npm - @azure/identity - Versions diffs - 2.0.0-beta.2 → 2.0.0-beta.6 - Mend

@azure/identity 2.0.0-beta.2 → 2.0.0-beta.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @azure/identity might be problematic. Click here for more details.

Files changed (157) hide show

package/dist-esm/src/msal/browserFlows/browserCommon.js CHANGED Viewed

@@ -1,23 +1,23 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
-import { __awaiter } from "tslib";
 import { DefaultTenantId } from "../../constants";
 import { resolveTenantId } from "../../util/resolveTenantId";
-import { getAuthorityHost, getKnownAuthorities, MsalBaseUtilities } from "../utils";
+import { getAuthority, getKnownAuthorities, MsalBaseUtilities } from "../utils";
 import { AuthenticationRequiredError } from "../errors";
 import { CredentialUnavailableError } from "../../client/errors";
+import { processMultiTenantRequest } from "../../util/validateMultiTenant";
 /**
  * Generates a MSAL configuration that generally works for browsers
  * @internal
  */
 export function defaultBrowserMsalConfig(options) {
     const tenantId = options.tenantId || DefaultTenantId;
-    const authorityHost = getAuthorityHost(tenantId, options.authorityHost);
+    const authority = getAuthority(tenantId, options.authorityHost);
     return {
         auth: {
             clientId: options.clientId,
-            authority: authorityHost,
-            knownAuthorities: getKnownAuthorities(tenantId, authorityHost),
+            authority,
+            knownAuthorities: getKnownAuthorities(tenantId, authority),
             // If the users picked redirect as their login style,
             // but they didn't provide a redirectUri,
             // we can try to use the current page we're in as a default value.
@@ -44,6 +44,8 @@ export class MsalBrowser extends MsalBaseUtilities {
         }
         this.clientId = options.clientId;
         this.tenantId = resolveTenantId(this.logger, options.tenantId, options.clientId);
+        this.allowMultiTenantAuthentication = options === null || options === void 0 ? void 0 : options.allowMultiTenantAuthentication;
+        this.authorityHost = options.authorityHost;
         this.msalConfig = defaultBrowserMsalConfig(options);
         this.disableAutomaticAuthentication = options.disableAutomaticAuthentication;
         if (options.authenticationRecord) {
@@ -53,40 +55,39 @@ export class MsalBrowser extends MsalBaseUtilities {
     /**
      * In the browsers we don't need to init()
      */
-    init() {
-        return __awaiter(this, void 0, void 0, function* () {
-            // Nothing to do here.
-        });
+    async init() {
+        // Nothing to do here.
     }
     /**
      * Clears MSAL's cache.
      */
-    logout() {
+    async logout() {
         var _a;
-        return __awaiter(this, void 0, void 0, function* () {
-            (_a = this.app) === null || _a === void 0 ? void 0 : _a.logout();
-        });
+        (_a = this.app) === null || _a === void 0 ? void 0 : _a.logout();
     }
     /**
      * Attempts to retrieve an authenticated token from MSAL.
      */
-    getToken(scopes, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            // We ensure that redirection is handled at this point.
-            yield this.handleRedirect();
-            if (!(yield this.getActiveAccount()) && !this.disableAutomaticAuthentication) {
-                yield this.login(scopes);
+    async getToken(scopes, options = {}) {
+        const tenantId = processMultiTenantRequest(this.tenantId, this.allowMultiTenantAuthentication, options) ||
+            this.tenantId;
+        if (!options.authority) {
+            options.authority = getAuthority(tenantId, this.authorityHost);
+        }
+        // We ensure that redirection is handled at this point.
+        await this.handleRedirect();
+        if (!(await this.getActiveAccount()) && !this.disableAutomaticAuthentication) {
+            await this.login(scopes);
+        }
+        return this.getTokenSilent(scopes).catch((err) => {
+            if (err.name !== "AuthenticationRequiredError") {
+                throw err;
+            }
+            if (options === null || options === void 0 ? void 0 : options.disableAutomaticAuthentication) {
+                throw new AuthenticationRequiredError(scopes, options, "Automatic authentication has been disabled. You may call the authentication() method.");
             }
-            return this.getTokenSilent(scopes).catch((err) => {
-                if (err.name !== "AuthenticationRequiredError") {
-                    throw err;
-                }
-                if (options === null || options === void 0 ? void 0 : options.disableAutomaticAuthentication) {
-                    throw new AuthenticationRequiredError(scopes, options, "Automatic authentication has been disabled. You may call the authentication() method.");
-                }
-                this.logger.info(`Silent authentication failed, falling back to interactive method ${this.loginStyle}`);
-                return this.doGetToken(scopes);
-            });
+            this.logger.info(`Silent authentication failed, falling back to interactive method ${this.loginStyle}`);
+            return this.doGetToken(scopes);
         });
     }
 }

