@azure/identity 4.1.0-alpha.20240325.2 → 4.1.0-alpha.20240328.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @azure/identity might be problematic. Click here for more details.
- package/dist/index.js +29 -11
- package/dist/index.js.map +1 -1
- package/dist-esm/src/credentials/authorizationCodeCredential.js +1 -1
- package/dist-esm/src/credentials/authorizationCodeCredential.js.map +1 -1
- package/dist-esm/src/credentials/azureDeveloperCliCredential.js +1 -1
- package/dist-esm/src/credentials/azureDeveloperCliCredential.js.map +1 -1
- package/dist-esm/src/credentials/clientSecretCredential.js +1 -1
- package/dist-esm/src/credentials/clientSecretCredential.js.map +1 -1
- package/dist-esm/src/credentials/interactiveBrowserCredential.js +2 -2
- package/dist-esm/src/credentials/interactiveBrowserCredential.js.map +1 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.browser.js +1 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.browser.js.map +1 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.js +1 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js +3 -6
- package/dist-esm/src/msal/nodeFlows/msalNodeCommon.js.map +1 -1
- package/dist-esm/src/regionalAuthority.js +21 -0
- package/dist-esm/src/regionalAuthority.js.map +1 -1
- package/package.json +3 -2
- package/types/identity.d.ts +6 -6
|
@@ -12,7 +12,7 @@ const logger = credentialLogger("AuthorizationCodeCredential");
|
|
|
12
12
|
* that was obtained through the authorization code flow, described in more detail
|
|
13
13
|
* in the Microsoft Entra ID documentation:
|
|
14
14
|
*
|
|
15
|
-
* https://learn.microsoft.com/
|
|
15
|
+
* https://learn.microsoft.com/entra/identity-platform/v2-oauth2-auth-code-flow
|
|
16
16
|
*/
|
|
17
17
|
export class AuthorizationCodeCredential {
|
|
18
18
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authorizationCodeCredential.js","sourceRoot":"","sources":["../../../src/credentials/authorizationCodeCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,qBAAqB,EAAE,MAAM,yCAAyC,CAAC;AAEhF,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,6BAA6B,CAAC,CAAC;AAE/D;;;;;;GAMG;AACH,MAAM,OAAO,2BAA2B;IAkEtC;;;OAGG;IACH,YACE,QAA2B,EAC3B,QAAgB,EAChB,+BAAuC,EACvC,8BAAsC,EACtC,oBAA6E,EAC7E,OAA4C;QAE5C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,IAAI,YAAY,GAAuB,+BAA+B,CAAC;QAEvE,IAAI,OAAO,oBAAoB,KAAK,QAAQ,EAAE,CAAC;YAC7C,wCAAwC;YACxC,IAAI,CAAC,iBAAiB,GAAG,8BAA8B,CAAC;YACxD,IAAI,CAAC,WAAW,GAAG,oBAAoB,CAAC;YACxC,8CAA8C;QAChD,CAAC;aAAM,CAAC;YACN,gBAAgB;YAChB,IAAI,CAAC,iBAAiB,GAAG,+BAA+B,CAAC;YACzD,IAAI,CAAC,WAAW,GAAG,8BAAwC,CAAC;YAC5D,YAAY,GAAG,SAAS,CAAC;YACzB,OAAO,GAAG,oBAA0D,CAAC;QACvE,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,IAAI,qBAAqB,iCACpC,OAAO,KACV,YAAY;YACZ,QAAQ;YACR,QAAQ,EACR,sBAAsB,EAAE,OAAO,IAAI,EAAE,EACrC,MAAM,EACN,WAAW,EAAE,IAAI,CAAC,WAAW,EAC7B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,IACzC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,MAAM,QAAQ,GAAG,yBAAyB,CACxC,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,CAClC,CAAC;YACF,UAAU,CAAC,QAAQ,GAAG,QAAQ,CAAC;YAE/B,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,kCACpC,UAAU,KACb,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,IACnE,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { AuthorizationCodeCredentialOptions } from \"./authorizationCodeCredentialOptions\";\nimport { MsalAuthorizationCode } from \"../msal/nodeFlows/msalAuthorizationCode\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { checkTenantId } from \"../util/tenantIdUtils\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"AuthorizationCodeCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID using an authorization code\n * that was obtained through the authorization code flow, described in more detail\n * in the Microsoft Entra ID documentation:\n *\n * https://learn.microsoft.com/
|
|
1
|
+
{"version":3,"file":"authorizationCodeCredential.js","sourceRoot":"","sources":["../../../src/credentials/authorizationCodeCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,qBAAqB,EAAE,MAAM,yCAAyC,CAAC;AAEhF,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,6BAA6B,CAAC,CAAC;AAE/D;;;;;;GAMG;AACH,MAAM,OAAO,2BAA2B;IAkEtC;;;OAGG;IACH,YACE,QAA2B,EAC3B,QAAgB,EAChB,+BAAuC,EACvC,8BAAsC,EACtC,oBAA6E,EAC7E,OAA4C;QAE5C,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,IAAI,YAAY,GAAuB,+BAA+B,CAAC;QAEvE,IAAI,OAAO,oBAAoB,KAAK,QAAQ,EAAE,CAAC;YAC7C,wCAAwC;YACxC,IAAI,CAAC,iBAAiB,GAAG,8BAA8B,CAAC;YACxD,IAAI,CAAC,WAAW,GAAG,oBAAoB,CAAC;YACxC,8CAA8C;QAChD,CAAC;aAAM,CAAC;YACN,gBAAgB;YAChB,IAAI,CAAC,iBAAiB,GAAG,+BAA+B,CAAC;YACzD,IAAI,CAAC,WAAW,GAAG,8BAAwC,CAAC;YAC5D,YAAY,GAAG,SAAS,CAAC;YACzB,OAAO,GAAG,oBAA0D,CAAC;QACvE,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,IAAI,qBAAqB,iCACpC,OAAO,KACV,YAAY;YACZ,QAAQ;YACR,QAAQ,EACR,sBAAsB,EAAE,OAAO,IAAI,EAAE,EACrC,MAAM,EACN,WAAW,EAAE,IAAI,CAAC,WAAW,EAC7B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,IACzC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,MAAM,QAAQ,GAAG,yBAAyB,CACxC,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,CAClC,CAAC;YACF,UAAU,CAAC,QAAQ,GAAG,QAAQ,CAAC;YAE/B,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,kCACpC,UAAU,KACb,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,IACnE,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { AuthorizationCodeCredentialOptions } from \"./authorizationCodeCredentialOptions\";\nimport { MsalAuthorizationCode } from \"../msal/nodeFlows/msalAuthorizationCode\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { checkTenantId } from \"../util/tenantIdUtils\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"AuthorizationCodeCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID using an authorization code\n * that was obtained through the authorization code flow, described in more detail\n * in the Microsoft Entra ID documentation:\n *\n * https://learn.microsoft.com/entra/identity-platform/v2-oauth2-auth-code-flow\n */\nexport class AuthorizationCodeCredential implements TokenCredential {\n private msalFlow: MsalFlow;\n private disableAutomaticAuthentication?: boolean;\n private authorizationCode: string;\n private redirectUri: string;\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n\n /**\n * Creates an instance of AuthorizationCodeCredential with the details needed\n * to request an access token using an authentication that was obtained\n * from Microsoft Entra ID.\n *\n * It is currently necessary for the user of this credential to initiate\n * the authorization code flow to obtain an authorization code to be used\n * with this credential. A full example of this flow is provided here:\n *\n * https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/v2/manual/authorizationCodeSample.ts\n *\n * @param tenantId - The Microsoft Entra tenant (directory) ID or name.\n * 'common' may be used when dealing with multi-tenant scenarios.\n * @param clientId - The client (application) ID of an App Registration in the tenant.\n * @param clientSecret - A client secret that was generated for the App Registration\n * @param authorizationCode - An authorization code that was received from following the\n authorization code flow. This authorization code must not\n have already been used to obtain an access token.\n * @param redirectUri - The redirect URI that was used to request the authorization code.\n Must be the same URI that is configured for the App Registration.\n * @param options - Options for configuring the client which makes the access token request.\n */\n constructor(\n tenantId: string | \"common\",\n clientId: string,\n clientSecret: string,\n authorizationCode: string,\n redirectUri: string,\n options?: AuthorizationCodeCredentialOptions,\n );\n /**\n * Creates an instance of AuthorizationCodeCredential with the details needed\n * to request an access token using an authentication that was obtained\n * from Microsoft Entra ID.\n *\n * It is currently necessary for the user of this credential to initiate\n * the authorization code flow to obtain an authorization code to be used\n * with this credential. A full example of this flow is provided here:\n *\n * https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/v2/manual/authorizationCodeSample.ts\n *\n * @param tenantId - The Microsoft Entra tenant (directory) ID or name.\n * 'common' may be used when dealing with multi-tenant scenarios.\n * @param clientId - The client (application) ID of an App Registration in the tenant.\n * @param authorizationCode - An authorization code that was received from following the\n authorization code flow. This authorization code must not\n have already been used to obtain an access token.\n * @param redirectUri - The redirect URI that was used to request the authorization code.\n Must be the same URI that is configured for the App Registration.\n * @param options - Options for configuring the client which makes the access token request.\n */\n constructor(\n tenantId: string | \"common\",\n clientId: string,\n authorizationCode: string,\n redirectUri: string,\n options?: AuthorizationCodeCredentialOptions,\n );\n /**\n * @hidden\n * @internal\n */\n constructor(\n tenantId: string | \"common\",\n clientId: string,\n clientSecretOrAuthorizationCode: string,\n authorizationCodeOrRedirectUri: string,\n redirectUriOrOptions: string | AuthorizationCodeCredentialOptions | undefined,\n options?: AuthorizationCodeCredentialOptions,\n ) {\n checkTenantId(logger, tenantId);\n let clientSecret: string | undefined = clientSecretOrAuthorizationCode;\n\n if (typeof redirectUriOrOptions === \"string\") {\n // the clientId+clientSecret constructor\n this.authorizationCode = authorizationCodeOrRedirectUri;\n this.redirectUri = redirectUriOrOptions;\n // in this case, options are good as they come\n } else {\n // clientId only\n this.authorizationCode = clientSecretOrAuthorizationCode;\n this.redirectUri = authorizationCodeOrRedirectUri as string;\n clientSecret = undefined;\n options = redirectUriOrOptions as AuthorizationCodeCredentialOptions;\n }\n\n // TODO: Validate tenant if provided\n this.tenantId = tenantId;\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n this.msalFlow = new MsalAuthorizationCode({\n ...options,\n clientSecret,\n clientId,\n tenantId,\n tokenCredentialOptions: options || {},\n logger,\n redirectUri: this.redirectUri,\n authorizationCode: this.authorizationCode,\n });\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n return tracingClient.withSpan(\n `${this.constructor.name}.getToken`,\n options,\n async (newOptions) => {\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n newOptions,\n this.additionallyAllowedTenantIds,\n );\n newOptions.tenantId = tenantId;\n\n const arrayScopes = ensureScopes(scopes);\n return this.msalFlow.getToken(arrayScopes, {\n ...newOptions,\n disableAutomaticAuthentication: this.disableAutomaticAuthentication,\n });\n },\n );\n }\n}\n"]}
|
|
@@ -62,7 +62,7 @@ const logger = credentialLogger("AzureDeveloperCliCredential");
|
|
|
62
62
|
* Azure Developer CLI is a command-line interface tool that allows developers to create, manage, and deploy
|
|
63
63
|
* resources in Azure. It's built on top of the Azure CLI and provides additional functionality specific
|
|
64
64
|
* to Azure developers. It allows users to authenticate as a user and/or a service principal against
|
|
65
|
-
* <a href="https://learn.microsoft.com/
|
|
65
|
+
* <a href="https://learn.microsoft.com/entra/fundamentals/">Microsoft Entra ID</a>. The
|
|
66
66
|
* AzureDeveloperCliCredential authenticates in a development environment and acquires a token on behalf of
|
|
67
67
|
* the logged-in user or service principal in the Azure Developer CLI. It acts as the Azure Developer CLI logged in user or
|
|
68
68
|
* service principal and executes an Azure CLI command underneath to authenticate the application against
