@azure/identity 2.1.0-alpha.20220614.2 → 2.1.0-alpha.20220711.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @azure/identity might be problematic. Click here for more details.
- package/README.md +24 -23
- package/dist/index.js +191 -103
- package/dist/index.js.map +1 -1
- package/dist-esm/src/client/identityClient.js +1 -1
- package/dist-esm/src/client/identityClient.js.map +1 -1
- package/dist-esm/src/constants.js +1 -1
- package/dist-esm/src/constants.js.map +1 -1
- package/dist-esm/src/credentials/authorizationCodeCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/authorizationCodeCredential.js.map +1 -1
- package/dist-esm/src/credentials/azureCliCredential.js +2 -2
- package/dist-esm/src/credentials/azureCliCredential.js.map +1 -1
- package/dist-esm/src/credentials/azurePowerShellCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/azurePowerShellCredential.js +1 -1
- package/dist-esm/src/credentials/azurePowerShellCredential.js.map +1 -1
- package/dist-esm/src/credentials/chainedTokenCredential.js +1 -1
- package/dist-esm/src/credentials/chainedTokenCredential.js.map +1 -1
- package/dist-esm/src/credentials/clientAssertionCredential.browser.js +22 -0
- package/dist-esm/src/credentials/clientAssertionCredential.browser.js.map +1 -0
- package/dist-esm/src/credentials/clientAssertionCredential.js +45 -0
- package/dist-esm/src/credentials/clientAssertionCredential.js.map +1 -0
- package/dist-esm/src/credentials/clientCertificateCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/clientSecretCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/deviceCodeCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/environmentCredential.js +1 -1
- package/dist-esm/src/credentials/environmentCredential.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2017.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2019.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/arcMsi.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/cloudShellMsi.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/fabricMsi.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/index.js +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/index.js.map +1 -1
- package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/usernamePasswordCredential.browser.js +1 -1
- package/dist-esm/src/credentials/usernamePasswordCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/visualStudioCodeCredential.js.map +1 -1
- package/dist-esm/src/index.js +1 -0
- package/dist-esm/src/index.js.map +1 -1
- package/dist-esm/src/msal/browserFlows/msalAuthCode.js.map +1 -1
- package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js +1 -1
- package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist-esm/src/msal/credentials.js.map +1 -1
- package/dist-esm/src/msal/flows.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalAuthorizationCode.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalClientAssertion.js +42 -0
- package/dist-esm/src/msal/nodeFlows/msalClientAssertion.js.map +1 -0
- package/dist-esm/src/msal/nodeFlows/msalClientCertificate.js +3 -2
- package/dist-esm/src/msal/nodeFlows/msalClientCertificate.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalClientSecret.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalDeviceCode.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js +7 -1
- package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalOnBehalfOf.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalOpenBrowser.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalUsernamePassword.js.map +1 -1
- package/dist-esm/src/msal/utils.js +1 -1
- package/dist-esm/src/msal/utils.js.map +1 -1
- package/dist-esm/src/util/logging.js.map +1 -1
- package/package.json +20 -14
- package/types/identity.d.ts +30 -0
package/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
|
|
1
|
+
# Azure Identity client library for JavaScript
|
|
2
2
|
|
|
3
3
|
The Azure Identity library provides [Azure Active Directory (Azure AD)](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) token authentication through a set of convenient [TokenCredential](https://docs.microsoft.com/javascript/api/@azure/core-auth/tokencredential) implementations.
|
|
4
4
|
|
|
@@ -125,7 +125,7 @@ If used from Node.js, the `DefaultAzureCredential` will attempt to authenticate
|
|
|
125
125
|
1. **Environment** - The `DefaultAzureCredential` will read account information specified via [environment variables](#environment-variables) and use it to authenticate.
|
|
126
126
|
1. **Managed Identity** - If the application is deployed to an Azure host with Managed Identity enabled, the `DefaultAzureCredential` will authenticate with that account.
|
|
127
127
|
1. **Visual Studio Code** - If the developer has authenticated with the [Visual Studio Code Azure Account extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azure-account), the `DefaultAzureCredential` will authenticate using that account.