package/dist-esm/src/msal/browserFlows/browserCommon.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"browserCommon.js","sourceRoot":"","sources":["../../../../src/msal/browserFlows/browserCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC~~;;AAIlC~~,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,OAAO,EAAE,~~gBAAgB~~,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;~~AAIpF~~,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AACxD,OAAO,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;~~AAoBjE~~;;;GAGG;AACH,MAAM,UAAU,wBAAwB,CACtC,OAA+B;IAE/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAC;IACrD,MAAM,~~aAAa~~,GAAG,~~gBAAgB~~,CAAC,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;~~IACxE~~,OAAO;QACL,IAAI,EAAE;YACJ,QAAQ,EAAE,OAAO,CAAC,QAAS;YAC3B,SAAS~~,EAAE,aAAa~~;~~YACxB~~,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ,EAAE,~~aAAa~~,CAAC;~~YAC9D~~,qDAAqD;YACrD,yCAAyC;YACzC,kEAAkE;YAClE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM;SACzD;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,OAAgB,WAAY,SAAQ,iBAAiB;~~IASzD~~,YAAY,OAA+B;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;YACrB,MAAM,IAAI,0BAA0B,CAAC,qCAAqC,CAAC,CAAC;SAC7E;QACD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjF,IAAI,CAAC,UAAU,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,8BAA8B,GAAG,OAAO,CAAC,8BAA8B,CAAC;QAE7E,IAAI,OAAO,CAAC,oBAAoB,EAAE;YAChC,IAAI,CAAC,OAAO,mCACP,OAAO,CAAC,oBAAoB,KAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ,GACxB,CAAC;SACH;IACH,CAAC;IAED;;OAEG;~~IACG~~,IAAI~~;;YACR~~,sBAAsB;~~QACxB~~,CAAC;~~KAAA;~~IAOD;;OAEG;~~IACG~~,MAAM~~;;;YACV~~,MAAA,IAAI,CAAC,GAAG,0CAAE,MAAM,EAAE,CAAC~~;;KACpB~~;IAsBD;;OAEG;~~IACU~~,QAAQ,CACnB,MAAgB,EAChB,~~OAAuC;;YAEvC~~,uDAAuD;~~YACvD~~,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;~~YAE5B~~,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE;~~gBAC5E~~,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;~~aAC1B~~;~~YACD~~,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;~~gBAC~~/C,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE;~~oBAC9C~~,MAAM,GAAG,CAAC;~~iBACX~~;~~gBACD~~,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE;~~oBAC3C~~,MAAM,IAAI,2BAA2B,CACnC,MAAM,EACN,OAAO,EACP,uFAAuF,CACxF,CAAC;~~iBACH~~;~~gBACD~~,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,oEAAoE,IAAI,CAAC,UAAU,EAAE,CACtF,CAAC;~~gBACF~~,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;~~YACjC~~,CAAC,CAAC,CAAC;~~QACL~~,CAAC;~~KAAA;~~CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalBrowser from \"@azure/msal-browser\";\nimport { AccessToken } from \"@azure/core-~~http~~\";\nimport { DefaultTenantId } from \"../../constants\";\nimport { resolveTenantId } from \"../../util/resolveTenantId\";\nimport { BrowserLoginStyle } from \"../../credentials/interactiveBrowserCredentialOptions\";\nimport { ~~getAuthorityHost~~, getKnownAuthorities, MsalBaseUtilities } from \"../utils\";\nimport { MsalFlow, MsalFlowOptions } from \"../flows\";\nimport { AuthenticationRecord } from \"../types\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { AuthenticationRequiredError } from \"../errors\";\nimport { CredentialUnavailableError } from \"../../client/errors\";\n\n/*\n Union of the constructor parameters that all MSAL flow types take.\n * Some properties might not be used by some flow types.\n /\nexport interface MsalBrowserFlowOptions extends MsalFlowOptions {\n redirectUri?: string;\n loginStyle: BrowserLoginStyle;\n}\n\n/\n The common methods we use to work with the MSAL browser flows.\n * @internal\n /\nexport interface MsalBrowserFlow extends MsalFlow {\n login(scopes?: string[]): Promise<AuthenticationRecord \| undefined>;\n handleRedirect(): Promise<AuthenticationRecord \| undefined>;\n}\n\n/\n Generates a MSAL configuration that generally works for browsers\n * @internal\n /\nexport function defaultBrowserMsalConfig(\n options: MsalBrowserFlowOptions\n): msalBrowser.Configuration {\n const tenantId = options.tenantId \|\| DefaultTenantId;\n const ~~authorityHost~~ = ~~getAuthorityHost~~(tenantId, options.authorityHost);\n return {\n auth: {\n clientId: options.clientId!,\n authority~~: authorityHost~~,\n knownAuthorities: getKnownAuthorities(tenantId, ~~authorityHost~~),\n // If the users picked redirect as their login style,\n // but they didn't provide a redirectUri,\n // we can try to use the current page we're in as a default value.\n redirectUri: options.redirectUri \|\| self.location.origin\n }\n };\n}\n\n/\n MSAL partial base client for the browsers.\n \n It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n \n @internal\n /\nexport abstract class MsalBrowser extends MsalBaseUtilities implements MsalBrowserFlow {\n protected loginStyle: BrowserLoginStyle;\n protected clientId: string;\n protected tenantId: string;\n protected account: AuthenticationRecord \| undefined;\n protected msalConfig: msalBrowser.Configuration;\n protected disableAutomaticAuthentication?: boolean;\n protected app?: msalBrowser.PublicClientApplication;\n\n constructor(options: MsalBrowserFlowOptions) {\n super(options);\n this.logger = options.logger;\n this.loginStyle = options.loginStyle;\n if (!options.clientId) {\n throw new CredentialUnavailableError(\"A client ID is required in browsers\");\n }\n this.clientId = options.clientId;\n this.tenantId = resolveTenantId(this.logger, options.tenantId, options.clientId);\n this.msalConfig = defaultBrowserMsalConfig(options);\n this.disableAutomaticAuthentication = options.disableAutomaticAuthentication;\n\n if (options.authenticationRecord) {\n this.account = {\n ...options.authenticationRecord,\n tenantId: this.tenantId\n };\n }\n }\n\n /\n In the browsers we don't need to init()\n /\n async init(): Promise<void> {\n // Nothing to do here.\n }\n\n /\n Attempts to handle a redirection request the least amount of times possible.\n /\n public abstract handleRedirect(): Promise<AuthenticationRecord \| undefined>;\n\n /\n Clears MSAL's cache.\n /\n async logout(): Promise<void> {\n this.app?.logout();\n }\n\n /\n Uses MSAL to retrieve the active account.\n /\n public abstract getActiveAccount(): Promise<AuthenticationRecord \| undefined>;\n\n /\n Uses MSAL to trigger a redirect or a popup login.\n /\n public abstract login(scopes?: string \| string[]): Promise<AuthenticationRecord \| undefined>;\n\n /\n Attempts to retrieve a token from cache.\n /\n public abstract getTokenSilent(scopes: string[]): Promise<AccessToken>;\n\n /\n Attempts to retrieve the token in the browser.\n /\n protected abstract doGetToken(scopes: string[]): Promise<AccessToken>;\n\n /\n Attempts to retrieve an authenticated token from MSAL.\n */\n public async getToken(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n // We ensure that redirection is handled at this point.\n await this.handleRedirect();\n\n if (!(await this.getActiveAccount()) && !this.disableAutomaticAuthentication) {\n await this.login(scopes);\n }\n return this.getTokenSilent(scopes).catch((err) => {\n if (err.name !== \"AuthenticationRequiredError\") {\n throw err;\n }\n if (options?.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError(\n scopes,\n options,\n \"Automatic authentication has been disabled. You may call the authentication() method.\"\n );\n }\n this.logger.info(\n `Silent authentication failed, falling back to interactive method ${this.loginStyle}`\n );\n return this.doGetToken(scopes);\n });\n }\n}\n"]}
1	+ {"version":3,"file":"browserCommon.js","sourceRoot":"","sources":["../../../../src/msal/browserFlows/browserCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAMlC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,OAAO,EAAE,YAAY,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAIhF,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AACxD,OAAO,EAAE,0BAA0B,EAAE,MAAM,qBAAqB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAsB3E;;;GAGG;AACH,MAAM,UAAU,wBAAwB,CACtC,OAA+B;IAE/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAC;IACrD,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAChE,OAAO;QACL,IAAI,EAAE;YACJ,QAAQ,EAAE,OAAO,CAAC,QAAS;YAC3B,SAAS;YACT,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ,EAAE,SAAS,CAAC;YAC1D,qDAAqD;YACrD,yCAAyC;YACzC,kEAAkE;YAClE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM;SACzD;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,OAAgB,WAAY,SAAQ,iBAAiB;IAWzD,YAAY,OAA+B;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;YACrB,MAAM,IAAI,0BAA0B,CAAC,qCAAqC,CAAC,CAAC;SAC7E;QACD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjF,IAAI,CAAC,8BAA8B,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,CAAC;QAC9E,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,8BAA8B,GAAG,OAAO,CAAC,8BAA8B,CAAC;QAE7E,IAAI,OAAO,CAAC,oBAAoB,EAAE;YAChC,IAAI,CAAC,OAAO,mCACP,OAAO,CAAC,oBAAoB,KAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ,GACxB,CAAC;SACH;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,sBAAsB;IACxB,CAAC;IAOD;;OAEG;IACH,KAAK,CAAC,MAAM;;QACV,MAAA,IAAI,CAAC,GAAG,0CAAE,MAAM,EAAE,CAAC;IACrB,CAAC;IAsBD;;OAEG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAgB,EAChB,UAAyC,EAAE;QAE3C,MAAM,QAAQ,GACZ,yBAAyB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,8BAA8B,EAAE,OAAO,CAAC;YACtF,IAAI,CAAC,QAAQ,CAAC;QAEhB,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;YACtB,OAAO,CAAC,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;SAChE;QAED,uDAAuD;QACvD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE;YAC5E,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;SAC1B;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YAC/C,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE;gBAC9C,MAAM,GAAG,CAAC;aACX;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE;gBAC3C,MAAM,IAAI,2BAA2B,CACnC,MAAM,EACN,OAAO,EACP,uFAAuF,CACxF,CAAC;aACH;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,oEAAoE,IAAI,CAAC,UAAU,EAAE,CACtF,CAAC;YACF,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalBrowser from \"@azure/msal-browser\";\n\nimport { AccessToken } from \"@azure/core-auth\";\n\nimport { DefaultTenantId } from \"../../constants\";\nimport { resolveTenantId } from \"../../util/resolveTenantId\";\nimport { BrowserLoginStyle } from \"../../credentials/interactiveBrowserCredentialOptions\";\nimport { getAuthority, getKnownAuthorities, MsalBaseUtilities } from \"../utils\";\nimport { MsalFlow, MsalFlowOptions } from \"../flows\";\nimport { AuthenticationRecord } from \"../types\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { AuthenticationRequiredError } from \"../errors\";\nimport { CredentialUnavailableError } from \"../../client/errors\";\nimport { processMultiTenantRequest } from \"../../util/validateMultiTenant\";\n\n/*\n Union of the constructor parameters that all MSAL flow types take.\n * Some properties might not be used by some flow types.\n /\nexport interface MsalBrowserFlowOptions extends MsalFlowOptions {\n redirectUri?: string;\n loginStyle: BrowserLoginStyle;\n allowMultiTenantAuthentication?: boolean;\n loginHint?: string;\n}\n\n/\n The common methods we use to work with the MSAL browser flows.\n * @internal\n /\nexport interface MsalBrowserFlow extends MsalFlow {\n login(scopes?: string[]): Promise<AuthenticationRecord \| undefined>;\n handleRedirect(): Promise<AuthenticationRecord \| undefined>;\n}\n\n/\n Generates a MSAL configuration that generally works for browsers\n * @internal\n /\nexport function defaultBrowserMsalConfig(\n options: MsalBrowserFlowOptions\n): msalBrowser.Configuration {\n const tenantId = options.tenantId \|\| DefaultTenantId;\n const authority = getAuthority(tenantId, options.authorityHost);\n return {\n auth: {\n clientId: options.clientId!,\n authority,\n knownAuthorities: getKnownAuthorities(tenantId, authority),\n // If the users picked redirect as their login style,\n // but they didn't provide a redirectUri,\n // we can try to use the current page we're in as a default value.\n redirectUri: options.redirectUri \|\| self.location.origin\n }\n };\n}\n\n/\n MSAL partial base client for the browsers.\n \n It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n \n @internal\n /\nexport abstract class MsalBrowser extends MsalBaseUtilities implements MsalBrowserFlow {\n protected loginStyle: BrowserLoginStyle;\n protected clientId: string;\n protected tenantId: string;\n protected allowMultiTenantAuthentication?: boolean;\n protected authorityHost?: string;\n protected account: AuthenticationRecord \| undefined;\n protected msalConfig: msalBrowser.Configuration;\n protected disableAutomaticAuthentication?: boolean;\n protected app?: msalBrowser.PublicClientApplication;\n\n constructor(options: MsalBrowserFlowOptions) {\n super(options);\n this.logger = options.logger;\n this.loginStyle = options.loginStyle;\n if (!options.clientId) {\n throw new CredentialUnavailableError(\"A client ID is required in browsers\");\n }\n this.clientId = options.clientId;\n this.tenantId = resolveTenantId(this.logger, options.tenantId, options.clientId);\n this.allowMultiTenantAuthentication = options?.allowMultiTenantAuthentication;\n this.authorityHost = options.authorityHost;\n this.msalConfig = defaultBrowserMsalConfig(options);\n this.disableAutomaticAuthentication = options.disableAutomaticAuthentication;\n\n if (options.authenticationRecord) {\n this.account = {\n ...options.authenticationRecord,\n tenantId: this.tenantId\n };\n }\n }\n\n /\n In the browsers we don't need to init()\n /\n async init(): Promise<void> {\n // Nothing to do here.\n }\n\n /\n Attempts to handle a redirection request the least amount of times possible.\n /\n public abstract handleRedirect(): Promise<AuthenticationRecord \| undefined>;\n\n /\n Clears MSAL's cache.\n /\n async logout(): Promise<void> {\n this.app?.logout();\n }\n\n /\n Uses MSAL to retrieve the active account.\n /\n public abstract getActiveAccount(): Promise<AuthenticationRecord \| undefined>;\n\n /\n Uses MSAL to trigger a redirect or a popup login.\n /\n public abstract login(scopes?: string \| string[]): Promise<AuthenticationRecord \| undefined>;\n\n /\n Attempts to retrieve a token from cache.\n /\n public abstract getTokenSilent(scopes: string[]): Promise<AccessToken>;\n\n /\n Attempts to retrieve the token in the browser.\n /\n protected abstract doGetToken(scopes: string[]): Promise<AccessToken>;\n\n /\n Attempts to retrieve an authenticated token from MSAL.\n */\n public async getToken(\n scopes: string[],\n options: CredentialFlowGetTokenOptions = {}\n ): Promise<AccessToken> {\n const tenantId =\n processMultiTenantRequest(this.tenantId, this.allowMultiTenantAuthentication, options) \|\|\n this.tenantId;\n\n if (!options.authority) {\n options.authority = getAuthority(tenantId, this.authorityHost);\n }\n\n // We ensure that redirection is handled at this point.\n await this.handleRedirect();\n\n if (!(await this.getActiveAccount()) && !this.disableAutomaticAuthentication) {\n await this.login(scopes);\n }\n return this.getTokenSilent(scopes).catch((err) => {\n if (err.name !== \"AuthenticationRequiredError\") {\n throw err;\n }\n if (options?.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError(\n scopes,\n options,\n \"Automatic authentication has been disabled. You may call the authentication() method.\"\n );\n }\n this.logger.info(\n `Silent authentication failed, falling back to interactive method ${this.loginStyle}`\n );\n return this.doGetToken(scopes);\n });\n }\n}\n"]}

