@azure/identity 2.0.0-beta.2 → 2.0.0-beta.6

package/dist-esm/src/client/errors.js

@@ -85,7 +85,7 @@ export const AggregateAuthenticationErrorName = "AggregateAuthenticationError";
 export class AggregateAuthenticationError extends Error {
     constructor(errors, errorMessage) {
         const errorDetail = errors.join("\n");
-        super(`${errorMessage}\n\n${errorDetail}`);
+        super(`${errorMessage}\n${errorDetail}`);
         this.errors = errors;
         // Ensure that this type reports the correct name
         this.name = AggregateAuthenticationErrorName;

package/dist-esm/src/client/errors.js.map

@@ -1 +1 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/client/errors.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAuDlC,SAAS,eAAe,CAAC,aAAkB;IACzC,OAAO,CACL,aAAa;QACb,OAAO,aAAa,CAAC,KAAK,KAAK,QAAQ;QACvC,OAAO,aAAa,CAAC,iBAAiB,KAAK,QAAQ,CACpD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,8BAA8B,GAAG,4BAA4B,CAAC;AAE3E;;;;GAIG;AACH,MAAM,OAAO,0BAA2B,SAAQ,KAAK;IACnD,YAAY,OAAgB;QAC1B,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;IAC7C,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AAE7D;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAW5C,wDAAwD;IACxD,YAAY,UAAkB,EAAE,SAA6C;QAC3E,IAAI,aAAa,GAAkB;YACjC,KAAK,EAAE,SAAS;YAChB,gBAAgB,EAAE,oEAAoE;SACvF,CAAC;QAEF,IAAI,eAAe,CAAC,SAAS,CAAC,EAAE;YAC9B,aAAa,GAAG,wCAAwC,CAAC,SAAS,CAAC,CAAC;SACrE;aAAM,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;YACxC,IAAI;gBACF,iEAAiE;gBACjE,uBAAuB;gBACvB,MAAM,kBAAkB,GAAuB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBACrE,aAAa,GAAG,wCAAwC,CAAC,kBAAkB,CAAC,CAAC;aAC9E;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,UAAU,KAAK,GAAG,EAAE;oBACtB,aAAa,GAAG;wBACd,KAAK,EAAE,qBAAqB;wBAC5B,gBAAgB,EAAE,4CAA4C;qBAC/D,CAAC;iBACH;qBAAM;oBACL,aAAa,GAAG;wBACd,KAAK,EAAE,eAAe;wBACtB,gBAAgB,EAAE,oDAAoD,SAAS,EAAE;qBAClF,CAAC;iBACH;aACF;SACF;aAAM;YACL,aAAa,GAAG;gBACd,KAAK,EAAE,eAAe;gBACtB,gBAAgB,EAAE,oEAAoE;aACvF,CAAC;SACH;QAED,KAAK,CACH,GAAG,aAAa,CAAC,KAAK,gBAAgB,UAAU,sBAAsB,aAAa,CAAC,gBAAgB,EAAE,CACvG,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QAEnC,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gCAAgC,GAAG,8BAA8B,CAAC;AAE/E;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IAOrD,YAAY,MAAa,EAAE,YAAqB;QAC9C,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,KAAK,CAAC,GAAG,YAAY,OAAO,WAAW,EAAE,CAAC,CAAC;QAC3C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,gCAAgC,CAAC;IAC/C,CAAC;CACF;AAED,SAAS,wCAAwC,CAAC,SAA6B;IAC7E,OAAO;QACL,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,gBAAgB,EAAE,SAAS,CAAC,iBAAiB;QAC7C,aAAa,EAAE,SAAS,CAAC,cAAc;QACvC,UAAU,EAAE,SAAS,CAAC,WAAW;QACjC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,OAAO,EAAE,SAAS,CAAC,QAAQ;KAC5B,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * See the official documentation for more details:\n *\n * https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#error-response-1\n *\n * NOTE: This documentation is for v1 OAuth support but the same error\n * response details still apply to v2.\n */\nexport interface ErrorResponse {\n  /**\n   * The string identifier for the error.\n   */\n  error: string;\n\n  /**\n   * The error's description.\n   */\n  errorDescription: string;\n\n  /**\n   * An array of codes pertaining to the error(s) that occurred.\n   */\n  errorCodes?: number[];\n\n  /**\n   * The timestamp at which the error occurred.\n   */\n  timestamp?: string;\n\n  /**\n   * The trace identifier for this error occurrence.\n   */\n  traceId?: string;\n\n  /**\n   * The correlation ID to be used for tracking the source of the error.\n   */\n  correlationId?: string;\n}\n\n/**\n * Used for internal deserialization of OAuth responses. Public model is ErrorResponse\n * @internal\n */\nexport interface OAuthErrorResponse {\n  error: string;\n  error_description: string;\n  error_codes?: number[];\n  timestamp?: string;\n  trace_id?: string;\n  correlation_id?: string;\n}\n\nfunction isErrorResponse(errorResponse: any): errorResponse is OAuthErrorResponse {\n  return (\n    errorResponse &&\n    typeof errorResponse.error === \"string\" &&\n    typeof errorResponse.error_description === \"string\"\n  );\n}\n\n/**\n * The Error.name value of an CredentialUnavailable\n */\nexport const CredentialUnavailableErrorName = \"CredentialUnavailableError\";\n\n/**\n * This signifies that the credential that was tried in a chained credential\n * was not available to be used as the credential. Rather than treating this as\n * an error that should halt the chain, it's caught and the chain continues\n */\nexport class CredentialUnavailableError extends Error {\n  constructor(message?: string) {\n    super(message);\n    this.name = CredentialUnavailableErrorName;\n  }\n}\n\n/**\n * The Error.name value of an AuthenticationError\n */\nexport const AuthenticationErrorName = \"AuthenticationError\";\n\n/**\n * Provides details about a failure to authenticate with Azure Active\n * Directory.  The `errorResponse` field contains more details about\n * the specific failure.\n */\nexport class AuthenticationError extends Error {\n  /**\n   * The HTTP status code returned from the authentication request.\n   */\n  public readonly statusCode: number;\n\n  /**\n   * The error response details.\n   */\n  public readonly errorResponse: ErrorResponse;\n\n  // eslint-disable-next-line @typescript-eslint/ban-types\n  constructor(statusCode: number, errorBody: object | string | undefined | null) {\n    let errorResponse: ErrorResponse = {\n      error: \"unknown\",\n      errorDescription: \"An unknown error occurred and no additional details are available.\"\n    };\n\n    if (isErrorResponse(errorBody)) {\n      errorResponse = convertOAuthErrorResponseToErrorResponse(errorBody);\n    } else if (typeof errorBody === \"string\") {\n      try {\n        // Most error responses will contain JSON-formatted error details\n        // in the response body\n        const oauthErrorResponse: OAuthErrorResponse = JSON.parse(errorBody);\n        errorResponse = convertOAuthErrorResponseToErrorResponse(oauthErrorResponse);\n      } catch (e) {\n        if (statusCode === 400) {\n          errorResponse = {\n            error: \"authority_not_found\",\n            errorDescription: \"The specified authority URL was not found.\"\n          };\n        } else {\n          errorResponse = {\n            error: \"unknown_error\",\n            errorDescription: `An unknown error has occurred. Response body:\\n\\n${errorBody}`\n          };\n        }\n      }\n    } else {\n      errorResponse = {\n        error: \"unknown_error\",\n        errorDescription: \"An unknown error occurred and no additional details are available.\"\n      };\n    }\n\n    super(\n      `${errorResponse.error}(status code ${statusCode}).\\nMore details:\\n${errorResponse.errorDescription}`\n    );\n    this.statusCode = statusCode;\n    this.errorResponse = errorResponse;\n\n    // Ensure that this type reports the correct name\n    this.name = AuthenticationErrorName;\n  }\n}\n\n/**\n * The Error.name value of an AggregateAuthenticationError\n */\nexport const AggregateAuthenticationErrorName = \"AggregateAuthenticationError\";\n\n/**\n * Provides an `errors` array containing {@link AuthenticationError} instance\n * for authentication failures from credentials in a {@link ChainedTokenCredential}.\n */\nexport class AggregateAuthenticationError extends Error {\n  /**\n   * The array of error objects that were thrown while trying to authenticate\n   * with the credentials in a {@link ChainedTokenCredential}.\n   */\n  public errors: any[];\n\n  constructor(errors: any[], errorMessage?: string) {\n    const errorDetail = errors.join(\"\\n\");\n    super(`${errorMessage}\\n\\n${errorDetail}`);\n    this.errors = errors;\n\n    // Ensure that this type reports the correct name\n    this.name = AggregateAuthenticationErrorName;\n  }\n}\n\nfunction convertOAuthErrorResponseToErrorResponse(errorBody: OAuthErrorResponse): ErrorResponse {\n  return {\n    error: errorBody.error,\n    errorDescription: errorBody.error_description,\n    correlationId: errorBody.correlation_id,\n    errorCodes: errorBody.error_codes,\n    timestamp: errorBody.timestamp,\n    traceId: errorBody.trace_id\n  };\n}\n"]}
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/client/errors.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAuDlC,SAAS,eAAe,CAAC,aAAkB;IACzC,OAAO,CACL,aAAa;QACb,OAAO,aAAa,CAAC,KAAK,KAAK,QAAQ;QACvC,OAAO,aAAa,CAAC,iBAAiB,KAAK,QAAQ,CACpD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,8BAA8B,GAAG,4BAA4B,CAAC;AAE3E;;;;GAIG;AACH,MAAM,OAAO,0BAA2B,SAAQ,KAAK;IACnD,YAAY,OAAgB;QAC1B,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;IAC7C,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AAE7D;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAW5C,wDAAwD;IACxD,YAAY,UAAkB,EAAE,SAA6C;QAC3E,IAAI,aAAa,GAAkB;YACjC,KAAK,EAAE,SAAS;YAChB,gBAAgB,EAAE,oEAAoE;SACvF,CAAC;QAEF,IAAI,eAAe,CAAC,SAAS,CAAC,EAAE;YAC9B,aAAa,GAAG,wCAAwC,CAAC,SAAS,CAAC,CAAC;SACrE;aAAM,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE;YACxC,IAAI;gBACF,iEAAiE;gBACjE,uBAAuB;gBACvB,MAAM,kBAAkB,GAAuB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBACrE,aAAa,GAAG,wCAAwC,CAAC,kBAAkB,CAAC,CAAC;aAC9E;YAAC,OAAO,CAAC,EAAE;gBACV,IAAI,UAAU,KAAK,GAAG,EAAE;oBACtB,aAAa,GAAG;wBACd,KAAK,EAAE,qBAAqB;wBAC5B,gBAAgB,EAAE,4CAA4C;qBAC/D,CAAC;iBACH;qBAAM;oBACL,aAAa,GAAG;wBACd,KAAK,EAAE,eAAe;wBACtB,gBAAgB,EAAE,oDAAoD,SAAS,EAAE;qBAClF,CAAC;iBACH;aACF;SACF;aAAM;YACL,aAAa,GAAG;gBACd,KAAK,EAAE,eAAe;gBACtB,gBAAgB,EAAE,oEAAoE;aACvF,CAAC;SACH;QAED,KAAK,CACH,GAAG,aAAa,CAAC,KAAK,gBAAgB,UAAU,sBAAsB,aAAa,CAAC,gBAAgB,EAAE,CACvG,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QAEnC,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gCAAgC,GAAG,8BAA8B,CAAC;AAE/E;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IAOrD,YAAY,MAAa,EAAE,YAAqB;QAC9C,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,KAAK,CAAC,GAAG,YAAY,KAAK,WAAW,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,gCAAgC,CAAC;IAC/C,CAAC;CACF;AAED,SAAS,wCAAwC,CAAC,SAA6B;IAC7E,OAAO;QACL,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,gBAAgB,EAAE,SAAS,CAAC,iBAAiB;QAC7C,aAAa,EAAE,SAAS,CAAC,cAAc;QACvC,UAAU,EAAE,SAAS,CAAC,WAAW;QACjC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,OAAO,EAAE,SAAS,CAAC,QAAQ;KAC5B,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * See the official documentation for more details:\n *\n * https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#error-response-1\n *\n * NOTE: This documentation is for v1 OAuth support but the same error\n * response details still apply to v2.\n */\nexport interface ErrorResponse {\n  /**\n   * The string identifier for the error.\n   */\n  error: string;\n\n  /**\n   * The error's description.\n   */\n  errorDescription: string;\n\n  /**\n   * An array of codes pertaining to the error(s) that occurred.\n   */\n  errorCodes?: number[];\n\n  /**\n   * The timestamp at which the error occurred.\n   */\n  timestamp?: string;\n\n  /**\n   * The trace identifier for this error occurrence.\n   */\n  traceId?: string;\n\n  /**\n   * The correlation ID to be used for tracking the source of the error.\n   */\n  correlationId?: string;\n}\n\n/**\n * Used for internal deserialization of OAuth responses. Public model is ErrorResponse\n * @internal\n */\nexport interface OAuthErrorResponse {\n  error: string;\n  error_description: string;\n  error_codes?: number[];\n  timestamp?: string;\n  trace_id?: string;\n  correlation_id?: string;\n}\n\nfunction isErrorResponse(errorResponse: any): errorResponse is OAuthErrorResponse {\n  return (\n    errorResponse &&\n    typeof errorResponse.error === \"string\" &&\n    typeof errorResponse.error_description === \"string\"\n  );\n}\n\n/**\n * The Error.name value of an CredentialUnavailable\n */\nexport const CredentialUnavailableErrorName = \"CredentialUnavailableError\";\n\n/**\n * This signifies that the credential that was tried in a chained credential\n * was not available to be used as the credential. Rather than treating this as\n * an error that should halt the chain, it's caught and the chain continues\n */\nexport class CredentialUnavailableError extends Error {\n  constructor(message?: string) {\n    super(message);\n    this.name = CredentialUnavailableErrorName;\n  }\n}\n\n/**\n * The Error.name value of an AuthenticationError\n */\nexport const AuthenticationErrorName = \"AuthenticationError\";\n\n/**\n * Provides details about a failure to authenticate with Azure Active\n * Directory.  The `errorResponse` field contains more details about\n * the specific failure.\n */\nexport class AuthenticationError extends Error {\n  /**\n   * The HTTP status code returned from the authentication request.\n   */\n  public readonly statusCode: number;\n\n  /**\n   * The error response details.\n   */\n  public readonly errorResponse: ErrorResponse;\n\n  // eslint-disable-next-line @typescript-eslint/ban-types\n  constructor(statusCode: number, errorBody: object | string | undefined | null) {\n    let errorResponse: ErrorResponse = {\n      error: \"unknown\",\n      errorDescription: \"An unknown error occurred and no additional details are available.\"\n    };\n\n    if (isErrorResponse(errorBody)) {\n      errorResponse = convertOAuthErrorResponseToErrorResponse(errorBody);\n    } else if (typeof errorBody === \"string\") {\n      try {\n        // Most error responses will contain JSON-formatted error details\n        // in the response body\n        const oauthErrorResponse: OAuthErrorResponse = JSON.parse(errorBody);\n        errorResponse = convertOAuthErrorResponseToErrorResponse(oauthErrorResponse);\n      } catch (e) {\n        if (statusCode === 400) {\n          errorResponse = {\n            error: \"authority_not_found\",\n            errorDescription: \"The specified authority URL was not found.\"\n          };\n        } else {\n          errorResponse = {\n            error: \"unknown_error\",\n            errorDescription: `An unknown error has occurred. Response body:\\n\\n${errorBody}`\n          };\n        }\n      }\n    } else {\n      errorResponse = {\n        error: \"unknown_error\",\n        errorDescription: \"An unknown error occurred and no additional details are available.\"\n      };\n    }\n\n    super(\n      `${errorResponse.error}(status code ${statusCode}).\\nMore details:\\n${errorResponse.errorDescription}`\n    );\n    this.statusCode = statusCode;\n    this.errorResponse = errorResponse;\n\n    // Ensure that this type reports the correct name\n    this.name = AuthenticationErrorName;\n  }\n}\n\n/**\n * The Error.name value of an AggregateAuthenticationError\n */\nexport const AggregateAuthenticationErrorName = \"AggregateAuthenticationError\";\n\n/**\n * Provides an `errors` array containing {@link AuthenticationError} instance\n * for authentication failures from credentials in a {@link ChainedTokenCredential}.\n */\nexport class AggregateAuthenticationError extends Error {\n  /**\n   * The array of error objects that were thrown while trying to authenticate\n   * with the credentials in a {@link ChainedTokenCredential}.\n   */\n  public errors: any[];\n\n  constructor(errors: any[], errorMessage?: string) {\n    const errorDetail = errors.join(\"\\n\");\n    super(`${errorMessage}\\n${errorDetail}`);\n    this.errors = errors;\n\n    // Ensure that this type reports the correct name\n    this.name = AggregateAuthenticationErrorName;\n  }\n}\n\nfunction convertOAuthErrorResponseToErrorResponse(errorBody: OAuthErrorResponse): ErrorResponse {\n  return {\n    error: errorBody.error,\n    errorDescription: errorBody.error_description,\n    correlationId: errorBody.correlation_id,\n    errorCodes: errorBody.error_codes,\n    timestamp: errorBody.timestamp,\n    traceId: errorBody.trace_id\n  };\n}\n"]}

