialOptions\";\nexport { DeviceCodeCredentialOptions } from \"./credentials/deviceCodeCredentialOptions\";\nexport { UsernamePasswordCredential } from \"./credentials/usernamePasswordCredential\";\nexport { UsernamePasswordCredentialOptions } from \"./credentials/usernamePasswordCredentialOptions\";\nexport { AuthorizationCodeCredential } from \"./credentials/authorizationCodeCredential\";\nexport { AzurePowerShellCredential } from \"./credentials/azurePowerShellCredential\";\nexport { AzurePowerShellCredentialOptions } from \"./credentials/azurePowerShellCredentialOptions\";\nexport {\n ApplicationCredential,\n ApplicationCredentialOptions\n} from \"./credentials/applicationCredential\";\n\nexport {\n VisualStudioCodeCredential,\n VisualStudioCodeCredentialOptions\n} from \"./credentials/visualStudioCodeCredential\";\n\nexport {\n OnBehalfOfCredential,\n OnBehalfOfCredentialSecretConfiguration,\n OnBehalfOfCredentialCertificateConfiguration\n} from \"./credentials/onBehalfOfCredential\";\nexport { OnBehalfOfCredentialOptions } from \"./credentials/onBehalfOfCredentialOptions\";\n\nexport { TokenCachePersistenceOptions } from \"./msal/nodeFlows/tokenCachePersistenceOptions\";\n\nexport {\n AuthenticationError,\n ErrorResponse,\n AggregateAuthenticationError,\n AuthenticationErrorName,\n AggregateAuthenticationErrorName,\n CredentialUnavailableError,\n CredentialUnavailableErrorName\n} from \"./client/errors\";\n\nexport { TokenCredential, GetTokenOptions, AccessToken } from \"@azure/core-auth\";\nexport { logger } from \"./util/logging\";\n\nexport { AzureAuthorityHosts } from \"./constants\";\n\n/*\n Returns a new instance of the {@link DefaultAzureCredential}.\n */\nexport function getDefaultAzureCredential(): TokenCredential {\n return new DefaultAzureCredential();\n}\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,cAAc,oBAAoB,CAAC;AAKnC,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAG9E,OAAO,EAAE,2BAA2B,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,cAAc,CAAC;AAQ9F,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EACL,sBAAsB,EAEvB,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EACL,qBAAqB,EAEtB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAE9E,OAAO,EAAE,2BAA2B,EAAE,MAAM,2CAA2C,CAAC;AAGxF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AAEtE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EAAE,yBAAyB,EAAE,MAAM,yCAAyC,CAAC;AACpF,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAM1E,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AAEtF,OAAO,EAAE,2BAA2B,EAAE,MAAM,2CAA2C,CAAC;AACxF,OAAO,EAAE,yBAAyB,EAAE,MAAM,yCAAyC,CAAC;AAEpF,OAAO,EACL,qBAAqB,EAEtB,MAAM,qCAAqC,CAAC;AAE7C,OAAO,EACL,0BAA0B,EAE3B,MAAM,0CAA0C,CAAC;AAElD,OAAO,EACL,oBAAoB,EAGrB,MAAM,oCAAoC,CAAC;AAK5C,OAAO,EACL,mBAAmB,EAEnB,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC/B,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AAExC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD;;GAEG;AACH,MAAM,UAAU,yBAAyB;IACvC,OAAO,IAAI,sBAAsB,EAAE,CAAC;AACtC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nexport * from \"./plugins/consumer\";\n\nexport { IdentityPlugin } from \"./plugins/provider\";\n\nimport { TokenCredential } from \"@azure/core-auth\";\nimport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential\";\n\nexport { AuthenticationRecord } from \"./msal/types\";\nexport { AuthenticationRequiredError } from \"./msal/errors\";\nexport { serializeAuthenticationRecord, deserializeAuthenticationRecord } from \"./msal/utils\";\nexport { TokenCredentialOptions } from \"./client/identityClient\";\n\n// TODO: Export again once we're ready to release this feature.\n// export { RegionalAuthority } from \"./regionalAuthority\";\n\nexport { InteractiveCredentialOptions } from \"./credentials/interactiveCredentialOptions\";\n\nexport { ChainedTokenCredential } from \"./credentials/chainedTokenCredential\";\nexport {\n DefaultAzureCredential,\n DefaultAzureCredentialOptions\n} from \"./credentials/defaultAzureCredential\";\nexport {\n EnvironmentCredential,\n EnvironmentCredentialOptions\n} from \"./credentials/environmentCredential\";\nexport { ClientSecretCredential } from \"./credentials/clientSecretCredential\";\nexport { ClientSecretCredentialOptions } from \"./credentials/clientSecretCredentialOptions\";\nexport { ClientCertificateCredential } from \"./credentials/clientCertificateCredential\";\nexport { ClientCertificateCredentialOptions } from \"./credentials/clientCertificateCredentialOptions\";\nexport { CredentialPersistenceOptions } from \"./credentials/credentialPersistenceOptions\";\nexport { AzureCliCredential } from \"./credentials/azureCliCredential\";\nexport { AzureCliCredentialOptions } from \"./credentials/azureCliCredentialOptions\";\nexport { InteractiveBrowserCredential } from \"./credentials/interactiveBrowserCredential\";\nexport {\n InteractiveBrowserCredentialOptions,\n InteractiveBrowserCredentialBrowserOptions,\n BrowserLoginStyle\n} from \"./credentials/interactiveBrowserCredentialOptions\";\nexport { ManagedIdentityCredential } from \"./credentials/managedIdentityCredential\";\nexport { DeviceCodeCredential } from \"./credentials/deviceCodeCredential\";\nexport {\n DeviceCodePromptCallback,\n DeviceCodeInfo\n} from \"./credentials/deviceCodeCredentialOptions\";\nexport { DeviceCodeCredentialOptions } from \"./credentials/deviceCodeCredentialOptions\";\nexport { UsernamePasswordCredential } from \"./credentials/usernamePasswordCredential\";\nexport { UsernamePasswordCredentialOptions } from \"./credentials/usernamePasswordCredentialOptions\";\nexport { AuthorizationCodeCredential } from \"./credentials/authorizationCodeCredential\";\nexport { AzurePowerShellCredential } from \"./credentials/azurePowerShellCredential\";\nexport { AzurePowerShellCredentialOptions } from \"./credentials/azurePowerShellCredentialOptions\";\nexport {\n ApplicationCredential,\n ApplicationCredentialOptions\n} from \"./credentials/applicationCredential\";\n\nexport {\n VisualStudioCodeCredential,\n VisualStudioCodeCredentialOptions\n} from \"./credentials/visualStudioCodeCredential\";\n\nexport {\n OnBehalfOfCredential,\n OnBehalfOfCredentialSecretConfiguration,\n OnBehalfOfCredentialCertificateConfiguration\n} from \"./credentials/onBehalfOfCredential\";\nexport { OnBehalfOfCredentialOptions } from \"./credentials/onBehalfOfCredentialOptions\";\n\nexport { TokenCachePersistenceOptions } from \"./msal/nodeFlows/tokenCachePersistenceOptions\";\n\nexport {\n AuthenticationError,\n ErrorResponse,\n AggregateAuthenticationError,\n AuthenticationErrorName,\n AggregateAuthenticationErrorName,\n CredentialUnavailableError,\n CredentialUnavailableErrorName\n} from \"./client/errors\";\n\nexport { TokenCredential, GetTokenOptions, AccessToken } from \"@azure/core-auth\";\nexport { logger } from \"./util/logging\";\n\nexport { AzureAuthorityHosts } from \"./constants\";\n\n/*\n Returns a new instance of the {@link DefaultAzureCredential}.\n */\nexport function getDefaultAzureCredential(): TokenCredential {\n return new DefaultAzureCredential();\n}\n"]}

package/dist-esm/src/msal/nodeFlows/msalAuthorizationCode.js CHANGED Viewed