package/dist-esm/src/msal/browserFlows/msalAuthCode.js CHANGED Viewed

@@ -1,6 +1,5 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
-import { __awaiter } from "tslib";
 import * as msalBrowser from "@azure/msal-browser";
 import { MsalBrowser } from "./browserCommon";
 import { defaultLoggerCallback, msalToPublic, publicToMsal } from "../utils";
@@ -21,13 +20,14 @@ export class MSALAuthCode extends MsalBrowser {
      */
     constructor(options) {
         super(options);
+        this.loginHint = options.loginHint;
         this.msalConfig.cache = {
             cacheLocation: "sessionStorage",
             storeAuthStateInCookie: true // Set to true to improve the experience on IE11 and Edge.
         };
         this.msalConfig.system = {
             loggerOptions: {
-                loggerCallback: defaultLoggerCallback(this.logger)
+                loggerCallback: defaultLoggerCallback(this.logger, "Browser")
             }
         };
         // Preparing the MSAL application.
@@ -41,144 +41,134 @@ export class MSALAuthCode extends MsalBrowser {
      * If no result was received, tries to load the account from the cache.
      * @param result - Result object received from MSAL.
      */
-    handleBrowserResult(result) {
-        return __awaiter(this, void 0, void 0, function* () {
-            try {
-                if (result && result.account) {
-                    this.logger.info(`MSAL Browser V2 authentication successful.`);
-                    this.app.setActiveAccount(result.account);
-                    return msalToPublic(this.clientId, result.account);
-                }
-                // If by this point we happen to have an active account, we should stop trying to parse this.
-                const activeAccount = yield this.app.getActiveAccount();
-                if (activeAccount) {
-                    return msalToPublic(this.clientId, activeAccount);
-                }
-                // If we don't have an active account, we try to activate it from all the already loaded accounts.
-                const accounts = this.app.getAllAccounts();
-                if (accounts.length > 1) {
-                    // If there's more than one account in memory, we force the user to authenticate again.
-                    // At this point we can't identify which account should this credential work with,
-                    // since at this point the user won't have provided enough information.
-                    // We log a message in case that helps.
-                    this.logger.info(`More than one account was found authenticated for this Client ID and Tenant ID.
+    async handleBrowserResult(result) {
+        try {
+            if (result && result.account) {
+                this.logger.info(`MSAL Browser V2 authentication successful.`);
+                this.app.setActiveAccount(result.account);
+                return msalToPublic(this.clientId, result.account);
+            }
+            // If by this point we happen to have an active account, we should stop trying to parse this.
+            const activeAccount = await this.app.getActiveAccount();
+            if (activeAccount) {
+                return msalToPublic(this.clientId, activeAccount);
+            }
+            // If we don't have an active account, we try to activate it from all the already loaded accounts.
+            const accounts = this.app.getAllAccounts();
+            if (accounts.length > 1) {
+                // If there's more than one account in memory, we force the user to authenticate again.
+                // At this point we can't identify which account should this credential work with,
+                // since at this point the user won't have provided enough information.
+                // We log a message in case that helps.
+                this.logger.info(`More than one account was found authenticated for this Client ID and Tenant ID.
 However, no "authenticationRecord" has been provided for this credential,
 therefore we're unable to pick between these accounts.
 A new login attempt will be requested, to ensure the correct account is picked.
 To work with multiple accounts for the same Client ID and Tenant ID, please provide an "authenticationRecord" when initializing "InteractiveBrowserCredential".`);
-                    // To safely trigger a new login, we're also ensuring the local cache is cleared up for this MSAL object.
-                    // However, we want to avoid kicking the user out of their authentication on the Azure side.
-                    // We do this by calling to logout while specifying a `onRedirectNavigate` that returns false.
-                    yield this.app.logout({
-                        onRedirectNavigate: () => false
-                    });
-                    return;
-                }
-                // If there's only one account for this MSAL object, we can safely activate it.
-                if (accounts.length === 1) {
-                    const account = accounts[0];
-                    this.app.setActiveAccount(account);
-                    return msalToPublic(this.clientId, account);
-                }
-                this.logger.info(`No accounts were found through MSAL.`);
+                // To safely trigger a new login, we're also ensuring the local cache is cleared up for this MSAL object.
+                // However, we want to avoid kicking the user out of their authentication on the Azure side.
+                // We do this by calling to logout while specifying a `onRedirectNavigate` that returns false.
+                await this.app.logout({
+                    onRedirectNavigate: () => false
+                });
+                return;
             }
-            catch (e) {
-                this.logger.info(`Failed to acquire token through MSAL. ${e.message}`);
+            // If there's only one account for this MSAL object, we can safely activate it.
+            if (accounts.length === 1) {
+                const account = accounts[0];
+                this.app.setActiveAccount(account);
+                return msalToPublic(this.clientId, account);
             }
-            return;
-        });
+            this.logger.info(`No accounts were found through MSAL.`);
+        }
+        catch (e) {
+            this.logger.info(`Failed to acquire token through MSAL. ${e.message}`);
+        }
+        return;
     }
     /**
      * Uses MSAL to handle the redirect.
      */
-    handleRedirect() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.handleBrowserResult((yield this.app.handleRedirectPromise(redirectHash)) || undefined);
-        });
+    async handleRedirect() {
+        return this.handleBrowserResult((await this.app.handleRedirectPromise(redirectHash)) || undefined);
     }
     /**
      * Uses MSAL to trigger a redirect or a popup login.
      */
-    login(scopes = []) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const arrayScopes = Array.isArray(scopes) ? scopes : [scopes];
-            const loginRequest = {
-                scopes: arrayScopes
-            };
-            switch (this.loginStyle) {
-                case "redirect": {
-                    yield this.app.loginRedirect(loginRequest);
-                    return;
-                }
-                case "popup":
-                    return this.handleBrowserResult(yield this.app.loginPopup(loginRequest));
+    async login(scopes = []) {
+        const arrayScopes = Array.isArray(scopes) ? scopes : [scopes];
+        const loginRequest = {
+            scopes: arrayScopes,
+            loginHint: this.loginHint
+        };
+        switch (this.loginStyle) {
+            case "redirect": {
+                await this.app.loginRedirect(loginRequest);
+                return;
             }
-        });
+            case "popup":
+                return this.handleBrowserResult(await this.app.loginPopup(loginRequest));
+        }
     }
     /**
      * Uses MSAL to retrieve the active account.
      */
-    getActiveAccount() {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = this.app.getActiveAccount();
-            if (!account) {
-                return;
-            }
-            return msalToPublic(this.clientId, account);
-        });
+    async getActiveAccount() {
+        const account = this.app.getActiveAccount();
+        if (!account) {
+            return;
+        }
+        return msalToPublic(this.clientId, account);
     }
     /**
      * Attempts to retrieve a token from cache.
      */
-    getTokenSilent(scopes, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.getActiveAccount();
-            if (!account) {
-                throw new AuthenticationRequiredError(scopes, options);
-            }
-            const parameters = {
-                authority: this.msalConfig.auth.authority,
-                correlationId: options === null || options === void 0 ? void 0 : options.correlationId,
-                account: publicToMsal(account),
-                forceRefresh: false,
-                scopes
-            };
-            try {
-                this.logger.info("Attempting to acquire token silently");
-                const response = yield this.app.acquireTokenSilent(parameters);
-                return this.handleResult(scopes, this.clientId, response);
-            }
-            catch (err) {
-                throw this.handleError(scopes, err, options);
-            }
-        });
+    async getTokenSilent(scopes, options) {
+        const account = await this.getActiveAccount();
+        if (!account) {
+            throw new AuthenticationRequiredError(scopes, options);
+        }
+        const parameters = {
+            authority: (options === null || options === void 0 ? void 0 : options.authority) || this.msalConfig.auth.authority,
+            correlationId: options === null || options === void 0 ? void 0 : options.correlationId,
+            account: publicToMsal(account),
+            forceRefresh: false,
+            scopes
+        };
+        try {
+            this.logger.info("Attempting to acquire token silently");
+            const response = await this.app.acquireTokenSilent(parameters);
+            return this.handleResult(scopes, this.clientId, response);
+        }
+        catch (err) {
+            throw this.handleError(scopes, err, options);
+        }
     }
     /**
      * Attempts to retrieve the token in the browser.
      */
-    doGetToken(scopes, options) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.getActiveAccount();
-            if (!account) {
-                throw new AuthenticationRequiredError(scopes, options);
-            }
-            const parameters = {
-                authority: this.msalConfig.auth.authority,
-                correlationId: options === null || options === void 0 ? void 0 : options.correlationId,
-                account: publicToMsal(account),
-                scopes
-            };
-            switch (this.loginStyle) {
-                case "redirect":
-                    // This will go out of the page.
-                    // Once the InteractiveBrowserCredential is initialized again,
-                    // we'll load the MSAL account in the constructor.
-                    yield this.app.acquireTokenRedirect(parameters);
-                    return { token: "", expiresOnTimestamp: 0 };
-                case "popup":
-                    return this.handleResult(scopes, this.clientId, yield this.app.acquireTokenPopup(parameters));
-            }
-        });
+    async doGetToken(scopes, options) {
+        const account = await this.getActiveAccount();
+        if (!account) {
+            throw new AuthenticationRequiredError(scopes, options);
+        }
+        const parameters = {
+            authority: (options === null || options === void 0 ? void 0 : options.authority) || this.msalConfig.auth.authority,
+            correlationId: options === null || options === void 0 ? void 0 : options.correlationId,
+            account: publicToMsal(account),
+            loginHint: this.loginHint,
+            scopes
+        };
+        switch (this.loginStyle) {
+            case "redirect":
+                // This will go out of the page.
+                // Once the InteractiveBrowserCredential is initialized again,
+                // we'll load the MSAL account in the constructor.
+                await this.app.acquireTokenRedirect(parameters);
+                return { token: "", expiresOnTimestamp: 0 };
+            case "popup":
+                return this.handleResult(scopes, this.clientId, await this.app.acquireTokenPopup(parameters));
+        }
     }
 }
 //# sourceMappingURL=msalAuthCode.js.map

