@azure/identity 4.1.0-alpha.20240124.2 → 4.1.0-alpha.20240126.4

package/dist-esm/src/msal/utils.js.map

@@ -1 +1 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,UAAU,MAAM,kBAAkB,CAAC;AAG/C,OAAO,EAAE,2BAA2B,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AACpF,OAAO,EAAoB,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAErE,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1C;;GAEG;AACH,MAAM,MAAM,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;AAEjD;;;GAGG;AACH,MAAM,iCAAiC,GAAG,KAAK,CAAC;AAEhD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAyB,EACzB,SAAqB,EACrB,eAAiC;IAEjC,MAAM,KAAK,GAAG,CAAC,OAAe,EAAS,EAAE;QACvC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,IAAI,2BAA2B,CAAC;YACrC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACjD,eAAe;YACf,OAAO;SACR,CAAC,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC,SAAS,EAAE;QACd,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;KAC5B;IACD,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE;QACxB,MAAM,KAAK,CAAC,uCAAuC,CAAC,CAAC;KACtD;IACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;QAC1B,MAAM,KAAK,CAAC,yCAAyC,CAAC,CAAC;KACxD;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAa;IAC1D,IAAI,CAAC,IAAI,EAAE;QACT,IAAI,GAAG,oBAAoB,CAAC;KAC7B;IACD,IAAI,IAAI,MAAM,CAAC,GAAG,QAAQ,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC3C,OAAO,IAAI,CAAC;KACb;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QACtB,OAAO,IAAI,GAAG,QAAQ,CAAC;KACxB;SAAM;QACL,OAAO,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC;KAC9B;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,aAAqB,EACrB,wBAAkC;IAElC,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,aAAa,CAAC,IAAI,wBAAwB,EAAE;QACtE,OAAO,CAAC,aAAa,CAAC,CAAC;KACxB;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAIhC,CAAC,UAA4B,EAAE,WAA+B,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAE,EAAE,CAC7F,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAQ,EAAE;IACpC,IAAI,WAAW,EAAE;QACf,OAAO;KACR;IACD,QAAQ,KAAK,EAAE;QACb,KAAK,UAAU,CAAC,QAAQ,CAAC,KAAK;YAC5B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,cAAc,OAAO,EAAE,CAAC,CAAC;YACzD,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,IAAI;YAC3B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,qBAAqB,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,wBAAwB,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,gBAAgB,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO;KACV;AACH,CAAC,CAAC;AAEJ;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,QAAmC;IACjE,QAAQ,QAAQ,EAAE;QAChB,KAAK,OAAO;YACV,OAAO,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC;YACE,4CAA4C;YAC5C,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;KACnC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAgB,EAChB,KAAY,EACZ,eAAiC;IAEjC,IACE,KAAK,CAAC,IAAI,KAAK,WAAW;QAC1B,KAAK,CAAC,IAAI,KAAK,iBAAiB;QAChC,KAAK,CAAC,IAAI,KAAK,kBAAkB,EACjC;QACA,MAAM,SAAS,GAAG,KAA6B,CAAC;QAChD,QAAQ,SAAS,CAAC,SAAS,EAAE;YAC3B,KAAK,4BAA4B;gBAC/B,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChD,OAAO,IAAI,0BAA0B,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,KAAK,+BAA+B;gBAClC,OAAO,IAAI,UAAU,CAAC,oDAAoD,CAAC,CAAC;YAC9E,KAAK,kBAAkB,CAAC;YACxB,KAAK,sBAAsB,CAAC;YAC5B,KAAK,gBAAgB;gBACnB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,MAAM,EAAE,qCAAqC,SAAS,CAAC,SAAS,EAAE,CAAC,CAChF,CAAC;gBACF,MAAM;YACR;gBACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC9E,MAAM;SACT;KACF;IACD,IACE,KAAK,CAAC,IAAI,KAAK,0BAA0B;QACzC,KAAK,CAAC,IAAI,KAAK,+BAA+B;QAC9C,KAAK,CAAC,IAAI,KAAK,YAAY,EAC3B;QACA,OAAO,KAAK,CAAC;KACd;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE;QACpC,MAAM,CAAC,IAAI,CACT,WAAW,CACT,MAAM,EACN,iCAAiC,KAAK,CAAC,OAAO,sBAC3C,KAAa,CAAC,UACjB,EAAE,CACH,CACF,CAAC;QACF,OAAO,KAAK,CAAC;KACd;IACD,OAAO,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;AAC9F,CAAC;AAED,qBAAqB;AAErB,MAAM,UAAU,YAAY,CAAC,OAA6B;IACxD,MAAM,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClF,uCACK,OAAO,KACV,cAAc,EAAE,OAAO,CAAC,aAAa,EACrC,WAAW,IACX;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,OAAwB;IACrE,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,WAAW,CAAC;QAC9D,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,eAAe;QAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ;QACR,OAAO,EAAE,iCAAiC;KAC3C,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,6BAA6B,CAAC,MAA4B;IACxE,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,+BAA+B,CAAC,gBAAwB;IACtE,MAAM,MAAM,GAAgD,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAEzF,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,KAAK,iCAAiC,EAAE;QAC1E,MAAM,KAAK,CAAC,0CAA0C,CAAC,CAAC;KACzD;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalCommon from \"@azure/msal-node\";\n\nimport { AuthenticationRecord, MsalAccountInfo, MsalToken } from \"./types\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../errors\";\nimport { CredentialLogger, credentialLogger, formatError } from \"../util/logging\";\nimport { DefaultAuthorityHost, DefaultTenantId } from \"../constants\";\n\nimport { AbortError } from \"@azure/abort-controller\";\nimport { AzureLogLevel } from \"@azure/logger\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { isNode } from \"@azure/core-util\";\n\nexport interface ILoggerCallback {\n  (level: msalCommon.LogLevel, message: string, containsPii: boolean): void;\n}\n\n/**\n * @internal\n */\nconst logger = credentialLogger(\"IdentityUtils\");\n\n/**\n * Latest AuthenticationRecord version\n * @internal\n */\nconst LatestAuthenticationRecordVersion = \"1.0\";\n\n/**\n * Ensures the validity of the MSAL token\n * @internal\n */\nexport function ensureValidMsalToken(\n  scopes: string | string[],\n  msalToken?: MsalToken,\n  getTokenOptions?: GetTokenOptions,\n): void {\n  const error = (message: string): Error => {\n    logger.getToken.info(message);\n    return new AuthenticationRequiredError({\n      scopes: Array.isArray(scopes) ? scopes : [scopes],\n      getTokenOptions,\n      message,\n    });\n  };\n  if (!msalToken) {\n    throw error(\"No response\");\n  }\n  if (!msalToken.expiresOn) {\n    throw error(`Response had no \"expiresOn\" property.`);\n  }\n  if (!msalToken.accessToken) {\n    throw error(`Response had no \"accessToken\" property.`);\n  }\n}\n\n/**\n * Generates a valid authority by combining a host with a tenantId.\n * @internal\n */\nexport function getAuthority(tenantId: string, host?: string): string {\n  if (!host) {\n    host = DefaultAuthorityHost;\n  }\n  if (new RegExp(`${tenantId}/?