package/dist-esm/src/client/identityClient.js

@@ -1,150 +1,158 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
-import { __awaiter } from "tslib";
-import qs from "qs";
-import { ServiceClient, WebResource, createPipelineFromOptions, isNode } from "@azure/core-http";
+import { ServiceClient } from "@azure/core-client";
 import { SpanStatusCode } from "@azure/core-tracing";
+import { isNode } from "@azure/core-util";
+import { createHttpHeaders, createPipelineRequest } from "@azure/core-rest-pipeline";
 import { AbortController } from "@azure/abort-controller";
 import { AuthenticationError, AuthenticationErrorName } from "./errors";
-import { getAuthorityHostEnvironment } from "../util/authHostEnv";
 import { getIdentityTokenEndpointSuffix } from "../util/identityTokenEndpoint";
 import { DefaultAuthorityHost } from "../constants";
 import { createSpan } from "../util/tracing";
 import { logger } from "../util/logging";
 const noCorrelationId = "noCorrelationId";
+/**
+ * @internal
+ */
+export function getIdentityClientAuthorityHost(options) {
+    // The authorityHost can come from options or from the AZURE_AUTHORITY_HOST environment variable.
+    let authorityHost = options === null || options === void 0 ? void 0 : options.authorityHost;
+    // The AZURE_AUTHORITY_HOST environment variable can only be provided in Node.js.
+    if (isNode) {
+        authorityHost = authorityHost !== null && authorityHost !== void 0 ? authorityHost : process.env.AZURE_AUTHORITY_HOST;
+    }
+    // If the authorityHost is not provided, we use the default one from the public cloud: https://login.microsoftonline.com
+    return authorityHost !== null && authorityHost !== void 0 ? authorityHost : DefaultAuthorityHost;
+}
 /**
  * The network module used by the Identity credentials.
  *
  * It allows for credentials to abort any pending request independently of the MSAL flow,
  * by calling to the `abortRequests()` method.
  *
- * @internal
  */
 export class IdentityClient extends ServiceClient {
     constructor(options) {
-        if (isNode) {
-            options = options || getAuthorityHostEnvironment();
-        }
-        // Only if the authorityHost is not provided, we use the default one.
-        options = Object.assign({ authorityHost: DefaultAuthorityHost }, options);
-        super(undefined, createPipelineFromOptions(Object.assign(Object.assign({}, options), { deserializationOptions: {
-                expectedContentTypes: {
-                    json: ["application/json", "text/json", "text/plain"]
-                }
-            } })));
-        this.baseUri = this.authorityHost = options.authorityHost || DefaultAuthorityHost;
-        if (!this.baseUri.startsWith("https:")) {
+        var _a;
+        const packageDetails = `azsdk-js-identity/2.0.0-beta.6`;
+        const userAgentPrefix = ((_a = options === null || options === void 0 ? void 0 : options.userAgentOptions) === null || _a === void 0 ? void 0 : _a.userAgentPrefix)
+            ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}`
+            : `${packageDetails}`;
+        const baseUri = getIdentityClientAuthorityHost(options);
+        if (!baseUri.startsWith("https:")) {
             throw new Error("The authorityHost address must use the 'https' protocol.");
         }
+        super(Object.assign(Object.assign({ requestContentType: "application/json; charset=utf-8" }, options), { userAgentOptions: {
+                userAgentPrefix
+            }, baseUri }));
+        this.authorityHost = baseUri;
         this.abortControllers = new Map();
     }
-    createWebResource(requestOptions) {
-        const webResource = new WebResource();
-        webResource.prepare(requestOptions);
-        return webResource;
-    }
-    sendTokenRequest(webResource, expiresOnParser) {
-        return __awaiter(this, void 0, void 0, function* () {
-            logger.info(`IdentityClient: sending token request to [${webResource.url}]`);
-            const response = yield this.sendRequest(webResource);
-            expiresOnParser =
-                expiresOnParser ||
-                    ((responseBody) => {
-                        return Date.now() + responseBody.expires_in * 1000;
-                    });
-            if (response.status === 200 || response.status === 201) {
-                const token = {
-                    accessToken: {
-                        token: response.parsedBody.access_token,
-                        expiresOnTimestamp: expiresOnParser(response.parsedBody)
-                    },
-                    refreshToken: response.parsedBody.refresh_token
-                };
-                logger.info(`IdentityClient: [${webResource.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`);
-                return token;
-            }
-            else {
-                const error = new AuthenticationError(response.status, response.parsedBody || response.bodyAsText);
-                logger.warning(`IdentityClient: authentication error. HTTP status: ${response.status}, ${error.errorResponse.errorDescription}`);
-                throw error;
-            }
-        });
-    }
-    refreshAccessToken(tenantId, clientId, scopes, refreshToken, clientSecret, expiresOnParser, options) {
-        var _a, _b;
-        return __awaiter(this, void 0, void 0, function* () {
-            if (refreshToken === undefined) {
+    async sendTokenRequest(request, expiresOnParser) {
+        logger.info(`IdentityClient: sending token request to [${request.url}]`);
+        const response = await this.sendRequest(request);
+        expiresOnParser =
+            expiresOnParser ||
+                ((responseBody) => {
+                    return Date.now() + responseBody.expires_in * 1000;
+                });
+        if (response.bodyAsText && (response.status === 200 || response.status === 201)) {
+            const parsedBody = JSON.parse(response.bodyAsText);
+            if (!parsedBody.access_token) {
                 return null;
             }
-            logger.info(`IdentityClient: refreshing access token with client ID: ${clientId}, scopes: ${scopes} started`);
-            const { span, updatedOptions } = createSpan("IdentityClient-refreshAccessToken", options);
-            const refreshParams = {
-                grant_type: "refresh_token",
-                client_id: clientId,
-                refresh_token: refreshToken,
-                scope: scopes
+            const token = {
+                accessToken: {
+                    token: parsedBody.access_token,
+                    expiresOnTimestamp: expiresOnParser(parsedBody)
+                },
+                refreshToken: parsedBody.refresh_token
             };
-            if (clientSecret !== undefined) {
-                refreshParams.client_secret = clientSecret;
-            }
-            try {
-                const urlSuffix = getIdentityTokenEndpointSuffix(tenantId);
-                const webResource = this.createWebResource({
-                    url: `${this.authorityHost}/${tenantId}/${urlSuffix}`,
-                    method: "POST",
-                    disableJsonStringifyOnBody: true,
-                    deserializationMapper: undefined,
-                    body: qs.stringify(refreshParams),
-                    headers: {
-                        Accept: "application/json",
-                        "Content-Type": "application/x-www-form-urlencoded"
-                    },
-                    spanOptions: (_a = updatedOptions === null || updatedOptions === void 0 ? void 0 : updatedOptions.tracingOptions) === null || _a === void 0 ? void 0 : _a.spanOptions,
-                    tracingContext: (_b = updatedOptions === null || updatedOptions === void 0 ? void 0 : updatedOptions.tracingOptions) === null || _b === void 0 ? void 0 : _b.tracingContext,
-                    abortSignal: options && options.abortSignal
+            logger.info(`IdentityClient: [${request.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`);
+            return token;
+        }
+        else {
+            const error = new AuthenticationError(response.status, response.bodyAsText);
+            logger.warning(`IdentityClient: authentication error. HTTP status: ${response.status}, ${error.errorResponse.errorDescription}`);
+            throw error;
+        }
+    }
+    async refreshAccessToken(tenantId, clientId, scopes, refreshToken, clientSecret, expiresOnParser, options) {
+        if (refreshToken === undefined) {
+            return null;
+        }
+        logger.info(`IdentityClient: refreshing access token with client ID: ${clientId}, scopes: ${scopes} started`);
+        const { span, updatedOptions } = createSpan("IdentityClient-refreshAccessToken", options);
+        const refreshParams = {
+            grant_type: "refresh_token",
+            client_id: clientId,
+            refresh_token: refreshToken,
+            scope: scopes
+        };
+        if (clientSecret !== undefined) {
+            refreshParams.client_secret = clientSecret;
+        }
+        const query = new URLSearchParams(refreshParams);
+        try {
+            const urlSuffix = getIdentityTokenEndpointSuffix(tenantId);
+            const request = createPipelineRequest({
+                url: `${this.authorityHost}/${tenantId}/${urlSuffix}`,
+                method: "POST",
+                body: query.toString(),
+                abortSignal: options && options.abortSignal,
+                headers: createHttpHeaders({
+                    Accept: "application/json",
+                    "Content-Type": "application/x-www-form-urlencoded"
+                }),
+                tracingOptions: updatedOptions === null || updatedOptions === void 0 ? void 0 : updatedOptions.tracingOptions
+            });
+            const response = await this.sendTokenRequest(request, expiresOnParser);
+            logger.info(`IdentityClient: refreshed token for client ID: ${clientId}`);
+            return response;
+        }
+        catch (err) {
+            if (err.name === AuthenticationErrorName &&
+                err.errorResponse.error === "interaction_required") {
+                // It's likely that the refresh token has expired, so
+                // return null so that the credential implementation will
+                // initiate the authentication flow again.
+                logger.info(`IdentityClient: interaction required for client ID: ${clientId}`);
+                span.setStatus({
+                    code: SpanStatusCode.ERROR,
+                    message: err.message
                 });
-                const response = yield this.sendTokenRequest(webResource, expiresOnParser);
-                logger.info(`IdentityClient: refreshed token for client ID: ${clientId}`);
-                return response;
-            }
-            catch (err) {
-                if (err.name === AuthenticationErrorName &&
-                    err.errorResponse.error === "interaction_required") {
-                    // It's likely that the refresh token has expired, so
-                    // return null so that the credential implementation will
-                    // initiate the authentication flow again.
-                    logger.info(`IdentityClient: interaction required for client ID: ${clientId}`);
-                    span.setStatus({
-                        code: SpanStatusCode.ERROR,
-                        message: err.message
-                    });
-                    return null;
-                }
-                else {
-                    logger.warning(`IdentityClient: failed refreshing token for client ID: ${clientId}: ${err}`);
-                    span.setStatus({
-                        code: SpanStatusCode.ERROR,
-                        message: err.message
-                    });
-                    throw err;
-                }
+                return null;
             }
-            finally {
-                span.end();
+            else {
+                logger.warning(`IdentityClient: failed refreshing token for client ID: ${clientId}: ${err}`);
+                span.setStatus({
+                    code: SpanStatusCode.ERROR,
+                    message: err.message
+                });
+                throw err;
             }
-        });
+        }
+        finally {
+            span.end();
+        }
     }
     // Here is a custom layer that allows us to abort requests that go through MSAL,
     // since MSAL doesn't allow us to pass options all the way through.
     generateAbortSignal(correlationId) {
         const controller = new AbortController();
-        const key = correlationId || noCorrelationId;
-        const controllers = this.abortControllers.get(key) || [];
+        const controllers = this.abortControllers.get(correlationId) || [];
         controllers.push(controller);
-        this.abortControllers.set(key, controllers);
+        this.abortControllers.set(correlationId, controllers);
+        const existingOnAbort = controller.signal.onabort;
+        controller.signal.onabort = (...params) => {
+            this.abortControllers.set(correlationId, undefined);
+            if (existingOnAbort) {
+                existingOnAbort(...params);
+            }
+        };
         return controller.signal;
     }
-    abortRequests(correlationId = noCorrelationId) {
+    abortRequests(correlationId) {
         const key = correlationId || noCorrelationId;
         const controllers = [
             ...(this.abortControllers.get(key) || []),
@@ -158,37 +166,43 @@ export class IdentityClient extends ServiceClient {
             controller.abort();
         }
         this.abortControllers.set(key, undefined);
-        this.abortControllers.set(noCorrelationId, undefined);
     }
     getCorrelationId(options) {
         var _a;
         const parameter = (_a = options === null || options === void 0 ? void 0 : options.body) === null || _a === void 0 ? void 0 : _a.split("&").map((part) => part.split("=")).find(([key]) => key === "client-request-id");
-        return parameter && parameter.length ? parameter[1] : noCorrelationId;
+        return parameter && parameter.length ? parameter[1] || noCorrelationId : noCorrelationId;
     }
     // The MSAL network module methods follow
-    sendGetRequestAsync(url, options) {
-        const webResource = new WebResource(url, "GET", options === null || options === void 0 ? void 0 : options.body, {}, options === null || options === void 0 ? void 0 : options.headers, false, false, 
-        // MSAL doesn't send the correlation ID on the get requests.
-        this.generateAbortSignal());
-        return this.sendRequest(webResource).then((response) => {
-            return {
-                body: response.parsedBody,
-                headers: response.headers.rawHeaders(),
-                status: response.status
-            };
+    async sendGetRequestAsync(url, options) {
+        const request = createPipelineRequest({
+            url,
+            method: "GET",
+            body: options === null || options === void 0 ? void 0 : options.body,
+            headers: createHttpHeaders(options === null || options === void 0 ? void 0 : options.headers),
+            abortSignal: this.generateAbortSignal(noCorrelationId)
         });
+        const response = await this.sendRequest(request);
+        return {
+            body: response.bodyAsText ? JSON.parse(response.bodyAsText) : undefined,
+            headers: response.headers.toJSON(),
+            status: response.status
+        };
     }
-    sendPostRequestAsync(url, options) {
-        const webResource = new WebResource(url, "POST", options === null || options === void 0 ? void 0 : options.body, {}, options === null || options === void 0 ? void 0 : options.headers, false, false, 
-        // MSAL doesn't send the correlation ID on the get requests.
-        this.generateAbortSignal(this.getCorrelationId(options)));
-        return this.sendRequest(webResource).then((response) => {
-            return {
-                body: response.parsedBody,
-                headers: response.headers.rawHeaders(),
-                status: response.status
-            };
+    async sendPostRequestAsync(url, options) {
+        const request = createPipelineRequest({
+            url,
+            method: "POST",
+            body: options === null || options === void 0 ? void 0 : options.body,
+            headers: createHttpHeaders(options === null || options === void 0 ? void 0 : options.headers),
+            // MSAL doesn't send the correlation ID on the get requests.
+            abortSignal: this.generateAbortSignal(this.getCorrelationId(options))
         });
+        const response = await this.sendRequest(request);
+        return {
+            body: response.bodyAsText ? JSON.parse(response.bodyAsText) : undefined,
+            headers: response.headers.toJSON(),
+            status: response.status
+        };
     }
 }
 //# sourceMappingURL=identityClient.js.map