package/dist-esm/src/msal/browserFlows/msalAuthCode.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"msalAuthCode.js","sourceRoot":"","sources":["../../../../src/msal/browserFlows/msalAuthCode.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAElC,OAAO,KAAK,WAAW,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAA0B,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEtE,OAAO,EAAE,qBAAqB,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7E,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AAGxD,uCAAuC;AACvC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;AAExC;;;;GAIG;AACH,MAAM,OAAO,YAAa,SAAQ,WAAW;IAG3C;;;;;OAKG;IACH,YAAY,OAA+B;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEf,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;YACtB,aAAa,EAAE,gBAAgB;YAC/B,sBAAsB,EAAE,IAAI,CAAC,0DAA0D;SACxF,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG;YACvB,aAAa,EAAE;gBACb,cAAc,EAAE,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC;aACnD;SACF,CAAC;QAEF,kCAAkC;QAClC,IAAI,CAAC,GAAG,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAChD,IAAI,CAAC,UAAuC,CAC7C,CAAC;QACF,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;SACvD;IACH,CAAC;IAED;;;;OAIG;IACW,mBAAmB,CAC/B,MAAyC;;YAEzC,IAAI;gBACF,IAAI,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE;oBAC5B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;oBAC/D,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;oBAC1C,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;iBACpD;gBAED,6FAA6F;gBAC7F,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,GAAI,CAAC,gBAAgB,EAAE,CAAC;gBACzD,IAAI,aAAa,EAAE;oBACjB,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;iBACnD;gBAED,kGAAkG;gBAClG,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;gBAC3C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBACvB,uFAAuF;oBACvF,kFAAkF;oBAClF,uEAAuE;oBACvE,uCAAuC;oBACvC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd;;;;gKAIsJ,CACvJ,CAAC;oBACF,yGAAyG;oBACzG,4FAA4F;oBAC5F,8FAA8F;oBAC9F,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;wBACpB,kBAAkB,EAAE,GAAG,EAAE,CAAC,KAAK;qBAChC,CAAC,CAAC;oBACH,OAAO;iBACR;gBAED,+EAA+E;gBAC/E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;oBACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;oBAC5B,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;oBACnC,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;iBAC7C;gBAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;aAC1D;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;aACxE;YACD,OAAO;QACT,CAAC;KAAA;IAED;;OAEG;IACU,cAAc;;YACzB,OAAO,IAAI,CAAC,mBAAmB,CAC7B,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC,IAAI,SAAS,CAClE,CAAC;QACJ,CAAC;KAAA;IAED;;OAEG;IACU,KAAK,CAAC,SAA4B,EAAE;;YAC/C,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;YAC9D,MAAM,YAAY,GAAG;gBACnB,MAAM,EAAE,WAAW;aACpB,CAAC;YACF,QAAQ,IAAI,CAAC,UAAU,EAAE;gBACvB,KAAK,UAAU,CAAC,CAAC;oBACf,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;oBAC3C,OAAO;iBACR;gBACD,KAAK,OAAO;oBACV,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;aAC5E;QACH,CAAC;KAAA;IAED;;OAEG;IACU,gBAAgB;;YAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;YAC5C,IAAI,CAAC,OAAO,EAAE;gBACZ,OAAO;aACR;YACD,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;KAAA;IAED;;OAEG;IACU,cAAc,CACzB,MAAgB,EAChB,OAAuC;;YAEvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC9C,IAAI,CAAC,OAAO,EAAE;gBACZ,MAAM,IAAI,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;aACxD;YAED,MAAM,UAAU,GAA8B;gBAC5C,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAU;gBAC1C,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;gBACrC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC;gBAC9B,YAAY,EAAE,KAAK;gBACnB,MAAM;aACP,CAAC;YAEF,IAAI;gBACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;gBACzD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;gBAC/D,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aAC3D;YAAC,OAAO,GAAG,EAAE;gBACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;aAC9C;QACH,CAAC;KAAA;IAED;;OAEG;IACa,UAAU,CACxB,MAAgB,EAChB,OAAuC;;YAEvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC9C,IAAI,CAAC,OAAO,EAAE;gBACZ,MAAM,IAAI,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;aACxD;YAED,MAAM,UAAU,GAAgC;gBAC9C,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAU;gBAC1C,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;gBACrC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC;gBAC9B,MAAM;aACP,CAAC;YAEF,QAAQ,IAAI,CAAC,UAAU,EAAE;gBACvB,KAAK,UAAU;oBACb,gCAAgC;oBAChC,8DAA8D;oBAC9D,kDAAkD;oBAClD,MAAM,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;oBAChD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;gBAC9C,KAAK,OAAO;oBACV,OAAO,IAAI,CAAC,YAAY,CACtB,MAAM,EACN,IAAI,CAAC,QAAQ,EACb,MAAM,IAAI,CAAC,GAAG,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAC7C,CAAC;aACL;QACH,CAAC;KAAA;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalBrowser from \"@azure/msal-browser\";\nimport { MsalBrowserFlowOptions, MsalBrowser } from \"./browserCommon\";\nimport { AccessToken } from \"@azure/core-http\";\nimport { defaultLoggerCallback, msalToPublic, publicToMsal } from \"../utils\";\nimport { AuthenticationRecord } from \"../types\";\nimport { AuthenticationRequiredError } from \"../errors\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\n\n// We keep a copy of the redirect hash.\nconst redirectHash = self.location.hash;\n\n/*\n Uses MSAL Browser 2.X for browser authentication,\n * which uses the [Auth Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow).\n * @internal\n /\nexport class MSALAuthCode extends MsalBrowser {\n protected app: msalBrowser.PublicClientApplication;\n\n /\n Sets up an MSAL object based on the given parameters.\n * MSAL with Auth Code allows sending a previously obtained `authenticationRecord` through the optional parameters,\n * which is set to be the active account.\n * @param options - Parameters necessary and otherwise used to create the MSAL object.\n /\n constructor(options: MsalBrowserFlowOptions) {\n super(options);\n\n this.msalConfig.cache = {\n cacheLocation: \"sessionStorage\",\n storeAuthStateInCookie: true // Set to true to improve the experience on IE11 and Edge.\n };\n this.msalConfig.system = {\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(this.logger)\n }\n };\n\n // Preparing the MSAL application.\n this.app = new msalBrowser.PublicClientApplication(\n this.msalConfig as msalBrowser.Configuration\n );\n if (this.account) {\n this.app.setActiveAccount(publicToMsal(this.account));\n }\n }\n\n /\n Loads the account based on the result of the authentication.\n * If no result was received, tries to load the account from the cache.\n * @param result - Result object received from MSAL.\n /\n private async handleBrowserResult(\n result?: msalBrowser.AuthenticationResult\n ): Promise<AuthenticationRecord \| undefined> {\n try {\n if (result && result.account) {\n this.logger.info(`MSAL Browser V2 authentication successful.`);\n this.app.setActiveAccount(result.account);\n return msalToPublic(this.clientId, result.account);\n }\n\n // If by this point we happen to have an active account, we should stop trying to parse this.\n const activeAccount = await this.app!.getActiveAccount();\n if (activeAccount) {\n return msalToPublic(this.clientId, activeAccount);\n }\n\n // If we don't have an active account, we try to activate it from all the already loaded accounts.\n const accounts = this.app.getAllAccounts();\n if (accounts.length > 1) {\n // If there's more than one account in memory, we force the user to authenticate again.\n // At this point we can't identify which account should this credential work with,\n // since at this point the user won't have provided enough information.\n // We log a message in case that helps.\n this.logger.info(\n `More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing \"InteractiveBrowserCredential\".`\n );\n // To safely trigger a new login, we're also ensuring the local cache is cleared up for this MSAL object.\n // However, we want to avoid kicking the user out of their authentication on the Azure side.\n // We do this by calling to logout while specifying a `onRedirectNavigate` that returns false.\n await this.app.logout({\n onRedirectNavigate: () => false\n });\n return;\n }\n\n // If there's only one account for this MSAL object, we can safely activate it.\n if (accounts.length === 1) {\n const account = accounts[0];\n this.app.setActiveAccount(account);\n return msalToPublic(this.clientId, account);\n }\n\n this.logger.info(`No accounts were found through MSAL.`);\n } catch (e) {\n this.logger.info(`Failed to acquire token through MSAL. ${e.message}`);\n }\n return;\n }\n\n /\n Uses MSAL to handle the redirect.\n /\n public async handleRedirect(): Promise<AuthenticationRecord \| undefined> {\n return this.handleBrowserResult(\n (await this.app.handleRedirectPromise(redirectHash)) \|\| undefined\n );\n }\n\n /\n Uses MSAL to trigger a redirect or a popup login.\n /\n public async login(scopes: string \| string[] = []): Promise<AuthenticationRecord \| undefined> {\n const arrayScopes = Array.isArray(scopes) ? scopes : [scopes];\n const loginRequest = {\n scopes: arrayScopes\n };\n switch (this.loginStyle) {\n case \"redirect\": {\n await this.app.loginRedirect(loginRequest);\n return;\n }\n case \"popup\":\n return this.handleBrowserResult(await this.app.loginPopup(loginRequest));\n }\n }\n\n /\n Uses MSAL to retrieve the active account.\n /\n public async getActiveAccount(): Promise<AuthenticationRecord \| undefined> {\n const account = this.app.getActiveAccount();\n if (!account) {\n return;\n }\n return msalToPublic(this.clientId, account);\n }\n\n /\n Attempts to retrieve a token from cache.\n /\n public async getTokenSilent(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n const account = await this.getActiveAccount();\n if (!account) {\n throw new AuthenticationRequiredError(scopes, options);\n }\n\n const parameters: msalBrowser.SilentRequest = {\n authority: this.msalConfig.auth.authority!,\n correlationId: options?.correlationId,\n account: publicToMsal(account),\n forceRefresh: false,\n scopes\n };\n\n try {\n this.logger.info(\"Attempting to acquire token silently\");\n const response = await this.app.acquireTokenSilent(parameters);\n return this.handleResult(scopes, this.clientId, response);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n\n /\n Attempts to retrieve the token in the browser.\n */\n protected async doGetToken(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n const account = await this.getActiveAccount();\n if (!account) {\n throw new AuthenticationRequiredError(scopes, options);\n }\n\n const parameters: msalBrowser.RedirectRequest = {\n authority: this.msalConfig.auth.authority!,\n correlationId: options?.correlationId,\n account: publicToMsal(account),\n scopes\n };\n\n switch (this.loginStyle) {\n case \"redirect\":\n // This will go out of the page.\n // Once the InteractiveBrowserCredential is initialized again,\n // we'll load the MSAL account in the constructor.\n await this.app.acquireTokenRedirect(parameters);\n return { token: \"\", expiresOnTimestamp: 0 };\n case \"popup\":\n return this.handleResult(\n scopes,\n this.clientId,\n await this.app.acquireTokenPopup(parameters)\n );\n }\n }\n}\n"]}