$`).test(host)) {\n    return host;\n  }\n  if (host.endsWith(\"/\")) {\n    return host + tenantId;\n  } else {\n    return `${host}/${tenantId}`;\n  }\n}\n\n/**\n * Generates the known authorities.\n * If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.\n * For that reason, we have to force MSAL to disable validating the authority\n * by sending it within the known authorities in the MSAL configuration.\n * @internal\n */\nexport function getKnownAuthorities(\n  tenantId: string,\n  authorityHost: string,\n  disableInstanceDiscovery?: boolean,\n): string[] {\n  if ((tenantId === \"adfs\" && authorityHost) || disableInstanceDiscovery) {\n    return [authorityHost];\n  }\n  return [];\n}\n\n/**\n * Generates a logger that can be passed to the MSAL clients.\n * @param credLogger - The logger of the credential.\n * @internal\n */\nexport const defaultLoggerCallback: (\n  logger: CredentialLogger,\n  platform?: \"Node\" | \"Browser\",\n) => ILoggerCallback =\n  (credLogger: CredentialLogger, platform: \"Node\" | \"Browser\" = isNode ? \"Node\" : \"Browser\") =>\n  (level, message, containsPii): void => {\n    if (containsPii) {\n      return;\n    }\n    switch (level) {\n      case msalCommon.LogLevel.Error:\n        credLogger.info(`MSAL ${platform} V2 error: ${message}`);\n        return;\n      case msalCommon.LogLevel.Info:\n        credLogger.info(`MSAL ${platform} V2 info message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Verbose:\n        credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Warning:\n        credLogger.info(`MSAL ${platform} V2 warning: ${message}`);\n        return;\n    }\n  };\n\n/**\n * @internal\n */\nexport function getMSALLogLevel(logLevel: AzureLogLevel | undefined): msalCommon.LogLevel {\n  switch (logLevel) {\n    case \"error\":\n      return msalCommon.LogLevel.Error;\n    case \"info\":\n      return msalCommon.LogLevel.Info;\n    case \"verbose\":\n      return msalCommon.LogLevel.Verbose;\n    case \"warning\":\n      return msalCommon.LogLevel.Warning;\n    default:\n      // default msal logging level should be Info\n      return msalCommon.LogLevel.Info;\n  }\n}\n\n/**\n * Handles MSAL errors.\n */\nexport function handleMsalError(\n  scopes: string[],\n  error: Error,\n  getTokenOptions?: GetTokenOptions,\n): Error {\n  if (\n    error.name === \"AuthError\" ||\n    error.name === \"ClientAuthError\" ||\n    error.name === \"BrowserAuthError\"\n  ) {\n    const msalError = error as msalCommon.AuthError;\n    switch (msalError.errorCode) {\n      case \"endpoints_resolution_error\":\n        logger.info(formatError(scopes, error.message));\n        return new CredentialUnavailableError(error.message);\n      case \"device_code_polling_cancelled\":\n        return new AbortError(\"The authentication has been aborted by the caller.\");\n      case \"consent_required\":\n      case \"interaction_required\":\n      case \"login_required\":\n        logger.info(\n          formatError(scopes, `Authentication returned errorCode ${msalError.errorCode}`),\n        );\n        break;\n      default:\n        logger.info(formatError(scopes, `Failed to acquire token: ${error.message}`));\n        break;\n    }\n  }\n  if (\n    error.name === \"ClientConfigurationError\" ||\n    error.name === \"BrowserConfigurationAuthError\" ||\n    error.name === \"AbortError\"\n  ) {\n    return error;\n  }\n  if (error.name === \"NativeAuthError\") {\n    logger.info(\n      formatError(\n        scopes,\n        `Error from the native broker: ${error.message} with status code: ${\n          (error as any).statusCode\n        }`,\n      ),\n    );\n    return error;\n  }\n  return new AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });\n}\n\n// transformations.ts\n\nexport function publicToMsal(account: AuthenticationRecord): msalCommon.AccountInfo {\n  const [environment] = account.authority.match(/([a-z]*\\.[a-z]*\\.[a-z]*)/) || [\"\"];\n  return {\n    ...account,\n    localAccountId: account.homeAccountId,\n    environment,\n  };\n}\n\nexport function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord {\n  const record = {\n    authority: getAuthority(account.tenantId, account.environment),\n    homeAccountId: account.homeAccountId,\n    tenantId: account.tenantId || DefaultTenantId,\n    username: account.username,\n    clientId,\n    version: LatestAuthenticationRecordVersion,\n  };\n  return record;\n}\n\n/**\n * Serializes an `AuthenticationRecord` into a string.\n *\n * The output of a serialized authentication record will contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.\n */\nexport function serializeAuthenticationRecord(record: AuthenticationRecord): string {\n  return JSON.stringify(record);\n}\n\n/**\n * Deserializes a previously serialized authentication record from a string into an object.\n *\n * The input string must contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * If the version we receive is unsupported, an error will be thrown.\n *\n * At the moment, the only available version is: \"1.0\", which is always set when the authentication record is serialized.\n *\n * @param serializedRecord - Authentication record previously serialized into string.\n * @returns AuthenticationRecord.\n */\nexport function deserializeAuthenticationRecord(serializedRecord: string): AuthenticationRecord {\n  const parsed: AuthenticationRecord & { version?: string } = JSON.parse(serializedRecord);\n\n  if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {\n    throw Error(\"Unsupported AuthenticationRecord version\");\n  }\n\n  return parsed;\n}\n"]}