@@ -10,7 +10,7 @@ import { MsalNode } from "./nodeCommon";
 export class MsalAuthorizationCode extends MsalNode {
     constructor(options) {
         super(options);
-        this.logger = credentialLogger("NodeJS MSAL Authorization Code");
+        this.logger = credentialLogger("Node.js MSAL Authorization Code");
         this.redirectUri = options.redirectUri;
         this.authorizationCode = options.authorizationCode;
         if (options.clientSecret) {

package/dist-esm/src/msal/nodeFlows/msalAuthorizationCode.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"msalAuthorizationCode.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalAuthorizationCode.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAmB,QAAQ,EAAE,MAAM,cAAc,CAAC;AAYzD;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,QAAQ;IAIjD,YAAY,OAAqC;QAC/C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC,~~gCAAgC~~,CAAC,CAAC;~~QACjE~~,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;QACnD,IAAI,OAAO,CAAC,YAAY,EAAE;YACxB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;SAC1D;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAAkD;QACrE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,eAAgB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACvD,CAAC;IAES,KAAK,CAAC,UAAU,CACxB,MAAgB,EAChB,OAAuC;;QAEvC,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,CAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,CAAC;gBAC5D,MAAM;gBACN,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,IAAI,EAAE,IAAI,CAAC,iBAAiB;aAC7B,CAAC,CAAA,CAAC;YACH,yDAAyD;YACzD,8FAA8F;YAC9F,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;SACtE;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;SAC9C;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { MsalNodeOptions, MsalNode } from \"./nodeCommon\";\n\n/*\n Options that can be passed to configure MSAL to handle authentication through opening a browser window.\n * @internal\n /\nexport interface MSALAuthorizationCodeOptions extends MsalNodeOptions {\n redirectUri: string;\n authorizationCode: string;\n clientSecret?: string;\n}\n\n/\n This MSAL client sets up a web server to listen for redirect callbacks, then calls to the MSAL's public application's `acquireTokenByDeviceCode` during `doGetToken`\n * to trigger the authentication flow, and then respond based on the values obtained from the redirect callback\n * @internal\n */\nexport class MsalAuthorizationCode extends MsalNode {\n private redirectUri: string;\n private authorizationCode: string;\n\n constructor(options: MSALAuthorizationCodeOptions) {\n super(options);\n this.logger = credentialLogger(\"~~NodeJS~~ MSAL Authorization Code\");\n this.redirectUri = options.redirectUri;\n this.authorizationCode = options.authorizationCode;\n if (options.clientSecret) {\n this.msalConfig.auth.clientSecret = options.clientSecret;\n }\n }\n\n async getAuthCodeUrl(options: { scopes: string[]; redirectUri: string }): Promise<string> {\n await this.init();\n return this.confidentialApp!.getAuthCodeUrl(options);\n }\n\n protected async doGetToken(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n try {\n const result = await this.confidentialApp?.acquireTokenByCode({\n scopes,\n redirectUri: this.redirectUri,\n code: this.authorizationCode\n });\n // The Client Credential flow does not return an account,\n // so each time getToken gets called, we will have to acquire a new token through the service.\n return this.handleResult(scopes, this.clientId, result \|\| undefined);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n}\n"]}
1	+ {"version":3,"file":"msalAuthorizationCode.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalAuthorizationCode.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAmB,QAAQ,EAAE,MAAM,cAAc,CAAC;AAYzD;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,QAAQ;IAIjD,YAAY,OAAqC;QAC/C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC,iCAAiC,CAAC,CAAC;QAClE,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;QACnD,IAAI,OAAO,CAAC,YAAY,EAAE;YACxB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;SAC1D;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAAkD;QACrE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,eAAgB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACvD,CAAC;IAES,KAAK,CAAC,UAAU,CACxB,MAAgB,EAChB,OAAuC;;QAEvC,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,CAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,CAAC;gBAC5D,MAAM;gBACN,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,IAAI,EAAE,IAAI,CAAC,iBAAiB;aAC7B,CAAC,CAAA,CAAC;YACH,yDAAyD;YACzD,8FAA8F;YAC9F,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;SACtE;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;SAC9C;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { MsalNodeOptions, MsalNode } from \"./nodeCommon\";\n\n/*\n Options that can be passed to configure MSAL to handle authentication through opening a browser window.\n * @internal\n /\nexport interface MSALAuthorizationCodeOptions extends MsalNodeOptions {\n redirectUri: string;\n authorizationCode: string;\n clientSecret?: string;\n}\n\n/\n This MSAL client sets up a web server to listen for redirect callbacks, then calls to the MSAL's public application's `acquireTokenByDeviceCode` during `doGetToken`\n * to trigger the authentication flow, and then respond based on the values obtained from the redirect callback\n * @internal\n */\nexport class MsalAuthorizationCode extends MsalNode {\n private redirectUri: string;\n private authorizationCode: string;\n\n constructor(options: MSALAuthorizationCodeOptions) {\n super(options);\n this.logger = credentialLogger(\"Node.js MSAL Authorization Code\");\n this.redirectUri = options.redirectUri;\n this.authorizationCode = options.authorizationCode;\n if (options.clientSecret) {\n this.msalConfig.auth.clientSecret = options.clientSecret;\n }\n }\n\n async getAuthCodeUrl(options: { scopes: string[]; redirectUri: string }): Promise<string> {\n await this.init();\n return this.confidentialApp!.getAuthCodeUrl(options);\n }\n\n protected async doGetToken(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n try {\n const result = await this.confidentialApp?.acquireTokenByCode({\n scopes,\n redirectUri: this.redirectUri,\n code: this.authorizationCode\n });\n // The Client Credential flow does not return an account,\n // so each time getToken gets called, we will have to acquire a new token through the service.\n return this.handleResult(scopes, this.clientId, result \|\| undefined);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n}\n"]}

package/dist-esm/src/msal/nodeFlows/nodeCommon.js CHANGED Viewed

@@ -6,8 +6,8 @@ import { IdentityClient } from "../../client/identityClient";
 import { resolveTenantId } from "../../util/resolveTenantId";
 import { AuthenticationRequiredError } from "../errors";
 import { defaultLoggerCallback, getAuthority, getKnownAuthorities, MsalBaseUtilities, msalToPublic, publicToMsal } from "../utils";
-import { RegionalAuthority } from "../../regionalAuthority";
 import { processMultiTenantRequest } from "../../util/validateMultiTenant";
+import { RegionalAuthority } from "../../regionalAuthority";
 /**
  * The current persistence provider, undefined by default.