package/dist-esm/src/client/identityClient.js.map

@@ -1 +1 @@
-{"version":3,"file":"identityClient.js","sourceRoot":"","sources":["../../../src/client/identityClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;;AAElC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAEL,aAAa,EAEb,WAAW,EAGX,yBAAyB,EACzB,MAAM,EACP,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAmB,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,UAAU,CAAC;AACxE,OAAO,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AAClE,OAAO,EAAE,8BAA8B,EAAE,MAAM,+BAA+B,CAAC;AAC/E,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAEzC,MAAM,eAAe,GAAG,iBAAiB,CAAC;AAmB1C;;;;;;;GAOG;AACH,MAAM,OAAO,cAAe,SAAQ,aAAa;IAI/C,YAAY,OAAgC;QAC1C,IAAI,MAAM,EAAE;YACV,OAAO,GAAG,OAAO,IAAI,2BAA2B,EAAE,CAAC;SACpD;QACD,qEAAqE;QACrE,OAAO,mBACL,aAAa,EAAE,oBAAoB,IAChC,OAAO,CACX,CAAC;QACF,KAAK,CACH,SAAS,EACT,yBAAyB,iCACpB,OAAO,KACV,sBAAsB,EAAE;gBACtB,oBAAoB,EAAE;oBACpB,IAAI,EAAE,CAAC,kBAAkB,EAAE,WAAW,EAAE,YAAY,CAAC;iBACtD;aACF,IACD,CACH,CAAC;QAEF,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,oBAAoB,CAAC;QAElF,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YACtC,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;SAC7E;QAED,IAAI,CAAC,gBAAgB,GAAG,IAAI,GAAG,EAAE,CAAC;IACpC,CAAC;IAED,iBAAiB,CAAC,cAAqC;QACrD,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;QACtC,WAAW,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QACpC,OAAO,WAAW,CAAC;IACrB,CAAC;IAEK,gBAAgB,CACpB,WAAwB,EACxB,eAA+C;;YAE/C,MAAM,CAAC,IAAI,CAAC,6CAA6C,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC;YAC7E,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;YAErD,eAAe;gBACb,eAAe;oBACf,CAAC,CAAC,YAAiB,EAAE,EAAE;wBACrB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,YAAY,CAAC,UAAU,GAAG,IAAI,CAAC;oBACrD,CAAC,CAAC,CAAC;YAEL,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;gBACtD,MAAM,KAAK,GAAG;oBACZ,WAAW,EAAE;wBACX,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC,YAAY;wBACvC,kBAAkB,EAAE,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC;qBACzD;oBACD,YAAY,EAAE,QAAQ,CAAC,UAAU,CAAC,aAAa;iBAChD,CAAC;gBAEF,MAAM,CAAC,IAAI,CACT,oBAAoB,WAAW,CAAC,GAAG,gCAAgC,KAAK,CAAC,WAAW,CAAC,kBAAkB,EAAE,CAC1G,CAAC;gBACF,OAAO,KAAK,CAAC;aACd;iBAAM;gBACL,MAAM,KAAK,GAAG,IAAI,mBAAmB,CACnC,QAAQ,CAAC,MAAM,EACf,QAAQ,CAAC,UAAU,IAAI,QAAQ,CAAC,UAAU,CAC3C,CAAC;gBACF,MAAM,CAAC,OAAO,CACZ,sDAAsD,QAAQ,CAAC,MAAM,KAAK,KAAK,CAAC,aAAa,CAAC,gBAAgB,EAAE,CACjH,CAAC;gBACF,MAAM,KAAK,CAAC;aACb;QACH,CAAC;KAAA;IAEK,kBAAkB,CACtB,QAAgB,EAChB,QAAgB,EAChB,MAAc,EACd,YAAgC,EAChC,YAAgC,EAChC,eAA+C,EAC/C,OAAyB;;;YAEzB,IAAI,YAAY,KAAK,SAAS,EAAE;gBAC9B,OAAO,IAAI,CAAC;aACb;YACD,MAAM,CAAC,IAAI,CACT,2DAA2D,QAAQ,aAAa,MAAM,UAAU,CACjG,CAAC;YAEF,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,GAAG,UAAU,CAAC,mCAAmC,EAAE,OAAO,CAAC,CAAC;YAE1F,MAAM,aAAa,GAAG;gBACpB,UAAU,EAAE,eAAe;gBAC3B,SAAS,EAAE,QAAQ;gBACnB,aAAa,EAAE,YAAY;gBAC3B,KAAK,EAAE,MAAM;aACd,CAAC;YAEF,IAAI,YAAY,KAAK,SAAS,EAAE;gBAC7B,aAAqB,CAAC,aAAa,GAAG,YAAY,CAAC;aACrD;YAED,IAAI;gBACF,MAAM,SAAS,GAAG,8BAA8B,CAAC,QAAQ,CAAC,CAAC;gBAC3D,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC;oBACzC,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,IAAI,QAAQ,IAAI,SAAS,EAAE;oBACrD,MAAM,EAAE,MAAM;oBACd,0BAA0B,EAAE,IAAI;oBAChC,qBAAqB,EAAE,SAAS;oBAChC,IAAI,EAAE,EAAE,CAAC,SAAS,CAAC,aAAa,CAAC;oBACjC,OAAO,EAAE;wBACP,MAAM,EAAE,kBAAkB;wBAC1B,cAAc,EAAE,mCAAmC;qBACpD;oBACD,WAAW,EAAE,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,cAAc,0CAAE,WAAW;oBACxD,cAAc,EAAE,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,cAAc,0CAAE,cAAc;oBAC9D,WAAW,EAAE,OAAO,IAAI,OAAO,CAAC,WAAW;iBAC5C,CAAC,CAAC;gBAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;gBAC3E,MAAM,CAAC,IAAI,CAAC,kDAAkD,QAAQ,EAAE,CAAC,CAAC;gBAC1E,OAAO,QAAQ,CAAC;aACjB;YAAC,OAAO,GAAG,EAAE;gBACZ,IACE,GAAG,CAAC,IAAI,KAAK,uBAAuB;oBACpC,GAAG,CAAC,aAAa,CAAC,KAAK,KAAK,sBAAsB,EAClD;oBACA,qDAAqD;oBACrD,yDAAyD;oBACzD,0CAA0C;oBAC1C,MAAM,CAAC,IAAI,CAAC,uDAAuD,QAAQ,EAAE,CAAC,CAAC;oBAC/E,IAAI,CAAC,SAAS,CAAC;wBACb,IAAI,EAAE,cAAc,CAAC,KAAK;wBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;qBACrB,CAAC,CAAC;oBAEH,OAAO,IAAI,CAAC;iBACb;qBAAM;oBACL,MAAM,CAAC,OAAO,CACZ,0DAA0D,QAAQ,KAAK,GAAG,EAAE,CAC7E,CAAC;oBACF,IAAI,CAAC,SAAS,CAAC;wBACb,IAAI,EAAE,cAAc,CAAC,KAAK;wBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;qBACrB,CAAC,CAAC;oBACH,MAAM,GAAG,CAAC;iBACX;aACF;oBAAS;gBACR,IAAI,CAAC,GAAG,EAAE,CAAC;aACZ;;KACF;IAED,gFAAgF;IAChF,mEAAmE;IAEnE,mBAAmB,CAAC,aAAsB;QACxC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,GAAG,GAAG,aAAa,IAAI,eAAe,CAAC;QAE7C,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACzD,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7B,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAE5C,OAAO,UAAU,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED,aAAa,CAAC,gBAAwB,eAAe;QACnD,MAAM,GAAG,GAAG,aAAa,IAAI,eAAe,CAAC;QAC7C,MAAM,WAAW,GAAG;YAClB,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YACzC,uDAAuD;YACvD,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;SACtD,CAAC;QACF,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE;YACvB,OAAO;SACR;QACD,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,UAAU,CAAC,KAAK,EAAE,CAAC;SACpB;QACD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC,CAAC;IACxD,CAAC;IAED,gBAAgB,CAAC,OAA+B;;QAC9C,MAAM,SAAS,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,0CAC3B,KAAK,CAAC,GAAG,EACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAC7B,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,mBAAmB,CAAC,CAAC;QAChD,OAAO,SAAS,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC;IACxE,CAAC;IAED,yCAAyC;IAEzC,mBAAmB,CACjB,GAAW,EACX,OAA+B;QAE/B,MAAM,WAAW,GAAG,IAAI,WAAW,CACjC,GAAG,EACH,KAAK,EACL,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EACb,EAAE,EACF,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,EAChB,KAAK,EACL,KAAK;QACL,4DAA4D;QAC5D,IAAI,CAAC,mBAAmB,EAAE,CAC3B,CAAC;QAEF,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;YACrD,OAAO;gBACL,IAAI,EAAE,QAAQ,CAAC,UAAe;gBAC9B,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE;gBACtC,MAAM,EAAE,QAAQ,CAAC,MAAM;aACxB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,oBAAoB,CAClB,GAAW,EACX,OAA+B;QAE/B,MAAM,WAAW,GAAG,IAAI,WAAW,CACjC,GAAG,EACH,MAAM,EACN,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,EACb,EAAE,EACF,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,EAChB,KAAK,EACL,KAAK;QACL,4DAA4D;QAC5D,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CACzD,CAAC;QAEF,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;YACrD,OAAO;gBACL,IAAI,EAAE,QAAQ,CAAC,UAAe;gBAC9B,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE;gBACtC,MAAM,EAAE,QAAQ,CAAC,MAAM;aACxB,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport qs from \"qs\";\nimport {\n  AccessToken,\n  ServiceClient,\n  PipelineOptions,\n  WebResource,\n  RequestPrepareOptions,\n  GetTokenOptions,\n  createPipelineFromOptions,\n  isNode\n} from \"@azure/core-http\";\nimport { INetworkModule, NetworkRequestOptions, NetworkResponse } from \"@azure/msal-node\";\nimport { SpanStatusCode } from \"@azure/core-tracing\";\nimport { AbortController, AbortSignalLike } from \"@azure/abort-controller\";\nimport { AuthenticationError, AuthenticationErrorName } from \"./errors\";\nimport { getAuthorityHostEnvironment } from \"../util/authHostEnv\";\nimport { getIdentityTokenEndpointSuffix } from \"../util/identityTokenEndpoint\";\nimport { DefaultAuthorityHost } from \"../constants\";\nimport { createSpan } from \"../util/tracing\";\nimport { logger } from \"../util/logging\";\n\nconst noCorrelationId = \"noCorrelationId\";\n\n/**\n * An internal type used to communicate details of a token request's\n * response that should not be sent back as part of the access token.\n * @internal\n */\nexport interface TokenResponse {\n  /**\n   * The AccessToken to be returned from getToken.\n   */\n  accessToken: AccessToken;\n\n  /**\n   * The refresh token if the 'offline_access' scope was used.\n   */\n  refreshToken?: string;\n}\n\n/**\n * The network module used by the Identity credentials.\n *\n * It allows for credentials to abort any pending request independently of the MSAL flow,\n * by calling to the `abortRequests()` method.\n *\n * @internal\n */\nexport class IdentityClient extends ServiceClient implements INetworkModule {\n  public authorityHost: string;\n  private abortControllers: Map<string, AbortController[] | undefined>;\n\n  constructor(options?: TokenCredentialOptions) {\n    if (isNode) {\n      options = options || getAuthorityHostEnvironment();\n    }\n    // Only if the authorityHost is not provided, we use the default one.