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,UAAU,MAAM,kBAAkB,CAAC;AAG/C,OAAO,EAAE,2BAA2B,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AACpF,OAAO,EAAoB,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAErE,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1C;;GAEG;AACH,MAAM,MAAM,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;AAEjD;;;GAGG;AACH,MAAM,iCAAiC,GAAG,KAAK,CAAC;AAEhD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAyB,EACzB,SAAqB,EACrB,eAAiC;IAEjC,MAAM,KAAK,GAAG,CAAC,OAAe,EAAS,EAAE;QACvC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,IAAI,2BAA2B,CAAC;YACrC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACjD,eAAe;YACf,OAAO;SACR,CAAC,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;QACzB,MAAM,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAa;IAC1D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,IAAI,GAAG,oBAAoB,CAAC;IAC9B,CAAC;IACD,IAAI,IAAI,MAAM,CAAC,GAAG,QAAQ,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,GAAG,QAAQ,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,aAAqB,EACrB,wBAAkC;IAElC,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,aAAa,CAAC,IAAI,wBAAwB,EAAE,CAAC;QACvE,OAAO,CAAC,aAAa,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAIhC,CAAC,UAA4B,EAAE,WAA+B,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAE,EAAE,CAC7F,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAQ,EAAE;IACpC,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU,CAAC,QAAQ,CAAC,KAAK;YAC5B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,cAAc,OAAO,EAAE,CAAC,CAAC;YACzD,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,IAAI;YAC3B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,qBAAqB,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,wBAAwB,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,gBAAgB,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO;IACX,CAAC;AACH,CAAC,CAAC;AAEJ;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,QAAmC;IACjE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC;YACE,4CAA4C;YAC5C,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;IACpC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAgB,EAChB,KAAY,EACZ,eAAiC;IAEjC,IACE,KAAK,CAAC,IAAI,KAAK,WAAW;QAC1B,KAAK,CAAC,IAAI,KAAK,iBAAiB;QAChC,KAAK,CAAC,IAAI,KAAK,kBAAkB,EACjC,CAAC;QACD,MAAM,SAAS,GAAG,KAA6B,CAAC;QAChD,QAAQ,SAAS,CAAC,SAAS,EAAE,CAAC;YAC5B,KAAK,4BAA4B;gBAC/B,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChD,OAAO,IAAI,0BAA0B,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,KAAK,+BAA+B;gBAClC,OAAO,IAAI,UAAU,CAAC,oDAAoD,CAAC,CAAC;YAC9E,KAAK,kBAAkB,CAAC;YACxB,KAAK,sBAAsB,CAAC;YAC5B,KAAK,gBAAgB;gBACnB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,MAAM,EAAE,qCAAqC,SAAS,CAAC,SAAS,EAAE,CAAC,CAChF,CAAC;gBACF,MAAM;YACR;gBACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC9E,MAAM;QACV,CAAC;IACH,CAAC;IACD,IACE,KAAK,CAAC,IAAI,KAAK,0BAA0B;QACzC,KAAK,CAAC,IAAI,KAAK,+BAA+B;QAC9C,KAAK,CAAC,IAAI,KAAK,YAAY,EAC3B,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CACT,WAAW,CACT,MAAM,EACN,iCAAiC,KAAK,CAAC,OAAO,sBAC3C,KAAa,CAAC,UACjB,EAAE,CACH,CACF,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;AAC9F,CAAC;AAED,qBAAqB;AAErB,MAAM,UAAU,YAAY,CAAC,OAA6B;IACxD,MAAM,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClF,uCACK,OAAO,KACV,cAAc,EAAE,OAAO,CAAC,aAAa,EACrC,WAAW,IACX;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,OAAwB;IACrE,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,WAAW,CAAC;QAC9D,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,eAAe;QAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ;QACR,OAAO,EAAE,iCAAiC;KAC3C,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,6BAA6B,CAAC,MAA4B;IACxE,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,+BAA+B,CAAC,gBAAwB;IACtE,MAAM,MAAM,GAAgD,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAEzF,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,KAAK,iCAAiC,EAAE,CAAC;QAC3E,MAAM,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalCommon from \"@azure/msal-node\";\n\nimport { AuthenticationRecord, MsalAccountInfo, MsalToken } from \"./types\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../errors\";\nimport { CredentialLogger, credentialLogger, formatError } from \"../util/logging\";\nimport { DefaultAuthorityHost, DefaultTenantId } from \"../constants\";\n\nimport { AbortError } from \"@azure/abort-controller\";\nimport { AzureLogLevel } from \"@azure/logger\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { isNode } from \"@azure/core-util\";\n\nexport interface ILoggerCallback {\n  (level: msalCommon.LogLevel, message: string, containsPii: boolean): void;\n}\n\n/**\n * @internal\n */\nconst logger = credentialLogger(\"IdentityUtils\");\n\n/**\n * Latest AuthenticationRecord version\n * @internal\n */\nconst LatestAuthenticationRecordVersion = \"1.0\";\n\n/**\n * Ensures the validity of the MSAL token\n * @internal\n */\nexport function ensureValidMsalToken(\n  scopes: string | string[],\n  msalToken?: MsalToken,\n  getTokenOptions?: GetTokenOptions,\n): void {\n  const error = (message: string): Error => {\n    logger.getToken.info(message);\n    return new AuthenticationRequiredError({\n      scopes: Array.isArray(scopes) ? scopes : [scopes],\n      getTokenOptions,\n      message,\n    });\n  };\n  if (!msalToken) {\n    throw error(\"No response\");\n  }\n  if (!msalToken.expiresOn) {\n    throw error(`Response had no \"expiresOn\" property.`);\n  }\n  if (!msalToken.accessToken) {\n    throw error(`Response had no \"accessToken\" property.`);\n  }\n}\n\n/**\n * Generates a valid authority by combining a host with a tenantId.\n * @internal\n */\nexport function getAuthority(tenantId: string, host?: string): string {\n  if (!host) {\n    host = DefaultAuthorityHost;\n  }\n  if (new RegExp(`${tenantId}/?$`).test(host)) {\n    return host;\n  }\n  if (host.endsWith(\"/\")) {\n    return host + tenantId;\n  } else {\n    return `${host}/${tenantId}`;\n  }\n}\n\n/**\n * Generates the known authorities.\n * If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.\n * For that reason, we have to force MSAL to disable validating the authority\n * by sending it within the known authorities in the MSAL configuration.\n * @internal\n */\nexport function getKnownAuthorities(\n  tenantId: string,\n  authorityHost: string,\n  disableInstanceDiscovery?: boolean,\n): string[] {\n  if ((tenantId === \"adfs\" && authorityHost) || disableInstanceDiscovery) {\n    return [authorityHost];\n  }\n  return [];\n}\n\n/**\n * Generates a logger that can be passed to the MSAL clients.\n * @param credLogger - The logger of the credential.