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"azureDeveloperCliCredential.js","sourceRoot":"","sources":["../../../src/credentials/azureDeveloperCliCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAE/E,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AACvD,OAAO,aAAa,MAAM,eAAe,CAAC;AAC1C,OAAO,EACL,aAAa,EACb,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AAErE;;;GAGG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAG;IAC7C;;OAEG;IACH,iBAAiB;QACf,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CACb,4EAA4E,CAC7E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,OAAO,MAAM,CAAC;QAChB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CACrB,MAAgB,EAChB,QAAiB,EACjB,OAAgB;QAEhB,IAAI,aAAa,GAAa,EAAE,CAAC;QACjC,IAAI,QAAQ,EAAE,CAAC;YACb,aAAa,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC5C,CAAC;QACD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC;gBACH,aAAa,CAAC,QAAQ,CACpB,KAAK,EACL;oBACE,MAAM;oBACN,OAAO;oBACP,UAAU;oBACV,MAAM;oBACN,GAAG,MAAM,CAAC,MAAM,CACd,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,EAC1D,EAAE,CACH;oBACD,GAAG,aAAa;iBACjB,EACD;oBACE,GAAG,EAAE,+BAA+B,CAAC,iBAAiB,EAAE;oBACxD,OAAO;iBACR,EACD,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;oBACxB,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;gBACrC,CAAC,CACF,CAAC;YACJ,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC;AAEF,MAAM,MAAM,GAAG,gBAAgB,CAAC,6BAA6B,CAAC,CAAC;AAE/D;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,OAAO,2BAA2B;IAKtC;;;;;;;OAOG;IACH,YAAY,OAA4C;QACtD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,EAAE,CAAC;YACtB,aAAa,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,QAAQ,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,kBAAkB,CAAC;IAC7C,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,MAAM,QAAQ,GAAG,yBAAyB,CACxC,IAAI,CAAC,QAAQ,EACb,OAAO,EACP,IAAI,CAAC,4BAA4B,CAClC,CAAC;QACF,IAAI,QAAQ,EAAE,CAAC;YACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,SAAmB,CAAC;QACxB,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,SAAS,GAAG,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QACD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,oBAAoB,MAAM,EAAE,CAAC,CAAC;QAEnD,OAAO,aAAa,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE;;YACrF,IAAI,CAAC;gBACH,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;oBAC1B,+BAA+B,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBACjD,CAAC,CAAC,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,+BAA+B,CAAC,iBAAiB,CACjE,SAAS,EACT,QAAQ,EACR,IAAI,CAAC,OAAO,CACb,CAAC;gBACF,MAAM,kBAAkB,GACtB,CAAA,MAAA,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAC,yCAAyC,CAAC;qBAC5D,MAAA,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAC,8CAA8C,CAAC,CAAA,CAAC;gBACpE,MAAM,iBAAiB,GACrB,CAAA,MAAA,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAC,mBAAmB,CAAC;qBACtC,MAAA,GAAG,CAAC,MAAM,0CAAE,UAAU,CAAC,yBAAyB,CAAC,CAAA,CAAC;gBAEpD,IAAI,iBAAiB,IAAI,CAAC,GAAG,CAAC,KAAK,IAAK,GAAG,CAAC,KAAa,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;oBAC7E,MAAM,KAAK,GAAG,IAAI,0BAA0B,CAC1C,wKAAwK,CACzK,CAAC;oBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;oBACjD,MAAM,KAAK,CAAC;gBACd,CAAC;gBAED,IAAI,kBAAkB,EAAE,CAAC;oBACvB,MAAM,KAAK,GAAG,IAAI,0BAA0B,CAC1C,+NAA+N,CAChO,CAAC;oBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;oBACjD,MAAM,KAAK,CAAC;gBACd,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,IAAI,GAAyC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBAC1E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC5C,OAAO;wBACL,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,kBAAkB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;qBACvD,CAAC;gBACJ,CAAC;gBAAC,OAAO,CAAM,EAAE,CAAC;oBAChB,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;wBACf,MAAM,IAAI,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBACnD,CAAC;oBACD,MAAM,CAAC,CAAC;gBACV,CAAC;YACH,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,KAAK,GACT,GAAG,CAAC,IAAI,KAAK,4BAA4B;oBACvC,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,IAAI,0BAA0B,CAC3B,GAAa,CAAC,OAAO,IAAI,yDAAyD,CACpF,CAAC;gBACR,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;gBACjD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging\";\nimport { AzureDeveloperCliCredentialOptions } from \"./azureDeveloperCliCredentialOptions\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport child_process from \"child_process\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { tracingClient } from \"../util/tracing\";\nimport { ensureValidScopeForDevTimeCreds } from \"../util/scopeUtils\";\n\n/**\n * Mockable reference to the Developer CLI credential cliCredentialFunctions\n * @internal\n */\nexport const developerCliCredentialInternals = {\n /**\n * @internal\n */\n getSafeWorkingDir(): string {\n if (process.platform === \"win32\") {\n if (!process.env.SystemRoot) {\n throw new Error(\n \"Azure Developer CLI credential expects a 'SystemRoot' environment variable\",\n );\n }\n return process.env.SystemRoot;\n } else {\n return \"/bin\";\n }\n },\n\n /**\n * Gets the access token from Azure Developer CLI\n * @param scopes - The scopes to use when getting the token\n * @internal\n */\n async getAzdAccessToken(\n scopes: string[],\n tenantId?: string,\n timeout?: number,\n ): Promise<{ stdout: string; stderr: string; error: Error | null }> {\n let tenantSection: string[] = [];\n if (tenantId) {\n tenantSection = [\"--tenant-id\", tenantId];\n }\n return new Promise((resolve, reject) => {\n try {\n child_process.execFile(\n \"azd\",\n [\n \"auth\",\n \"token\",\n \"--output\",\n \"json\",\n ...scopes.reduce<string[]>(\n (previous, current) => previous.concat(\"--scope\", current),\n [],\n ),\n ...tenantSection,\n ],\n {\n cwd: developerCliCredentialInternals.getSafeWorkingDir(),\n timeout,\n },\n (error, stdout, stderr) => {\n resolve({ stdout, stderr, error });\n },\n );\n } catch (err: any) {\n reject(err);\n }\n });\n },\n};\n\nconst logger = credentialLogger(\"AzureDeveloperCliCredential\");\n\n/**\n * Azure Developer CLI is a command-line interface tool that allows developers to create, manage, and deploy\n * resources in Azure. It's built on top of the Azure CLI and provides additional functionality specific\n * to Azure developers. It allows users to authenticate as a user and/or a service principal against\n * <a href=\"https://learn.microsoft.com/azure/active-directory/fundamentals/\">Microsoft Entra ID</a>. The\n * AzureDeveloperCliCredential authenticates in a development environment and acquires a token on behalf of\n * the logged-in user or service principal in the Azure Developer CLI. It acts as the Azure Developer CLI logged in user or\n * service principal and executes an Azure CLI command underneath to authenticate the application against\n * Microsoft Entra ID.\n *\n * <h2> Configure AzureDeveloperCliCredential </h2>\n *\n * To use this credential, the developer needs to authenticate locally in Azure Developer CLI using one of the\n * commands below:\n *\n * <ol>\n * <li>Run \"azd auth login\" in Azure Developer CLI to authenticate interactively as a user.</li>\n * <li>Run \"azd auth login --client-id clientID --client-secret clientSecret\n * --tenant-id tenantID\" to authenticate as a service principal.</li>\n * </ol>\n *\n * You may need to repeat this process after a certain time period, depending on the refresh token validity in your\n * organization. Generally, the refresh token validity period is a few weeks to a few months.\n * AzureDeveloperCliCredential will prompt you to sign in again.\n */\nexport class AzureDeveloperCliCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private timeout?: number;\n\n /**\n * Creates an instance of the {@link AzureDeveloperCliCredential}.\n *\n * To use this credential, ensure that you have already logged\n * in via the 'azd' tool using the command \"azd auth login\" from the commandline.\n *\n * @param options - Options, to optionally allow multi-tenant requests.\n */\n constructor(options?: AzureDeveloperCliCredentialOptions) {\n if (options?.tenantId) {\n checkTenantId(logger, options?.tenantId);\n this.tenantId = options?.tenantId;\n }\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.timeout = options?.processTimeoutInMs;\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n );\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n let scopeList: string[];\n if (typeof scopes === \"string\") {\n scopeList = [scopes];\n } else {\n scopeList = scopes;\n }\n logger.getToken.info(`Using the scopes ${scopes}`);\n\n return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {\n try {\n scopeList.forEach((scope) => {\n ensureValidScopeForDevTimeCreds(scope, logger);\n });\n const obj = await developerCliCredentialInternals.getAzdAccessToken(\n scopeList,\n tenantId,\n this.timeout,\n );\n const isNotLoggedInError =\n obj.stderr?.match(\"not logged in, run `azd login` to login\") ||\n obj.stderr?.match(\"not logged in, run `azd auth login` to login\");\n const isNotInstallError =\n obj.stderr?.match(\"azd:(.*)not found\") ||\n obj.stderr?.startsWith(\"'azd' is not recognized\");\n\n if (isNotInstallError || (obj.error && (obj.error as any).code === \"ENOENT\")) {\n const error = new CredentialUnavailableError(\n \"Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n\n if (isNotLoggedInError) {\n const error = new CredentialUnavailableError(\n \"Please run 'azd auth login' from a command prompt to authenticate before using this credential. For more information, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n\n try {\n const resp: { token: string; expiresOn: string } = JSON.parse(obj.stdout);\n logger.getToken.info(formatSuccess(scopes));\n return {\n token: resp.token,\n expiresOnTimestamp: new Date(resp.expiresOn).getTime(),\n };\n } catch (e: any) {\n if (obj.stderr) {\n throw new CredentialUnavailableError(obj.stderr);\n }\n throw e;\n }\n } catch (err: any) {\n const error =\n err.name === \"CredentialUnavailableError\"\n ? err\n : new CredentialUnavailableError(\n (err as Error).message || \"Unknown error while trying to retrieve the access token\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n });\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"azureDeveloperCliCredential.js","sourceRoot":"","sources":["../../../src/credentials/azureDeveloperCliCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAE/E,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AACvD,OAAO,aAAa,MAAM,eAAe,CAAC;AAC1C,OAAO,EACL,aAAa,EACb,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,+BAA+B,EAAE,MAAM,oBAAoB,CAAC;AAErE;;;GAGG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAG;IAC7C;;OAEG;IACH,iBAAiB;QACf,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACjC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CACb,4EAA4E,CAC7E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,OAAO,MAAM,CAAC;QAChB,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CACrB,MAAgB,EAChB,QAAiB,EACjB,OAAgB;QAEhB,IAAI,aAAa,GAAa,EAAE,CAAC;QACjC,IAAI,QAAQ,EAAE,CAAC;YACb,aAAa,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;QAC5C,CAAC;QACD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,IAAI,CAAC;gBACH,aAAa,CAAC,QAAQ,CACpB,KAAK,EACL;oBACE,MAAM;oBACN,OAAO;oBACP,UAAU;oBACV,MAAM;oBACN,GAAG,MAAM,CAAC,MAAM,CACd,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,EAC1D,EAAE,CACH;oBACD,GAAG,aAAa;iBACjB,EACD;oBACE,GAAG,EAAE,+BAA+B,CAAC,iBAAiB,EAAE;oBACxD,OAAO;iBACR,EACD,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;oBACxB,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;gBACrC,CAAC,CACF,CAAC;YACJ,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF,CAAC;AAEF,MAAM,MAAM,GAAG,gBAAgB,CAAC,6BAA6B,CAAC,CAAC;AAE/D;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,OAAO,2BAA2B;IAKtC;;;;;;;OAOG;IACH,YAAY,OAA4C;QACtD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,EAAE,CAAC;YACtB,aAAa,CAAC,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,QAAQ,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,kBAAkB,CAAC;IAC7C,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,MAAM,QAAQ,GAAG,yBAAyB,CACxC,IAAI,CAAC,QAAQ,EACb,OAAO,EACP,IAAI,CAAC,4BAA4B,CAClC,CAAC;QACF,IAAI,QAAQ,EAAE,CAAC;YACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,SAAmB,CAAC;QACxB,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,SAAS,GAAG,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,CAAC;QACrB,CAAC;QACD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,oBAAoB,MAAM,EAAE,CAAC,CAAC;QAEnD,OAAO,aAAa,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE;;YACrF,IAAI,CAAC;gBACH,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;oBAC1B,+BAA+B,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBACjD,CAAC,CAAC,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,+BAA+B,CAAC,iBAAiB,CACjE,SAAS,EACT,QAAQ,EACR,IAAI,CAAC,OAAO,CACb,CAAC;gBACF,MAAM,kBAAkB,GACtB,CAAA,MAAA,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAC,yCAAyC,CAAC;qBAC5D,MAAA,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAC,8CAA8C,CAAC,CAAA,CAAC;gBACpE,MAAM,iBAAiB,GACrB,CAAA,MAAA,GAAG,CAAC,MAAM,0CAAE,KAAK,CAAC,mBAAmB,CAAC;qBACtC,MAAA,GAAG,CAAC,MAAM,0CAAE,UAAU,CAAC,yBAAyB,CAAC,CAAA,CAAC;gBAEpD,IAAI,iBAAiB,IAAI,CAAC,GAAG,CAAC,KAAK,IAAK,GAAG,CAAC,KAAa,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;oBAC7E,MAAM,KAAK,GAAG,IAAI,0BAA0B,CAC1C,wKAAwK,CACzK,CAAC;oBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;oBACjD,MAAM,KAAK,CAAC;gBACd,CAAC;gBAED,IAAI,kBAAkB,EAAE,CAAC;oBACvB,MAAM,KAAK,GAAG,IAAI,0BAA0B,CAC1C,+NAA+N,CAChO,CAAC;oBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;oBACjD,MAAM,KAAK,CAAC;gBACd,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,IAAI,GAAyC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBAC1E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;oBAC5C,OAAO;wBACL,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,kBAAkB,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;qBACvD,CAAC;gBACJ,CAAC;gBAAC,OAAO,CAAM,EAAE,CAAC;oBAChB,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;wBACf,MAAM,IAAI,0BAA0B,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;oBACnD,CAAC;oBACD,MAAM,CAAC,CAAC;gBACV,CAAC;YACH,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,KAAK,GACT,GAAG,CAAC,IAAI,KAAK,4BAA4B;oBACvC,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,IAAI,0BAA0B,CAC3B,GAAa,CAAC,OAAO,IAAI,yDAAyD,CACpF,CAAC;gBACR,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;gBACjD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging\";\nimport { AzureDeveloperCliCredentialOptions } from \"./azureDeveloperCliCredentialOptions\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport child_process from \"child_process\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { tracingClient } from \"../util/tracing\";\nimport { ensureValidScopeForDevTimeCreds } from \"../util/scopeUtils\";\n\n/**\n * Mockable reference to the Developer CLI credential cliCredentialFunctions\n * @internal\n */\nexport const developerCliCredentialInternals = {\n /**\n * @internal\n */\n getSafeWorkingDir(): string {\n if (process.platform === \"win32\") {\n if (!process.env.SystemRoot) {\n throw new Error(\n \"Azure Developer CLI credential expects a 'SystemRoot' environment variable\",\n );\n }\n return process.env.SystemRoot;\n } else {\n return \"/bin\";\n }\n },\n\n /**\n * Gets the access token from Azure Developer CLI\n * @param scopes - The scopes to use when getting the token\n * @internal\n */\n async getAzdAccessToken(\n scopes: string[],\n tenantId?: string,\n timeout?: number,\n ): Promise<{ stdout: string; stderr: string; error: Error | null }> {\n let tenantSection: string[] = [];\n if (tenantId) {\n tenantSection = [\"--tenant-id\", tenantId];\n }\n return new Promise((resolve, reject) => {\n try {\n child_process.execFile(\n \"azd\",\n [\n \"auth\",\n \"token\",\n \"--output\",\n \"json\",\n ...scopes.reduce<string[]>(\n (previous, current) => previous.concat(\"--scope\", current),\n [],\n ),\n ...tenantSection,\n ],\n {\n cwd: developerCliCredentialInternals.getSafeWorkingDir(),\n timeout,\n },\n (error, stdout, stderr) => {\n resolve({ stdout, stderr, error });\n },\n );\n } catch (err: any) {\n reject(err);\n }\n });\n },\n};\n\nconst logger = credentialLogger(\"AzureDeveloperCliCredential\");\n\n/**\n * Azure Developer CLI is a command-line interface tool that allows developers to create, manage, and deploy\n * resources in Azure. It's built on top of the Azure CLI and provides additional functionality specific\n * to Azure developers. It allows users to authenticate as a user and/or a service principal against\n * <a href=\"https://learn.microsoft.com/entra/fundamentals/\">Microsoft Entra ID</a>. The\n * AzureDeveloperCliCredential authenticates in a development environment and acquires a token on behalf of\n * the logged-in user or service principal in the Azure Developer CLI. It acts as the Azure Developer CLI logged in user or\n * service principal and executes an Azure CLI command underneath to authenticate the application against\n * Microsoft Entra ID.\n *\n * <h2> Configure AzureDeveloperCliCredential </h2>\n *\n * To use this credential, the developer needs to authenticate locally in Azure Developer CLI using one of the\n * commands below:\n *\n * <ol>\n * <li>Run \"azd auth login\" in Azure Developer CLI to authenticate interactively as a user.</li>\n * <li>Run \"azd auth login --client-id clientID --client-secret clientSecret\n * --tenant-id tenantID\" to authenticate as a service principal.</li>\n * </ol>\n *\n * You may need to repeat this process after a certain time period, depending on the refresh token validity in your\n * organization. Generally, the refresh token validity period is a few weeks to a few months.\n * AzureDeveloperCliCredential will prompt you to sign in again.\n */\nexport class AzureDeveloperCliCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private timeout?: number;\n\n /**\n * Creates an instance of the {@link AzureDeveloperCliCredential}.\n *\n * To use this credential, ensure that you have already logged\n * in via the 'azd' tool using the command \"azd auth login\" from the commandline.\n *\n * @param options - Options, to optionally allow multi-tenant requests.\n */\n constructor(options?: AzureDeveloperCliCredentialOptions) {\n if (options?.tenantId) {\n checkTenantId(logger, options?.tenantId);\n this.tenantId = options?.tenantId;\n }\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.timeout = options?.processTimeoutInMs;\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n );\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n let scopeList: string[];\n if (typeof scopes === \"string\") {\n scopeList = [scopes];\n } else {\n scopeList = scopes;\n }\n logger.getToken.info(`Using the scopes ${scopes}`);\n\n return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {\n try {\n scopeList.forEach((scope) => {\n ensureValidScopeForDevTimeCreds(scope, logger);\n });\n const obj = await developerCliCredentialInternals.getAzdAccessToken(\n scopeList,\n tenantId,\n this.timeout,\n );\n const isNotLoggedInError =\n obj.stderr?.match(\"not logged in, run `azd login` to login\") ||\n obj.stderr?.match(\"not logged in, run `azd auth login` to login\");\n const isNotInstallError =\n obj.stderr?.match(\"azd:(.*)not found\") ||\n obj.stderr?.startsWith(\"'azd' is not recognized\");\n\n if (isNotInstallError || (obj.error && (obj.error as any).code === \"ENOENT\")) {\n const error = new CredentialUnavailableError(\n \"Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n\n if (isNotLoggedInError) {\n const error = new CredentialUnavailableError(\n \"Please run 'azd auth login' from a command prompt to authenticate before using this credential. For more information, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n\n try {\n const resp: { token: string; expiresOn: string } = JSON.parse(obj.stdout);\n logger.getToken.info(formatSuccess(scopes));\n return {\n token: resp.token,\n expiresOnTimestamp: new Date(resp.expiresOn).getTime(),\n };\n } catch (e: any) {\n if (obj.stderr) {\n throw new CredentialUnavailableError(obj.stderr);\n }\n throw e;\n }\n } catch (err: any) {\n const error =\n err.name === \"CredentialUnavailableError\"\n ? err\n : new CredentialUnavailableError(\n (err as Error).message || \"Unknown error while trying to retrieve the access token\",\n );\n logger.getToken.info(formatError(scopes, error));\n throw error;\n }\n });\n }\n}\n"]}
|
|
@@ -11,7 +11,7 @@ const logger = credentialLogger("ClientSecretCredential");
|
|
|
11
11
|
* that was generated for an App Registration. More information on how
|
|
12
12
|
* to configure a client secret can be found here:
|
|
13
13
|
*
|
|
14
|
-
* https://learn.microsoft.com/
|
|
14
|
+
* https://learn.microsoft.com/entra/identity-platform/quickstart-configure-app-access-web-apis#add-credentials-to-your-web-application
|
|
15
15
|
*
|
|
16
16
|
*/
|
|
17
17
|
export class ClientSecretCredential {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"clientSecretCredential.js","sourceRoot":"","sources":["../../../src/credentials/clientSecretCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AAEtE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,wBAAwB,CAAC,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,OAAO,sBAAsB;IAKjC;;;;;;;;;OASG;IACH,YACE,QAAgB,EAChB,QAAgB,EAChB,YAAoB,EACpB,UAAyC,EAAE;QAE3C,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CACb,4LAA4L,CAC7L,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAgB,iCAC/B,OAAO,KACV,MAAM;YACN,QAAQ;YACR,QAAQ;YACR,YAAY,EACZ,sBAAsB,EAAE,OAAO,IAC/B,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QACzD,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\n\nimport { ClientSecretCredentialOptions } from \"./clientSecretCredentialOptions\";\nimport { MsalClientSecret } from \"../msal/nodeFlows/msalClientSecret\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"ClientSecretCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID using a client secret\n * that was generated for an App Registration. More information on how\n * to configure a client secret can be found here:\n *\n * https://learn.microsoft.com/
|
|
1
|
+
{"version":3,"file":"clientSecretCredential.js","sourceRoot":"","sources":["../../../src/credentials/clientSecretCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AAEtE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,wBAAwB,CAAC,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,OAAO,sBAAsB;IAKjC;;;;;;;;;OASG;IACH,YACE,QAAgB,EAChB,QAAgB,EAChB,YAAoB,EACpB,UAAyC,EAAE;QAE3C,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CACb,4LAA4L,CAC7L,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAgB,iCAC/B,OAAO,KACV,MAAM;YACN,QAAQ;YACR,QAAQ;YACR,YAAY,EACZ,sBAAsB,EAAE,OAAO,IAC/B,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QACzD,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\n\nimport { ClientSecretCredentialOptions } from \"./clientSecretCredentialOptions\";\nimport { MsalClientSecret } from \"../msal/nodeFlows/msalClientSecret\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"ClientSecretCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID using a client secret\n * that was generated for an App Registration. More information on how\n * to configure a client secret can be found here:\n *\n * https://learn.microsoft.com/entra/identity-platform/quickstart-configure-app-access-web-apis#add-credentials-to-your-web-application\n *\n */\nexport class ClientSecretCredential implements TokenCredential {\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private msalFlow: MsalFlow;\n\n /**\n * Creates an instance of the ClientSecretCredential with the details\n * needed to authenticate against Microsoft Entra ID with a client\n * secret.\n *\n * @param tenantId - The Microsoft Entra tenant (directory) ID.\n * @param clientId - The client (application) ID of an App Registration in the tenant.\n * @param clientSecret - A client secret that was generated for the App Registration.\n * @param options - Options for configuring the client which makes the authentication request.\n */\n constructor(\n tenantId: string,\n clientId: string,\n clientSecret: string,\n options: ClientSecretCredentialOptions = {},\n ) {\n if (!tenantId || !clientId || !clientSecret) {\n throw new Error(\n \"ClientSecretCredential: tenantId, clientId, and clientSecret are required parameters. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n );\n }\n\n this.tenantId = tenantId;\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n this.msalFlow = new MsalClientSecret({\n ...options,\n logger,\n clientId,\n tenantId,\n clientSecret,\n tokenCredentialOptions: options,\n });\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n return tracingClient.withSpan(\n `${this.constructor.name}.getToken`,\n options,\n async (newOptions) => {\n newOptions.tenantId = processMultiTenantRequest(\n this.tenantId,\n newOptions,\n this.additionallyAllowedTenantIds,\n logger,\n );\n\n const arrayScopes = ensureScopes(scopes);\n return this.msalFlow.getToken(arrayScopes, newOptions);\n },\n );\n }\n}\n"]}
|
|
@@ -14,12 +14,12 @@ export class InteractiveBrowserCredential {
|
|
|
14
14
|
/**
|
|
15
15
|
* Creates an instance of InteractiveBrowserCredential with the details needed.
|
|
16
16
|
*
|
|
17
|
-
* This credential uses the [Authorization Code Flow](https://learn.microsoft.com/
|
|
17
|
+
* This credential uses the [Authorization Code Flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-auth-code-flow).
|
|
18
18
|
* On Node.js, it will open a browser window while it listens for a redirect response from the authentication service.
|
|
19
19
|
* On browsers, it authenticates via popups. The `loginStyle` optional parameter can be set to `redirect` to authenticate by redirecting the user to an Azure secure login page, which then will redirect the user back to the web application where the authentication started.
|
|
20
20
|
*
|
|
21
21
|
* For Node.js, if a `clientId` is provided, the Microsoft Entra application will need to be configured to have a "Mobile and desktop applications" redirect endpoint.
|
|
22
|
-
* Follow our guide on [setting up Redirect URIs for Desktop apps that calls to web APIs](https://learn.microsoft.com/
|
|
22
|
+
* Follow our guide on [setting up Redirect URIs for Desktop apps that calls to web APIs](https://learn.microsoft.com/entra/identity-platform/scenario-desktop-app-registration#redirect-uris).
|
|
23
23
|
*
|
|
24
24
|
* @param options - Options for configuring the client which makes the authentication requests.