  * @internal

package/dist-esm/src/msal/nodeFlows/nodeCommon.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"nodeCommon.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/nodeCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAM7C,OAAO,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAA0B,MAAM,6BAA6B,CAAC;AACrF,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAG7D,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AAExD,OAAO,EACL,qBAAqB,EACrB,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,YAAY,EACZ,YAAY,EACb,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAC5D,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAiB3E;;;GAGG;AACH,IAAI,mBAAmB,GAEP,SAAS,CAAC;AAE1B;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,cAAc,CAAC,cAA8D;QAC3E,mBAAmB,GAAG,cAAc,CAAC;IACvC,CAAC;CACF,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,OAAgB,QAAS,SAAQ,iBAAiB;IAYtD,YAAY,OAAwB;;QAClC,KAAK,CAAC,OAAO,CAAC,CAAC;QALP,yBAAoB,GAAY,KAAK,CAAC;QAM9C,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACpF,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;QAE9C,qCAAqC;QACrC,IAAI,mBAAmB,KAAK,SAAS,KAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,CAAA,EAAE;YACtF,IAAI,CAAC,iBAAiB,GAAG,GAAG,EAAE,CAAC,mBAAoB,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;SAC3F;aAAM,IAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,EAAE;YACxD,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;SACH;QAED,IAAI,CAAC,WAAW,GAAG,MAAA,OAAO,CAAC,iBAAiB,mCAAI,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;QAC1F,IAAI,IAAI,CAAC,WAAW,KAAK,iBAAiB,CAAC,kBAAkB,EAAE;YAC7D,IAAI,CAAC,WAAW,GAAG,eAAe,CAAC;SACpC;IACH,CAAC;IAED;;OAEG;IACO,qBAAqB,CAAC,OAAwB;QACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,uBAAuB,CAAC;QAC7D,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAErF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;QAC/E,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE7D,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,iCACnC,OAAO,CAAC,sBAAsB,KACjC,aAAa,EAAE,SAAS,IACxB,CAAC;QAEH,IAAI,kBAAkB,GAAa,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE;YAC1C,kBAAkB,GAAG,EAAE,CAAC;SACzB;QAED,OAAO;YACL,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;gBACT,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ,EAAE,SAAS,CAAC;gBAC1D,kBAAkB;aACnB;YACD,sCAAsC;YACtC,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI,CAAC,cAAc;gBAClC,aAAa,EAAE;oBACb,cAAc,EAAE,qBAAqB,CAAC,OAAO,CAAC,MAAM,CAAC;iBACtD;aACF;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuC;QAChD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,EAAE;YACxB,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBACjD,6DAA6D;gBAC7D,mDAAmD;gBACnD,IAAI,CAAC,cAAe,CAAC,aAAa,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YAC5D,CAAC,CAAC,CAAC;SACJ;QAED,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,eAAe,EAAE;YAC1C,OAAO;SACR;QAED,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,EAAE;YACxC,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;gBACtB,WAAW,EAAE,MAAM,IAAI,CAAC,iBAAiB,EAAE;aAC5C,CAAC;SACH;QAED,IAAI,CAAC,SAAS,GAAG,IAAI,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvE,8EAA8E;QAC9E,IACE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY;YACjC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe;YACpC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EACtC;YACA,IAAI,CAAC,eAAe,GAAG,IAAI,QAAQ,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACpF;aAAM;YACL,IAAI,IAAI,CAAC,oBAAoB,EAAE;gBAC7B,MAAM,IAAI,KAAK,CACb,gHAAgH,CACjH,CAAC;aACH;SACF;IACH,CAAC;IAED;;OAEG;IACO,gBAAgB,CACxB,OAAwD,EACxD,WAA6B,EAC7B,QAAqB;QAErB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,OAAO;iBACJ,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;gBAClB,OAAO,OAAO,CAAC,SAAU,CAAC,CAAC;YAC7B,CAAC,CAAC;iBACD,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,WAAW,EAAE;gBACf,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;oBACzC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,EAAI,CAAC;gBACf,CAAC,CAAC,CAAC;aACJ;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;;QACpB,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,OAAO,IAAI,CAAC,OAAO,CAAC;SACrB;QACD,MAAM,KAAK,GAAG,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,aAAa,EAAE,mCAAI,MAAA,IAAI,CAAC,SAAS,0CAAE,aAAa,EAAE,CAAC;QACvF,MAAM,gBAAgB,GAAG,MAAM,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,EAAE,CAAA,CAAC;QAEvD,IAAI,CAAC,gBAAgB,EAAE;YACrB,OAAO;SACR;QAED,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE;YACjC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;SACjE;aAAM;YACL,IAAI,CAAC,MAAM;iBACR,IAAI,CAAC;;;;6KAI+J,CAAC,CAAC;YACzK,OAAO;SACR;QAED,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAClB,MAAgB,EAChB,OAAuC;;QAEvC,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,MAAM,IAAI,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACxD;QAED,MAAM,aAAa,GAA+B;YAChD,kFAAkF;YAClF,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YACnC,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;YACrC,MAAM;YACN,SAAS,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS;SAC9B,CAAC;QAEF,IAAI;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD,MAAM,QAAQ,GACZ,MAAA,CAAC,MAAM,CAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,CAAC,aAAa,CAAC,CAAA,CAAC,mCAC/D,CAAC,MAAM,IAAI,CAAC,SAAU,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,SAAS,CAAC,CAAC;SACxE;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;SAC9C;IACH,CAAC;IAOD;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAgB,EAChB,UAAyC,EAAE;QAE3C,MAAM,QAAQ,GAAG,yBAAyB,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC;QAEpF,OAAO,CAAC,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE/D,OAAO,CAAC,aAAa,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,KAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QACtE,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzB,IAAI;YACF,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACnD;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE;gBAC9C,MAAM,GAAG,CAAC;aACX;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE;gBAC3C,MAAM,IAAI,2BAA2B,CACnC,MAAM,EACN,OAAO,EACP,uFAAuF,CACxF,CAAC;aACH;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;YACtF,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACzC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalNode from \"@azure/msal-node\";\nimport * as msalCommon from \"@azure/msal-common\";\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { AbortSignalLike } from \"@azure/abort-controller\";\n\nimport { DeveloperSignOnClientId } from \"../../constants\";\nimport { IdentityClient, TokenCredentialOptions } from \"../../client/identityClient\";\nimport { resolveTenantId } from \"../../util/resolveTenantId\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { MsalFlow, MsalFlowOptions } from \"../flows\";\nimport { AuthenticationRequiredError } from \"../errors\";\nimport { AuthenticationRecord } from \"../types\";\nimport {\n defaultLoggerCallback,\n getAuthority,\n getKnownAuthorities,\n MsalBaseUtilities,\n msalToPublic,\n publicToMsal\n} from \"../utils\";\nimport { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions\";\nimport { RegionalAuthority } from \"../../regionalAuthority\";\nimport { processMultiTenantRequest } from \"../../util/validateMultiTenant\";\n\n/*\n Union of the constructor parameters that all MSAL flow types for Node.\n * @internal\n /\nexport interface MsalNodeOptions extends MsalFlowOptions {\n tokenCachePersistenceOptions?: TokenCachePersistenceOptions;\n tokenCredentialOptions: TokenCredentialOptions;\n /\n Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n * If the property is not specified, uses a non-regional authority endpoint.\n /\n regionalAuthority?: string;\n}\n\n/\n The current persistence provider, undefined by default.