\n * @internal\n */\nexport const defaultLoggerCallback: (\n  logger: CredentialLogger,\n  platform?: \"Node\" | \"Browser\",\n) => ILoggerCallback =\n  (credLogger: CredentialLogger, platform: \"Node\" | \"Browser\" = isNode ? \"Node\" : \"Browser\") =>\n  (level, message, containsPii): void => {\n    if (containsPii) {\n      return;\n    }\n    switch (level) {\n      case msalCommon.LogLevel.Error:\n        credLogger.info(`MSAL ${platform} V2 error: ${message}`);\n        return;\n      case msalCommon.LogLevel.Info:\n        credLogger.info(`MSAL ${platform} V2 info message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Verbose:\n        credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Warning:\n        credLogger.info(`MSAL ${platform} V2 warning: ${message}`);\n        return;\n    }\n  };\n\n/**\n * @internal\n */\nexport function getMSALLogLevel(logLevel: AzureLogLevel | undefined): msalCommon.LogLevel {\n  switch (logLevel) {\n    case \"error\":\n      return msalCommon.LogLevel.Error;\n    case \"info\":\n      return msalCommon.LogLevel.Info;\n    case \"verbose\":\n      return msalCommon.LogLevel.Verbose;\n    case \"warning\":\n      return msalCommon.LogLevel.Warning;\n    default:\n      // default msal logging level should be Info\n      return msalCommon.LogLevel.Info;\n  }\n}\n\n/**\n * Handles MSAL errors.\n */\nexport function handleMsalError(\n  scopes: string[],\n  error: Error,\n  getTokenOptions?: GetTokenOptions,\n): Error {\n  if (\n    error.name === \"AuthError\" ||\n    error.name === \"ClientAuthError\" ||\n    error.name === \"BrowserAuthError\"\n  ) {\n    const msalError = error as msalCommon.AuthError;\n    switch (msalError.errorCode) {\n      case \"endpoints_resolution_error\":\n        logger.info(formatError(scopes, error.message));\n        return new CredentialUnavailableError(error.message);\n      case \"device_code_polling_cancelled\":\n        return new AbortError(\"The authentication has been aborted by the caller.\");\n      case \"consent_required\":\n      case \"interaction_required\":\n      case \"login_required\":\n        logger.info(\n          formatError(scopes, `Authentication returned errorCode ${msalError.errorCode}`),\n        );\n        break;\n      default:\n        logger.info(formatError(scopes, `Failed to acquire token: ${error.message}`));\n        break;\n    }\n  }\n  if (\n    error.name === \"ClientConfigurationError\" ||\n    error.name === \"BrowserConfigurationAuthError\" ||\n    error.name === \"AbortError\"\n  ) {\n    return error;\n  }\n  if (error.name === \"NativeAuthError\") {\n    logger.info(\n      formatError(\n        scopes,\n        `Error from the native broker: ${error.message} with status code: ${\n          (error as any).statusCode\n        }`,\n      ),\n    );\n    return error;\n  }\n  return new AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });\n}\n\n// transformations.ts\n\nexport function publicToMsal(account: AuthenticationRecord): msalCommon.AccountInfo {\n  const [environment] = account.authority.match(/([a-z]*\\.[a-z]*\\.[a-z]*)/) || [\"\"];\n  return {\n    ...account,\n    localAccountId: account.homeAccountId,\n    environment,\n  };\n}\n\nexport function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord {\n  const record = {\n    authority: getAuthority(account.tenantId, account.environment),\n    homeAccountId: account.homeAccountId,\n    tenantId: account.tenantId || DefaultTenantId,\n    username: account.username,\n    clientId,\n    version: LatestAuthenticationRecordVersion,\n  };\n  return record;\n}\n\n/**\n * Serializes an `AuthenticationRecord` into a string.\n *\n * The output of a serialized authentication record will contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.\n */\nexport function serializeAuthenticationRecord(record: AuthenticationRecord): string {\n  return JSON.stringify(record);\n}\n\n/**\n * Deserializes a previously serialized authentication record from a string into an object.\n *\n * The input string must contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * If the version we receive is unsupported, an error will be thrown.\n *\n * At the moment, the only available version is: \"1.0\", which is always set when the authentication record is serialized.\n *\n * @param serializedRecord - Authentication record previously serialized into string.\n * @returns AuthenticationRecord.\n */\nexport function deserializeAuthenticationRecord(serializedRecord: string): AuthenticationRecord {\n  const parsed: AuthenticationRecord & { version?: string } = JSON.parse(serializedRecord);\n\n  if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {\n    throw Error(\"Unsupported AuthenticationRecord version\");\n  }\n\n  return parsed;\n}\n"]}

package/dist-esm/src/util/identityTokenEndpoint.js.map

@@ -1 +1 @@
-{"version":3,"file":"identityTokenEndpoint.js","sourceRoot":"","sources":["../../../src/util/identityTokenEndpoint.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,MAAM,UAAU,8BAA8B,CAAC,QAAgB;IAC7D,IAAI,QAAQ,KAAK,MAAM,EAAE;QACvB,OAAO,cAAc,CAAC;KACvB;SAAM;QACL,OAAO,mBAAmB,CAAC;KAC5B;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nexport function getIdentityTokenEndpointSuffix(tenantId: string): string {\n  if (tenantId === \"adfs\") {\n    return \"oauth2/token\";\n  } else {\n    return \"oauth2/v2.0/token\";\n  }\n}\n"]}
+{"version":3,"file":"identityTokenEndpoint.js","sourceRoot":"","sources":["../../../src/util/identityTokenEndpoint.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,MAAM,UAAU,8BAA8B,CAAC,QAAgB;IAC7D,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,OAAO,cAAc,CAAC;IACxB,CAAC;SAAM,CAAC;QACN,OAAO,mBAAmB,CAAC;IAC7B,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nexport function getIdentityTokenEndpointSuffix(tenantId: string): string {\n  if (tenantId === \"adfs\") {\n    return \"oauth2/token\";\n  } else {\n    return \"oauth2/v2.0/token\";\n  }\n}\n"]}

package/dist-esm/src/util/logging.js.map

@@ -1 +1 @@