|
|
25
25
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"interactiveBrowserCredential.js","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AASlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAI/B,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,8BAA8B,CAAC,CAAC;AAEhE;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IAMvC;;;;;;;;;;;OAWG;IACH,YACE,OAA+F;;QAE/F,MAAM,WAAW,GACf,OAAO,OAAO,CAAC,WAAW,KAAK,UAAU;YACvC,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE;YACvB,CAAC,CAAC,OAAO,CAAC,WAAW,IAAI,kBAAkB,CAAC;QAEhD,IAAI,CAAC,QAAQ,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,CAAC;QAClC,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,MAAM,cAAc,GAAG,OAAkD,CAAC;QAC1E,IAAI,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,aAAa,0CAAE,OAAO,EAAE,CAAC;YAC3C,IAAI,CAAC,CAAA,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,aAAa,0CAAE,kBAAkB,CAAA,EAAE,CAAC;gBACvD,MAAM,IAAI,KAAK,CACb,uGAAuG,CACxG,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,iCAC9B,OAAO,KACV,sBAAsB,EAAE,OAAO,EAC/B,MAAM;oBACN,WAAW,EACX,2BAA2B,EAAE,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,2BAA2B,EACxE,aAAa,EAAE;wBACb,OAAO,EAAE,IAAI;wBACb,kBAAkB,EAAE,cAAc,CAAC,aAAa,CAAC,kBAAkB;wBACnE,0BAA0B,EAAE,MAAA,cAAc,CAAC,aAAa,0CAAE,0BAA0B;wBACpF,uBAAuB,EAAE,MAAA,cAAc,CAAC,aAAa,0CAAE,uBAAuB;qBAC/E,IACD,CAAC;YACL,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,iCAC9B,OAAO,KACV,sBAAsB,EAAE,OAAO,EAC/B,MAAM;gBACN,WAAW,EACX,2BAA2B,EAAE,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,2BAA2B,IACxE,CAAC;QACL,CAAC;QACD,IAAI,CAAC,8BAA8B,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,CAAC;IAChF,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,kCACpC,UAAU,KACb,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,IACnE,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,YAAY,CAChB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,eAAe,EACvC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;YACtD,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;QAC1C,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/* eslint-disable @typescript-eslint/no-unused-vars */\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n InteractiveBrowserCredentialInBrowserOptions,\n InteractiveBrowserCredentialNodeOptions,\n} from \"./interactiveBrowserCredentialOptions\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\n\nimport { AuthenticationRecord } from \"../msal/types\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { MsalOpenBrowser } from \"../msal/nodeFlows/msalOpenBrowser\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"InteractiveBrowserCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID inside of the web browser\n * using the interactive login flow.\n */\nexport class InteractiveBrowserCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private msalFlow: MsalFlow;\n private disableAutomaticAuthentication?: boolean;\n\n /**\n * Creates an instance of InteractiveBrowserCredential with the details needed.\n *\n * This credential uses the [Authorization Code Flow](https://learn.microsoft.com/
|
|
1
|
+
{"version":3,"file":"interactiveBrowserCredential.js","sourceRoot":"","sources":["../../../src/credentials/interactiveBrowserCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AASlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAI/B,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,MAAM,GAAG,gBAAgB,CAAC,8BAA8B,CAAC,CAAC;AAEhE;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IAMvC;;;;;;;;;;;OAWG;IACH,YACE,OAA+F;;QAE/F,MAAM,WAAW,GACf,OAAO,OAAO,CAAC,WAAW,KAAK,UAAU;YACvC,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE;YACvB,CAAC,CAAC,OAAO,CAAC,WAAW,IAAI,kBAAkB,CAAC;QAEhD,IAAI,CAAC,QAAQ,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,QAAQ,CAAC;QAClC,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QAEF,MAAM,cAAc,GAAG,OAAkD,CAAC;QAC1E,IAAI,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,aAAa,0CAAE,OAAO,EAAE,CAAC;YAC3C,IAAI,CAAC,CAAA,MAAA,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,aAAa,0CAAE,kBAAkB,CAAA,EAAE,CAAC;gBACvD,MAAM,IAAI,KAAK,CACb,uGAAuG,CACxG,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,iCAC9B,OAAO,KACV,sBAAsB,EAAE,OAAO,EAC/B,MAAM;oBACN,WAAW,EACX,2BAA2B,EAAE,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,2BAA2B,EACxE,aAAa,EAAE;wBACb,OAAO,EAAE,IAAI;wBACb,kBAAkB,EAAE,cAAc,CAAC,aAAa,CAAC,kBAAkB;wBACnE,0BAA0B,EAAE,MAAA,cAAc,CAAC,aAAa,0CAAE,0BAA0B;wBACpF,uBAAuB,EAAE,MAAA,cAAc,CAAC,aAAa,0CAAE,uBAAuB;qBAC/E,IACD,CAAC;YACL,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,QAAQ,GAAG,IAAI,eAAe,iCAC9B,OAAO,KACV,sBAAsB,EAAE,OAAO,EAC/B,MAAM;gBACN,WAAW,EACX,2BAA2B,EAAE,cAAc,aAAd,cAAc,uBAAd,cAAc,CAAE,2BAA2B,IACxE,CAAC;QACL,CAAC;QACD,IAAI,CAAC,8BAA8B,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,CAAC;IAChF,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,kCACpC,UAAU,KACb,8BAA8B,EAAE,IAAI,CAAC,8BAA8B,IACnE,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,YAAY,CAChB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,OAAO,aAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,eAAe,EACvC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;YACtD,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;QAC1C,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/* eslint-disable @typescript-eslint/no-unused-vars */\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n InteractiveBrowserCredentialInBrowserOptions,\n InteractiveBrowserCredentialNodeOptions,\n} from \"./interactiveBrowserCredentialOptions\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\n\nimport { AuthenticationRecord } from \"../msal/types\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { MsalOpenBrowser } from \"../msal/nodeFlows/msalOpenBrowser\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst logger = credentialLogger(\"InteractiveBrowserCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID inside of the web browser\n * using the interactive login flow.\n */\nexport class InteractiveBrowserCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private msalFlow: MsalFlow;\n private disableAutomaticAuthentication?: boolean;\n\n /**\n * Creates an instance of InteractiveBrowserCredential with the details needed.\n *\n * This credential uses the [Authorization Code Flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-auth-code-flow).\n * On Node.js, it will open a browser window while it listens for a redirect response from the authentication service.\n * On browsers, it authenticates via popups. The `loginStyle` optional parameter can be set to `redirect` to authenticate by redirecting the user to an Azure secure login page, which then will redirect the user back to the web application where the authentication started.\n *\n * For Node.js, if a `clientId` is provided, the Microsoft Entra application will need to be configured to have a \"Mobile and desktop applications\" redirect endpoint.\n * Follow our guide on [setting up Redirect URIs for Desktop apps that calls to web APIs](https://learn.microsoft.com/entra/identity-platform/scenario-desktop-app-registration#redirect-uris).\n *\n * @param options - Options for configuring the client which makes the authentication requests.\n */\n constructor(\n options: InteractiveBrowserCredentialNodeOptions | InteractiveBrowserCredentialInBrowserOptions,\n ) {\n const redirectUri =\n typeof options.redirectUri === \"function\"\n ? options.redirectUri()\n : options.redirectUri || \"http://localhost\";\n\n this.tenantId = options?.tenantId;\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n const ibcNodeOptions = options as InteractiveBrowserCredentialNodeOptions;\n if (ibcNodeOptions?.brokerOptions?.enabled) {\n if (!ibcNodeOptions?.brokerOptions?.parentWindowHandle) {\n throw new Error(\n \"In order to do WAM authentication, `parentWindowHandle` under `brokerOptions` is a required parameter\",\n );\n } else {\n this.msalFlow = new MsalOpenBrowser({\n ...options,\n tokenCredentialOptions: options,\n logger,\n redirectUri,\n browserCustomizationOptions: ibcNodeOptions?.browserCustomizationOptions,\n brokerOptions: {\n enabled: true,\n parentWindowHandle: ibcNodeOptions.brokerOptions.parentWindowHandle,\n legacyEnableMsaPassthrough: ibcNodeOptions.brokerOptions?.legacyEnableMsaPassthrough,\n useDefaultBrokerAccount: ibcNodeOptions.brokerOptions?.useDefaultBrokerAccount,\n },\n });\n }\n } else {\n this.msalFlow = new MsalOpenBrowser({\n ...options,\n tokenCredentialOptions: options,\n logger,\n redirectUri,\n browserCustomizationOptions: ibcNodeOptions?.browserCustomizationOptions,\n });\n }\n this.disableAutomaticAuthentication = options?.disableAutomaticAuthentication;\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * If the user provided the option `disableAutomaticAuthentication`,\n * once the token can't be retrieved silently,\n * this method won't attempt to request user interaction to retrieve the token.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n return tracingClient.withSpan(\n `${this.constructor.name}.getToken`,\n options,\n async (newOptions) => {\n newOptions.tenantId = processMultiTenantRequest(\n this.tenantId,\n newOptions,\n this.additionallyAllowedTenantIds,\n logger,\n );\n\n const arrayScopes = ensureScopes(scopes);\n return this.msalFlow.getToken(arrayScopes, {\n ...newOptions,\n disableAutomaticAuthentication: this.disableAutomaticAuthentication,\n });\n },\n );\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * If the token can't be retrieved silently, this method will require user interaction to retrieve the token.\n *\n * On Node.js, this credential has [Proof Key for Code Exchange (PKCE)](https://datatracker.ietf.org/doc/html/rfc7636) enabled by default.\n * PKCE is a security feature that mitigates authentication code interception attacks.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n async authenticate(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AuthenticationRecord | undefined> {\n return tracingClient.withSpan(\n `${this.constructor.name}.authenticate`,\n options,\n async (newOptions) => {\n const arrayScopes = ensureScopes(scopes);\n await this.msalFlow.getToken(arrayScopes, newOptions);\n return this.msalFlow.getActiveAccount();\n },\n );\n }\n}\n"]}
|
|
@@ -5,7 +5,7 @@ const credentialName = "OnBehalfOfCredential";
|
|
|
5
5
|
const BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);
|
|
6
6
|
const logger = credentialLogger(credentialName);
|
|
7
7
|
/**
|
|
8
|
-
* Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/
|
|
8
|
+
* Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).
|
|
9
9
|
*/
|
|
10
10
|
export class OnBehalfOfCredential {
|
|
11
11
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"onBehalfOfCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEhE,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAC9C,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,GAAG,cAAc,iCAAiC,CAAC,CAAC;AAC/F,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;OAEG;IACH;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging\";\n\nconst credentialName = \"OnBehalfOfCredential\";\nconst BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);\nconst logger = credentialLogger(credentialName);\n\n/**\n * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/
|
|
1
|
+
{"version":3,"file":"onBehalfOfCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEhE,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAC9C,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,GAAG,cAAc,iCAAiC,CAAC,CAAC;AAC/F,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;OAEG;IACH;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging\";\n\nconst credentialName = \"OnBehalfOfCredential\";\nconst BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);\nconst logger = credentialLogger(credentialName);\n\n/**\n * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).\n */\nexport class OnBehalfOfCredential implements TokenCredential {\n /**\n * Only available in Node.js\n */\n constructor() {\n logger.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n\n public getToken(): Promise<AccessToken | null> {\n logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n}\n"]}
|
|
@@ -8,7 +8,7 @@ import { tracingClient } from "../util/tracing";
|
|
|
8
8
|
const credentialName = "OnBehalfOfCredential";
|
|
9
9
|
const logger = credentialLogger(credentialName);
|
|
10
10
|
/**
|
|
11
|
-
* Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/
|
|
11
|
+
* Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).