1	+ {"version":3,"file":"msalAuthCode.js","sourceRoot":"","sources":["../../../../src/msal/browserFlows/msalAuthCode.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,WAAW,MAAM,qBAAqB,CAAC;AAInD,OAAO,EAA0B,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACtE,OAAO,EAAE,qBAAqB,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAE7E,OAAO,EAAE,2BAA2B,EAAE,MAAM,WAAW,CAAC;AAGxD,uCAAuC;AACvC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;AAExC;;;;GAIG;AACH,MAAM,OAAO,YAAa,SAAQ,WAAW;IAI3C;;;;;OAKG;IACH,YAAY,OAA+B;QACzC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QAEnC,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;YACtB,aAAa,EAAE,gBAAgB;YAC/B,sBAAsB,EAAE,IAAI,CAAC,0DAA0D;SACxF,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG;YACvB,aAAa,EAAE;gBACb,cAAc,EAAE,qBAAqB,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC;aAC9D;SACF,CAAC;QAEF,kCAAkC;QAClC,IAAI,CAAC,GAAG,GAAG,IAAI,WAAW,CAAC,uBAAuB,CAChD,IAAI,CAAC,UAAuC,CAC7C,CAAC;QACF,IAAI,IAAI,CAAC,OAAO,EAAE;YAChB,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;SACvD;IACH,CAAC;IAED;;;;OAIG;IACK,KAAK,CAAC,mBAAmB,CAC/B,MAAyC;QAEzC,IAAI;YACF,IAAI,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE;gBAC5B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;gBAC/D,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAC1C,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;aACpD;YAED,6FAA6F;YAC7F,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,GAAI,CAAC,gBAAgB,EAAE,CAAC;YACzD,IAAI,aAAa,EAAE;gBACjB,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;aACnD;YAED,kGAAkG;YAClG,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;YAC3C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;gBACvB,uFAAuF;gBACvF,kFAAkF;gBAClF,uEAAuE;gBACvE,uCAAuC;gBACvC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd;;;;gKAIsJ,CACvJ,CAAC;gBACF,yGAAyG;gBACzG,4FAA4F;gBAC5F,8FAA8F;gBAC9F,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC;oBACpB,kBAAkB,EAAE,GAAG,EAAE,CAAC,KAAK;iBAChC,CAAC,CAAC;gBACH,OAAO;aACR;YAED,+EAA+E;YAC/E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;gBACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,CAAC,GAAG,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;gBACnC,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;aAC7C;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;SAC1D;QAAC,OAAO,CAAC,EAAE;YACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;SACxE;QACD,OAAO;IACT,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,OAAO,IAAI,CAAC,mBAAmB,CAC7B,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC,IAAI,SAAS,CAClE,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,KAAK,CAAC,SAA4B,EAAE;QAC/C,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC9D,MAAM,YAAY,GAAgC;YAChD,MAAM,EAAE,WAAW;YACnB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC;QACF,QAAQ,IAAI,CAAC,UAAU,EAAE;YACvB,KAAK,UAAU,CAAC,CAAC;gBACf,MAAM,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;gBAC3C,OAAO;aACR;YACD,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC;SAC5E;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB;QAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC5C,IAAI,CAAC,OAAO,EAAE;YACZ,OAAO;SACR;QACD,OAAO,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc,CACzB,MAAgB,EAChB,OAAuC;QAEvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC9C,IAAI,CAAC,OAAO,EAAE;YACZ,MAAM,IAAI,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACxD;QAED,MAAM,UAAU,GAA8B;YAC5C,SAAS,EAAE,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,KAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAU;YAChE,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;YACrC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC;YAC9B,YAAY,EAAE,KAAK;YACnB,MAAM;SACP,CAAC;QAEF,IAAI;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YAC/D,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;SAC3D;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;SAC9C;IACH,CAAC;IAED;;OAEG;IACO,KAAK,CAAC,UAAU,CACxB,MAAgB,EAChB,OAAuC;QAEvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC9C,IAAI,CAAC,OAAO,EAAE;YACZ,MAAM,IAAI,2BAA2B,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;SACxD;QAED,MAAM,UAAU,GAAgC;YAC9C,SAAS,EAAE,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,KAAI,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAU;YAChE,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;YACrC,OAAO,EAAE,YAAY,CAAC,OAAO,CAAC;YAC9B,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,MAAM;SACP,CAAC;QAEF,QAAQ,IAAI,CAAC,UAAU,EAAE;YACvB,KAAK,UAAU;gBACb,gCAAgC;gBAChC,8DAA8D;gBAC9D,kDAAkD;gBAClD,MAAM,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;gBAChD,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAAE,CAAC;YAC9C,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,YAAY,CACtB,MAAM,EACN,IAAI,CAAC,QAAQ,EACb,MAAM,IAAI,CAAC,GAAG,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAC7C,CAAC;SACL;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalBrowser from \"@azure/msal-browser\";\n\nimport { AccessToken } from \"@azure/core-auth\";\n\nimport { MsalBrowserFlowOptions, MsalBrowser } from \"./browserCommon\";\nimport { defaultLoggerCallback, msalToPublic, publicToMsal } from \"../utils\";\nimport { AuthenticationRecord } from \"../types\";\nimport { AuthenticationRequiredError } from \"../errors\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\n\n// We keep a copy of the redirect hash.\nconst redirectHash = self.location.hash;\n\n/*\n Uses MSAL Browser 2.X for browser authentication,\n * which uses the [Auth Code Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow).\n * @internal\n /\nexport class MSALAuthCode extends MsalBrowser {\n protected app: msalBrowser.PublicClientApplication;\n private loginHint?: string;\n\n /\n Sets up an MSAL object based on the given parameters.\n * MSAL with Auth Code allows sending a previously obtained `authenticationRecord` through the optional parameters,\n * which is set to be the active account.\n * @param options - Parameters necessary and otherwise used to create the MSAL object.\n /\n constructor(options: MsalBrowserFlowOptions) {\n super(options);\n this.loginHint = options.loginHint;\n\n this.msalConfig.cache = {\n cacheLocation: \"sessionStorage\",\n storeAuthStateInCookie: true // Set to true to improve the experience on IE11 and Edge.\n };\n this.msalConfig.system = {\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(this.logger, \"Browser\")\n }\n };\n\n // Preparing the MSAL application.\n this.app = new msalBrowser.PublicClientApplication(\n this.msalConfig as msalBrowser.Configuration\n );\n if (this.account) {\n this.app.setActiveAccount(publicToMsal(this.account));\n }\n }\n\n /\n Loads the account based on the result of the authentication.\n * If no result was received, tries to load the account from the cache.\n * @param result - Result object received from MSAL.\n /\n private async handleBrowserResult(\n result?: msalBrowser.AuthenticationResult\n ): Promise<AuthenticationRecord \| undefined> {\n try {\n if (result && result.account) {\n this.logger.info(`MSAL Browser V2 authentication successful.`);\n this.app.setActiveAccount(result.account);\n return msalToPublic(this.clientId, result.account);\n }\n\n // If by this point we happen to have an active account, we should stop trying to parse this.\n const activeAccount = await this.app!.getActiveAccount();\n if (activeAccount) {\n return msalToPublic(this.clientId, activeAccount);\n }\n\n // If we don't have an active account, we try to activate it from all the already loaded accounts.\n const accounts = this.app.getAllAccounts();\n if (accounts.length > 1) {\n // If there's more than one account in memory, we force the user to authenticate again.\n // At this point we can't identify which account should this credential work with,\n // since at this point the user won't have provided enough information.\n // We log a message in case that helps.\n this.logger.info(\n `More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing \"InteractiveBrowserCredential\".`\n );\n // To safely trigger a new login, we're also ensuring the local cache is cleared up for this MSAL object.\n // However, we want to avoid kicking the user out of their authentication on the Azure side.\n // We do this by calling to logout while specifying a `onRedirectNavigate` that returns false.\n await this.app.logout({\n onRedirectNavigate: () => false\n });\n return;\n }\n\n // If there's only one account for this MSAL object, we can safely activate it.\n if (accounts.length === 1) {\n const account = accounts[0];\n this.app.setActiveAccount(account);\n return msalToPublic(this.clientId, account);\n }\n\n this.logger.info(`No accounts were found through MSAL.`);\n } catch (e) {\n this.logger.info(`Failed to acquire token through MSAL. ${e.message}`);\n }\n return;\n }\n\n /\n Uses MSAL to handle the redirect.\n /\n public async handleRedirect(): Promise<AuthenticationRecord \| undefined> {\n return this.handleBrowserResult(\n (await this.app.handleRedirectPromise(redirectHash)) \|\| undefined\n );\n }\n\n /\n Uses MSAL to trigger a redirect or a popup login.\n /\n public async login(scopes: string \| string[] = []): Promise<AuthenticationRecord \| undefined> {\n const arrayScopes = Array.isArray(scopes) ? scopes : [scopes];\n const loginRequest: msalBrowser.RedirectRequest = {\n scopes: arrayScopes,\n loginHint: this.loginHint\n };\n switch (this.loginStyle) {\n case \"redirect\": {\n await this.app.loginRedirect(loginRequest);\n return;\n }\n case \"popup\":\n return this.handleBrowserResult(await this.app.loginPopup(loginRequest));\n }\n }\n\n /\n Uses MSAL to retrieve the active account.\n /\n public async getActiveAccount(): Promise<AuthenticationRecord \| undefined> {\n const account = this.app.getActiveAccount();\n if (!account) {\n return;\n }\n return msalToPublic(this.clientId, account);\n }\n\n /\n Attempts to retrieve a token from cache.\n /\n public async getTokenSilent(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n const account = await this.getActiveAccount();\n if (!account) {\n throw new AuthenticationRequiredError(scopes, options);\n }\n\n const parameters: msalBrowser.SilentRequest = {\n authority: options?.authority \|\| this.msalConfig.auth.authority!,\n correlationId: options?.correlationId,\n account: publicToMsal(account),\n forceRefresh: false,\n scopes\n };\n\n try {\n this.logger.info(\"Attempting to acquire token silently\");\n const response = await this.app.acquireTokenSilent(parameters);\n return this.handleResult(scopes, this.clientId, response);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n\n /\n Attempts to retrieve the token in the browser.\n */\n protected async doGetToken(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n const account = await this.getActiveAccount();\n if (!account) {\n throw new AuthenticationRequiredError(scopes, options);\n }\n\n const parameters: msalBrowser.RedirectRequest = {\n authority: options?.authority \|\| this.msalConfig.auth.authority!,\n correlationId: options?.correlationId,\n account: publicToMsal(account),\n loginHint: this.loginHint,\n scopes\n };\n\n switch (this.loginStyle) {\n case \"redirect\":\n // This will go out of the page.\n // Once the InteractiveBrowserCredential is initialized again,\n // we'll load the MSAL account in the constructor.\n await this.app.acquireTokenRedirect(parameters);\n return { token: \"\", expiresOnTimestamp: 0 };\n case \"popup\":\n return this.handleResult(\n scopes,\n this.clientId,\n await this.app.acquireTokenPopup(parameters)\n );\n }\n }\n}\n"]}