-{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../../src/util/logging.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAe,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEhE;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;AAOrD;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,gBAA0B;IACvD,OAAO,gBAAgB,CAAC,MAAM,CAC5B,CAAC,GAA2B,EAAE,WAAmB,EAAE,EAAE;QACnD,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;YAC5B,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;SAChC;aAAM;YACL,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;SAC/B;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC9B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAsB,EAAE,gBAA0B;IAC3E,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;IACtD,MAAM,CAAC,IAAI,CACT,GAAG,cAAc,kDAAkD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACzF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAwB;IACpD,OAAO,oBAAoB,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;AAChF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,KAAoC,EAAE,KAAqB;IACrF,IAAI,OAAO,GAAG,QAAQ,CAAC;IACvB,IAAI,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,MAAM,EAAE;QACjB,OAAO,IAAI,YAAY,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;KAC3E;IACD,OAAO,GAAG,OAAO,mBAAmB,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC;AAC3F,CAAC;AAoBD;;;;;;;GAOG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAa,EACb,MAAiC,EACjC,MAAmB,MAAM;IAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAElE,SAAS,IAAI,CAAC,OAAe;QAC3B,GAAG,CAAC,IAAI,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO;QACL,KAAK;QACL,SAAS;QACT,IAAI;QACJ,OAAO;QACP,OAAO;KACR,CAAC;AACJ,CAAC;AAWD;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,MAAmB,MAAM;IACvE,MAAM,UAAU,GAAG,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;IACnE,uCACK,UAAU,KACb,MAAM,EAAE,GAAG,EACX,QAAQ,EAAE,wBAAwB,CAAC,eAAe,EAAE,UAAU,EAAE,GAAG,CAAC,IACpE;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AzureLogger, createClientLogger } from \"@azure/logger\";\n\n/**\n * The AzureLogger used for all clients within the identity package\n */\nexport const logger = createClientLogger(\"identity\");\n\ninterface EnvironmentAccumulator {\n  missing: string[];\n  assigned: string[];\n}\n\n/**\n * Separates a list of environment variable names into a plain object with two arrays: an array of missing environment variables and another array with assigned environment variables.\n * @param supportedEnvVars - List of environment variable names\n */\nexport function processEnvVars(supportedEnvVars: string[]): EnvironmentAccumulator {\n  return supportedEnvVars.reduce(\n    (acc: EnvironmentAccumulator, envVariable: string) => {\n      if (process.env[envVariable]) {\n        acc.assigned.push(envVariable);\n      } else {\n        acc.missing.push(envVariable);\n      }\n      return acc;\n    },\n    { missing: [], assigned: [] },\n  );\n}\n\n/**\n * Based on a given list of environment variable names,\n * logs the environment variables currently assigned during the usage of a credential that goes by the given name.\n * @param credentialName - Name of the credential in use\n * @param supportedEnvVars - List of environment variables supported by that credential\n */\nexport function logEnvVars(credentialName: string, supportedEnvVars: string[]): void {\n  const { assigned } = processEnvVars(supportedEnvVars);\n  logger.info(\n    `${credentialName} => Found the following environment variables: ${assigned.join(\", \")}`,\n  );\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatSuccess(scope: string | string[]): string {\n  return `SUCCESS. Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatError(scope: string | string[] | undefined, error: Error | string): string {\n  let message = \"ERROR.\";\n  if (scope?.length) {\n    message += ` Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n  }\n  return `${message} Error message: ${typeof error === \"string\" ? error : error.message}.`;\n}\n\n/**\n * A CredentialLoggerInstance is a logger properly formatted to work in a credential's constructor, and its methods.\n */\nexport interface CredentialLoggerInstance {\n  title: string;\n  fullTitle: string;\n  info(message: string): void;\n  warning(message: string): void;\n  verbose(message: string): void;\n  /**\n   * The logging functions for warning and error are intentionally left out, since we want the identity logging to be at the info level.\n   * Otherwise, they would look like:\n   *\n   *   warning(message: string): void;\n   *   error(err: Error): void;\n   */\n}\n\n/**\n * Generates a CredentialLoggerInstance.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *\n */\nexport function credentialLoggerInstance(\n  title: string,\n  parent?: CredentialLoggerInstance,\n  log: AzureLogger = logger,\n): CredentialLoggerInstance {\n  const fullTitle = parent ? `${parent.fullTitle} ${title}` : title;\n\n  function info(message: string): void {\n    log.info(`${fullTitle} =>`, message);\n  }\n\n  function warning(message: string): void {\n    log.warning(`${fullTitle} =>`, message);\n  }\n\n  function verbose(message: string): void {\n    log.verbose(`${fullTitle} =>`, message);\n  }\n  return {\n    title,\n    fullTitle,\n    info,\n    warning,\n    verbose,\n  };\n}\n\n/**\n * A CredentialLogger is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n */\nexport interface CredentialLogger extends CredentialLoggerInstance {\n  parent: AzureLogger;\n  getToken: CredentialLoggerInstance;\n}\n\n/**\n * Generates a CredentialLogger, which is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *   `[title] => getToken() => [message]`\n *\n */\nexport function credentialLogger(title: string, log: AzureLogger = logger): CredentialLogger {\n  const credLogger = credentialLoggerInstance(title, undefined, log);\n  return {\n    ...credLogger,\n    parent: log,\n    getToken: credentialLoggerInstance(\"=> getToken()\", credLogger, log),\n  };\n}\n"]}
+{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../../src/util/logging.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAe,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEhE;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;AAOrD;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,gBAA0B;IACvD,OAAO,gBAAgB,CAAC,MAAM,CAC5B,CAAC,GAA2B,EAAE,WAAmB,EAAE,EAAE;QACnD,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC9B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAsB,EAAE,gBAA0B;IAC3E,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;IACtD,MAAM,CAAC,IAAI,CACT,GAAG,cAAc,kDAAkD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACzF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAwB;IACpD,OAAO,oBAAoB,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;AAChF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,KAAoC,EAAE,KAAqB;IACrF,IAAI,OAAO,GAAG,QAAQ,CAAC;IACvB,IAAI,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,MAAM,EAAE,CAAC;QAClB,OAAO,IAAI,YAAY,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;IAC5E,CAAC;IACD,OAAO,GAAG,OAAO,mBAAmB,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC;AAC3F,CAAC;AAoBD;;;;;;;GAOG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAa,EACb,MAAiC,EACjC,MAAmB,MAAM;IAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAElE,SAAS,IAAI,CAAC,OAAe;QAC3B,GAAG,CAAC,IAAI,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO;QACL,KAAK;QACL,SAAS;QACT,IAAI;QACJ,OAAO;QACP,OAAO;KACR,CAAC;AACJ,CAAC;AAWD;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,MAAmB,MAAM;IACvE,MAAM,UAAU,GAAG,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;IACnE,uCACK,UAAU,KACb,MAAM,EAAE,GAAG,EACX,QAAQ,EAAE,wBAAwB,CAAC,eAAe,EAAE,UAAU,EAAE,GAAG,CAAC,IACpE;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AzureLogger, createClientLogger } from \"@azure/logger\";\n\n/**\n * The AzureLogger used for all clients within the identity package\n */\nexport const logger = createClientLogger(\"identity\");\n\ninterface EnvironmentAccumulator {\n  missing: string[];\n  assigned: string[];\n}\n\n/**\n * Separates a list of environment variable names into a plain object with two arrays: an array of missing environment variables and another array with assigned environment variables.