npm - @azure/identity - Versions diffs - 2.1.0-alpha.20220302.2 → 2.1.0-alpha.20220309.1 - Mend

@azure/identity 2.1.0-alpha.20220302.2 → 2.1.0-alpha.20220309.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @azure/identity might be problematic. Click here for more details.

Files changed (11) hide show

package/CHANGELOG.md +14 -2
package/README.md +2 -1
package/dist/index.js +12 -3
package/dist/index.js.map +1 -1
package/dist-esm/src/client/identityClient.js +1 -1
package/dist-esm/src/client/identityClient.js.map +1 -1
package/dist-esm/src/msal/nodeFlows/msalDeviceCode.js +0 -2
package/dist-esm/src/msal/nodeFlows/msalDeviceCode.js.map +1 -1
package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js +11 -0
package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js.map +1 -1
package/package.json +6 -6

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,17 @@
 # Release History
+## 2.1.0-beta.2 (Unreleased)
+### Features Added
+### Breaking Changes
+### Bugs Fixed
+- Fixed a bug that caused [Continuous Access Enforcement (CAE)](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation) and [Conditional Access authentication context](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/granular-conditional-access-for-sensitive-data-and-actions/ba-p/1751775) authentication to fail with newer versions of MSAL.
+### Other Changes
 ## 2.1.0-beta.1 (2022-03-02)
 ### Features Added
@@ -57,7 +69,7 @@
 After multiple beta releases over the past year, we're proud to announce the general availability of version 2 of the `@azure/identity` package. This version includes the best parts of v1, plus several improvements.
-This changelog entry showcases the changes that have been made from version 1 of this package. See the [v1-to-v2 migration guide](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/migration-v1-v2.md) for details on how to upgrade your application to use the version 2 of `@azure/identity`. For information on troubleshooting the Identity package, see the [troubleshooting guide](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/Troubleshooting.md).
+This changelog entry showcases the changes that have been made from version 1 of this package. See the [v1-to-v2 migration guide](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/migration-v1-v2.md) for details on how to upgrade your application to use the version 2 of `@azure/identity`. For information on troubleshooting the Identity package, see the [troubleshooting guide](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/TROUBLESHOOTING.md).
 ### Features Added
@@ -138,7 +150,7 @@ Azure Service Fabric support hasn't been added on the initial version 2 of Ident
 - `InteractiveBrowserCredential` has a new `loginHint` constructor option, which allows a username to be pre-selected for interactive logins.
 - In `AzureCliCredential`, we allow specifying a `tenantId` in the parameters through the `AzureCliCredentialOptions`.
 - A new error, named `AuthenticationRequiredError`, has been added. This error shows up when a credential fails to authenticate silently.
-- Errors and logged exceptions may point to the new [troubleshooting guidelines](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/Troubleshooting.md).
+- Errors and logged exceptions may point to the new [troubleshooting guidelines](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/TROUBLESHOOTING.md).
 - On all of the credentials we're providing, the initial authentication attempt in the lifetime of your app will include an additional request to first discover relevant endpoint metadata information from Azure.
 ### Breaking changes

package/README.md CHANGED Viewed

@@ -123,6 +123,7 @@ If used from Node.js, the `DefaultAzureCredential` will attempt to authenticate
 - Environment - The `DefaultAzureCredential` will read account information specified via [environment variables](#environment-variables) and use it to authenticate.
 - Managed Identity - If the application is deployed to an Azure host with Managed Identity enabled, the `DefaultAzureCredential` will authenticate with that account.
 - Visual Studio Code - If the developer has authenticated with the [Visual Studio Code Azure Account extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azure-account), the `DefaultAzureCredential` will authenticate using that account.
+  - In `@azure/identity` version 2.0 or later, the [`@azure/identity-vscode`](https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/identity/identity-vscode) package must be installed for the Visual Studio Code authentication to work.
 - Azure CLI - If the developer has authenticated an account via the Azure CLI `az login` command, the `DefaultAzureCredential` will authenticate with that account.
 - Azure PowerShell - If the developer has authenticated using the Azure PowerShell module `Connect-AzAccount` command, the `DefaultAzureCredential` will authenticate with that account.
@@ -297,7 +298,7 @@ import { setLogLevel } from "@azure/logger";
 setLogLevel("info");
 ```
-For assistance with troubleshooting, see the [troubleshooting guide](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/Troubleshooting.md).
+For assistance with troubleshooting, see the [troubleshooting guide](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/TROUBLESHOOTING.md).
 ## Next steps

package/dist/index.js CHANGED Viewed

@@ -368,7 +368,7 @@ function getIdentityClientAuthorityHost(options) {
 class IdentityClient extends coreClient.ServiceClient {
     constructor(options) {
         var _a;
-        const packageDetails = `azsdk-js-identity/2.1.0-beta.1`;
+        const packageDetails = `azsdk-js-identity/2.1.0-beta.2`;
         const userAgentPrefix = ((_a = options === null || options === void 0 ? void 0 : options.userAgentOptions) === null || _a === void 0 ? void 0 : _a.userAgentPrefix)
             ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}`
             : `${packageDetails}`;
@@ -1115,6 +1115,17 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         options.correlationId = (options === null || options === void 0 ? void 0 : options.correlationId) || this.generateUuid();
         await this.init(options);
         try {
+            // MSAL now caches tokens based on their claims,
+            // so now one has to keep track fo claims in order to retrieve the newer tokens from acquireTokenSilent
+            // This update happened on PR: https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/4533
+            const optionsClaims = options.claims;
+            if (optionsClaims) {
+                this.cachedClaims = optionsClaims;
+            }
+            if (this.cachedClaims && !optionsClaims) {
+                options.claims = this.cachedClaims;
+            }
+            // We don't return the promise since we want to catch errors right here.
             return await this.getTokenSilent(scopes, options);
         }
         catch (err) {
@@ -3269,8 +3280,6 @@ class MsalDeviceCode extends MsalNode {
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             };
             const promise = this.publicApp.acquireTokenByDeviceCode(requestOptions);
-            // TODO:
-            // This should work, but it currently doesn't. I'm waiting for an answer from the MSAL team.
             const deviceResponse = await this.withCancellation(promise, options === null || options === void 0 ? void 0 : options.abortSignal, () => {
                 requestOptions.cancel = true;
             });