@azure/identity 2.0.2-alpha.20211115.3 → 2.0.2-alpha.20211213.4

package/CHANGELOG.md

@@ -4,11 +4,14 @@
 
 ### Features Added
 
+- Improved the error message when `InteractiveBrowserCredential` is used with an unavailable port (such as when no `redirectUri` is provided, and the port `80` is busy) and when no browser is available.
+
 ### Breaking Changes
 
 ### Bugs Fixed
 
 - Challenge claims now are properly being passed through to the outgoing token requests.
+- The `ManagedIdentityCredential` now properly parses expiration dates from token exchange requests.
 
 ### Other Changes
 

package/README.md

@@ -10,7 +10,7 @@ Key links:
 - [Package (npm)](https://www.npmjs.com/package/@azure/identity)
 - [API Reference Documentation](https://docs.microsoft.com/javascript/api/@azure/identity)
 - [Product documentation](https://azure.microsoft.com/services/active-directory/)
-- [Samples](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples)
+- [Samples](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/v2)
 
 ## Getting started
 

package/dist/index.js

@@ -2549,13 +2549,6 @@ const arcMsi = {
 const msiName$4 = "ManagedIdentityCredential - Token Exchange";
 const logger$d = credentialLogger(msiName$4);
 const readFileAsync$2 = util.promisify(fs__default.readFile);
-/**
- * Formats the expiration date of the received token into the number of milliseconds between that date and midnight, January 1, 1970.
- */
-function expiresOnParser$2(requestBody) {
-    // Parses a string representation of the seconds since epoch into a number value
-    return Number(requestBody.expires_on);
-}
 /**
  * Generates the options used on the request for an access token.
  */
@@ -2627,7 +2620,7 @@ function tokenExchangeMsi() {
             const request = coreRestPipeline.createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions$4(scopes, assertion, clientId || process.env.AZURE_CLIENT_ID)), { 
                 // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
                 allowInsecureConnection: true }));
-            const tokenResponse = await identityClient.sendTokenRequest(request, expiresOnParser$2);
+            const tokenResponse = await identityClient.sendTokenRequest(request);
             return (tokenResponse && tokenResponse.accessToken) || null;
         }
     };
@@ -2649,7 +2642,7 @@ const logger$e = credentialLogger(msiName$5);
 /**
  * Formats the expiration date of the received token into the number of milliseconds between that date and midnight, January 1, 1970.
  */
-function expiresOnParser$3(requestBody) {
+function expiresOnParser$2(requestBody) {
     // Parses a string representation of the milliseconds since epoch into a number value
     return Number(requestBody.expires_on);
 }
@@ -2720,7 +2713,7 @@ const fabricMsi = {
             // The alternative path is to verify the certificate using the IDENTITY_SERVER_THUMBPRINT env variable.
             rejectUnauthorized: false
         });
-        const tokenResponse = await identityClient.sendTokenRequest(request, expiresOnParser$3);
+        const tokenResponse = await identityClient.sendTokenRequest(request, expiresOnParser$2);
         return (tokenResponse && tokenResponse.accessToken) || null;
     }
 };
@@ -3049,6 +3042,20 @@ class MsalOpenBrowser extends MsalNode {
                 }
             }
             app.on("connection", (socket) => socketToDestroy.push(socket));
+            app.on("error", (err) => {
+                cleanup();
+                const code = err.code;
+                if (code === "EACCES" || code === "EADDRINUSE") {
+                    reject(new CredentialUnavailableError([
+                        `InteractiveBrowserCredential: Access denied to port ${this.port}.`,
+                        `Try sending a redirect URI with a different port, as follows:`,
+                        '`new InteractiveBrowserCredential({ redirectUri: "http://localhost:1337" })`'
+                    ].join(" ")));
+                }
+                else {
+                    reject(new CredentialUnavailableError(`InteractiveBrowserCredential: Failed to start the necessary web server. Error: ${err.message}`));
+                }
+            });
             app.on("listening", () => {
                 const openPromise = this.openAuthCodeUrl(scopes, options);
                 const abortSignal = options === null || options === void 0 ? void 0 : options.abortSignal;
@@ -3085,7 +3092,7 @@ class MsalOpenBrowser extends MsalNode {
             await interactiveBrowserMockable.open(response, { wait: true });
         }
         catch (e) {
-            throw new CredentialUnavailableError(`Could not open a browser window. Error: ${e.message}`);
+            throw new CredentialUnavailableError(`InteractiveBrowserCredential: Could not open a browser window. Error: ${e.message}`);
         }
     }
 }