|
|
12
12
|
*/
|
|
13
13
|
export class OnBehalfOfCredential {
|
|
14
14
|
constructor(options) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"onBehalfOfCredential.js","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAQlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,cAAc,EAAE,MAAM,kCAAkC,CAAC;AAElE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAC9C,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAyD/B,YAAoB,OAAoC;QAApC,YAAO,GAAP,OAAO,CAA6B;QACtD,MAAM,EAAE,YAAY,EAAE,GAAG,OAA4C,CAAC;QACtE,MAAM,EAAE,eAAe,EAAE,GAAG,OAAiD,CAAC;QAC9E,MAAM,EACJ,QAAQ,EACR,QAAQ,EACR,kBAAkB,EAClB,0BAA0B,EAAE,4BAA4B,GACzD,GAAG,OAAO,CAAC;QACZ,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,YAAY,IAAI,eAAe,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxF,MAAM,IAAI,KAAK,CACb,GAAG,cAAc,yGAAyG,CAC3H,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,4BAA4B,CAC7B,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,IAAI,cAAc,iCAC7B,IAAI,CAAC,OAAO,KACf,MAAM,EACN,sBAAsB,EAAE,IAAI,CAAC,OAAO,IACpC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAAC,GAAG,cAAc,WAAW,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE;YACxF,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n OnBehalfOfCredentialCertificateOptions,\n OnBehalfOfCredentialOptions,\n OnBehalfOfCredentialSecretOptions,\n} from \"./onBehalfOfCredentialOptions\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { CredentialPersistenceOptions } from \"./credentialPersistenceOptions\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { MsalOnBehalfOf } from \"../msal/nodeFlows/msalOnBehalfOf\";\nimport { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst credentialName = \"OnBehalfOfCredential\";\nconst logger = credentialLogger(credentialName);\n\n/**\n * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/
|
|
1
|
+
{"version":3,"file":"onBehalfOfCredential.js","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAQlC,OAAO,EACL,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,cAAc,EAAE,MAAM,kCAAkC,CAAC;AAElE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAEhD,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAC9C,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAyD/B,YAAoB,OAAoC;QAApC,YAAO,GAAP,OAAO,CAA6B;QACtD,MAAM,EAAE,YAAY,EAAE,GAAG,OAA4C,CAAC;QACtE,MAAM,EAAE,eAAe,EAAE,GAAG,OAAiD,CAAC;QAC9E,MAAM,EACJ,QAAQ,EACR,QAAQ,EACR,kBAAkB,EAClB,0BAA0B,EAAE,4BAA4B,GACzD,GAAG,OAAO,CAAC;QACZ,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,YAAY,IAAI,eAAe,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxF,MAAM,IAAI,KAAK,CACb,GAAG,cAAc,yGAAyG,CAC3H,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,4BAA4B,CAC7B,CAAC;QAEF,IAAI,CAAC,QAAQ,GAAG,IAAI,cAAc,iCAC7B,IAAI,CAAC,OAAO,KACf,MAAM,EACN,sBAAsB,EAAE,IAAI,CAAC,OAAO,IACpC,CAAC;IACL,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,aAAa,CAAC,QAAQ,CAAC,GAAG,cAAc,WAAW,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE;YACxF,UAAU,CAAC,QAAQ,GAAG,yBAAyB,CAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,QAAS,CAAC,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;IACL,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n OnBehalfOfCredentialCertificateOptions,\n OnBehalfOfCredentialOptions,\n OnBehalfOfCredentialSecretOptions,\n} from \"./onBehalfOfCredentialOptions\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils\";\nimport { CredentialPersistenceOptions } from \"./credentialPersistenceOptions\";\nimport { MsalFlow } from \"../msal/flows\";\nimport { MsalOnBehalfOf } from \"../msal/nodeFlows/msalOnBehalfOf\";\nimport { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions\";\nimport { credentialLogger } from \"../util/logging\";\nimport { ensureScopes } from \"../util/scopeUtils\";\nimport { tracingClient } from \"../util/tracing\";\n\nconst credentialName = \"OnBehalfOfCredential\";\nconst logger = credentialLogger(credentialName);\n\n/**\n * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).\n */\nexport class OnBehalfOfCredential implements TokenCredential {\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private msalFlow: MsalFlow;\n /**\n * Creates an instance of the {@link OnBehalfOfCredential} with the details\n * needed to authenticate against Microsoft Entra ID with path to a PEM certificate,\n * and an user assertion.\n *\n * Example using the `KeyClient` from [\\@azure/keyvault-keys](https://www.npmjs.com/package/\\@azure/keyvault-keys):\n *\n * ```ts\n * const tokenCredential = new OnBehalfOfCredential({\n * tenantId,\n * clientId,\n * certificatePath: \"/path/to/certificate.pem\",\n * userAssertionToken: \"access-token\"\n * });\n * const client = new KeyClient(\"vault-url\", tokenCredential);\n *\n * await client.getKey(\"key-name\");\n * ```\n *\n * @param options - Optional parameters, generally common across credentials.\n */\n constructor(\n options: OnBehalfOfCredentialCertificateOptions &\n MultiTenantTokenCredentialOptions &\n CredentialPersistenceOptions,\n );\n /**\n * Creates an instance of the {@link OnBehalfOfCredential} with the details\n * needed to authenticate against Microsoft Entra ID with a client\n * secret and an user assertion.\n *\n * Example using the `KeyClient` from [\\@azure/keyvault-keys](https://www.npmjs.com/package/\\@azure/keyvault-keys):\n *\n * ```ts\n * const tokenCredential = new OnBehalfOfCredential({\n * tenantId,\n * clientId,\n * clientSecret,\n * userAssertionToken: \"access-token\"\n * });\n * const client = new KeyClient(\"vault-url\", tokenCredential);\n *\n * await client.getKey(\"key-name\");\n * ```\n *\n * @param options - Optional parameters, generally common across credentials.\n */\n constructor(\n options: OnBehalfOfCredentialSecretOptions &\n MultiTenantTokenCredentialOptions &\n CredentialPersistenceOptions,\n );\n\n constructor(private options: OnBehalfOfCredentialOptions) {\n const { clientSecret } = options as OnBehalfOfCredentialSecretOptions;\n const { certificatePath } = options as OnBehalfOfCredentialCertificateOptions;\n const {\n tenantId,\n clientId,\n userAssertionToken,\n additionallyAllowedTenants: additionallyAllowedTenantIds,\n } = options;\n if (!tenantId || !clientId || !(clientSecret || certificatePath) || !userAssertionToken) {\n throw new Error(\n `${credentialName}: tenantId, clientId, clientSecret (or certificatePath) and userAssertionToken are required parameters.`,\n );\n }\n\n this.tenantId = tenantId;\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n additionallyAllowedTenantIds,\n );\n\n this.msalFlow = new MsalOnBehalfOf({\n ...this.options,\n logger,\n tokenCredentialOptions: this.options,\n });\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure the underlying network requests.\n */\n async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n return tracingClient.withSpan(`${credentialName}.getToken`, options, async (newOptions) => {\n newOptions.tenantId = processMultiTenantRequest(\n this.tenantId,\n newOptions,\n this.additionallyAllowedTenantIds,\n logger,\n );\n\n const arrayScopes = ensureScopes(scopes);\n return this.msalFlow!.getToken(arrayScopes, newOptions);\n });\n }\n}\n"]}
|
|
@@ -8,7 +8,7 @@ import { hasNativeBroker, nativeBrokerInfo, persistenceProvider } from "./msalPl
|
|
|
8
8
|
import { processMultiTenantRequest, resolveAdditionallyAllowedTenantIds, resolveTenantId, } from "../../util/tenantIdUtils";
|
|
9
9
|
import { AuthenticationRequiredError } from "../../errors";
|
|
10
10
|
import { IdentityClient } from "../../client/identityClient";
|
|
11
|
-
import {
|
|
11
|
+
import { calculateRegionalAuthority } from "../../regionalAuthority";
|
|
12
12
|
import { getLogLevel } from "@azure/logger";
|
|
13
13
|
/**
|
|
14
14
|
* MSAL partial base client for Node.js.
|
|
@@ -21,7 +21,7 @@ import { getLogLevel } from "@azure/logger";
|
|
|
21
21
|
*/
|
|
22
22
|
export class MsalNode {
|
|
23
23
|
constructor(options) {
|
|
24
|
-
var _a, _b, _c, _d, _e, _f
|
|
24
|
+
var _a, _b, _c, _d, _e, _f;
|
|
25
25
|
this.app = {};
|
|
26
26
|
this.caeApp = {};
|
|
27
27
|
this.requiresConfidential = false;
|
|
@@ -61,10 +61,7 @@ export class MsalNode {
|
|
|
61
61
|
"`useIdentityPlugin(createNativeBrokerPlugin())` before using `enableBroker`.",
|
|
62
62
|
].join(" "));
|
|
63
63
|
}
|
|
64
|
-
this.azureRegion = (
|
|
65
|
-
if (this.azureRegion === RegionalAuthority.AutoDiscoverRegion) {
|
|
66
|
-
this.azureRegion = "AUTO_DISCOVER";
|
|
67
|
-
}
|
|
64
|
+
this.azureRegion = calculateRegionalAuthority(options.regionalAuthority);
|
|
68
65
|
}
|
|
69
66
|
/**
|
|
70
67
|
* Generates a MSAL configuration that generally works for Node.js
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"msalNodeCommon.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalNodeCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAI7C,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAoB,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAErE,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,UAAU,GACX,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACvF,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,eAAe,GAChB,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAG3D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAG7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE5D,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AA+B5C;;;;;;;;GAQG;AACH,MAAM,OAAgB,QAAQ;IAkC5B,YAAY,OAAwB;;QAjC5B,QAAG,GAGP,EAAE,CAAC;QACC,WAAM,GAGV,EAAE,CAAC;QAQG,yBAAoB,GAAY,KAAK,CAAC;QAmB9C,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACpF,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,sBAAsB,0CAAE,0BAA0B,CAC5D,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC9C,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAE,CAAC;YAC1B,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC3C,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,0CAAE,OAAO,CAAC;QACpD,IAAI,CAAC,oBAAoB,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,0CAAE,0BAA0B,CAAC;QAC/E,IAAI,CAAC,kBAAkB,GAAG,MAAA,OAAO,CAAC,aAAa,0CAAE,kBAAkB,CAAC;QAEpE,qCAAqC;QACrC,IAAI,mBAAmB,KAAK,SAAS,KAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,CAAA,EAAE,CAAC;YACvF,MAAM,aAAa,GAAG,OAAO,CAAC,4BAA4B,CAAC,IAAI,IAAI,wBAAwB,CAAC;YAC5F,MAAM,aAAa,mBACjB,IAAI,EAAE,GAAG,aAAa,IAAI,oBAAoB,EAAE,IAC7C,OAAO,CAAC,4BAA4B,CACxC,CAAC;YACF,MAAM,UAAU,mBACd,IAAI,EAAE,GAAG,aAAa,IAAI,gBAAgB,EAAE,IACzC,OAAO,CAAC,4BAA4B,CACxC,CAAC;YACF,IAAI,CAAC,iBAAiB,GAAG,GAAG,EAAE,CAAC,mBAAoB,CAAC,aAAa,CAAC,CAAC;YACnE,IAAI,CAAC,oBAAoB,GAAG,GAAG,EAAE,CAAC,mBAAoB,CAAC,UAAU,CAAC,CAAC;QACrE,CAAC;aAAM,IAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,eAAe,EAAE,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CACb;gBACE,kFAAkF;gBAClF,mGAAmG;gBACnG,mFAAmF;gBACnF,8EAA8E;aAC/E,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,MAAA,OAAO,CAAC,iBAAiB,mCAAI,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;QAC1F,IAAI,IAAI,CAAC,WAAW,KAAK,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;YAC9D,IAAI,CAAC,WAAW,GAAG,eAAe,CAAC;QACrC,CAAC;IACH,CAAC;IAED;;OAEG;IACO,qBAAqB,CAAC,OAAwB;;QACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,uBAAuB,CAAC;QAC7D,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAErF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;QAC/E,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE7D,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,iCACnC,OAAO,CAAC,sBAAsB,KACjC,aAAa,EAAE,SAAS,EACxB,cAAc,EAAE,OAAO,CAAC,cAAc,IACtC,CAAC;QAEH,MAAM,kBAAkB,GAAa,EAAE,CAAC;QAExC,OAAO;YACL,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;gBACT,gBAAgB,EAAE,mBAAmB,CACnC,QAAQ,EACR,SAAS,EACT,OAAO,CAAC,wBAAwB,CACjC;gBACD,kBAAkB;aACnB;YACD,sCAAsC;YACtC,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI,CAAC,cAAc;gBAClC,aAAa,EAAE;oBACb,cAAc,EAAE,qBAAqB,CAAC,OAAO,CAAC,MAAM,CAAC;oBACrD,QAAQ,EAAE,eAAe,CAAC,WAAW,EAAE,CAAC;oBACxC,iBAAiB,EAAE,MAAA,OAAO,CAAC,cAAc,0CAAE,0BAA0B;iBACtE;aACF;SACF,CAAC;IACJ,CAAC;IAYS,MAAM,CACd,OAAgB,EAChB,SAAmB;QAEnB,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAC/C,IAAI,OAAO,KAAK,aAAa,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,YAAY,CAAE,CAAC;QAC3C,CAAC;aAAM,IAAI,OAAO,KAAK,mBAAmB,EAAE,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAE,CAAC;QAC3C,CAAC;aAAM,IAAI,OAAO,KAAK,cAAc,EAAE,CAAC;YACtC,OAAO,GAAG,CAAC,YAAa,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,CAAC,MAAO,CAAC;QACrB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuC;QAChD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,EAAE,CAAC;YACzB,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBACjD,6DAA6D;gBAC7D,mDAAmD;gBACnD,IAAI,CAAC,cAAe,CAAC,aAAa,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YAC5D,CAAC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,GAAG,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QACxD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,GAAG,CAAC,KAAK,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACnC,OAAO;QACT,CAAC;QACD,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,KAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;YAClE,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;gBACtB,WAAW,EAAE,MAAM,IAAI,CAAC,oBAAoB,EAAE;aAC/C,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;gBACtB,WAAW,EAAE,MAAM,IAAI,CAAC,iBAAiB,EAAE;aAC5C,CAAC;QACJ,CAAC;QAED,IAAI,eAAe,EAAE,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG;gBACvB,kBAAkB,EAAE,gBAAiB,CAAC,MAAM;aAC7