\n * @internal\n /\nlet persistenceProvider:\n \| ((options?: TokenCachePersistenceOptions) => Promise<msalCommon.ICachePlugin>)\n \| undefined = undefined;\n\n/\n An object that allows setting the persistence provider.\n * @internal\n /\nexport const msalNodeFlowCacheControl = {\n setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void {\n persistenceProvider = pluginProvider;\n }\n};\n\n/\n MSAL partial base client for Node.js.\n \n It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n \n @internal\n /\nexport abstract class MsalNode extends MsalBaseUtilities implements MsalFlow {\n protected publicApp: msalNode.PublicClientApplication \| undefined;\n protected confidentialApp: msalNode.ConfidentialClientApplication \| undefined;\n protected msalConfig: msalNode.Configuration;\n protected clientId: string;\n protected tenantId: string;\n protected authorityHost?: string;\n protected identityClient?: IdentityClient;\n protected requiresConfidential: boolean = false;\n protected azureRegion?: string;\n protected createCachePlugin: (() => Promise<msalCommon.ICachePlugin>) \| undefined;\n\n constructor(options: MsalNodeOptions) {\n super(options);\n this.msalConfig = this.defaultNodeMsalConfig(options);\n this.tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n this.clientId = this.msalConfig.auth.clientId;\n\n // If persistence has been configured\n if (persistenceProvider !== undefined && options.tokenCachePersistenceOptions?.enabled) {\n this.createCachePlugin = () => persistenceProvider!(options.tokenCachePersistenceOptions);\n } else if (options.tokenCachePersistenceOptions?.enabled) {\n throw new Error(\n [\n \"Persistent token caching was requested, but no persistence provider was configured.\",\n \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\"\n ].join(\" \")\n );\n }\n\n this.azureRegion = options.regionalAuthority ?? process.env.AZURE_REGIONAL_AUTHORITY_NAME;\n if (this.azureRegion === RegionalAuthority.AutoDiscoverRegion) {\n this.azureRegion = \"AUTO_DISCOVER\";\n }\n }\n\n /\n Generates a MSAL configuration that generally works for Node.js\n /\n protected defaultNodeMsalConfig(options: MsalNodeOptions): msalNode.Configuration {\n const clientId = options.clientId \|\| DeveloperSignOnClientId;\n const tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n\n this.authorityHost = options.authorityHost \|\| process.env.AZURE_AUTHORITY_HOST;\n const authority = getAuthority(tenantId, this.authorityHost);\n\n this.identityClient = new IdentityClient({\n ...options.tokenCredentialOptions,\n authorityHost: authority\n });\n\n let clientCapabilities: string[] = [\"CP1\"];\n if (process.env.AZURE_IDENTITY_DISABLE_CP1) {\n clientCapabilities = [];\n }\n\n return {\n auth: {\n clientId,\n authority,\n knownAuthorities: getKnownAuthorities(tenantId, authority),\n clientCapabilities\n },\n // Cache is defined in this.prepare();\n system: {\n networkClient: this.identityClient,\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(options.logger)\n }\n }\n };\n }\n\n /\n Prepares the MSAL applications.\n /\n async init(options?: CredentialFlowGetTokenOptions): Promise<void> {\n if (options?.abortSignal) {\n options.abortSignal.addEventListener(\"abort\", () => {\n // This will abort any pending request in the IdentityClient,\n // based on the received or generated correlationId\n this.identityClient!.abortRequests(options.correlationId);\n });\n }\n\n if (this.publicApp \|\| this.confidentialApp) {\n return;\n }\n\n if (this.createCachePlugin !== undefined) {\n this.msalConfig.cache = {\n cachePlugin: await this.createCachePlugin()\n };\n }\n\n this.publicApp = new msalNode.PublicClientApplication(this.msalConfig);\n // The confidential client requires either a secret, assertion or certificate.\n if (\n this.msalConfig.auth.clientSecret \|\|\n this.msalConfig.auth.clientAssertion \|\|\n this.msalConfig.auth.clientCertificate\n ) {\n this.confidentialApp = new msalNode.ConfidentialClientApplication(this.msalConfig);\n } else {\n if (this.requiresConfidential) {\n throw new Error(\n \"Unable to generate the MSAL confidential client. Missing either the client's secret, certificate or assertion.\"\n );\n }\n }\n }\n\n /\n Allows the cancellation of a MSAL request.\n /\n protected withCancellation(\n promise: Promise<msalCommon.AuthenticationResult \| null>,\n abortSignal?: AbortSignalLike,\n onCancel?: () => void\n ): Promise<msalCommon.AuthenticationResult \| null> {\n return new Promise((resolve, reject) => {\n promise\n .then((msalToken) => {\n return resolve(msalToken!);\n })\n .catch(reject);\n if (abortSignal) {\n abortSignal.addEventListener(\"abort\", () => {\n onCancel?.();\n });\n }\n });\n }\n\n /\n Returns the existing account, attempts to load the account from MSAL.\n /\n async getActiveAccount(): Promise<AuthenticationRecord \| undefined> {\n if (this.account) {\n return this.account;\n }\n const cache = this.confidentialApp?.getTokenCache() ?? this.publicApp?.getTokenCache();\n const accountsByTenant = await cache?.getAllAccounts();\n\n if (!accountsByTenant) {\n return;\n }\n\n if (accountsByTenant.length === 1) {\n this.account = msalToPublic(this.clientId, accountsByTenant[0]);\n } else {\n this.logger\n .info(`More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing a credential to prevent this from happening.`);\n return;\n }\n\n return this.account;\n }\n\n /\n Attempts to retrieve a token from cache.\n /\n async getTokenSilent(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n await this.getActiveAccount();\n if (!this.account) {\n throw new AuthenticationRequiredError(scopes, options);\n }\n\n const silentRequest: msalNode.SilentFlowRequest = {\n // To be able to re-use the account, the Token Cache must also have been provided.\n account: publicToMsal(this.account),\n correlationId: options?.correlationId,\n scopes,\n authority: options?.authority\n };\n\n try {\n this.logger.info(\"Attempting to acquire token silently\");\n const response =\n (await this.confidentialApp?.acquireTokenSilent(silentRequest)) ??\n (await this.publicApp!.acquireTokenSilent(silentRequest));\n return this.handleResult(scopes, this.clientId, response \|\| undefined);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n\n /\n Attempts to retrieve an authenticated token from MSAL.\n /\n protected abstract doGetToken(scopes: string[], options?: GetTokenOptions): Promise<AccessToken>;\n\n /\n Wrapper around each MSAL flow get token operation: doGetToken.\n * If disableAutomaticAuthentication is sent through the constructor, it will prevent MSAL from requesting the user input.\n */\n public async getToken(\n scopes: string[],\n options: CredentialFlowGetTokenOptions = {}\n ): Promise<AccessToken> {\n const tenantId = processMultiTenantRequest(this.tenantId, options) \|\| this.tenantId;\n\n options.authority = getAuthority(tenantId, this.authorityHost);\n\n options.correlationId = options?.correlationId \|\| this.generateUuid();\n await this.init(options);\n\n try {\n return await this.getTokenSilent(scopes, options);\n } catch (err) {\n if (err.name !== \"AuthenticationRequiredError\") {\n throw err;\n }\n if (options?.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError(\n scopes,\n options,\n \"Automatic authentication has been disabled. You may call the authentication() method.\"\n );\n }\n this.logger.info(`Silent authentication failed, falling back to interactive method.`);\n return this.doGetToken(scopes, options);\n }\n }\n}\n"]}