\n * @param supportedEnvVars - List of environment variable names\n */\nexport function processEnvVars(supportedEnvVars: string[]): EnvironmentAccumulator {\n  return supportedEnvVars.reduce(\n    (acc: EnvironmentAccumulator, envVariable: string) => {\n      if (process.env[envVariable]) {\n        acc.assigned.push(envVariable);\n      } else {\n        acc.missing.push(envVariable);\n      }\n      return acc;\n    },\n    { missing: [], assigned: [] },\n  );\n}\n\n/**\n * Based on a given list of environment variable names,\n * logs the environment variables currently assigned during the usage of a credential that goes by the given name.\n * @param credentialName - Name of the credential in use\n * @param supportedEnvVars - List of environment variables supported by that credential\n */\nexport function logEnvVars(credentialName: string, supportedEnvVars: string[]): void {\n  const { assigned } = processEnvVars(supportedEnvVars);\n  logger.info(\n    `${credentialName} => Found the following environment variables: ${assigned.join(\", \")}`,\n  );\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatSuccess(scope: string | string[]): string {\n  return `SUCCESS. Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatError(scope: string | string[] | undefined, error: Error | string): string {\n  let message = \"ERROR.\";\n  if (scope?.length) {\n    message += ` Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n  }\n  return `${message} Error message: ${typeof error === \"string\" ? error : error.message}.`;\n}\n\n/**\n * A CredentialLoggerInstance is a logger properly formatted to work in a credential's constructor, and its methods.\n */\nexport interface CredentialLoggerInstance {\n  title: string;\n  fullTitle: string;\n  info(message: string): void;\n  warning(message: string): void;\n  verbose(message: string): void;\n  /**\n   * The logging functions for warning and error are intentionally left out, since we want the identity logging to be at the info level.\n   * Otherwise, they would look like:\n   *\n   *   warning(message: string): void;\n   *   error(err: Error): void;\n   */\n}\n\n/**\n * Generates a CredentialLoggerInstance.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *\n */\nexport function credentialLoggerInstance(\n  title: string,\n  parent?: CredentialLoggerInstance,\n  log: AzureLogger = logger,\n): CredentialLoggerInstance {\n  const fullTitle = parent ? `${parent.fullTitle} ${title}` : title;\n\n  function info(message: string): void {\n    log.info(`${fullTitle} =>`, message);\n  }\n\n  function warning(message: string): void {\n    log.warning(`${fullTitle} =>`, message);\n  }\n\n  function verbose(message: string): void {\n    log.verbose(`${fullTitle} =>`, message);\n  }\n  return {\n    title,\n    fullTitle,\n    info,\n    warning,\n    verbose,\n  };\n}\n\n/**\n * A CredentialLogger is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n */\nexport interface CredentialLogger extends CredentialLoggerInstance {\n  parent: AzureLogger;\n  getToken: CredentialLoggerInstance;\n}\n\n/**\n * Generates a CredentialLogger, which is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *   `[title] => getToken() => [message]`\n *\n */\nexport function credentialLogger(title: string, log: AzureLogger = logger): CredentialLogger {\n  const credLogger = credentialLoggerInstance(title, undefined, log);\n  return {\n    ...credLogger,\n    parent: log,\n    getToken: credentialLoggerInstance(\"=> getToken()\", credLogger, log),\n  };\n}\n"]}

package/dist-esm/src/util/processMultiTenantRequest.browser.js.map

@@ -1 +1 @@
-{"version":3,"file":"processMultiTenantRequest.browser.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE;;IAE3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAAQ,KAAK,MAAM,EAAE;QACvB,gBAAgB,GAAG,QAAQ,CAAC;KAC7B;SAAM;QACL,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;KAC1D;IAED,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF;QACA,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,QAAQ,CAAC,CAAC,CAAC;KAC5D;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    throw new Error(createConfigurationErrorMessage(tenantId));\n  }\n\n  return resolvedTenantId;\n}\n"]}
+{"version":3,"file":"processMultiTenantRequest.browser.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE;;IAE3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;IAC3D,CAAC;IAED,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    throw new Error(createConfigurationErrorMessage(tenantId));\n  }\n\n  return resolvedTenantId;\n}\n"]}

package/dist-esm/src/util/processMultiTenantRequest.js.map

@@ -1 +1 @@
-{"version":3,"file":"processMultiTenantRequest.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAGvD,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE,EAC3C,MAAyB;;IAEzB,IAAI,gBAAoC,CAAC;IACzC,IAAI,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE;QACtD,gBAAgB,GAAG,QAAQ,CAAC;KAC7B;SAAM,IAAI,QAAQ,KAAK,MAAM,EAAE;QAC9B,gBAAgB,GAAG,QAAQ,CAAC;KAC7B;SAAM;QACL,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;KAC1D;IACD,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF;QACA,MAAM,OAAO,GAAG,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,MAAM,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;KAC/C;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport { CredentialLogger } from \"./logging\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n  logger?: CredentialLogger,\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (process.env.AZURE_IDENTITY_DISABLE_MULTITENANTAUTH) {\n    resolvedTenantId = tenantId;\n  } else if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    const message = createConfigurationErrorMessage(tenantId);\n    logger?.info(message);\n    throw new CredentialUnavailableError(message);\n  }\n\n  return resolvedTenantId;\n}\n"]}
