@azure/identity 2.1.0-alpha.20220318.2 → 2.1.0-alpha.20220321.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @azure/identity might be problematic. Click here for more details.
- package/CHANGELOG.md +1 -0
- package/dist/index.js +8 -3
- package/dist/index.js.map +1 -1
- package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js +1 -1
- package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist-esm/src/msal/flows.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js +3 -2
- package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js.map +1 -1
- package/dist-esm/src/msal/utils.js +5 -1
- package/dist-esm/src/msal/utils.js.map +1 -1
- package/dist-esm/src/tokenCredentialOptions.js.map +1 -1
- package/package.json +1 -1
- package/types/identity.d.ts +4 -0
package/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
|
|
7
7
|
- All of our credentials now support a new option on their constructor: `loggingOptions`, which allows configuring the logging options of the HTTP pipelines.
|
|
8
8
|
- Within the new `loggingOptions` we have also added `allowLoggingAccountIdentifiers`, a property that if set to true logs information specific to the authenticated account after each successful authentication, including: the Client ID, the Tenant ID, the Object ID of the authenticated user, and if possible the User Principal Name.
|
|
9
|
+
- Added `disableAuthorityValidation`, which allows passing any `authorityHost` regardless of whether it can be validated or not. This is specially useful in private clouds.
|
|
9
10
|
|
|
10
11
|
### Breaking Changes
|
|
11
12
|
|
package/dist/index.js
CHANGED
|
@@ -651,12 +651,16 @@ function getAuthority(tenantId, host) {
|
|
|
651
651
|
}
|
|
652
652
|
/**
|
|
653
653
|
* Generates the known authorities.
|
|
654
|
+
* If `disableAuthorityValidation` is passed, it returns the authority host as a known host, thus disabling the authority validation.
|
|
654
655
|
* If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.
|
|
655
656
|
* For that reason, we have to force MSAL to disable validating the authority
|
|
656
657
|
* by sending it within the known authorities in the MSAL configuration.
|
|
657
658
|
* @internal
|
|
658
659
|
*/
|
|
659
|
-
function getKnownAuthorities(tenantId, authorityHost) {
|
|
660
|
+
function getKnownAuthorities(tenantId, authorityHost, disableAuthorityValidation) {
|
|
661
|
+
if (disableAuthorityValidation) {
|
|
662
|
+
return [authorityHost];
|
|
663
|
+
}
|
|
660
664
|
if (tenantId === "adfs" && authorityHost) {
|
|
661
665
|
return [authorityHost];
|
|
662
666
|
}
|
|
@@ -1019,12 +1023,12 @@ class MsalNode extends MsalBaseUtilities {
|
|
|
1019
1023
|
if (process.env.AZURE_IDENTITY_DISABLE_CP1) {
|
|
1020
1024
|
clientCapabilities = [];
|
|
1021
1025
|
}
|
|
1022
|
-
|
|
1026
|
+
const configuration = {
|
|
1023
1027
|
auth: {
|
|
1024
1028
|
clientId,
|
|
1025
1029
|
authority,
|
|
1026
|
-
knownAuthorities: getKnownAuthorities(tenantId, authority),
|
|
1027
1030
|
clientCapabilities,
|
|
1031
|
+
knownAuthorities: getKnownAuthorities(tenantId, authority, options.disableAuthorityValidation),
|
|
1028
1032
|
},
|
|
1029
1033
|
// Cache is defined in this.prepare();
|
|
1030
1034
|
system: {
|
|
@@ -1034,6 +1038,7 @@ class MsalNode extends MsalBaseUtilities {
|
|
|
1034
1038
|
},
|
|
1035
1039
|
},
|
|
1036
1040
|
};
|
|
1041
|
+
return configuration;
|
|
1037
1042
|
}
|
|
1038
1043
|
/**
|
|
1039
1044
|
* Prepares the MSAL applications.
|