1	+ {"version":3,"file":"nodeCommon.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/nodeCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAM7C,OAAO,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAA0B,MAAM,6BAA6B,CAAC;AACrF,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAG7D,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AAExD,OAAO,EACL,qBAAqB,EACrB,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,YAAY,EACZ,YAAY,EACb,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAiB5D;;;GAGG;AACH,IAAI,mBAAmB,GAEP,SAAS,CAAC;AAE1B;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,cAAc,CAAC,cAA8D;QAC3E,mBAAmB,GAAG,cAAc,CAAC;IACvC,CAAC;CACF,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,OAAgB,QAAS,SAAQ,iBAAiB;IAYtD,YAAY,OAAwB;;QAClC,KAAK,CAAC,OAAO,CAAC,CAAC;QALP,yBAAoB,GAAY,KAAK,CAAC;QAM9C,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACpF,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;QAE9C,qCAAqC;QACrC,IAAI,mBAAmB,KAAK,SAAS,KAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,CAAA,EAAE;YACtF,IAAI,CAAC,iBAAiB,GAAG,GAAG,EAAE,CAAC,mBAAoB,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;SAC3F;aAAM,IAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,EAAE;YACxD,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;SACH;QAED,IAAI,CAAC,WAAW,GAAG,MAAA,OAAO,CAAC,iBAAiB,mCAAI,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;QAC1F,IAAI,IAAI,CAAC,WAAW,KAAK,iBAAiB,CAAC,kBAAkB,EAAE;YAC7D,IAAI,CAAC,WAAW,GAAG,eAAe,CAAC;SACpC;IACH,CAAC;IAED;;OAEG;IACO,qBAAqB,CAAC,OAAwB;QACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,uBAAuB,CAAC;QAC7D,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAErF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;QAC/E,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE7D,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,iCACnC,OAAO,CAAC,sBAAsB,KACjC,aAAa,EAAE,SAAS,IACxB,CAAC;QAEH,IAAI,kBAAkB,GAAa,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE;YAC1C,kBAAkB,GAAG,EAAE,CAAC;SACzB;QAED,OAAO;YACL,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;gBACT,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ,EAAE,SAAS,CAAC;gBAC1D,kBAAkB;aACnB;YACD,sCAAsC;YACtC,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI,CAAC,cAAc;gBAClC,aAAa,EAAE;oBACb,cAAc,EAAE,qBAAqB,CAAC,OAAO,CAAC,MAAM,CAAC;iBACtD;aACF;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuC;QAChD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,EAAE;YACxB,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBACjD,6DAA6D;gBAC7D,mDAAmD;gBACnD,IAAI,CAAC,cAAe,CAAC,aAAa,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YAC5D,CAAC,CAAC,CAAC;SACJ;QAED,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,eAAe,EAAE;YAC1C,OAAO;SACR;QAED,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,EAAE;YACxC,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;gBACtB,WAAW,EAAE,MAAM,IAAI,CAAC,iBAAiB,EAAE;aAC5C,CAAC;SACH;QAED,IAAI,CAAC,SAAS,GAAG,IAAI,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvE,8EAA8E;QAC9E,IACE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY;YACjC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe;YACpC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EACtC;YACA,IAAI,CAAC,eAAe,GAAG,IAAI,QAAQ,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;SACpF;aAAM;YACL,IAAI,IAAI,CAAC,oBAAoB,EAAE;gBAC7B,MAAM,IAAI,KAAK,CACb,gHAAgH,CACjH,CAAC;aACH;SACF;IACH,CAAC;IAED;;OAEG;IACO,gBAAgB,CACxB,OAAwD,EACxD,WAA6B,EAC7B,QAAqB;QAErB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,OAAO;iBACJ,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;gBAClB,OAAO,OAAO,CAAC,SAAU,CAAC,CAAC;YAC7B,CAAC,CAAC;iBACD,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,WAAW,EAAE;gBACf,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;oBACzC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,EAAI,CAAC;gBACf,CAAC,CAAC,CAAC;aACJ;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB;;QACpB,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,OAAO,IAAI,CAAC,OAAO,CAAC;SACrB;QACD,MAAM,KAAK,GAAG,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,aAAa,EAAE,mCAAI,MAAA,IAAI,CAAC,SAAS,0CAAE,aAAa,EAAE,CAAC;QACvF,MAAM,gBAAgB,GAAG,MAAM,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,EAAE,CAAA,CAAC;QAEvD,IAAI,CAAC,gBAAgB,EAAE;YACrB,OAAO;SACR;QAED,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE;YACjC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;SACjE;aAAM;YACL,IAAI,CAAC,MAAM;iBACR,IAAI,CAAC;;;;6KAI+J,CAAC,CAAC;YACzK,OAAO;SACR;QAED,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAClB,MAAgB,EAChB,OAAuC;;QAEvC,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,MAAM,IAAI,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACxD;QAED,MAAM,aAAa,GAA+B;YAChD,kFAAkF;YAClF,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YACnC,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;YACrC,MAAM;YACN,SAAS,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS;SAC9B,CAAC;QAEF,IAAI;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD,MAAM,QAAQ,GACZ,MAAA,CAAC,MAAM,CAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,CAAC,aAAa,CAAC,CAAA,CAAC,mCAC/D,CAAC,MAAM,IAAI,CAAC,SAAU,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,SAAS,CAAC,CAAC;SACxE;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;SAC9C;IACH,CAAC;IAOD;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAgB,EAChB,UAAyC,EAAE;QAE3C,MAAM,QAAQ,GAAG,yBAAyB,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC;QAEpF,OAAO,CAAC,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE/D,OAAO,CAAC,aAAa,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,KAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QACtE,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzB,IAAI;YACF,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACnD;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE;gBAC9C,MAAM,GAAG,CAAC;aACX;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE;gBAC3C,MAAM,IAAI,2BAA2B,CACnC,MAAM,EACN,OAAO,EACP,uFAAuF,CACxF,CAAC;aACH;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;YACtF,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACzC;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalNode from \"@azure/msal-node\";\nimport * as msalCommon from \"@azure/msal-common\";\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { AbortSignalLike } from \"@azure/abort-controller\";\n\nimport { DeveloperSignOnClientId } from \"../../constants\";\nimport { IdentityClient, TokenCredentialOptions } from \"../../client/identityClient\";\nimport { resolveTenantId } from \"../../util/resolveTenantId\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { MsalFlow, MsalFlowOptions } from \"../flows\";\nimport { AuthenticationRequiredError } from \"../errors\";\nimport { AuthenticationRecord } from \"../types\";\nimport {\n defaultLoggerCallback,\n getAuthority,\n getKnownAuthorities,\n MsalBaseUtilities,\n msalToPublic,\n publicToMsal\n} from \"../utils\";\nimport { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions\";\nimport { processMultiTenantRequest } from \"../../util/validateMultiTenant\";\nimport { RegionalAuthority } from \"../../regionalAuthority\";\n\n/*\n Union of the constructor parameters that all MSAL flow types for Node.\n * @internal\n /\nexport interface MsalNodeOptions extends MsalFlowOptions {\n tokenCachePersistenceOptions?: TokenCachePersistenceOptions;\n tokenCredentialOptions: TokenCredentialOptions;\n /\n Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n * If the property is not specified, uses a non-regional authority endpoint.\n /\n regionalAuthority?: string;\n}\n\n/\n The current persistence provider, undefined by default.\n * @internal\n /\nlet persistenceProvider:\n \| ((options?: TokenCachePersistenceOptions) => Promise<msalCommon.ICachePlugin>)\n \| undefined = undefined;\n\n/\n An object that allows setting the persistence provider.\n * @internal\n /\nexport const msalNodeFlowCacheControl = {\n setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void {\n persistenceProvider = pluginProvider;\n }\n};\n\n/\n MSAL partial base client for Node.js.