\n    options = {\n      authorityHost: DefaultAuthorityHost,\n      ...options\n    };\n    super(\n      undefined,\n      createPipelineFromOptions({\n        ...options,\n        deserializationOptions: {\n          expectedContentTypes: {\n            json: [\"application/json\", \"text/json\", \"text/plain\"]\n          }\n        }\n      })\n    );\n\n    this.baseUri = this.authorityHost = options.authorityHost || DefaultAuthorityHost;\n\n    if (!this.baseUri.startsWith(\"https:\")) {\n      throw new Error(\"The authorityHost address must use the 'https' protocol.\");\n    }\n\n    this.abortControllers = new Map();\n  }\n\n  createWebResource(requestOptions: RequestPrepareOptions): WebResource {\n    const webResource = new WebResource();\n    webResource.prepare(requestOptions);\n    return webResource;\n  }\n\n  async sendTokenRequest(\n    webResource: WebResource,\n    expiresOnParser?: (responseBody: any) => number\n  ): Promise<TokenResponse | null> {\n    logger.info(`IdentityClient: sending token request to [${webResource.url}]`);\n    const response = await this.sendRequest(webResource);\n\n    expiresOnParser =\n      expiresOnParser ||\n      ((responseBody: any) => {\n        return Date.now() + responseBody.expires_in * 1000;\n      });\n\n    if (response.status === 200 || response.status === 201) {\n      const token = {\n        accessToken: {\n          token: response.parsedBody.access_token,\n          expiresOnTimestamp: expiresOnParser(response.parsedBody)\n        },\n        refreshToken: response.parsedBody.refresh_token\n      };\n\n      logger.info(\n        `IdentityClient: [${webResource.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`\n      );\n      return token;\n    } else {\n      const error = new AuthenticationError(\n        response.status,\n        response.parsedBody || response.bodyAsText\n      );\n      logger.warning(\n        `IdentityClient: authentication error. HTTP status: ${response.status}, ${error.errorResponse.errorDescription}`\n      );\n      throw error;\n    }\n  }\n\n  async refreshAccessToken(\n    tenantId: string,\n    clientId: string,\n    scopes: string,\n    refreshToken: string | undefined,\n    clientSecret: string | undefined,\n    expiresOnParser?: (responseBody: any) => number,\n    options?: GetTokenOptions\n  ): Promise<TokenResponse | null> {\n    if (refreshToken === undefined) {\n      return null;\n    }\n    logger.info(\n      `IdentityClient: refreshing access token with client ID: ${clientId}, scopes: ${scopes} started`\n    );\n\n    const { span, updatedOptions } = createSpan(\"IdentityClient-refreshAccessToken\", options);\n\n    const refreshParams = {\n      grant_type: \"refresh_token\",\n      client_id: clientId,\n      refresh_token: refreshToken,\n      scope: scopes\n    };\n\n    if (clientSecret !== undefined) {\n      (refreshParams as any).client_secret = clientSecret;\n    }\n\n    try {\n      const urlSuffix = getIdentityTokenEndpointSuffix(tenantId);\n      const webResource = this.createWebResource({\n        url: `${this.authorityHost}/${tenantId}/${urlSuffix}`,\n        method: \"POST\",\n        disableJsonStringifyOnBody: true,\n        deserializationMapper: undefined,\n        body: qs.stringify(refreshParams),\n        headers: {\n          Accept: \"application/json\",\n          \"Content-Type\": \"application/x-www-form-urlencoded\"\n        },\n        spanOptions: updatedOptions?.tracingOptions?.spanOptions,\n        tracingContext: updatedOptions?.tracingOptions?.tracingContext,\n        abortSignal: options && options.abortSignal\n      });\n\n      const response = await this.sendTokenRequest(webResource, expiresOnParser);\n      logger.info(`IdentityClient: refreshed token for client ID: ${clientId}`);\n      return response;\n    } catch (err) {\n      if (\n        err.name === AuthenticationErrorName &&\n        err.errorResponse.error === \"interaction_required\"\n      ) {\n        // It's likely that the refresh token has expired, so\n        // return null so that the credential implementation will\n        // initiate the authentication flow again.\n        logger.info(`IdentityClient: interaction required for client ID: ${clientId}`);\n        span.setStatus({\n          code: SpanStatusCode.ERROR,\n          message: err.message\n        });\n\n        return null;\n      } else {\n        logger.warning(\n          `IdentityClient: failed refreshing token for client ID: ${clientId}: ${err}`\n        );\n        span.setStatus({\n          code: SpanStatusCode.ERROR,\n          message: err.message\n        });\n        throw err;\n      }\n    } finally {\n      span.end();\n    }\n  }\n\n  // Here is a custom layer that allows us to abort requests that go through MSAL,\n  // since MSAL doesn't allow us to pass options all the way through.\n\n  generateAbortSignal(correlationId?: string): AbortSignalLike {\n    const controller = new AbortController();\n    const key = correlationId || noCorrelationId;\n\n    const controllers = this.abortControllers.get(key) || [];\n    controllers.push(controller);\n    this.abortControllers.set(key, controllers);\n\n    return controller.signal;\n  }\n\n  abortRequests(correlationId: string = noCorrelationId): void {\n    const key = correlationId || noCorrelationId;\n    const controllers = [\n      ...(this.abortControllers.get(key) || []),\n      // MSAL passes no correlation ID to the get requests...\n      ...(this.abortControllers.get(noCorrelationId) || [])\n    ];\n    if (!controllers.length) {\n      return;\n    }\n    for (const controller of controllers) {\n      controller.abort();\n    }\n    this.abortControllers.set(key, undefined);\n    this.abortControllers.set(noCorrelationId, undefined);\n  }\n\n  getCorrelationId(options?: NetworkRequestOptions): string | undefined {\n    const parameter = options?.body\n      ?.split(\"&\")\n      .map((part) => part.split(\"=\"))\n      .find(([key]) => key === \"client-request-id\");\n    return parameter && parameter.length ? parameter[1] : noCorrelationId;\n  }\n\n  // The MSAL network module methods follow\n\n  sendGetRequestAsync<T>(\n    url: string,\n    options?: NetworkRequestOptions\n  ): Promise<NetworkResponse<T>> {\n    const webResource = new WebResource(\n      url,\n      \"GET\",\n      options?.body,\n      {},\n      options?.headers,\n      false,\n      false,\n      // MSAL doesn't send the correlation ID on the get requests.\n      this.generateAbortSignal()\n    );\n\n    return this.sendRequest(webResource).then((response) => {\n      return {\n        body: response.parsedBody as T,\n        headers: response.headers.rawHeaders(),\n        status: response.status\n      };\n    });\n  }\n\n  sendPostRequestAsync<T>(\n    url: string,\n    options?: NetworkRequestOptions\n  ): Promise<NetworkResponse<T>> {\n    const webResource = new WebResource(\n      url,\n      \"POST\",\n      options?.body,\n      {},\n      options?.headers,\n      false,\n      false,\n      // MSAL doesn't send the correlation ID on the get requests.\n      this.generateAbortSignal(this.getCorrelationId(options))\n    );\n\n    return this.sendRequest(webResource).then((response) => {\n      return {\n        body: response.parsedBody as T,\n        headers: response.headers.rawHeaders(),\n        status: response.status\n      };\n    });\n  }\n}\n\n/**\n * Provides options to configure how the Identity library makes authentication\n * requests to Azure Active Directory.\n */\nexport interface TokenCredentialOptions extends PipelineOptions {\n  /**\n   * The authority host to use for authentication requests.\n   * The default is \"https://login.microsoftonline.com\".\n   */\n  authorityHost?: string;\n}\n"]}