+{"version":3,"file":"processMultiTenantRequest.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAGvD,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE,EAC3C,MAAyB;;IAEzB,IAAI,gBAAoC,CAAC;IACzC,IAAI,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,CAAC;QACvD,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QAC/B,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;IAC3D,CAAC;IACD,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF,CAAC;QACD,MAAM,OAAO,GAAG,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,MAAM,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport { CredentialLogger } from \"./logging\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n  logger?: CredentialLogger,\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (process.env.AZURE_IDENTITY_DISABLE_MULTITENANTAUTH) {\n    resolvedTenantId = tenantId;\n  } else if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    const message = createConfigurationErrorMessage(tenantId);\n    logger?.info(message);\n    throw new CredentialUnavailableError(message);\n  }\n\n  return resolvedTenantId;\n}\n"]}

package/dist-esm/src/util/processUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"processUtils.js","sourceRoot":"","sources":["../../../src/util/processUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,YAAY,MAAM,eAAe,CAAC;AAE9C;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B;;;OAGG;IACH,QAAQ,CACN,IAAY,EACZ,MAAgB,EAChB,OAAwD;QAExD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,YAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;gBACrE,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;oBAC3B,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;iBAClC;gBACD,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;oBAC3B,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;iBAClC;gBACD,IAAI,MAAM,IAAI,KAAK,EAAE;oBACnB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;iBAC5C;qBAAM;oBACL,OAAO,CAAC,MAAM,CAAC,CAAC;iBACjB;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as childProcess from \"child_process\";\n\n/**\n * Easy to mock childProcess utils.\n * @internal\n */\nexport const processUtils = {\n  /**\n   * Promisifying childProcess.execFile\n   * @internal\n   */\n  execFile(\n    file: string,\n    params: string[],\n    options?: childProcess.ExecFileOptionsWithStringEncoding,\n  ): Promise<string | Buffer> {\n    return new Promise((resolve, reject) => {\n      childProcess.execFile(file, params, options, (error, stdout, stderr) => {\n        if (Buffer.isBuffer(stdout)) {\n          stdout = stdout.toString(\"utf8\");\n        }\n        if (Buffer.isBuffer(stderr)) {\n          stderr = stderr.toString(\"utf8\");\n        }\n        if (stderr || error) {\n          reject(stderr ? new Error(stderr) : error);\n        } else {\n          resolve(stdout);\n        }\n      });\n    });\n  },\n};\n"]}
+{"version":3,"file":"processUtils.js","sourceRoot":"","sources":["../../../src/util/processUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,YAAY,MAAM,eAAe,CAAC;AAE9C;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B;;;OAGG;IACH,QAAQ,CACN,IAAY,EACZ,MAAgB,EAChB,OAAwD;QAExD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,YAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;gBACrE,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC5B,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBACnC,CAAC;gBACD,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC5B,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBACnC,CAAC;gBACD,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;oBACpB,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;gBAC7C,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,MAAM,CAAC,CAAC;gBAClB,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as childProcess from \"child_process\";\n\n/**\n * Easy to mock childProcess utils.\n * @internal\n */\nexport const processUtils = {\n  /**\n   * Promisifying childProcess.execFile\n   * @internal\n   */\n  execFile(\n    file: string,\n    params: string[],\n    options?: childProcess.ExecFileOptionsWithStringEncoding,\n  ): Promise<string | Buffer> {\n    return new Promise((resolve, reject) => {\n      childProcess.execFile(file, params, options, (error, stdout, stderr) => {\n        if (Buffer.isBuffer(stdout)) {\n          stdout = stdout.toString(\"utf8\");\n        }\n        if (Buffer.isBuffer(stderr)) {\n          stderr = stderr.toString(\"utf8\");\n        }\n        if (stderr || error) {\n          reject(stderr ? new Error(stderr) : error);\n        } else {\n          resolve(stdout);\n        }\n      });\n    });\n  },\n};\n"]}

package/dist-esm/src/util/scopeUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"scopeUtils.js","sourceRoot":"","sources":["../../../src/util/scopeUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,MAAyB;IACpD,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,+BAA+B,CAAC,KAAa,EAAE,MAAwB;IACrF,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE;QACvC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QACrF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAChD,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { CredentialLogger, formatError } from \"./logging\";\n\n/**\n * Ensures the scopes value is an array.\n * @internal\n */\nexport function ensureScopes(scopes: string | string[]): string[] {\n  return Array.isArray(scopes) ? scopes : [scopes];\n}\n\n/**\n * Throws if the received scope is not valid.\n * @internal\n */\nexport function ensureValidScopeForDevTimeCreds(scope: string, logger: CredentialLogger): void {\n  if (!scope.match(/^[0-9a-zA-Z-_.:/]+$/)) {\n    const error = new Error(\"Invalid scope was specified by the user or calling client\");\n    logger.getToken.info(formatError(scope, error));\n    throw error;\n  }\n}\n\n/**\n * Returns the resource out of a scope.\n * @internal\n */\nexport function getScopeResource(scope: string): string {\n  return scope.replace(/\\/.default$/, \"\");\n}\n"]}