package/dist-esm/src/msal/credentials.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../../src/msal/credentials.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-~~http~~\";\nimport { AuthenticationRecord } from \"./types\";\n\n/*\n The MSAL clients `getToken` requests can receive a `correlationId` and `disableAutomaticAuthentication`.\n * (which is used to prevent `getToken` from triggering the manual authentication if `getTokenSilent` fails).\n * @internal\n /\nexport interface CredentialFlowGetTokenOptions extends GetTokenOptions {\n /\n Unique identifier useful to track outgoing requests.\n /\n correlationId?: string;\n /\n Makes getToken throw if a manual authentication is necessary.\n /\n disableAutomaticAuthentication?: boolean;\n}\n\n/\n Simplified representation of the internal authentication flow.\n * @internal\n /\nexport interface CredentialFlow {\n /\n Clears the MSAL cache.\n /\n logout(): Promise<void>;\n /\n Tries to load the active account, either from memory or from MSAL.\n /\n getActiveAccount(): Promise<AuthenticationRecord \| undefined>;\n /\n Calls to the implementation's doGetToken method.\n */\n getToken(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken \| null>;\n}\n"]}
1	+ {"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../../src/msal/credentials.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\n\nimport { AuthenticationRecord } from \"./types\";\n\n/*\n The MSAL clients `getToken` requests can receive a `correlationId` and `disableAutomaticAuthentication`.\n * (which is used to prevent `getToken` from triggering the manual authentication if `getTokenSilent` fails).\n * @internal\n /\nexport interface CredentialFlowGetTokenOptions extends GetTokenOptions {\n /\n Unique identifier useful to track outgoing requests.\n /\n correlationId?: string;\n /\n Makes getToken throw if a manual authentication is necessary.\n /\n disableAutomaticAuthentication?: boolean;\n /\n Authority, to overwrite the default one, if necessary.\n /\n authority?: string;\n}\n\n/\n Simplified representation of the internal authentication flow.\n * @internal\n /\nexport interface CredentialFlow {\n /\n Clears the MSAL cache.\n /\n logout(): Promise<void>;\n /\n Tries to load the active account, either from memory or from MSAL.\n /\n getActiveAccount(): Promise<AuthenticationRecord \| undefined>;\n /\n Calls to the implementation's doGetToken method.\n */\n getToken(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken \| null>;\n}\n"]}