+{"version":3,"file":"identityClient.js","sourceRoot":"","sources":["../../../src/client/identityClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAuB,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAExE,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC1C,OAAO,EACL,iBAAiB,EACjB,qBAAqB,EAEtB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,eAAe,EAAmB,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,UAAU,CAAC;AACxE,OAAO,EAAE,8BAA8B,EAAE,MAAM,+BAA+B,CAAC;AAC/E,OAAO,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAEzC,MAAM,eAAe,GAAG,iBAAiB,CAAC;AAkB1C;;GAEG;AACH,MAAM,UAAU,8BAA8B,CAAC,OAAgC;IAC7E,iGAAiG;IACjG,IAAI,aAAa,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,CAAC;IAE3C,iFAAiF;IACjF,IAAI,MAAM,EAAE;QACV,aAAa,GAAG,aAAa,aAAb,aAAa,cAAb,aAAa,GAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;KACnE;IAED,wHAAwH;IACxH,OAAO,aAAa,aAAb,aAAa,cAAb,aAAa,GAAI,oBAAoB,CAAC;AAC/C,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,cAAe,SAAQ,aAAa;IAI/C,YAAY,OAAgC;;QAC1C,MAAM,cAAc,GAAG,gCAAgC,CAAC;QACxD,MAAM,eAAe,GAAG,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,gBAAgB,0CAAE,eAAe;YAChE,CAAC,CAAC,GAAG,OAAO,CAAC,gBAAgB,CAAC,eAAe,IAAI,cAAc,EAAE;YACjE,CAAC,CAAC,GAAG,cAAc,EAAE,CAAC;QAExB,MAAM,OAAO,GAAG,8BAA8B,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YACjC,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;SAC7E;QAED,KAAK,+BACH,kBAAkB,EAAE,iCAAiC,IAClD,OAAO,KACV,gBAAgB,EAAE;gBAChB,eAAe;aAChB,EACD,OAAO,IACP,CAAC;QAEH,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC;QAC7B,IAAI,CAAC,gBAAgB,GAAG,IAAI,GAAG,EAAE,CAAC;IACpC,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,OAAwB,EACxB,eAA+C;QAE/C,MAAM,CAAC,IAAI,CAAC,6CAA6C,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC;QACzE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QAEjD,eAAe;YACb,eAAe;gBACf,CAAC,CAAC,YAAiB,EAAE,EAAE;oBACrB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,YAAY,CAAC,UAAU,GAAG,IAAI,CAAC;gBACrD,CAAC,CAAC,CAAC;QAEL,IAAI,QAAQ,CAAC,UAAU,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,CAAC,EAAE;YAC/E,MAAM,UAAU,GAIZ,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;YAEpC,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE;gBAC5B,OAAO,IAAI,CAAC;aACb;YAED,MAAM,KAAK,GAAG;gBACZ,WAAW,EAAE;oBACX,KAAK,EAAE,UAAU,CAAC,YAAY;oBAC9B,kBAAkB,EAAE,eAAe,CAAC,UAAU,CAAC;iBAChD;gBACD,YAAY,EAAE,UAAU,CAAC,aAAa;aACvC,CAAC;YAEF,MAAM,CAAC,IAAI,CACT,oBAAoB,OAAO,CAAC,GAAG,gCAAgC,KAAK,CAAC,WAAW,CAAC,kBAAkB,EAAE,CACtG,CAAC;YACF,OAAO,KAAK,CAAC;SACd;aAAM;YACL,MAAM,KAAK,GAAG,IAAI,mBAAmB,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC5E,MAAM,CAAC,OAAO,CACZ,sDAAsD,QAAQ,CAAC,MAAM,KAAK,KAAK,CAAC,aAAa,CAAC,gBAAgB,EAAE,CACjH,CAAC;YACF,MAAM,KAAK,CAAC;SACb;IACH,CAAC;IAED,KAAK,CAAC,kBAAkB,CACtB,QAAgB,EAChB,QAAgB,EAChB,MAAc,EACd,YAAgC,EAChC,YAAgC,EAChC,eAA+C,EAC/C,OAAyB;QAEzB,IAAI,YAAY,KAAK,SAAS,EAAE;YAC9B,OAAO,IAAI,CAAC;SACb;QACD,MAAM,CAAC,IAAI,CACT,2DAA2D,QAAQ,aAAa,MAAM,UAAU,CACjG,CAAC;QAEF,MAAM,EAAE,IAAI,EAAE,cAAc,EAAE,GAAG,UAAU,CAAC,mCAAmC,EAAE,OAAO,CAAC,CAAC;QAE1F,MAAM,aAAa,GAAG;YACpB,UAAU,EAAE,eAAe;YAC3B,SAAS,EAAE,QAAQ;YACnB,aAAa,EAAE,YAAY;YAC3B,KAAK,EAAE,MAAM;SACd,CAAC;QAEF,IAAI,YAAY,KAAK,SAAS,EAAE;YAC7B,aAAqB,CAAC,aAAa,GAAG,YAAY,CAAC;SACrD;QAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,aAAa,CAAC,CAAC;QAEjD,IAAI;YACF,MAAM,SAAS,GAAG,8BAA8B,CAAC,QAAQ,CAAC,CAAC;YAC3D,MAAM,OAAO,GAAG,qBAAqB,CAAC;gBACpC,GAAG,EAAE,GAAG,IAAI,CAAC,aAAa,IAAI,QAAQ,IAAI,SAAS,EAAE;gBACrD,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,KAAK,CAAC,QAAQ,EAAE;gBACtB,WAAW,EAAE,OAAO,IAAI,OAAO,CAAC,WAAW;gBAC3C,OAAO,EAAE,iBAAiB,CAAC;oBACzB,MAAM,EAAE,kBAAkB;oBAC1B,cAAc,EAAE,mCAAmC;iBACpD,CAAC;gBACF,cAAc,EAAE,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,cAAc;aAC/C,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACvE,MAAM,CAAC,IAAI,CAAC,kDAAkD,QAAQ,EAAE,CAAC,CAAC;YAC1E,OAAO,QAAQ,CAAC;SACjB;QAAC,OAAO,GAAG,EAAE;YACZ,IACE,GAAG,CAAC,IAAI,KAAK,uBAAuB;gBACpC,GAAG,CAAC,aAAa,CAAC,KAAK,KAAK,sBAAsB,EAClD;gBACA,qDAAqD;gBACrD,yDAAyD;gBACzD,0CAA0C;gBAC1C,MAAM,CAAC,IAAI,CAAC,uDAAuD,QAAQ,EAAE,CAAC,CAAC;gBAC/E,IAAI,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,cAAc,CAAC,KAAK;oBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC,CAAC;gBAEH,OAAO,IAAI,CAAC;aACb;iBAAM;gBACL,MAAM,CAAC,OAAO,CACZ,0DAA0D,QAAQ,KAAK,GAAG,EAAE,CAC7E,CAAC;gBACF,IAAI,CAAC,SAAS,CAAC;oBACb,IAAI,EAAE,cAAc,CAAC,KAAK;oBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC,CAAC;gBACH,MAAM,GAAG,CAAC;aACX;SACF;gBAAS;YACR,IAAI,CAAC,GAAG,EAAE,CAAC;SACZ;IACH,CAAC;IAED,gFAAgF;IAChF,mEAAmE;IAEnE,mBAAmB,CAAC,aAAqB;QACvC,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,WAAW,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;QACnE,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7B,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;QACtD,MAAM,eAAe,GAAG,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC;QAClD,UAAU,CAAC,MAAM,CAAC,OAAO,GAAG,CAAC,GAAG,MAAM,EAAE,EAAE;YACxC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;YACpD,IAAI,eAAe,EAAE;gBACnB,eAAe,CAAC,GAAG,MAAM,CAAC,CAAC;aAC5B;QACH,CAAC,CAAC;QACF,OAAO,UAAU,CAAC,MAAM,CAAC;IAC3B,CAAC;IAED,aAAa,CAAC,aAAsB;QAClC,MAAM,GAAG,GAAG,aAAa,IAAI,eAAe,CAAC;QAC7C,MAAM,WAAW,GAAG;YAClB,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YACzC,uDAAuD;YACvD,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;SACtD,CAAC;QACF,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE;YACvB,OAAO;SACR;QACD,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE;YACpC,UAAU,CAAC,KAAK,EAAE,CAAC;SACpB;QACD,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAC5C,CAAC;IAED,gBAAgB,CAAC,OAA+B;;QAC9C,MAAM,SAAS,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,0CAC3B,KAAK,CAAC,GAAG,EACV,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAC7B,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,mBAAmB,CAAC,CAAC;QAChD,OAAO,SAAS,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC;IAC3F,CAAC;IAED,yCAAyC;IAEzC,KAAK,CAAC,mBAAmB,CACvB,GAAW,EACX,OAA+B;QAE/B,MAAM,OAAO,GAAG,qBAAqB,CAAC;YACpC,GAAG;YACH,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI;YACnB,OAAO,EAAE,iBAAiB,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC;YAC5C,WAAW,EAAE,IAAI,CAAC,mBAAmB,CAAC,eAAe,CAAC;SACvD,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACjD,OAAO;YACL,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS;YACvE,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE;YAClC,MAAM,EAAE,QAAQ,CAAC,MAAM;SACxB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,oBAAoB,CACxB,GAAW,EACX,OAA+B;QAE/B,MAAM,OAAO,GAAG,qBAAqB,CAAC;YACpC,GAAG;YACH,MAAM,EAAE,MAAM;YACd,IAAI,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI;YACnB,OAAO,EAAE,iBAAiB,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC;YAC5C,4DAA4D;YAC5D,WAAW,EAAE,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;SACtE,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACjD,OAAO;YACL,IAAI,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS;YACvE,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE;YAClC,MAAM,EAAE,QAAQ,CAAC,MAAM;SACxB,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { INetworkModule, NetworkRequestOptions, NetworkResponse } from \"@azure/msal-common\";\nimport { CommonClientOptions, ServiceClient } from \"@azure/core-client\";\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { SpanStatusCode } from \"@azure/core-tracing\";\nimport { isNode } from \"@azure/core-util\";\nimport {\n  createHttpHeaders,\n  createPipelineRequest,\n  PipelineRequest\n} from \"@azure/core-rest-pipeline\";\nimport { AbortController, AbortSignalLike } from \"@azure/abort-controller\";\nimport { AuthenticationError, AuthenticationErrorName } from \"./errors\";\nimport { getIdentityTokenEndpointSuffix } from \"../util/identityTokenEndpoint\";\nimport { DefaultAuthorityHost } from \"../constants\";\nimport { createSpan } from \"../util/tracing\";\nimport { logger } from \"../util/logging\";\n\nconst noCorrelationId = \"noCorrelationId\";\n\n/**\n * An internal type used to communicate details of a token request's\n * response that should not be sent back as part of the access token.\n */\nexport interface TokenResponse {\n  /**\n   * The AccessToken to be returned from getToken.\n   */\n  accessToken: AccessToken;\n\n  /**\n   * The refresh token if the 'offline_access' scope was used.\n   */\n  refreshToken?: string;\n}\n\n/**\n * @internal\n */\nexport function getIdentityClientAuthorityHost(options?: TokenCredentialOptions): string {\n  // The authorityHost can come from options or from the AZURE_AUTHORITY_HOST environment variable.\n  let authorityHost = options?.authorityHost;\n\n  // The AZURE_AUTHORITY_HOST environment variable can only be provided in Node.js.\n  if (isNode) {\n    authorityHost = authorityHost ?? process.env.AZURE_AUTHORITY_HOST;\n  }\n\n  // If the authorityHost is not provided, we use the default one from the public cloud: https://login.microsoftonline.com\n  return authorityHost ?? DefaultAuthorityHost;\n}\n\n/**\n * The network module used by the Identity credentials.\n *\n * It allows for credentials to abort any pending request independently of the MSAL flow,\n * by calling to the `abortRequests()` method.