+{"version":3,"file":"scopeUtils.js","sourceRoot":"","sources":["../../../src/util/scopeUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,MAAyB;IACpD,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,+BAA+B,CAAC,KAAa,EAAE,MAAwB;IACrF,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QACrF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAChD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { CredentialLogger, formatError } from \"./logging\";\n\n/**\n * Ensures the scopes value is an array.\n * @internal\n */\nexport function ensureScopes(scopes: string | string[]): string[] {\n  return Array.isArray(scopes) ? scopes : [scopes];\n}\n\n/**\n * Throws if the received scope is not valid.\n * @internal\n */\nexport function ensureValidScopeForDevTimeCreds(scope: string, logger: CredentialLogger): void {\n  if (!scope.match(/^[0-9a-zA-Z-_.:/]+$/)) {\n    const error = new Error(\"Invalid scope was specified by the user or calling client\");\n    logger.getToken.info(formatError(scope, error));\n    throw error;\n  }\n}\n\n/**\n * Returns the resource out of a scope.\n * @internal\n */\nexport function getScopeResource(scope: string): string {\n  return scope.replace(/\\/.default$/, \"\");\n}\n"]}

package/dist-esm/src/util/tenantIdUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"tenantIdUtils.js","sourceRoot":"","sources":["../../../src/util/tenantIdUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AACpE,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAExE;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,MAAwB,EAAE,QAAgB;IACtE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE;QACvC,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,4KAA4K,CAC7K,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAwB,EACxB,QAAiB,EACjB,QAAiB;IAEjB,IAAI,QAAQ,EAAE;QACZ,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,OAAO,QAAQ,CAAC;KACjB;IACD,IAAI,CAAC,QAAQ,EAAE;QACb,QAAQ,GAAG,uBAAuB,CAAC;KACpC;IACD,IAAI,QAAQ,KAAK,uBAAuB,EAAE;QACxC,OAAO,QAAQ,CAAC;KACjB;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mCAAmC,CACjD,0BAAqC;IAErC,IAAI,CAAC,0BAA0B,IAAI,0BAA0B,CAAC,MAAM,KAAK,CAAC,EAAE;QAC1E,OAAO,EAAE,CAAC;KACX;IAED,IAAI,0BAA0B,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QAC5C,OAAO,WAAW,CAAC;KACpB;IAED,OAAO,0BAA0B,CAAC;AACpC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { ALL_TENANTS, DeveloperSignOnClientId } from \"../constants\";\nimport { CredentialLogger, formatError } from \"./logging\";\nexport { processMultiTenantRequest } from \"./processMultiTenantRequest\";\n\n/**\n * @internal\n */\nexport function checkTenantId(logger: CredentialLogger, tenantId: string): void {\n  if (!tenantId.match(/^[0-9a-zA-Z-.]+$/)) {\n    const error = new Error(\n      \"Invalid tenant id provided. You can locate your tenant id by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names.\",\n    );\n    logger.info(formatError(\"\", error));\n    throw error;\n  }\n}\n\n/**\n * @internal\n */\nexport function resolveTenantId(\n  logger: CredentialLogger,\n  tenantId?: string,\n  clientId?: string,\n): string {\n  if (tenantId) {\n    checkTenantId(logger, tenantId);\n    return tenantId;\n  }\n  if (!clientId) {\n    clientId = DeveloperSignOnClientId;\n  }\n  if (clientId !== DeveloperSignOnClientId) {\n    return \"common\";\n  }\n  return \"organizations\";\n}\n\n/**\n * @internal\n */\nexport function resolveAdditionallyAllowedTenantIds(\n  additionallyAllowedTenants?: string[],\n): string[] {\n  if (!additionallyAllowedTenants || additionallyAllowedTenants.length === 0) {\n    return [];\n  }\n\n  if (additionallyAllowedTenants.includes(\"*\")) {\n    return ALL_TENANTS;\n  }\n\n  return additionallyAllowedTenants;\n}\n"]}
+{"version":3,"file":"tenantIdUtils.js","sourceRoot":"","sources":["../../../src/util/tenantIdUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AACpE,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAExE;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,MAAwB,EAAE,QAAgB;IACtE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,4KAA4K,CAC7K,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAwB,EACxB,QAAiB,EACjB,QAAiB;IAEjB,IAAI,QAAQ,EAAE,CAAC;QACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG,uBAAuB,CAAC;IACrC,CAAC;IACD,IAAI,QAAQ,KAAK,uBAAuB,EAAE,CAAC;QACzC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mCAAmC,CACjD,0BAAqC;IAErC,IAAI,CAAC,0BAA0B,IAAI,0BAA0B,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3E,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,0BAA0B,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,OAAO,0BAA0B,CAAC;AACpC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { ALL_TENANTS, DeveloperSignOnClientId } from \"../constants\";\nimport { CredentialLogger, formatError } from \"./logging\";\nexport { processMultiTenantRequest } from \"./processMultiTenantRequest\";\n\n/**\n * @internal\n */\nexport function checkTenantId(logger: CredentialLogger, tenantId: string): void {\n  if (!tenantId.match(/^[0-9a-zA-Z-.]+$/)) {\n    const error = new Error(\n      \"Invalid tenant id provided. You can locate your tenant id by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names.\",\n    );\n    logger.info(formatError(\"\", error));\n    throw error;\n  }\n}\n\n/**\n * @internal\n */\nexport function resolveTenantId(\n  logger: CredentialLogger,\n  tenantId?: string,\n  clientId?: string,\n): string {\n  if (tenantId) {\n    checkTenantId(logger, tenantId);\n    return tenantId;\n  }\n  if (!clientId) {\n    clientId = DeveloperSignOnClientId;\n  }\n  if (clientId !== DeveloperSignOnClientId) {\n    return \"common\";\n  }\n  return \"organizations\";\n}\n\n/**\n * @internal\n */\nexport function resolveAdditionallyAllowedTenantIds(\n  additionallyAllowedTenants?: string[],\n): string[] {\n  if (!additionallyAllowedTenants || additionallyAllowedTenants.length === 0) {\n    return [];\n  }\n\n  if (additionallyAllowedTenants.includes(\"*\")) {\n    return ALL_TENANTS;\n  }\n\n  return additionallyAllowedTenants;\n}\n"]}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@azure/identity",
   "sdk-type": "client",
-  "version": "4.1.0-alpha.20240124.2",
+  "version": "4.1.0-alpha.20240126.4",
   "description": "Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID",
   "main": "dist/index.js",
   "module": "dist-esm/src/index.js",
@@ -158,7 +158,7 @@
     "rimraf": "^3.0.0",
     "sinon": "^17.0.0",
     "ts-node": "^10.0.0",
-    "typescript": "~5.2.0",
+    "typescript": "~5.3.3",
     "util": "^0.12.1",
     "esm": "^3.2.18"
   }