\n \n It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n \n @internal\n /\nexport abstract class MsalNode extends MsalBaseUtilities implements MsalFlow {\n protected publicApp: msalNode.PublicClientApplication \| undefined;\n protected confidentialApp: msalNode.ConfidentialClientApplication \| undefined;\n protected msalConfig: msalNode.Configuration;\n protected clientId: string;\n protected tenantId: string;\n protected authorityHost?: string;\n protected identityClient?: IdentityClient;\n protected requiresConfidential: boolean = false;\n protected azureRegion?: string;\n protected createCachePlugin: (() => Promise<msalCommon.ICachePlugin>) \| undefined;\n\n constructor(options: MsalNodeOptions) {\n super(options);\n this.msalConfig = this.defaultNodeMsalConfig(options);\n this.tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n this.clientId = this.msalConfig.auth.clientId;\n\n // If persistence has been configured\n if (persistenceProvider !== undefined && options.tokenCachePersistenceOptions?.enabled) {\n this.createCachePlugin = () => persistenceProvider!(options.tokenCachePersistenceOptions);\n } else if (options.tokenCachePersistenceOptions?.enabled) {\n throw new Error(\n [\n \"Persistent token caching was requested, but no persistence provider was configured.\",\n \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\"\n ].join(\" \")\n );\n }\n\n this.azureRegion = options.regionalAuthority ?? process.env.AZURE_REGIONAL_AUTHORITY_NAME;\n if (this.azureRegion === RegionalAuthority.AutoDiscoverRegion) {\n this.azureRegion = \"AUTO_DISCOVER\";\n }\n }\n\n /\n Generates a MSAL configuration that generally works for Node.js\n /\n protected defaultNodeMsalConfig(options: MsalNodeOptions): msalNode.Configuration {\n const clientId = options.clientId \|\| DeveloperSignOnClientId;\n const tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n\n this.authorityHost = options.authorityHost \|\| process.env.AZURE_AUTHORITY_HOST;\n const authority = getAuthority(tenantId, this.authorityHost);\n\n this.identityClient = new IdentityClient({\n ...options.tokenCredentialOptions,\n authorityHost: authority\n });\n\n let clientCapabilities: string[] = [\"CP1\"];\n if (process.env.AZURE_IDENTITY_DISABLE_CP1) {\n clientCapabilities = [];\n }\n\n return {\n auth: {\n clientId,\n authority,\n knownAuthorities: getKnownAuthorities(tenantId, authority),\n clientCapabilities\n },\n // Cache is defined in this.prepare();\n system: {\n networkClient: this.identityClient,\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(options.logger)\n }\n }\n };\n }\n\n /\n Prepares the MSAL applications.\n /\n async init(options?: CredentialFlowGetTokenOptions): Promise<void> {\n if (options?.abortSignal) {\n options.abortSignal.addEventListener(\"abort\", () => {\n // This will abort any pending request in the IdentityClient,\n // based on the received or generated correlationId\n this.identityClient!.abortRequests(options.correlationId);\n });\n }\n\n if (this.publicApp \|\| this.confidentialApp) {\n return;\n }\n\n if (this.createCachePlugin !== undefined) {\n this.msalConfig.cache = {\n cachePlugin: await this.createCachePlugin()\n };\n }\n\n this.publicApp = new msalNode.PublicClientApplication(this.msalConfig);\n // The confidential client requires either a secret, assertion or certificate.\n if (\n this.msalConfig.auth.clientSecret \|\|\n this.msalConfig.auth.clientAssertion \|\|\n this.msalConfig.auth.clientCertificate\n ) {\n this.confidentialApp = new msalNode.ConfidentialClientApplication(this.msalConfig);\n } else {\n if (this.requiresConfidential) {\n throw new Error(\n \"Unable to generate the MSAL confidential client. Missing either the client's secret, certificate or assertion.\"\n );\n }\n }\n }\n\n /\n Allows the cancellation of a MSAL request.\n /\n protected withCancellation(\n promise: Promise<msalCommon.AuthenticationResult \| null>,\n abortSignal?: AbortSignalLike,\n onCancel?: () => void\n ): Promise<msalCommon.AuthenticationResult \| null> {\n return new Promise((resolve, reject) => {\n promise\n .then((msalToken) => {\n return resolve(msalToken!);\n })\n .catch(reject);\n if (abortSignal) {\n abortSignal.addEventListener(\"abort\", () => {\n onCancel?.();\n });\n }\n });\n }\n\n /\n Returns the existing account, attempts to load the account from MSAL.\n /\n async getActiveAccount(): Promise<AuthenticationRecord \| undefined> {\n if (this.account) {\n return this.account;\n }\n const cache = this.confidentialApp?.getTokenCache() ?? this.publicApp?.getTokenCache();\n const accountsByTenant = await cache?.getAllAccounts();\n\n if (!accountsByTenant) {\n return;\n }\n\n if (accountsByTenant.length === 1) {\n this.account = msalToPublic(this.clientId, accountsByTenant[0]);\n } else {\n this.logger\n .info(`More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing a credential to prevent this from happening.`);\n return;\n }\n\n return this.account;\n }\n\n /\n Attempts to retrieve a token from cache.\n /\n async getTokenSilent(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n await this.getActiveAccount();\n if (!this.account) {\n throw new AuthenticationRequiredError(scopes, options);\n }\n\n const silentRequest: msalNode.SilentFlowRequest = {\n // To be able to re-use the account, the Token Cache must also have been provided.\n account: publicToMsal(this.account),\n correlationId: options?.correlationId,\n scopes,\n authority: options?.authority\n };\n\n try {\n this.logger.info(\"Attempting to acquire token silently\");\n const response =\n (await this.confidentialApp?.acquireTokenSilent(silentRequest)) ??\n (await this.publicApp!.acquireTokenSilent(silentRequest));\n return this.handleResult(scopes, this.clientId, response \|\| undefined);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n\n /\n Attempts to retrieve an authenticated token from MSAL.\n /\n protected abstract doGetToken(scopes: string[], options?: GetTokenOptions): Promise<AccessToken>;\n\n /\n Wrapper around each MSAL flow get token operation: doGetToken.\n * If disableAutomaticAuthentication is sent through the constructor, it will prevent MSAL from requesting the user input.\n */\n public async getToken(\n scopes: string[],\n options: CredentialFlowGetTokenOptions = {}\n ): Promise<AccessToken> {\n const tenantId = processMultiTenantRequest(this.tenantId, options) \|\| this.tenantId;\n\n options.authority = getAuthority(tenantId, this.authorityHost);\n\n options.correlationId = options?.correlationId \|\| this.generateUuid();\n await this.init(options);\n\n try {\n return await this.getTokenSilent(scopes, options);\n } catch (err) {\n if (err.name !== \"AuthenticationRequiredError\") {\n throw err;\n }\n if (options?.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError(\n scopes,\n options,\n \"Automatic authentication has been disabled. You may call the authentication() method.\"\n );\n }\n this.logger.info(`Silent authentication failed, falling back to interactive method.`);\n return this.doGetToken(scopes, options);\n }\n }\n}\n"]}

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@azure/identity",
   "sdk-type": "client",
-  "version": "2.0.0-alpha.20210930.2",
+  "version": "2.0.0-alpha.20211007.2",
   "description": "Provides credential implementations for Azure SDK libraries that can authenticate with Azure Active Directory",
   "main": "dist/index.js",
   "module": "dist-esm/src/index.js",

package/types/identity.d.ts CHANGED Viewed

@@ -26,20 +26,22 @@ export declare const AggregateAuthenticationErrorName = "AggregateAuthentication
 /**
  * Provides a default {@link ChainedTokenCredential} configuration that should
- * work for most applications that use the Azure SDK.  The following credential
- * types will be tried, in order:
- *
- * - {@link EnvironmentCredential}
- * - {@link ManagedIdentityCredential}
- *
- * Consult the documentation of these credential types for more information
- * on how they attempt authentication.
+ * work for most applications that use the Azure SDK.
  */
 export declare class ApplicationCredential extends ChainedTokenCredential {
     /**
      * Creates an instance of the ApplicationCredential class.