package/dist-esm/src/msal/errors.js CHANGED Viewed

@@ -1,10 +1,9 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
-import { CredentialUnavailableError } from "../client/errors";
 /**
  * Error used to enforce authentication after trying to retrieve a token silently.
  */
-export class AuthenticationRequiredError extends CredentialUnavailableError {
+export class AuthenticationRequiredError extends Error {
     constructor(
     /**
      * The list of scopes for which the token will have access.

package/dist-esm/src/msal/errors.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/msal/errors.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;~~AAGlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE9D~~;;GAEG;AACH,MAAM,OAAO,2BAA4B,SAAQ,~~0BAA0B~~;~~IACzE~~;IACE;;OAEG;IACI,MAAgB;IACvB;;OAEG;IACI,kBAAmC,EAAE,EAC5C,OAAgB;QAEhB,KAAK,CAAC,OAAO,CAAC,CAAC;QAPR,WAAM,GAAN,MAAM,CAAU;QAIhB,oBAAe,GAAf,eAAe,CAAsB;QAI5C,IAAI,CAAC,IAAI,GAAG,6BAA6B,CAAC;IAC5C,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { GetTokenOptions } from \"@azure/core-~~http~~\";\~~nimport { CredentialUnavailableError } from \"../client/errors\";\~~n\n/*\n Error used to enforce authentication after trying to retrieve a token silently.\n /\nexport class AuthenticationRequiredError extends ~~CredentialUnavailableError~~ {\n constructor(\n /\n The list of scopes for which the token will have access.\n /\n public scopes: string[],\n /\n The options used to configure the getToken request.\n */\n public getTokenOptions: GetTokenOptions = {},\n message?: string\n ) {\n super(message);\n this.name = \"AuthenticationRequiredError\";\n }\n}\n"]}
1	+ {"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/msal/errors.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC;;GAEG;AACH,MAAM,OAAO,2BAA4B,SAAQ,KAAK;IACpD;IACE;;OAEG;IACI,MAAgB;IACvB;;OAEG;IACI,kBAAmC,EAAE,EAC5C,OAAgB;QAEhB,KAAK,CAAC,OAAO,CAAC,CAAC;QAPR,WAAM,GAAN,MAAM,CAAU;QAIhB,oBAAe,GAAf,eAAe,CAAsB;QAI5C,IAAI,CAAC,IAAI,GAAG,6BAA6B,CAAC;IAC5C,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\n\n/*\n Error used to enforce authentication after trying to retrieve a token silently.\n /\nexport class AuthenticationRequiredError extends Error {\n constructor(\n /\n The list of scopes for which the token will have access.\n /\n public scopes: string[],\n /\n The options used to configure the getToken request.\n */\n public getTokenOptions: GetTokenOptions = {},\n message?: string\n ) {\n super(message);\n this.name = \"AuthenticationRequiredError\";\n }\n}\n"]}

