npm - @azure/identity - Versions diffs - 2.1.0-alpha.20220308.3 → 2.1.0-alpha.20220309.1 - Mend

@azure/identity 2.1.0-alpha.20220308.3 → 2.1.0-alpha.20220309.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of @azure/identity might be problematic. Click here for more details.

Files changed (10) hide show

package/CHANGELOG.md +12 -0
package/dist/index.js +12 -3
package/dist/index.js.map +1 -1
package/dist-esm/src/client/identityClient.js +1 -1
package/dist-esm/src/client/identityClient.js.map +1 -1
package/dist-esm/src/msal/nodeFlows/msalDeviceCode.js +0 -2
package/dist-esm/src/msal/nodeFlows/msalDeviceCode.js.map +1 -1
package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js +11 -0
package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js.map +1 -1
package/package.json +6 -6

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,17 @@
 # Release History
+## 2.1.0-beta.2 (Unreleased)
+### Features Added
+### Breaking Changes
+### Bugs Fixed
+- Fixed a bug that caused [Continuous Access Enforcement (CAE)](https://docs.microsoft.com/azure/active-directory/conditional-access/concept-continuous-access-evaluation) and [Conditional Access authentication context](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/granular-conditional-access-for-sensitive-data-and-actions/ba-p/1751775) authentication to fail with newer versions of MSAL.
+### Other Changes
 ## 2.1.0-beta.1 (2022-03-02)
 ### Features Added

package/dist/index.js CHANGED Viewed

@@ -368,7 +368,7 @@ function getIdentityClientAuthorityHost(options) {
 class IdentityClient extends coreClient.ServiceClient {
     constructor(options) {
         var _a;
-        const packageDetails = `azsdk-js-identity/2.1.0-beta.1`;
+        const packageDetails = `azsdk-js-identity/2.1.0-beta.2`;
         const userAgentPrefix = ((_a = options === null || options === void 0 ? void 0 : options.userAgentOptions) === null || _a === void 0 ? void 0 : _a.userAgentPrefix)
             ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}`
             : `${packageDetails}`;
@@ -1115,6 +1115,17 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         options.correlationId = (options === null || options === void 0 ? void 0 : options.correlationId) || this.generateUuid();
         await this.init(options);
         try {
+            // MSAL now caches tokens based on their claims,
+            // so now one has to keep track fo claims in order to retrieve the newer tokens from acquireTokenSilent
+            // This update happened on PR: https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/4533
+            const optionsClaims = options.claims;
+            if (optionsClaims) {
+                this.cachedClaims = optionsClaims;
+            }
+            if (this.cachedClaims && !optionsClaims) {
+                options.claims = this.cachedClaims;
+            }
+            // We don't return the promise since we want to catch errors right here.
             return await this.getTokenSilent(scopes, options);
         }
         catch (err) {
@@ -3269,8 +3280,6 @@ class MsalDeviceCode extends MsalNode {
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             };
             const promise = this.publicApp.acquireTokenByDeviceCode(requestOptions);
-            // TODO:
-            // This should work, but it currently doesn't. I'm waiting for an answer from the MSAL team.
             const deviceResponse = await this.withCancellation(promise, options === null || options === void 0 ? void 0 : options.abortSignal, () => {
                 requestOptions.cancel = true;
             });