      *
+     * The ApplicationCredential provides a default {@link ChainedTokenCredential} configuration that should
+     * work for most applications that use the Azure SDK.  The following credential
+     * types will be tried, in order:
+     *
+     * - {@link EnvironmentCredential}
+     * - {@link ManagedIdentityCredential}
+     *
+     * Consult the documentation of these credential types for more information
+     * on how they attempt authentication.
+     *
      * @param options - Optional parameters. See {@link ApplicationCredentialOptions}.
      */
     constructor(options?: ApplicationCredentialOptions);
@@ -222,14 +224,15 @@ export declare enum AzureAuthorityHosts {
  * via the Azure CLI ('az') commandline tool.
  * To do so, it will read the user access token and expire time
  * with Azure CLI command "az account get-access-token".
- * To be able to use this credential, ensure that you have already logged
- * in via the 'az' tool using the command "az login" from the commandline.
  */
 export declare class AzureCliCredential implements TokenCredential {
     private tenantId?;
     /**
      * Creates an instance of the {@link AzureCliCredential}.
      *
+     * To use this credential, ensure that you have already logged
+     * in via the 'az' tool using the command "az login" from the commandline.
+     *
      * @param options - Options, to optionally allow multi-tenant requests.
      */
     constructor(options?: AzureCliCredentialOptions);
@@ -258,18 +261,18 @@ export declare interface AzureCliCredentialOptions extends TokenCredentialOption
  * This credential will use the currently logged-in user information from the
  * Azure PowerShell module. To do so, it will read the user access token and
  * expire time with Azure PowerShell command `Get-AzAccessToken -ResourceUrl {ResourceScope}`
- *
- * To be able to use this credential:
- * - Install the Azure Az PowerShell module with:
- *   `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.
- * - You have already logged in to Azure PowerShell using the command
- * `Connect-AzAccount` from the command line.
  */
 export declare class AzurePowerShellCredential implements TokenCredential {
     private tenantId?;
     /**
      * Creates an instance of the {@link AzurePowershellCredential}.
      *
+     * To use this credential:
+     * - Install the Azure Az PowerShell module with:
+     *   `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.
+     * - You have already logged in to Azure PowerShell using the command
+     * `Connect-AzAccount` from the command line.
+     *
      * @param options - Options, to optionally allow multi-tenant requests.
      */
     constructor(options?: AzurePowerShellCredentialOptions);
@@ -388,12 +391,6 @@ export declare interface ClientCertificateCredentialOptions extends TokenCredent
      * Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim
      */
     sendCertificateChain?: boolean;
-    /**
-     * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.
-     * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.
-     * If the property is not specified, the credential uses the global authority endpoint.
-     */
-    regionalAuthority?: string;
 }
 /**
@@ -432,12 +429,6 @@ export declare class ClientSecretCredential implements TokenCredential {
  * Optional parameters for the {@link ClientSecretCredential} class.
  */
 export declare interface ClientSecretCredentialOptions extends TokenCredentialOptions, CredentialPersistenceOptions {
-    /**
-     * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.
-     * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.
-     * If the property is not specified, the credential uses the global authority endpoint.
-     */
-    regionalAuthority?: string;
 }
 /**
@@ -493,22 +484,26 @@ export declare const CredentialUnavailableErrorName = "CredentialUnavailableErro
 /**
  * Provides a default {@link ChainedTokenCredential} configuration that should
- * work for most applications that use the Azure SDK.  The following credential
- * types will be tried, in order:
- *
- * - {@link EnvironmentCredential}
- * - {@link ManagedIdentityCredential}
- * - {@link VisualStudioCodeCredential}
- * - {@link AzureCliCredential}
- * - {@link AzurePowerShellCredential}
- *
- * Consult the documentation of these credential types for more information
- * on how they attempt authentication.
+ * work for most applications that use the Azure SDK.
  */
 export declare class DefaultAzureCredential extends ChainedTokenCredential {
     /**
      * Creates an instance of the DefaultAzureCredential class.
      *
+     * This credential provides a default {@link ChainedTokenCredential} configuration that should
+     * work for most applications that use the Azure SDK.
+     *
+     * The following credential types will be tried, in order:
+     *
+     * - {@link EnvironmentCredential}
+     * - {@link ManagedIdentityCredential}
+     * - {@link VisualStudioCodeCredential}
+     * - {@link AzureCliCredential}
+     * - {@link AzurePowerShellCredential}
+     *
+     * Consult the documentation of these credential types for more information
+     * on how they attempt authentication.
+     *
      * **Note**: `VisualStudioCodeCredential` is provided by a plugin package:
      * `@azure/identity-vscode`. If this package is not installed and registered
      * using the plugin API (`useIdentityPlugin`), then authentication using
@@ -567,6 +562,20 @@ export declare class DeviceCodeCredential implements TokenCredential {
      * Creates an instance of DeviceCodeCredential with the details needed
      * to initiate the device code authorization flow with Azure Active Directory.
      *
+     * A message will be logged, giving users a code that they can use to authenticate once they go to https://microsoft.com/devicelogin
+     *
+     * Developers can configure how this message is shown by passing a custom `userPromptCallback`:
+     *
+     * ```js
+     * const credential = new DeviceCodeCredential({
+     *   tenantId: env.AZURE_TENANT_ID,
+     *   clientId: env.AZURE_CLIENT_ID,
+     *   userPromptCallback: (info) => {
+     *     console.log("CUSTOMIZED PROMPT CALLBACK", info.message);
+     *   }
+     * });
+     * ```
+     *
      * @param options - Options for configuring the client which makes the authentication requests.
      */
     constructor(options?: DeviceCodeCredentialOptions);
@@ -647,23 +656,7 @@ export declare type DeviceCodePromptCallback = (deviceCodeInfo: DeviceCodeInfo)
 /**
  * Enables authentication to Azure Active Directory using client secret
- * details configured in the following environment variables:
- *
- * Required environment variables:
- * - `AZURE_TENANT_ID`: The Azure Active Directory tenant (directory) ID.
- * - `AZURE_CLIENT_ID`: The client (application) ID of an App Registration in the tenant.
- *
- * Environment variables used for client credential authentication:
- * - `AZURE_CLIENT_SECRET`: A client secret that was generated for the App Registration.
- * - `AZURE_CLIENT_CERTIFICATE_PATH`: The path to a PEM certificate to use during the authentication, instead of the client secret.
- *
- * Alternatively, users can provide environment variables for username and password authentication:
- * - `AZURE_USERNAME`: Username to authenticate with.
- * - `AZURE_PASSWORD`: Password to authenticate with.
- *
- * This credential ultimately uses a {@link ClientSecretCredential} to
- * perform the authentication using these details.  Please consult the
- * documentation of that class for more details.
+ * details configured in environment variables
  */
 export declare class EnvironmentCredential implements TokenCredential {
     private _credential?;
@@ -755,13 +748,6 @@ export declare type IdentityPlugin = (context: unknown) => void;
 /**
  * Enables authentication to Azure Active Directory inside of the web browser
  * using the interactive login flow.
- *
- * This credential uses the [Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow).
- * On Node.js, it will open a browser window while it listens for a redirect response from the authentication service.
- * On browsers, it authenticates via popups. The `loginStyle` optional parameter can be set to `redirect` to authenticate by redirecting the user to an Azure secure login page, which then will redirect the user back to the web application where the authentication started.
- *
- * For Node.js, if a `clientId` is provided, the Azure Active Directory application will need to be configured to have a "Mobile and desktop applications" redirect endpoint.
- * Follow our guide on [setting up Redirect URIs for Desktop apps that calls to web APIs](https://docs.microsoft.com/azure/active-directory/develop/scenario-desktop-app-registration#redirect-uris).