\n *\n */\nexport class IdentityClient extends ServiceClient implements INetworkModule {\n  public authorityHost: string;\n  private abortControllers: Map<string, AbortController[] | undefined>;\n\n  constructor(options?: TokenCredentialOptions) {\n    const packageDetails = `azsdk-js-identity/2.0.0-beta.6`;\n    const userAgentPrefix = options?.userAgentOptions?.userAgentPrefix\n      ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}`\n      : `${packageDetails}`;\n\n    const baseUri = getIdentityClientAuthorityHost(options);\n    if (!baseUri.startsWith(\"https:\")) {\n      throw new Error(\"The authorityHost address must use the 'https' protocol.\");\n    }\n\n    super({\n      requestContentType: \"application/json; charset=utf-8\",\n      ...options,\n      userAgentOptions: {\n        userAgentPrefix\n      },\n      baseUri\n    });\n\n    this.authorityHost = baseUri;\n    this.abortControllers = new Map();\n  }\n\n  async sendTokenRequest(\n    request: PipelineRequest,\n    expiresOnParser?: (responseBody: any) => number\n  ): Promise<TokenResponse | null> {\n    logger.info(`IdentityClient: sending token request to [${request.url}]`);\n    const response = await this.sendRequest(request);\n\n    expiresOnParser =\n      expiresOnParser ||\n      ((responseBody: any) => {\n        return Date.now() + responseBody.expires_in * 1000;\n      });\n\n    if (response.bodyAsText && (response.status === 200 || response.status === 201)) {\n      const parsedBody: {\n        token?: string;\n        access_token?: string;\n        refresh_token?: string;\n      } = JSON.parse(response.bodyAsText);\n\n      if (!parsedBody.access_token) {\n        return null;\n      }\n\n      const token = {\n        accessToken: {\n          token: parsedBody.access_token,\n          expiresOnTimestamp: expiresOnParser(parsedBody)\n        },\n        refreshToken: parsedBody.refresh_token\n      };\n\n      logger.info(\n        `IdentityClient: [${request.url}] token acquired, expires on ${token.accessToken.expiresOnTimestamp}`\n      );\n      return token;\n    } else {\n      const error = new AuthenticationError(response.status, response.bodyAsText);\n      logger.warning(\n        `IdentityClient: authentication error. HTTP status: ${response.status}, ${error.errorResponse.errorDescription}`\n      );\n      throw error;\n    }\n  }\n\n  async refreshAccessToken(\n    tenantId: string,\n    clientId: string,\n    scopes: string,\n    refreshToken: string | undefined,\n    clientSecret: string | undefined,\n    expiresOnParser?: (responseBody: any) => number,\n    options?: GetTokenOptions\n  ): Promise<TokenResponse | null> {\n    if (refreshToken === undefined) {\n      return null;\n    }\n    logger.info(\n      `IdentityClient: refreshing access token with client ID: ${clientId}, scopes: ${scopes} started`\n    );\n\n    const { span, updatedOptions } = createSpan(\"IdentityClient-refreshAccessToken\", options);\n\n    const refreshParams = {\n      grant_type: \"refresh_token\",\n      client_id: clientId,\n      refresh_token: refreshToken,\n      scope: scopes\n    };\n\n    if (clientSecret !== undefined) {\n      (refreshParams as any).client_secret = clientSecret;\n    }\n\n    const query = new URLSearchParams(refreshParams);\n\n    try {\n      const urlSuffix = getIdentityTokenEndpointSuffix(tenantId);\n      const request = createPipelineRequest({\n        url: `${this.authorityHost}/${tenantId}/${urlSuffix}`,\n        method: \"POST\",\n        body: query.toString(),\n        abortSignal: options && options.abortSignal,\n        headers: createHttpHeaders({\n          Accept: \"application/json\",\n          \"Content-Type\": \"application/x-www-form-urlencoded\"\n        }),\n        tracingOptions: updatedOptions?.tracingOptions\n      });\n\n      const response = await this.sendTokenRequest(request, expiresOnParser);\n      logger.info(`IdentityClient: refreshed token for client ID: ${clientId}`);\n      return response;\n    } catch (err) {\n      if (\n        err.name === AuthenticationErrorName &&\n        err.errorResponse.error === \"interaction_required\"\n      ) {\n        // It's likely that the refresh token has expired, so\n        // return null so that the credential implementation will\n        // initiate the authentication flow again.\n        logger.info(`IdentityClient: interaction required for client ID: ${clientId}`);\n        span.setStatus({\n          code: SpanStatusCode.ERROR,\n          message: err.message\n        });\n\n        return null;\n      } else {\n        logger.warning(\n          `IdentityClient: failed refreshing token for client ID: ${clientId}: ${err}`\n        );\n        span.setStatus({\n          code: SpanStatusCode.ERROR,\n          message: err.message\n        });\n        throw err;\n      }\n    } finally {\n      span.end();\n    }\n  }\n\n  // Here is a custom layer that allows us to abort requests that go through MSAL,\n  // since MSAL doesn't allow us to pass options all the way through.\n\n  generateAbortSignal(correlationId: string): AbortSignalLike {\n    const controller = new AbortController();\n    const controllers = this.abortControllers.get(correlationId) || [];\n    controllers.push(controller);\n    this.abortControllers.set(correlationId, controllers);\n    const existingOnAbort = controller.signal.onabort;\n    controller.signal.onabort = (...params) => {\n      this.abortControllers.set(correlationId, undefined);\n      if (existingOnAbort) {\n        existingOnAbort(...params);\n      }\n    };\n    return controller.signal;\n  }\n\n  abortRequests(correlationId?: string): void {\n    const key = correlationId || noCorrelationId;\n    const controllers = [\n      ...(this.abortControllers.get(key) || []),\n      // MSAL passes no correlation ID to the get requests...\n      ...(this.abortControllers.get(noCorrelationId) || [])\n    ];\n    if (!controllers.length) {\n      return;\n    }\n    for (const controller of controllers) {\n      controller.abort();\n    }\n    this.abortControllers.set(key, undefined);\n  }\n\n  getCorrelationId(options?: NetworkRequestOptions): string {\n    const parameter = options?.body\n      ?.split(\"&\")\n      .map((part) => part.split(\"=\"))\n      .find(([key]) => key === \"client-request-id\");\n    return parameter && parameter.length ? parameter[1] || noCorrelationId : noCorrelationId;\n  }\n\n  // The MSAL network module methods follow\n\n  async sendGetRequestAsync<T>(\n    url: string,\n    options?: NetworkRequestOptions\n  ): Promise<NetworkResponse<T>> {\n    const request = createPipelineRequest({\n      url,\n      method: \"GET\",\n      body: options?.body,\n      headers: createHttpHeaders(options?.headers),\n      abortSignal: this.generateAbortSignal(noCorrelationId)\n    });\n\n    const response = await this.sendRequest(request);\n    return {\n      body: response.bodyAsText ? JSON.parse(response.bodyAsText) : undefined,\n      headers: response.headers.toJSON(),\n      status: response.status\n    };\n  }\n\n  async sendPostRequestAsync<T>(\n    url: string,\n    options?: NetworkRequestOptions\n  ): Promise<NetworkResponse<T>> {\n    const request = createPipelineRequest({\n      url,\n      method: \"POST\",\n      body: options?.body,\n      headers: createHttpHeaders(options?.headers),\n      // MSAL doesn't send the correlation ID on the get requests.\n      abortSignal: this.generateAbortSignal(this.getCorrelationId(options))\n    });\n\n    const response = await this.sendRequest(request);\n    return {\n      body: response.bodyAsText ? JSON.parse(response.bodyAsText) : undefined,\n      headers: response.headers.toJSON(),\n      status: response.status\n    };\n  }\n}\n\n/**\n * Provides options to configure how the Identity library makes authentication\n * requests to Azure Active Directory.\n */\nexport interface TokenCredentialOptions extends CommonClientOptions {\n  /**\n   * The authority host to use for authentication requests.\n   * Possible values are available through {@link AzureAuthorityHosts}.\n   * The default is \"https://login.microsoftonline.com\".\n   */\n  authorityHost?: string;\n\n  /**\n   * If set to true, allows authentication flows to change the tenantId of the request if a different tenantId is received from a challenge or through a direct getToken call.\n   */\n  allowMultiTenantAuthentication?: boolean;\n}\n"]}