C,CAAC;YACF,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC7B,4FAA4F;gBAC5F,IAAI,CAAC,MAAM,CAAC,OAAO,CACjB,kIAAkI,CACnI,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAED,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QACnE,CAAC;QACD,8EAA8E;QAC9E,IACE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY;YACjC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe;YACpC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EACtC,CAAC;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;gBACvB,IAAI,CAAC,MAAM,CAAC,YAAY,GAAG,IAAI,QAAQ,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACzF,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,IAAI,QAAQ,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACtF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,gHAAgH,CACjH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACO,gBAAgB,CACxB,OAAsD,EACtD,WAA6B,EAC7B,QAAqB;QAErB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,OAAO;iBACJ,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;gBAClB,OAAO,OAAO,CAAC,SAAU,CAAC,CAAC;YAC7B,CAAC,CAAC;iBACD,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,WAAW,EAAE,CAAC;gBAChB,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;oBACzC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,EAAI,CAAC;gBACf,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,SAAS,GAAG,KAAK;QACtC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,OAAO,CAAC;QACtB,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC,aAAa,EAAE,CAAC;QAC1E,MAAM,gBAAgB,GAAG,MAAM,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,EAAE,CAAA,CAAC;QAEvD,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM;iBACR,IAAI,CAAC;;;;6KAI+J,CAAC,CAAC;YACzK,OAAO;QACT,CAAC;QAED,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAClB,MAAgB,EAChB,OAAuC;;QAEvC,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,CAAC;QAChD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,IAAI,2BAA2B,CAAC;gBACpC,MAAM;gBACN,eAAe,EAAE,OAAO;gBACxB,OAAO,EACL,sFAAsF;aACzF,CAAC,CAAC;QACL,CAAC;QAED,MAAM,aAAa,GAA+B;YAChD,kFAAkF;YAClF,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YACnC,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;YACrC,MAAM;YACN,SAAS,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS;YAC7B,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;SACxB,CAAC;QAEF,IAAI,eAAe,EAAE,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,CAAC,aAAa,CAAC,oBAAoB,EAAE,CAAC;gBACxC,aAAa,CAAC,oBAAoB,GAAG,EAAE,CAAC;YAC1C,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC7B,4FAA4F;gBAC5F,IAAI,CAAC,MAAM,CAAC,OAAO,CACjB,kIAAkI,CACnI,CAAC;YACJ,CAAC;YACD,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC9B,aAAa,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,sBAAsB,CAAC;YACnF,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD;;;;;eAKG;YACH,MAAM,CAAA,MAAA,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,0CAAE,aAAa,GAAG,cAAc,EAAE,CAAA,CAAC;YACvF,MAAM,QAAQ,GACZ,MAAA,CAAC,MAAM,CAAA,MAAA,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,0CAAE,kBAAkB,CACxE,aAAa,CACd,CAAA,CAAC,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC;YAC5F,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,IAAI,SAAS,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,MAAM,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAOD;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAgB,EAChB,UAAyC,EAAE;QAE3C,MAAM,QAAQ,GACZ,yBAAyB,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,4BAA4B,CAAC;YACpF,IAAI,CAAC,QAAQ,CAAC;QAEhB,OAAO,CAAC,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE/D,OAAO,CAAC,aAAa,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,KAAI,UAAU,EAAE,CAAC;QAC/D,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzB,IAAI,CAAC;YACH,gDAAgD;YAChD,uGAAuG;YACvG,2GAA2G;YAC3G,MAAM,aAAa,GAAI,OAAe,CAAC,MAAM,CAAC;YAC9C,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC,YAAY,GAAG,aAAa,CAAC;YACpC,CAAC;YACD,IAAI,IAAI,CAAC,YAAY,IAAI,CAAC,aAAa,EAAE,CAAC;gBACxC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC;YACrC,CAAC;YACD,wEAAwE;YACxE,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACpD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE,CAAC;gBAC/C,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE,CAAC;gBAC5C,MAAM,IAAI,2BAA2B,CAAC;oBACpC,MAAM;oBACN,eAAe,EAAE,OAAO;oBACxB,OAAO,EACL,uFAAuF;iBAC1F,CAAC,CAAC;YACL,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;YACtF,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAED;;;;OAIG;IACO,YAAY,CACpB,MAAyB,EACzB,MAAmB,EACnB,eAAiC;QAEjC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,OAAO,EAAE,CAAC;YACpB,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;QAC7D,CAAC;QACD,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;QACjD,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,WAAW;YACzB,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE;SAC/C,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalNode from \"@azure/msal-node\";\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { AppType, AuthenticationRecord, MsalResult } from \"../types\";\nimport {\n CACHE_CAE_SUFFIX,\n CACHE_NON_CAE_SUFFIX,\n DEFAULT_TOKEN_CACHE_NAME,\n DeveloperSignOnClientId,\n} from \"../../constants\";\nimport { CredentialLogger, formatSuccess } from \"../../util/logging\";\nimport { MsalFlow, MsalFlowOptions } from \"../flows\";\nimport {\n defaultLoggerCallback,\n ensureValidMsalToken,\n getAuthority,\n getKnownAuthorities,\n getMSALLogLevel,\n handleMsalError,\n msalToPublic,\n publicToMsal,\n randomUUID,\n} from \"../utils\";\nimport { hasNativeBroker, nativeBrokerInfo, persistenceProvider } from \"./msalPlugins\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n resolveTenantId,\n} from \"../../util/tenantIdUtils\";\n\nimport { AbortSignalLike } from \"@azure/abort-controller\";\nimport { AuthenticationRequiredError } from \"../../errors\";\nimport { BrokerOptions } from \"./brokerOptions\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { IdentityClient } from \"../../client/identityClient\";\nimport { LogPolicyOptions } from \"@azure/core-rest-pipeline\";\nimport { MultiTenantTokenCredentialOptions } from \"../../credentials/multiTenantTokenCredentialOptions\";\nimport { RegionalAuthority } from \"../../regionalAuthority\";\nimport { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions\";\nimport { getLogLevel } from \"@azure/logger\";\n\n/**\n * Union of the constructor parameters that all MSAL flow types for Node.\n * @internal\n */\nexport interface MsalNodeOptions extends MsalFlowOptions {\n tokenCachePersistenceOptions?: TokenCachePersistenceOptions;\n brokerOptions?: BrokerOptions;\n tokenCredentialOptions: MultiTenantTokenCredentialOptions;\n /**\n * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n * If the property is not specified, uses a non-regional authority endpoint.\n */\n regionalAuthority?: string;\n /**\n * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.\n */\n loggingOptions?: LogPolicyOptions & {\n /**\n * Allows logging account information once the authentication flow succeeds.\n */\n allowLoggingAccountIdentifiers?: boolean;\n /**\n * Allows logging personally identifiable information for customer support.\n */\n enableUnsafeSupportLogging?: boolean;\n };\n}\n\n/**\n * MSAL partial base client for Node.js.\n *\n * It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n *\n * @internal\n */\nexport abstract class MsalNode implements MsalFlow {\n private app: {\n public?: msalNode.PublicClientApplication;\n confidential?: msalNode.ConfidentialClientApplication;\n } = {};\n private caeApp: {\n public?: msalNode.PublicClientApplication;\n confidential?: msalNode.ConfidentialClientApplication;\n } = {};\n private account?: AuthenticationRecord;\n protected msalConfig: msalNode.Configuration;\n protected clientId: string;\n protected tenantId: string;\n protected additionallyAllowedTenantIds: string[];\n protected authorityHost?: string;\n protected identityClient?: IdentityClient;\n protected requiresConfidential: boolean = false;\n protected azureRegion?: string;\n protected createCachePlugin: (() => Promise<msalNode.ICachePlugin>) | undefined;\n protected createCachePluginCae: (() => Promise<msalNode.ICachePlugin>) | undefined;\n protected createNativeBrokerPlugin: (() => Promise<msalNode.INativeBrokerPlugin>) | undefined;\n protected enableMsaPassthrough?: boolean;\n protected parentWindowHandle?: Uint8Array;\n protected enableBroker?: boolean;\n protected logger: CredentialLogger;\n\n /**\n * MSAL currently caches the tokens depending on the claims used to retrieve them.\n * In cases like CAE, in which we use claims to update the tokens, trying to retrieve the token without the claims will yield the original token.\n * To ensure we always get the latest token, we have to keep track of the claims.\n */\n private cachedClaims: string | undefined;\n\n protected getAssertion: (() => Promise<string>) | undefined;\n constructor(options: MsalNodeOptions) {\n this.logger = options.logger;\n this.msalConfig = this.defaultNodeMsalConfig(options);\n this.tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.tokenCredentialOptions?.additionallyAllowedTenants,\n );\n this.clientId = this.msalConfig.auth.clientId;\n if (options?.getAssertion) {\n this.getAssertion = options.getAssertion;\n }\n this.enableBroker = options?.brokerOptions?.enabled;\n this.enableMsaPassthrough = options?.brokerOptions?.legacyEnableMsaPassthrough;\n this.parentWindowHandle = options.brokerOptions?.parentWindowHandle;\n\n // If persistence has been configured\n if (persistenceProvider !== undefined && options.tokenCachePersistenceOptions?.enabled) {\n const cacheBaseName = options.tokenCachePersistenceOptions.name || DEFAULT_TOKEN_CACHE_NAME;\n const nonCaeOptions = {\n name: `${cacheBaseName}.${CACHE_NON_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n };\n const caeOptions = {\n name: `${cacheBaseName}.${CACHE_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n };\n this.createCachePlugin = () => persistenceProvider!(nonCaeOptions);\n this.createCachePluginCae = () => persistenceProvider!(caeOptions);\n } else if (options.tokenCachePersistenceOptions?.enabled) {\n throw new Error(\n [\n \"Persistent token caching was requested, but no persistence provider was configured.\",\n \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\",\n ].join(\" \"),\n );\n }\n\n // If broker has not been configured\n if (!hasNativeBroker() && this.enableBroker) {\n throw new Error(\n [\n \"Broker for WAM was requested to be enabled, but no native broker was configured.\",\n \"You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(createNativeBrokerPlugin())` before using `enableBroker`.\",\n ].join(\" \"),\n );\n }\n\n this.azureRegion = options.regionalAuthority ?? process.env.AZURE_REGIONAL_AUTHORITY_NAME;\n if (this.azureRegion === RegionalAuthority.AutoDiscoverRegion) {\n this.azureRegion = \"AUTO_DISCOVER\";\n }\n }\n\n /**\n * Generates a MSAL configuration that generally works for Node.js\n */\n protected defaultNodeMsalConfig(options: MsalNodeOptions): msalNode.Configuration {\n const clientId = options.clientId || DeveloperSignOnClientId;\n const tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n\n this.authorityHost = options.authorityHost || process.env.AZURE_AUTHORITY_HOST;\n const authority = getAuthority(tenantId, this.authorityHost);\n\n this.identityClient = new IdentityClient({\n ...options.tokenCredentialOptions,\n authorityHost: authority,\n loggingOptions: options.loggingOptions,\n });\n\n const clientCapabilities: string[] = [];\n\n return {\n auth: {\n clientId,\n authority,\n knownAuthorities: getKnownAuthorities(\n tenantId,\n authority,\n options.disableInstanceDiscovery,\n ),\n clientCapabilities,\n },\n // Cache is defined in this.prepare();\n system: {\n networkClient: this.identityClient,\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(options.logger),\n logLevel: getMSALLogLevel(getLogLevel()),\n piiLoggingEnabled: options.loggingOptions?.enableUnsafeSupportLogging,\n },\n },\n };\n }\n protected getApp(\n appType: \"publicFirst\" | \"confidentialFirst\",\n enableCae?: boolean,\n ): msalNode.ConfidentialClientApplication | msalNode.PublicClientApplication;\n protected getApp(appType: \"public\", enableCae?: boolean): msalNode.PublicClientApplication;\n\n protected getApp(\n appType: \"confidential\",\n enableCae?: boolean,\n ): msalNode.ConfidentialClientApplication;\n\n protected getApp(\n appType: AppType,\n enableCae?: boolean,\n ): msalNode.ConfidentialClientApplication | msalNode.PublicClientApplication {\n const app = enableCae ? this.caeApp : this.app;\n if (appType === \"publicFirst\") {\n return (app.public || app.confidential)!;\n } else if (appType === \"confidentialFirst\") {\n return (app.confidential || app.public)!;\n } else if (appType === \"confidential\") {\n return app.confidential!;\n } else {\n return app.public!;\n }\n }\n\n /**\n * Prepares the MSAL applications.\n */\n async init(options?: CredentialFlowGetTokenOptions): Promise<void> {\n if (options?.abortSignal) {\n options.abortSignal.addEventListener(\"abort\", () => {\n // This will abort any pending request in the IdentityClient,\n // based on the received or generated correlationId\n this.identityClient!.abortRequests(options.correlationId);\n });\n }\n\n const app = options?.enableCae ? this.caeApp : this.app;\n if (options?.enableCae) {\n this.msalConfig.auth.clientCapabilities = [\"cp1\"];\n }\n if (app.public || app.confidential) {\n return;\n }\n if (options?.enableCae && this.createCachePluginCae !