  */
 export declare class InteractiveBrowserCredential implements TokenCredential {
     private msalFlow;
@@ -769,6 +755,13 @@ export declare class InteractiveBrowserCredential implements TokenCredential {
     /**
      * Creates an instance of InteractiveBrowserCredential with the details needed.
      *
+     * This credential uses the [Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow).
+     * On Node.js, it will open a browser window while it listens for a redirect response from the authentication service.
+     * On browsers, it authenticates via popups. The `loginStyle` optional parameter can be set to `redirect` to authenticate by redirecting the user to an Azure secure login page, which then will redirect the user back to the web application where the authentication started.
+     *
+     * For Node.js, if a `clientId` is provided, the Azure Active Directory application will need to be configured to have a "Mobile and desktop applications" redirect endpoint.
+     * Follow our guide on [setting up Redirect URIs for Desktop apps that calls to web APIs](https://docs.microsoft.com/azure/active-directory/develop/scenario-desktop-app-registration#redirect-uris).
+     *
      * @param options - Options for configuring the client which makes the authentication requests.
      */
     constructor(options?: InteractiveBrowserCredentialOptions | InteractiveBrowserCredentialBrowserOptions);
@@ -1021,118 +1014,6 @@ export declare interface OnBehalfOfCredentialSecretConfiguration {
     userAssertionToken: string;
 }
-/**
- * Helps specify a regional authority, or "AutoDiscoverRegion" to auto-detect the region.
- */
-export declare enum RegionalAuthority {
-    /** Instructs MSAL to attempt to discover the region */
-    AutoDiscoverRegion = "AutoDiscoverRegion",
-    /** Uses the {@link RegionalAuthority} for the Azure 'westus' region. */
-    USWest = "westus",
-    /** Uses the {@link RegionalAuthority} for the Azure 'westus2' region. */
-    USWest2 = "westus2",
-    /** Uses the {@link RegionalAuthority} for the Azure 'centralus' region. */
-    USCentral = "centralus",
-    /** Uses the {@link RegionalAuthority} for the Azure 'eastus' region. */
-    USEast = "eastus",
-    /** Uses the {@link RegionalAuthority} for the Azure 'eastus2' region. */
-    USEast2 = "eastus2",
-    /** Uses the {@link RegionalAuthority} for the Azure 'northcentralus' region. */
-    USNorthCentral = "northcentralus",
-    /** Uses the {@link RegionalAuthority} for the Azure 'southcentralus' region. */
-    USSouthCentral = "southcentralus",
-    /** Uses the {@link RegionalAuthority} for the Azure 'westcentralus' region. */
-    USWestCentral = "westcentralus",
-    /** Uses the {@link RegionalAuthority} for the Azure 'canadacentral' region. */
-    CanadaCentral = "canadacentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'canadaeast' region. */
-    CanadaEast = "canadaeast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'brazilsouth' region. */
-    BrazilSouth = "brazilsouth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'northeurope' region. */
-    EuropeNorth = "northeurope",
-    /** Uses the {@link RegionalAuthority} for the Azure 'westeurope' region. */
-    EuropeWest = "westeurope",
-    /** Uses the {@link RegionalAuthority} for the Azure 'uksouth' region. */
-    UKSouth = "uksouth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'ukwest' region. */
-    UKWest = "ukwest",
-    /** Uses the {@link RegionalAuthority} for the Azure 'francecentral' region. */
-    FranceCentral = "francecentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'francesouth' region. */
-    FranceSouth = "francesouth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandnorth' region. */
-    SwitzerlandNorth = "switzerlandnorth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandwest' region. */
-    SwitzerlandWest = "switzerlandwest",
-    /** Uses the {@link RegionalAuthority} for the Azure 'germanynorth' region. */
-    GermanyNorth = "germanynorth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'germanywestcentral' region. */
-    GermanyWestCentral = "germanywestcentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'norwaywest' region. */
-    NorwayWest = "norwaywest",
-    /** Uses the {@link RegionalAuthority} for the Azure 'norwayeast' region. */
-    NorwayEast = "norwayeast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'eastasia' region. */
-    AsiaEast = "eastasia",
-    /** Uses the {@link RegionalAuthority} for the Azure 'southeastasia' region. */
-    AsiaSouthEast = "southeastasia",
-    /** Uses the {@link RegionalAuthority} for the Azure 'japaneast' region. */
-    JapanEast = "japaneast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'japanwest' region. */
-    JapanWest = "japanwest",
-    /** Uses the {@link RegionalAuthority} for the Azure 'australiaeast' region. */
-    AustraliaEast = "australiaeast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'australiasoutheast' region. */
-    AustraliaSouthEast = "australiasoutheast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral' region. */
-    AustraliaCentral = "australiacentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral2' region. */
-    AustraliaCentral2 = "australiacentral2",
-    /** Uses the {@link RegionalAuthority} for the Azure 'centralindia' region. */
-    IndiaCentral = "centralindia",
-    /** Uses the {@link RegionalAuthority} for the Azure 'southindia' region. */
-    IndiaSouth = "southindia",
-    /** Uses the {@link RegionalAuthority} for the Azure 'westindia' region. */
-    IndiaWest = "westindia",
-    /** Uses the {@link RegionalAuthority} for the Azure 'koreasouth' region. */
-    KoreaSouth = "koreasouth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'koreacentral' region. */
-    KoreaCentral = "koreacentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'uaecentral' region. */
-    UAECentral = "uaecentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'uaenorth' region. */
-    UAENorth = "uaenorth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'southafricanorth' region. */
-    SouthAfricaNorth = "southafricanorth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'southafricawest' region. */
-    SouthAfricaWest = "southafricawest",
-    /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth' region. */
-    ChinaNorth = "chinanorth",
-    /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast' region. */
-    ChinaEast = "chinaeast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth2' region. */
-    ChinaNorth2 = "chinanorth2",
-    /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast2' region. */
-    ChinaEast2 = "chinaeast2",
-    /** Uses the {@link RegionalAuthority} for the Azure 'germanycentral' region. */
-    GermanyCentral = "germanycentral",
-    /** Uses the {@link RegionalAuthority} for the Azure 'germanynortheast' region. */
-    GermanyNorthEast = "germanynortheast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'usgovvirginia' region. */
-    GovernmentUSVirginia = "usgovvirginia",
-    /** Uses the {@link RegionalAuthority} for the Azure 'usgoviowa' region. */
-    GovernmentUSIowa = "usgoviowa",
-    /** Uses the {@link RegionalAuthority} for the Azure 'usgovarizona' region. */
-    GovernmentUSArizona = "usgovarizona",
-    /** Uses the {@link RegionalAuthority} for the Azure 'usgovtexas' region. */
-    GovernmentUSTexas = "usgovtexas",
-    /** Uses the {@link RegionalAuthority} for the Azure 'usdodeast' region. */
-    GovernmentUSDodEast = "usdodeast",
-    /** Uses the {@link RegionalAuthority} for the Azure 'usdodcentral' region. */
-    GovernmentUSDodCentral = "usdodcentral"
-}
 /**
  * Serializes an `AuthenticationRecord` into a string.
  *
@@ -1259,7 +1140,7 @@ export declare interface UsernamePasswordCredentialOptions extends TokenCredenti
 }
 /**
- * Connect to Azure using the credential provided by the VSCode extension 'Azure Account'.
+ * Connects to Azure using the credential provided by the VSCode extension 'Azure Account'.
  * Once the user has logged in via the extension, this credential can share the same refresh token
  * that is cached by the extension.
  */