package/dist-esm/src/constants.js

@@ -6,7 +6,7 @@
  */
 // TODO: temporary - this is the Azure CLI clientID - we'll replace it when
 // Developer Sign On application is available
-// https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/identity/Azure.Identity/src/Constants.cs#L9
+// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9
 export const DeveloperSignOnClientId = "04b07795-8ddb-461a-bbee-02f9e1bf7b46";
 /**
  * The default tenant for authentication

package/dist-esm/src/constants.js.map

@@ -1 +1 @@
-{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,yGAAyG;AACzG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAiBX;AAjBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;OAEG;IACH,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EAjBW,mBAAmB,KAAnB,mBAAmB,QAiB9B;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n  /**\n   * China-based Azure Authority Host\n   */\n  AzureChina = \"https://login.chinacloudapi.cn\",\n  /**\n   * Germany-based Azure Authority Host\n   */\n  AzureGermany = \"https://login.microsoftonline.de\",\n  /**\n   * US Government Azure Authority Host\n   */\n  AzureGovernment = \"https://login.microsoftonline.us\",\n  /**\n   * Public Cloud Azure Authority Host\n   */\n  AzurePublicCloud = \"https://login.microsoftonline.com\"\n}\n\n/**\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n"]}
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAiBX;AAjBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;OAEG;IACH,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EAjBW,mBAAmB,KAAnB,mBAAmB,QAiB9B;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n  /**\n   * China-based Azure Authority Host\n   */\n  AzureChina = \"https://login.chinacloudapi.cn\",\n  /**\n   * Germany-based Azure Authority Host\n   */\n  AzureGermany = \"https://login.microsoftonline.de\",\n  /**\n   * US Government Azure Authority Host\n   */\n  AzureGovernment = \"https://login.microsoftonline.us\",\n  /**\n   * Public Cloud Azure Authority Host\n   */\n  AzurePublicCloud = \"https://login.microsoftonline.com\"\n}\n\n/**\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n"]}