package/dist-esm/src/msal/flows.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"flows.js","sourceRoot":"","sources":["../../../src/msal/flows.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken } from \"@azure/core-~~http~~\";\nimport { CredentialLogger } from \"../util/logging\";\nimport { AuthenticationRecord } from \"./types\";\nimport { CredentialFlowGetTokenOptions } from \"./credentials\";\n\n/*\n Union of the constructor parameters that all MSAL flow types take.\n * @internal\n /\nexport interface MsalFlowOptions {\n logger: CredentialLogger;\n clientId?: string;\n tenantId?: string;\n authorityHost?: string;\n authenticationRecord?: AuthenticationRecord;\n disableAutomaticAuthentication?: boolean;\n}\n\n/\n The common methods we use to work with the MSAL flows.\n * @internal\n /\nexport interface MsalFlow {\n /\n Allows for any setup before any request is processed.\n /\n init(options?: CredentialFlowGetTokenOptions): Promise<void>;\n /\n Clears the MSAL cache.\n /\n logout(): Promise<void>;\n /\n Tries to load the active account, either from memory or from MSAL.\n /\n getActiveAccount(): Promise<AuthenticationRecord \| undefined>;\n /\n Tries to retrieve the token silently using MSAL.\n /\n getTokenSilent(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken>;\n /\n Calls to the implementation's doGetToken method.\n */\n getToken(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken>;\n}\n"]}
1	+ {"version":3,"file":"flows.js","sourceRoot":"","sources":["../../../src/msal/flows.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken } from \"@azure/core-auth\";\n\nimport { CredentialLogger } from \"../util/logging\";\nimport { AuthenticationRecord } from \"./types\";\nimport { CredentialFlowGetTokenOptions } from \"./credentials\";\n\n/*\n Union of the constructor parameters that all MSAL flow types take.\n * @internal\n /\nexport interface MsalFlowOptions {\n logger: CredentialLogger;\n clientId?: string;\n tenantId?: string;\n authorityHost?: string;\n authenticationRecord?: AuthenticationRecord;\n disableAutomaticAuthentication?: boolean;\n}\n\n/\n The common methods we use to work with the MSAL flows.\n * @internal\n /\nexport interface MsalFlow {\n /\n Allows for any setup before any request is processed.\n /\n init(options?: CredentialFlowGetTokenOptions): Promise<void>;\n /\n Tries to load the active account, either from memory or from MSAL.\n /\n getActiveAccount(): Promise<AuthenticationRecord \| undefined>;\n /\n Tries to retrieve the token silently using MSAL.\n /\n getTokenSilent(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken>;\n /\n Calls to the implementation's doGetToken method.\n */\n getToken(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken>;\n}\n"]}

package/dist-esm/src/msal/nodeFlows/msalAuthorizationCode.js ADDED Viewed

@@ -0,0 +1,41 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+import { credentialLogger } from "../../util/logging";
+import { MsalNode } from "./nodeCommon";
+/**
+ * This MSAL client sets up a web server to listen for redirect callbacks, then calls to the MSAL's public application's `acquireTokenByDeviceCode` during `doGetToken`
+ * to trigger the authentication flow, and then respond based on the values obtained from the redirect callback
+ * @internal
+ */
+export class MsalAuthorizationCode extends MsalNode {
+    constructor(options) {
+        super(options);
+        this.logger = credentialLogger("NodeJS MSAL Authorization Code");
+        this.redirectUri = options.redirectUri;
+        this.authorizationCode = options.authorizationCode;
+        if (options.clientSecret) {
+            this.msalConfig.auth.clientSecret = options.clientSecret;
+        }
+    }
+    async getAuthCodeUrl(options) {
+        await this.init();
+        return this.confidentialApp.getAuthCodeUrl(options);
+    }
+    async doGetToken(scopes, options) {
+        var _a;
+        try {
+            const result = await ((_a = this.confidentialApp) === null || _a === void 0 ? void 0 : _a.acquireTokenByCode({
+                scopes,
+                redirectUri: this.redirectUri,
+                code: this.authorizationCode
+            }));
+            // The Client Credential flow does not return an account,
+            // so each time getToken gets called, we will have to acquire a new token through the service.
+            return this.handleResult(scopes, this.clientId, result || undefined);
+        }
+        catch (err) {
+            throw this.handleError(scopes, err, options);
+        }
+    }
+}
+//# sourceMappingURL=msalAuthorizationCode.js.map

package/dist-esm/src/msal/nodeFlows/msalAuthorizationCode.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"msalAuthorizationCode.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalAuthorizationCode.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAmB,QAAQ,EAAE,MAAM,cAAc,CAAC;AAYzD;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,QAAQ;IAIjD,YAAY,OAAqC;QAC/C,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC,gCAAgC,CAAC,CAAC;QACjE,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,iBAAiB,GAAG,OAAO,CAAC,iBAAiB,CAAC;QACnD,IAAI,OAAO,CAAC,YAAY,EAAE;YACxB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;SAC1D;IACH,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAAkD;QACrE,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,eAAgB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IACvD,CAAC;IAES,KAAK,CAAC,UAAU,CACxB,MAAgB,EAChB,OAAuC;;QAEvC,IAAI;YACF,MAAM,MAAM,GAAG,MAAM,CAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,CAAC;gBAC5D,MAAM;gBACN,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,IAAI,EAAE,IAAI,CAAC,iBAAiB;aAC7B,CAAC,CAAA,CAAC;YACH,yDAAyD;YACzD,8FAA8F;YAC9F,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,EAAE,MAAM,IAAI,SAAS,CAAC,CAAC;SACtE;QAAC,OAAO,GAAG,EAAE;YACZ,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;SAC9C;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { MsalNodeOptions, MsalNode } from \"./nodeCommon\";\n\n/**\n * Options that can be passed to configure MSAL to handle authentication through opening a browser window.\n * @internal\n */\nexport interface MSALAuthorizationCodeOptions extends MsalNodeOptions {\n redirectUri: string;\n authorizationCode: string;\n clientSecret?: string;\n}\n\n/**\n * This MSAL client sets up a web server to listen for redirect callbacks, then calls to the MSAL's public application's `acquireTokenByDeviceCode` during `doGetToken`\n * to trigger the authentication flow, and then respond based on the values obtained from the redirect callback\n * @internal\n */\nexport class MsalAuthorizationCode extends MsalNode {\n private redirectUri: string;\n private authorizationCode: string;\n\n constructor(options: MSALAuthorizationCodeOptions) {\n super(options);\n this.logger = credentialLogger(\"NodeJS MSAL Authorization Code\");\n this.redirectUri = options.redirectUri;\n this.authorizationCode = options.authorizationCode;\n if (options.clientSecret) {\n this.msalConfig.auth.clientSecret = options.clientSecret;\n }\n }\n\n async getAuthCodeUrl(options: { scopes: string[]; redirectUri: string }): Promise<string> {\n await this.init();\n return this.confidentialApp!.getAuthCodeUrl(options);\n }\n\n protected async doGetToken(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions\n ): Promise<AccessToken> {\n try {\n const result = await this.confidentialApp?.acquireTokenByCode({\n scopes,\n redirectUri: this.redirectUri,\n code: this.authorizationCode\n });\n // The Client Credential flow does not return an account,\n // so each time getToken gets called, we will have to acquire a new token through the service.\n return this.handleResult(scopes, this.clientId, result || undefined);\n } catch (err) {\n throw this.handleError(scopes, err, options);\n }\n }\n}\n"]}