|
|
128
|
-
|
|
128
|
+
- In `@azure/identity` version 2.0 or later, the [`@azure/identity-vscode`](https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/identity/identity-vscode) package must be installed for the Visual Studio Code authentication to work.
|
|
129
129
|
1. **Azure CLI** - If the developer has authenticated an account via the Azure CLI `az login` command, the `DefaultAzureCredential` will authenticate with that account.
|
|
130
130
|
1. **Azure PowerShell** - If the developer has authenticated using the Azure PowerShell module `Connect-AzAccount` command, the `DefaultAzureCredential` will authenticate with that account.
|
|
131
131
|
|
|
@@ -237,7 +237,7 @@ const credential = new ClientSecretCredential(
|
|
|
237
237
|
"<YOUR_CLIENT_ID>",
|
|
238
238
|
"<YOUR_CLIENT_SECRET>",
|
|
239
239
|
{
|
|
240
|
-
authorityHost: AzureAuthorityHosts.AzureGovernment
|
|
240
|
+
authorityHost: AzureAuthorityHosts.AzureGovernment,
|
|
241
241
|
}
|
|
242
242
|
);
|
|
243
243
|
```
|
|
@@ -248,35 +248,36 @@ Not all credentials require this configuration. Credentials that authenticate th
|
|
|
248
248
|
|
|
249
249
|
### Authenticating Azure-hosted applications
|
|
250
250
|
|
|
251
|
-
| Credential
|
|
252
|
-
|
|
|
253
|
-
| [`DefaultAzureCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/defaultazurecredential?view=azure-node-latest)
|
|
254
|
-
| [`ChainedTokenCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/chainedtokencredential?view=azure-node-latest)
|
|
255
|
-
| [`EnvironmentCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/environmentcredential?view=azure-node-latest)
|
|
251
|
+
| Credential | Usage | Example |
|
|
252
|
+
| ----------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
253
|
+
| [`DefaultAzureCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/defaultazurecredential?view=azure-node-latest) | Provides a simplified authentication experience to quickly start developing applications run in the Azure cloud. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-with-defaultazurecredential) |
|
|
254
|
+
| [`ChainedTokenCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/chainedtokencredential?view=azure-node-latest) | Allows users to define custom authentication flows composing multiple credentials. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#chaining-credentials) |
|
|
255
|
+
| [`EnvironmentCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/environmentcredential?view=azure-node-latest) | Authenticates a service principal or user via credential information specified in environment variables. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-service-principal-with-environment-credentials) |
|
|
256
256
|
| [`ManagedIdentityCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/managedidentitycredential?view=azure-node-latest) | Authenticates the managed identity of an Azure resource. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-in-azure-with-managed-identity) |
|
|
257
257
|
|
|
258
258
|
### Authenticating Service Principals
|
|
259
259
|
|
|
260
|
-
| Credential
|
|
261
|
-
|
|
|
260
|
+
| Credential | Usage | Example | Reference |
|
|
261
|
+
| --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- |
|
|
262
|
+
| `ClientAssertionCredential` | Authenticates a service principal using a certificate. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-service-principal-with-a-client-assertion) | [Service principal authentication](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals) |
|
|
262
263
|
| [`ClientCertificateCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/clientcertificatecredential?view=azure-node-latest) | Authenticates a service principal using a certificate. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-service-principal-with-a-client-certificate) | [Service principal authentication](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals) |
|
|
263
|
-
| [`ClientSecretCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/clientsecretcredential?view=azure-node-latest)
|
|
264
|
+
| [`ClientSecretCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/clientsecretcredential?view=azure-node-latest) | Authenticates a service principal using a secret. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-service-principal-with-a-client-secret) | [Service principal authentication](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals) |
|
|
264
265
|
|
|
265
266
|
### Authenticating Users
|
|
266
267
|
|
|
267
|
-
| Credential
|
|
268
|
-
|
|
|
269
|
-
| [`AuthorizationCodeCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/authorizationcodecredential?view=azure-node-latest)
|
|
270
|
-
| [`DeviceCodeCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/devicecodecredential?view=azure-node-latest)
|
|
268
|
+
| Credential | Usage | Example | Reference |
|
|
269
|
+
| ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- |
|
|
270
|
+
| [`AuthorizationCodeCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/authorizationcodecredential?view=azure-node-latest) | Authenticates a user with a previously obtained authorization code. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-user-account-with-auth-code-flow) | [OAuth2 authentication code](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow) |
|
|
271
|
+
| [`DeviceCodeCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/devicecodecredential?view=azure-node-latest) | Interactively authenticates a user on devices with limited UI. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-user-account-with-device-code-flow) | [Device code authentication](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-device-code) |
|
|
271
272
|
| [`InteractiveBrowserCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/interactivebrowsercredential?view=azure-node-latest) | Interactively authenticates a user with the default system browser. Read more about how this happens [here](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/interactive-browser-credential.md). | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-user-account-interactively-in-the-browser) | [OAuth2 authentication code](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow) |
|
|
272
|
-
| [`OnBehalfOfCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/onbehalfofcredential?view=azure-node-latest)
|
|
273
|
-
| [`UsernamePasswordCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/usernamepasswordcredential?view=azure-node-latest)
|
|
273
|
+
| [`OnBehalfOfCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/onbehalfofcredential?view=azure-node-latest) | Propagates the delegated user identity and permissions through the request chain |
|
|
274
|
+
| [`UsernamePasswordCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/usernamepasswordcredential?view=azure-node-latest) | Authenticates a user with a username and password. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-user-account-with-username-and-password) | [Username + password authentication](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth-ropc) |
|
|
274
275
|
|
|
275
276
|
### Authenticating via Development Tools
|
|
276
277
|
|
|
277
|
-
| Credential
|
|
278
|
-
|
|
|
279
|
-
| [`AzureCliCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/azureclicredential?view=azure-node-latest)
|
|
278
|
+
| Credential | Usage | Example | Reference |
|
|
279
|
+
| ----------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
|
|
280
|
+
| [`AzureCliCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/azureclicredential?view=azure-node-latest) | Authenticate in a development environment with the Azure CLI. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-user-account-with-azure-cli) | [Azure CLI authentication](https://docs.microsoft.com/cli/azure/authenticate-azure-cli) |
|
|
280
281
|
| [`AzurePowerShellCredential`](https://docs.microsoft.com/javascript/api/@azure/identity/azurepowershellcredential?view=azure-node-latest) | Authenticate in a development environment using Azure PowerShell. | [example](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-a-user-account-with-azure-powershell) | [Azure PowerShell authentication](https://docs.microsoft.com/powershell/azure/authenticate-azureps) |
|
|
281
282
|
|
|
282
283
|
## Troubleshooting
|
|
@@ -290,7 +291,7 @@ Credentials raise `AuthenticationError` when they fail to authenticate. This cla
|
|
|
290
291
|
Enabling logging may help uncover useful information about failures.
|
|
291
292
|
|
|
292
293
|
To see a log of HTTP requests and responses, set the `AZURE_LOG_LEVEL` environment variable to `info`.
|
|
293
|
-
You can read this environment variable from the
|
|
294
|
+
You can read this environment variable from the _.env_ file by explicitly specifying a file path:
|
|
294
295
|
|
|
295
296
|
```javascript
|
|
296
297
|
require("dotenv").config({ path: ".env" });
|
|
@@ -303,7 +304,7 @@ import { setLogLevel } from "@azure/logger";
|
|
|
303
304
|
|
|
304
305
|
setLogLevel("info");
|
|
305
306
|
```
|
|
306
|
-
|
|
307
|
+
|
|
307
308
|
In cases where the authenticate code might be running in an environment with more than one credential available,
|
|
308
309
|
the `@azure/identity` package offers a unique form of logging. On the optional parameters for every credential,
|
|
309
310
|
developers can set `allowLoggingAccountIdentifiers` to true in the
|
|
@@ -319,7 +320,7 @@ import { setLogLevel } from "@azure/logger";
|
|
|
319
320
|
setLogLevel("info");
|
|
320
321
|
|
|
321
322
|
const credential = new DefaultAzureCredential({
|
|
322
|
-
loggingOptions: { allowLoggingAccountIdentifiers: true }
|
|
323
|
+
loggingOptions: { allowLoggingAccountIdentifiers: true },
|
|
323
324
|
});
|
|
324
325
|
```
|
|
325
326
|
|