package/dist-esm/src/credentials/applicationCredential.browser.js

@@ -0,0 +1,29 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+import { credentialLogger, formatError } from "../util/logging";
+import { ChainedTokenCredential } from "./chainedTokenCredential";
+const BrowserNotSupportedError = new Error("ApplicationCredential is not supported in the browser. Use InteractiveBrowserCredential instead.");
+const logger = credentialLogger("ApplicationCredential");
+/**
+ * Provides a default {@link ChainedTokenCredential} configuration for
+ * applications that will be deployed to Azure.
+ *
+ * Only available in NodeJS.
+ */
+export class ApplicationCredential extends ChainedTokenCredential {
+    /**
+     * Creates an instance of the ApplicationCredential class.
+     *
+     * @param options - Options for configuring the client which makes the authentication request.
+     */
+    constructor(_tokenCredentialOptions) {
+        super();
+        logger.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+    getToken() {
+        logger.getToken.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+}
+//# sourceMappingURL=applicationCredential.browser.js.map

package/dist-esm/src/credentials/applicationCredential.browser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"applicationCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/applicationCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAKlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAElE,MAAM,wBAAwB,GAAG,IAAI,KAAK,CACxC,kGAAkG,CACnG,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,uBAAuB,CAAC,CAAC;AAEzD;;;;;GAKG;AACH,MAAM,OAAO,qBAAsB,SAAQ,sBAAsB;IAC/D;;;;OAIG;IACH,YAAY,uBAAgD;QAC1D,KAAK,EAAE,CAAC;QACR,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken } from \"@azure/core-auth\";\n\nimport { TokenCredentialOptions } from \"../client/identityClient\";\nimport { credentialLogger, formatError } from \"../util/logging\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential\";\n\nconst BrowserNotSupportedError = new Error(\n  \"ApplicationCredential is not supported in the browser. Use InteractiveBrowserCredential instead.\"\n);\nconst logger = credentialLogger(\"ApplicationCredential\");\n\n/**\n * Provides a default {@link ChainedTokenCredential} configuration for\n * applications that will be deployed to Azure.\n *\n * Only available in NodeJS.\n */\nexport class ApplicationCredential extends ChainedTokenCredential {\n  /**\n   * Creates an instance of the ApplicationCredential class.\n   *\n   * @param options - Options for configuring the client which makes the authentication request.\n   */\n  constructor(_tokenCredentialOptions?: TokenCredentialOptions) {\n    super();\n    logger.info(formatError(\"\", BrowserNotSupportedError));\n    throw BrowserNotSupportedError;\n  }\n\n  public getToken(): Promise<AccessToken> {\n    logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n    throw BrowserNotSupportedError;\n  }\n}\n"]}

package/dist-esm/src/credentials/applicationCredential.js

@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT license.
+import { ChainedTokenCredential } from "./chainedTokenCredential";
+import { EnvironmentCredential } from "./environmentCredential";
+import { DefaultManagedIdentityCredential } from "./defaultAzureCredential";
+export const ApplicationCredentials = [
+    EnvironmentCredential,
+    DefaultManagedIdentityCredential
+];
+/**
+ * Provides a default {@link ChainedTokenCredential} configuration that should
+ * work for most applications that use the Azure SDK.  The following credential
+ * types will be tried, in order:
+ *
+ * - {@link EnvironmentCredential}
+ * - {@link ManagedIdentityCredential}
+
+ *
+ * Consult the documentation of these credential types for more information
+ * on how they attempt authentication.
+ */
+export class ApplicationCredential extends ChainedTokenCredential {
+    /**
+     * Creates an instance of the ApplicationCredential class.
+     *
+     * @param options - Optional parameters. See {@link ApplicationCredentialOptions}.
+     */
+    constructor(options) {
+        super(...ApplicationCredentials.map((ctor) => new ctor(options)));
+        this.UnavailableMessage =
+            "ApplicationCredential => failed to retrieve a token from the included credentials";
+    }
+}
+//# sourceMappingURL=applicationCredential.js.map

package/dist-esm/src/credentials/applicationCredential.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"applicationCredential.js","sourceRoot":"","sources":["../../../src/credentials/applicationCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAOlC,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAEhE,OAAO,EAAE,gCAAgC,EAAE,MAAM,0BAA0B,CAAC;AAuB5E,MAAM,CAAC,MAAM,sBAAsB,GAAuC;IACxE,qBAAqB;IACrB,gCAAgC;CACjC,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,qBAAsB,SAAQ,sBAAsB;IAC/D;;;;OAIG;IACH,YAAY,OAAsC;QAChD,KAAK,CAAC,GAAG,sBAAsB,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QAClE,IAAI,CAAC,kBAAkB;YACrB,mFAAmF,CAAC;IACxF,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { TokenCredential } from \"@azure/core-auth\";\nimport { TokenCredentialOptions } from \"../client/identityClient\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential\";\nimport { EnvironmentCredential } from \"./environmentCredential\";\nimport { CredentialPersistenceOptions } from \"./credentialPersistenceOptions\";\nimport { DefaultManagedIdentityCredential } from \"./defaultAzureCredential\";\n\n/**\n * Provides options to configure the {@link ApplicationCredential} class.\n */\nexport interface ApplicationCredentialOptions\n  extends TokenCredentialOptions,\n    CredentialPersistenceOptions {\n  /**\n   * Optionally pass in a user assigned client ID to be used by the {@link ManagedIdentityCredential}.\n   * This client ID can also be passed through to the {@link ManagedIdentityCredential} through the environment variable: AZURE_CLIENT_ID.\n   */\n  managedIdentityClientId?: string;\n}\n\n/**\n * The type of a class that implements TokenCredential and accepts\n * `ApplicationCredentialOptions`.\n */\ninterface ApplicationCredentialConstructor {\n  new (options?: ApplicationCredentialOptions): TokenCredential;\n}\n\nexport const ApplicationCredentials: ApplicationCredentialConstructor[] = [\n  EnvironmentCredential,\n  DefaultManagedIdentityCredential\n];\n\n/**\n * Provides a default {@link ChainedTokenCredential} configuration that should\n * work for most applications that use the Azure SDK.  The following credential\n * types will be tried, in order:\n *\n * - {@link EnvironmentCredential}\n * - {@link ManagedIdentityCredential}\n\n *\n * Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n */\nexport class ApplicationCredential extends ChainedTokenCredential {\n  /**\n   * Creates an instance of the ApplicationCredential class.\n   *\n   * @param options - Optional parameters. See {@link ApplicationCredentialOptions}.\n   */\n  constructor(options?: ApplicationCredentialOptions) {\n    super(...ApplicationCredentials.map((ctor) => new ctor(options)));\n    this.UnavailableMessage =\n      \"ApplicationCredential => failed to retrieve a token from the included credentials\";\n  }\n}\n"]}

package/dist-esm/src/credentials/authorizationCodeCredential.browser.js.map

@@ -1 +1 @@
-{"version":3,"file":"authorizationCodeCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/authorizationCodeCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEhE,MAAM,wBAAwB,GAAG,IAAI,KAAK,CACxC,mIAAmI,CACpI,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,6BAA6B,CAAC,CAAC;AAE/D,MAAM,OAAO,2BAA2B;IAgBtC;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { TokenCredential, AccessToken } from \"@azure/core-http\";\nimport { TokenCredentialOptions } from \"../client/identityClient\";\nimport { credentialLogger, formatError } from \"../util/logging\";\n\nconst BrowserNotSupportedError = new Error(\n  \"AuthorizationCodeCredential is not supported in the browser.  InteractiveBrowserCredential is more appropriate for this use case.\"\n);\nconst logger = credentialLogger(\"AuthorizationCodeCredential\");\n\nexport class AuthorizationCodeCredential implements TokenCredential {\n  constructor(\n    tenantId: string | \"common\",\n    clientId: string,\n    clientSecret: string,\n    authorizationCode: string,\n    redirectUri: string,\n    options?: TokenCredentialOptions\n  );\n  constructor(\n    tenantId: string | \"common\",\n    clientId: string,\n    authorizationCode: string,\n    redirectUri: string,\n    options?: TokenCredentialOptions\n  );\n  constructor() {\n    logger.info(formatError(\"\", BrowserNotSupportedError));\n    throw BrowserNotSupportedError;\n  }\n\n  public getToken(): Promise<AccessToken | null> {\n    logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n    throw BrowserNotSupportedError;\n  }\n}\n"]}
+{"version":3,"file":"authorizationCodeCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/authorizationCodeCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAKlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEhE,MAAM,wBAAwB,GAAG,IAAI,KAAK,CACxC,mIAAmI,CACpI,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,6BAA6B,CAAC,CAAC;AAE/D,MAAM,OAAO,2BAA2B;IAgBtC;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { TokenCredential, AccessToken } from \"@azure/core-auth\";\n\nimport { TokenCredentialOptions } from \"../client/identityClient\";\nimport { credentialLogger, formatError } from \"../util/logging\";\n\nconst BrowserNotSupportedError = new Error(\n  \"AuthorizationCodeCredential is not supported in the browser.  InteractiveBrowserCredential is more appropriate for this use case.\"\n);\nconst logger = credentialLogger(\"AuthorizationCodeCredential\");\n\nexport class AuthorizationCodeCredential implements TokenCredential {\n  constructor(\n    tenantId: string | \"common\",\n    clientId: string,\n    clientSecret: string,\n    authorizationCode: string,\n    redirectUri: string,\n    options?: TokenCredentialOptions\n  );\n  constructor(\n    tenantId: string | \"common\",\n    clientId: string,\n    authorizationCode: string,\n    redirectUri: string,\n    options?: TokenCredentialOptions\n  );\n  constructor() {\n    logger.info(formatError(\"\", BrowserNotSupportedError));\n    throw BrowserNotSupportedError;\n  }\n\n  public getToken(): Promise<AccessToken | null> {\n    logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n    throw BrowserNotSupportedError;\n  }\n}\n"]}