== undefined) {\n this.msalConfig.cache = {\n cachePlugin: await this.createCachePluginCae(),\n };\n }\n if (this.createCachePlugin !== undefined) {\n this.msalConfig.cache = {\n cachePlugin: await this.createCachePlugin(),\n };\n }\n\n if (hasNativeBroker() && this.enableBroker) {\n this.msalConfig.broker = {\n nativeBrokerPlugin: nativeBrokerInfo!.broker,\n };\n if (!this.parentWindowHandle) {\n // error should have been thrown from within the constructor of InteractiveBrowserCredential\n this.logger.warning(\n \"Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.\",\n );\n }\n }\n\n if (options?.enableCae) {\n this.caeApp.public = new msalNode.PublicClientApplication(this.msalConfig);\n } else {\n this.app.public = new msalNode.PublicClientApplication(this.msalConfig);\n }\n\n if (this.getAssertion) {\n this.msalConfig.auth.clientAssertion = await this.getAssertion();\n }\n // The confidential client requires either a secret, assertion or certificate.\n if (\n this.msalConfig.auth.clientSecret ||\n this.msalConfig.auth.clientAssertion ||\n this.msalConfig.auth.clientCertificate\n ) {\n if (options?.enableCae) {\n this.caeApp.confidential = new msalNode.ConfidentialClientApplication(this.msalConfig);\n } else {\n this.app.confidential = new msalNode.ConfidentialClientApplication(this.msalConfig);\n }\n } else {\n if (this.requiresConfidential) {\n throw new Error(\n \"Unable to generate the MSAL confidential client. Missing either the client's secret, certificate or assertion.\",\n );\n }\n }\n }\n\n /**\n * Allows the cancellation of a MSAL request.\n */\n protected withCancellation(\n promise: Promise<msalNode.AuthenticationResult | null>,\n abortSignal?: AbortSignalLike,\n onCancel?: () => void,\n ): Promise<msalNode.AuthenticationResult | null> {\n return new Promise((resolve, reject) => {\n promise\n .then((msalToken) => {\n return resolve(msalToken!);\n })\n .catch(reject);\n if (abortSignal) {\n abortSignal.addEventListener(\"abort\", () => {\n onCancel?.();\n });\n }\n });\n }\n\n /**\n * Returns the existing account, attempts to load the account from MSAL.\n */\n async getActiveAccount(enableCae = false): Promise<AuthenticationRecord | undefined> {\n if (this.account) {\n return this.account;\n }\n const cache = this.getApp(\"confidentialFirst\", enableCae).getTokenCache();\n const accountsByTenant = await cache?.getAllAccounts();\n\n if (!accountsByTenant) {\n return;\n }\n\n if (accountsByTenant.length === 1) {\n this.account = msalToPublic(this.clientId, accountsByTenant[0]);\n } else {\n this.logger\n .info(`More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing a credential to prevent this from happening.`);\n return;\n }\n\n return this.account;\n }\n\n /**\n * Attempts to retrieve a token from cache.\n */\n async getTokenSilent(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions,\n ): Promise<AccessToken> {\n await this.getActiveAccount(options?.enableCae);\n if (!this.account) {\n throw new AuthenticationRequiredError({\n scopes,\n getTokenOptions: options,\n message:\n \"Silent authentication failed. We couldn't retrieve an active account from the cache.\",\n });\n }\n\n const silentRequest: msalNode.SilentFlowRequest = {\n // To be able to re-use the account, the Token Cache must also have been provided.\n account: publicToMsal(this.account),\n correlationId: options?.correlationId,\n scopes,\n authority: options?.authority,\n claims: options?.claims,\n };\n\n if (hasNativeBroker() && this.enableBroker) {\n if (!silentRequest.tokenQueryParameters) {\n silentRequest.tokenQueryParameters = {};\n }\n if (!this.parentWindowHandle) {\n // error should have been thrown from within the constructor of InteractiveBrowserCredential\n this.logger.warning(\n \"Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.\",\n );\n }\n if (this.enableMsaPassthrough) {\n silentRequest.tokenQueryParameters[\"msal_request_type\"] = \"consumer_passthrough\";\n }\n }\n\n try {\n this.logger.info(\"Attempting to acquire token silently\");\n /**\n * The following code to retrieve all accounts is done as a workaround in an attempt to force the\n * refresh of the token cache with the token and the account passed in through the\n * `authenticationRecord` parameter. See issue - https://github.com/Azure/azure-sdk-for-js/issues/24349#issuecomment-1496715651\n * This workaround serves as a workaround for silent authentication not happening when authenticationRecord is passed.\n */\n await this.getApp(\"publicFirst\", options?.enableCae)?.getTokenCache().getAllAccounts();\n const response =\n (await this.getApp(\"confidential\", options?.enableCae)?.acquireTokenSilent(\n silentRequest,\n )) ?? (await this.getApp(\"public\", options?.enableCae).acquireTokenSilent(silentRequest));\n return this.handleResult(scopes, response || undefined);\n } catch (err: any) {\n throw handleMsalError(scopes, err, options);\n }\n }\n\n /**\n * Attempts to retrieve an authenticated token from MSAL.\n */\n protected abstract doGetToken(scopes: string[], options?: GetTokenOptions): Promise<AccessToken>;\n\n /**\n * Wrapper around each MSAL flow get token operation: doGetToken.\n * If disableAutomaticAuthentication is sent through the constructor, it will prevent MSAL from requesting the user input.\n */\n public async getToken(\n scopes: string[],\n options: CredentialFlowGetTokenOptions = {},\n ): Promise<AccessToken> {\n const tenantId =\n processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds) ||\n this.tenantId;\n\n options.authority = getAuthority(tenantId, this.authorityHost);\n\n options.correlationId = options?.correlationId || randomUUID();\n await this.init(options);\n\n try {\n // MSAL now caches tokens based on their claims,\n // so now one has to keep track fo claims in order to retrieve the newer tokens from acquireTokenSilent\n // This update happened on PR: https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/4533\n const optionsClaims = (options as any).claims;\n if (optionsClaims) {\n this.cachedClaims = optionsClaims;\n }\n if (this.cachedClaims && !optionsClaims) {\n options.claims = this.cachedClaims;\n }\n // We don't return the promise since we want to catch errors right here.\n return await this.getTokenSilent(scopes, options);\n } catch (err: any) {\n if (err.name !== \"AuthenticationRequiredError\") {\n throw err;\n }\n if (options?.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError({\n scopes,\n getTokenOptions: options,\n message:\n \"Automatic authentication has been disabled. You may call the authentication() method.\",\n });\n }\n this.logger.info(`Silent authentication failed, falling back to interactive method.`);\n return this.doGetToken(scopes, options);\n }\n }\n\n /**\n * Handles the MSAL authentication result.\n * If the result has an account, we update the local account reference.\n * If the token received is invalid, an error will be thrown depending on what's missing.\n */\n protected handleResult(\n scopes: string | string[],\n result?: MsalResult,\n getTokenOptions?: GetTokenOptions,\n ): AccessToken {\n if (result?.account) {\n this.account = msalToPublic(this.clientId, result.account);\n }\n ensureValidMsalToken(scopes, result, getTokenOptions);\n this.logger.getToken.info(formatSuccess(scopes));\n return {\n token: result.accessToken,\n expiresOnTimestamp: result.expiresOn.getTime(),\n };\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"msalNodeCommon.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalNodeCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAI7C,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,wBAAwB,EACxB,uBAAuB,GACxB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAoB,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAErE,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,eAAe,EACf,YAAY,EACZ,YAAY,EACZ,UAAU,GACX,MAAM,UAAU,CAAC;AAClB,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACvF,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,eAAe,GAChB,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAG3D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAI7D,OAAO,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AA+B5C;;;;;;;;GAQG;AACH,MAAM,OAAgB,QAAQ;IAkC5B,YAAY,OAAwB;;QAjC5B,QAAG,GAGP,EAAE,CAAC;QACC,WAAM,GAGV,EAAE,CAAC;QAQG,yBAAoB,GAAY,KAAK,CAAC;QAmB9C,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACpF,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,sBAAsB,0CAAE,0BAA0B,CAC5D,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC9C,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,EAAE,CAAC;YAC1B,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC3C,CAAC;QACD,IAAI,CAAC,YAAY,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,0CAAE,OAAO,CAAC;QACpD,IAAI,CAAC,oBAAoB,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,0CAAE,0BAA0B,CAAC;QAC/E,IAAI,CAAC,kBAAkB,GAAG,MAAA,OAAO,CAAC,aAAa,0CAAE,kBAAkB,CAAC;QAEpE,qCAAqC;QACrC,IAAI,mBAAmB,KAAK,SAAS,KAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,CAAA,EAAE,CAAC;YACvF,MAAM,aAAa,GAAG,OAAO,CAAC,4BAA4B,CAAC,IAAI,IAAI,wBAAwB,CAAC;YAC5F,MAAM,aAAa,mBACjB,IAAI,EAAE,GAAG,aAAa,IAAI,oBAAoB,EAAE,IAC7C,OAAO,CAAC,4BAA4B,CACxC,CAAC;YACF,MAAM,UAAU,mBACd,IAAI,EAAE,GAAG,aAAa,IAAI,gBAAgB,EAAE,IACzC,OAAO,CAAC,4BAA4B,CACxC,CAAC;YACF,IAAI,CAAC,iBAAiB,GAAG,GAAG,EAAE,CAAC,mBAAoB,CAAC,aAAa,CAAC,CAAC;YACnE,IAAI,CAAC,oBAAoB,GAAG,GAAG,EAAE,CAAC,mBAAoB,CAAC,UAAU,CAAC,CAAC;QACrE,CAAC;aAAM,IAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,EAAE,CAAC;YACzD,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,oCAAoC;QACpC,IAAI,CAAC,eAAe,EAAE,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC5C,MAAM,IAAI,KAAK,CACb;gBACE,kFAAkF;gBAClF,mGAAmG;gBACnG,mFAAmF;gBACnF,8EAA8E;aAC/E,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,WAAW,GAAG,0BAA0B,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAC3E,CAAC;IAED;;OAEG;IACO,qBAAqB,CAAC,OAAwB;;QACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,uBAAuB,CAAC;QAC7D,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAErF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;QAC/E,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE7D,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,iCACnC,OAAO,CAAC,sBAAsB,KACjC,aAAa,EAAE,SAAS,EACxB,cAAc,EAAE,OAAO,CAAC,cAAc,IACtC,CAAC;QAEH,MAAM,kBAAkB,GAAa,EAAE,CAAC;QAExC,OAAO;YACL,IAAI,EAAE;gBACJ,QAAQ;gBACR,SAAS;gBACT,gBAAgB,EAAE,mBAAmB,CACnC,QAAQ,EACR,SAAS,EACT,OAAO,CAAC,wBAAwB,CACjC;gBACD,kBAAkB;aACnB;YACD,sCAAsC;YACtC,MAAM,EAAE;gBACN,aAAa,EAAE,IAAI,CAAC,cAAc;gBAClC,aAAa,EAAE;oBACb,cAAc,EAAE,qBAAqB,CAAC,OAAO,CAAC,MAAM,CAAC;oBACrD,QAAQ,EAAE,eAAe,CAAC,WAAW,EAAE,CAAC;oBACxC,iBAAiB,EAAE,MAAA,OAAO,CAAC,cAAc,0CAAE,0BAA0B;iBACtE;aACF;SACF,CAAC;IACJ,CAAC;IAYS,MAAM,CACd,OAAgB,EAChB,SAAmB;QAEnB,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAC/C,IAAI,OAAO,KAAK,aAAa,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,YAAY,CAAE,CAAC;QAC3C,CAAC;aAAM,IAAI,OAAO,KAAK,mBAAmB,EAAE,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,CAAE,CAAC;QAC3C,CAAC;aAAM,IAAI,OAAO,KAAK,cAAc,EAAE,CAAC;YACtC,OAAO,GAAG,CAAC,YAAa,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,CAAC,MAAO,CAAC;QACrB,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAuC;QAChD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,WAAW,EAAE,CAAC;YACzB,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;gBACjD,6DAA6D;gBAC7D,mDAAmD;gBACnD,IAAI,CAAC,cAAe,CAAC,aAAa,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;YAC5D,CAAC,CAAC,CAAC;QACL,CAAC;QAED,MAAM,GAAG,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QACxD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,GAAG,CAAC,KAAK,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;YACnC,OAAO;QACT,CAAC;QACD,IAAI,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,KAAI,IAAI,CAAC,oBAAoB,KAAK,SAAS,EAAE,CAAC;YAClE,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;gBACtB,WAAW,EAAE,MAAM,IAAI,CAAC,oBAAoB,EAAE;aAC/C,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,iBAAiB,KAAK,SAAS,EAAE,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,KAAK,GAAG;gBACtB,WAAW,EAAE,MAAM,IAAI,CAAC,iBAAiB,EAAE;aAC5C,CAAC;QACJ,CAAC;QAED,IAAI,eAAe,EAAE,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG;gBACvB,kBAAkB,EAAE,gBAAiB,CAAC,MAAM;aAC7C,CAAC;YACF,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC7B,4FAA4F;gBAC5F,IAAI,CAAC,MAAM,CAAC,OAAO,CACjB,kIAAkI,CACnI,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,QAAQ,CAAC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1E,CAAC;QAED,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QACnE,CAAC;QACD,8EAA8E;QAC9E,IACE,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY;YACjC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe;YACpC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,EACtC,CAAC;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE,CAAC;gBACvB,IAAI,CAAC,MAAM,CAAC,YAAY,GAAG,IAAI,QAAQ,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACzF,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,IAAI,QAAQ,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACtF,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC9B,MAAM,IAAI,KAAK,CACb,gHAAgH,CACjH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACO,gBAAgB,CACxB,OAAsD,EACtD,WAA6B,EAC7B,QAAqB;QAErB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,OAAO;iBACJ,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE;gBAClB,OAAO,OAAO,CAAC,SAAU,CAAC,CAAC;YAC7B,CAAC,CAAC;iBACD,KAAK,CAAC,MAAM,CAAC,CAAC;YACjB,IAAI,WAAW,EAAE,CAAC;gBAChB,WAAW,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;oBACzC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,EAAI,CAAC;gBACf,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,SAAS,GAAG,KAAK;QACtC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,OAAO,CAAC;QACtB,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,SAAS,CAAC,CAAC,aAAa,EAAE,CAAC;QAC1E,MAAM,gBAAgB,GAAG,MAAM,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,cAAc,EAAE,CAAA,CAAC;QAEvD,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO;QACT,CAAC;QAED,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM;iBACR,IAAI,CAAC;;;;6KAI+J,CAAC,CAAC;YACzK,OAAO;QACT,CAAC;QAED,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAClB,MAAgB,EAChB,OAAuC;;QAEvC,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,CAAC;QAChD,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YAClB,MAAM,IAAI,2BAA2B,CAAC;gBACpC,MAAM;gBACN,eAAe,EAAE,OAAO;gBACxB,OAAO,EACL,sFAAsF;aACzF,CAAC,CAAC;QACL,CAAC;QAED,MAAM,aAAa,GAA+B;YAChD,kFAAkF;YAClF,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC;YACnC,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa;YACrC,MAAM;YACN,SAAS,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS;YAC7B,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;SACxB,CAAC;QAEF,IAAI,eAAe,EAAE,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,CAAC,aAAa,CAAC,oBAAoB,EAAE,CAAC;gBACxC,aAAa,CAAC,oBAAoB,GAAG,EAAE,CAAC;YAC1C,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBAC7B,4FAA4F;gBAC5F,IAAI,CAAC,MAAM,CAAC,OAAO,CACjB,kIAAkI,CACnI,CAAC;YACJ,CAAC;YACD,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC9B,aAAa,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,sBAAsB,CAAC;YACnF,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;YACzD;;;;;eAKG;YACH,MAAM,CAAA,MAAA,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,0CAAE,aAAa,GAAG,cAAc,EAAE,CAAA,CAAC;YACvF,MAAM,QAAQ,GACZ,MAAA,CAAC,MAAM,CAAA,MAAA,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,0CAAE,kBAAkB,CACxE,aAAa,CACd,CAAA,CAAC,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,CAAC,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC,CAAC;YAC5F,OAAO,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,IAAI,SAAS,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,MAAM,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAOD;;;OAGG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAgB,EAChB,UAAyC,EAAE;QAE3C,MAAM,QAAQ,GACZ,yBAAyB,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,4BAA4B,CAAC;YACpF,IAAI,CAAC,QAAQ,CAAC;QAEhB,OAAO,CAAC,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAE/D,OAAO,CAAC,aAAa,GAAG,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,KAAI,UAAU,EAAE,CAAC;QAC/D,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEzB,IAAI,CAAC;YACH,gDAAgD;YAChD,uGAAuG;YACvG,2GAA2G;YAC3G,MAAM,aAAa,GAAI,OAAe,CAAC,MAAM,CAAC;YAC9C,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC,YAAY,GAAG,aAAa,CAAC;YACpC,CAAC;YACD,IAAI,IAAI,CAAC,YAAY,IAAI,CAAC,aAAa,EAAE,CAAC;gBACxC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC;YACrC,CAAC;YACD,wEAAwE;YACxE,OAAO,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACpD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE,CAAC;gBAC/C,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE,CAAC;gBAC5C,MAAM,IAAI,2BAA2B,CAAC;oBACpC,MAAM;oBACN,eAAe,EAAE,OAAO;oBACxB,OAAO,EACL,uFAAuF;iBAC1F,CAAC,CAAC;YACL,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;YACtF,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAED;;;;OAIG;IACO,YAAY,CACpB,MAAyB,EACzB,MAAmB,EACnB,eAAiC;QAEjC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,OAAO,EAAE,CAAC;YACpB,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;QAC7D,CAAC;QACD,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;QACjD,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,WAAW;YACzB,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE;SAC/C,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msalNode from \"@azure/msal-node\";\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { AppType, AuthenticationRecord, MsalResult } from \"../types\";\nimport {\n CACHE_CAE_SUFFIX,\n CACHE_NON_CAE_SUFFIX,\n DEFAULT_TOKEN_CACHE_NAME,\n DeveloperSignOnClientId,\n} from \"../../constants\";\nimport { CredentialLogger, formatSuccess } from \"../../util/logging\";\nimport { MsalFlow, MsalFlowOptions } from \"../flows\";\nimport {\n defaultLoggerCallback,\n ensureValidMsalToken,\n getAuthority,\n getKnownAuthorities,\n getMSALLogLevel,\n handleMsalError,\n msalToPublic,\n publicToMsal,\n randomUUID,\n} from \"../utils\";\nimport { hasNativeBroker, nativeBrokerInfo, persistenceProvider } from \"./msalPlugins\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n resolveTenantId,\n} from \"../../util/tenantIdUtils\";\n\nimport { AbortSignalLike } from \"@azure/abort-controller\";\nimport { AuthenticationRequiredError } from \"../../errors\";\nimport { BrokerOptions } from \"./brokerOptions\";\nimport { CredentialFlowGetTokenOptions } from \"../credentials\";\nimport { IdentityClient } from \"../../client/identityClient\";\nimport { LogPolicyOptions } from \"@azure/core-rest-pipeline\";\nimport { MultiTenantTokenCredentialOptions } from \"../../credentials/multiTenantTokenCredentialOptions\";\nimport { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions\";\nimport { calculateRegionalAuthority } from \"../../regionalAuthority\";\nimport { getLogLevel } from \"@azure/logger\";\n\n/**\n * Union of the constructor parameters that all MSAL flow types for Node.\n * @internal\n */\nexport interface MsalNodeOptions extends MsalFlowOptions {\n tokenCachePersistenceOptions?: TokenCachePersistenceOptions;\n brokerOptions?: BrokerOptions;\n tokenCredentialOptions: MultiTenantTokenCredentialOptions;\n /**\n * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n * If the property is not specified, uses a non-regional authority endpoint.\n */\n regionalAuthority?: string;\n /**\n * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.\n */\n loggingOptions?: LogPolicyOptions & {\n /**\n * Allows logging account information once the authentication flow succeeds.\n */\n allowLoggingAccountIdentifiers?: boolean;\n /**\n * Allows logging personally identifiable information for customer support.\n */\n enableUnsafeSupportLogging?: boolean;\n };\n}\n\n/**\n * MSAL partial base client for Node.js.\n *\n * It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n *\n * @internal\n */\nexport abstract class MsalNode implements MsalFlow {\n private app: {\n public?: msalNode.PublicClientApplication;\n confidential?: msalNode.ConfidentialClientApplication;\n } = {};\n private caeApp: {\n public?: msalNode.PublicClientApplication;\n confidential?: msalNode.ConfidentialClientApplication;\n } = {};\n private account?: AuthenticationRecord;\n protected msalConfig: msalNode.Configuration;\n protected clientId: string;\n protected tenantId: string;\n protected additionallyAllowedTenantIds: string[];\n protected authorityHost?: string;\n protected identityClient?: IdentityClient;\n protected requiresConfidential: boolean = false;\n protected azureRegion?: string;\n protected createCachePlugin: (() => Promise<msalNode.ICachePlugin>) | undefined;\n protected createCachePluginCae: (() => Promise<msalNode.ICachePlugin>) | undefined;\n protected createNativeBrokerPlugin: (() => Promise<msalNode.INativeBrokerPlugin>) | undefined;\n protected enableMsaPassthrough?: boolean;\n protected parentWindowHandle?: Uint8Array;\n protected enableBroker?: boolean;\n protected logger: CredentialLogger;\n\n /**\n * MSAL currently caches the tokens depending on the claims used to retrieve them.\n * In cases like CAE, in which we use claims to update the tokens, trying to retrieve the token without the claims will yield the original token.\n * To ensure we always get the latest token, we have to keep track of the claims.\n */\n private cachedClaims: string | undefined;\n\n protected getAssertion: (() => Promise<string>) | undefined;\n constructor(options: MsalNodeOptions) {\n this.logger = options.logger;\n this.msalConfig = this.defaultNodeMsalConfig(options);\n this.tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.tokenCredentialOptions?.additionallyAllowedTenants,\n );\n this.clientId = this.msalConfig.auth.clientId;\n if (options?.getAssertion) {\n this.getAssertion = options.getAssertion;\n }\n this.enableBroker = options?.brokerOptions?.enabled;\n this.enableMsaPassthrough = options?.brokerOptions?.legacyEnableMsaPassthrough;\n this.parentWindowHandle = options.brokerOptions?.parentWindowHandle;\n\n // If persistence has been configured\n if (persistenceProvider !== undefined && options.tokenCachePersistenceOptions?.enabled) {\n const cacheBaseName = options.tokenCachePersistenceOptions.name || DEFAULT_TOKEN_CACHE_NAME;\n const nonCaeOptions = {\n name: `${cacheBaseName}.${CACHE_NON_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n };\n const caeOptions = {\n name: `${cacheBaseName}.${CACHE_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n };\n this.createCachePlugin = () => persistenceProvider!(nonCaeOptions);\n this.createCachePluginCae = () => persistenceProvider!(caeOptions);\n } else if (options.tokenCachePersistenceOptions?.enabled) {\n throw new Error(\n [\n \"Persistent token caching was requested, but no persistence provider was configured.\",\n \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\",\n ].join(\" \"),\n );\n }\n\n // If broker has not been configured\n if (!hasNativeBroker() && this.enableBroker) {\n throw new Error(\n [\n \"Broker for WAM was requested to be enabled, but no native broker was configured.\",\n \"You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(createNativeBrokerPlugin())` before using `enableBroker`.\",\n ].join(\" \"),\n );\n }\n\n this.azureRegion = calculateRegionalAuthority(options.regionalAuthority);\n }\n\n /**\n * Generates a MSAL configuration that generally works for Node.js\n */\n protected defaultNodeMsalConfig(options: MsalNodeOptions): msalNode.Configuration {\n const clientId = options.clientId || DeveloperSignOnClientId;\n const tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);\n\n this.authorityHost = options.authorityHost || process.env.AZURE_AUTHORITY_HOST;\n const authority = getAuthority(tenantId, this.authorityHost);\n\n this.identityClient = new IdentityClient({\n ...options.tokenCredentialOptions,\n authorityHost: authority,\n loggingOptions: options.loggingOptions,\n });\n\n const clientCapabilities: string[] = [];\n\n return {\n auth: {\n clientId,\n authority,\n knownAuthorities: getKnownAuthorities(\n tenantId,\n authority,\n options.disableInstanceDiscovery,\n ),\n clientCapabilities,\n },\n // Cache is defined in this.prepare();\n system: {\n networkClient: this.identityClient,\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(options.logger),\n logLevel: getMSALLogLevel(getLogLevel()),\n piiLoggingEnabled: options.loggingOptions?.enableUnsafeSupportLogging,\n },\n },\n };\n }\n protected getApp(\n appType: \"publicFirst\" | \"confidentialFirst\",\n enableCae?: boolean,\n ): msalNode.ConfidentialClientApplication | msalNode.PublicClientApplication;\n protected getApp(appType: \"public\", enableCae?: boolean): msalNode.PublicClientApplication;\n\n protected getApp(\n appType: \"confidential\",\n enableCae?: boolean,\n ): msalNode.ConfidentialClientApplication;\n\n protected getApp(\n appType: AppType,\n enableCae?: boolean,\n ): msalNode.ConfidentialClientApplication | msalNode.PublicClientApplication {\n const app = enableCae ? this.caeApp : this.app;\n if (appType === \"publicFirst\") {\n return (app.public || app.confidential)!;\n } else if (appType === \"confidentialFirst\") {\n return (app.confidential || app.public)!;\n } else if (appType === \"confidential\") {\n return app.confidential!;\n } else {\n return app.public!;\n }\n }\n\n /**\n * Prepares the MSAL applications.\n */\n async init(options?: CredentialFlowGetTokenOptions): Promise<void> {\n if (options?.abortSignal) {\n options.abortSignal.addEventListener(\"abort\", () => {\n // This will abort any pending request in the IdentityClient,\n // based on the received or generated correlationId\n this.identityClient!.abortRequests(options.correlationId);\n });\n }\n\n const app = options?.enableCae ? this.caeApp : this.app;\n if (options?.enableCae) {\n this.msalConfig.auth.clientCapabilities = [\"cp1\"];\n }\n if (app.public || app.confidential) {\n return;\n }\n if (options?.enableCae && this.createCachePluginCae !== undefined) {\n this.msalConfig.cache = {\n cachePlugin: await this.createCachePluginCae(),\n };\n }\n if (this.createCachePlugin !== undefined) {\n this.msalConfig.cache = {\n cachePlugin: await this.createCachePlugin(),\n };\n }\n\n if (hasNativeBroker() && this.enableBroker) {\n this.msalConfig.broker = {\n nativeBrokerPlugin: nativeBrokerInfo!.broker,\n };\n if (!this.parentWindowHandle) {\n // error should have been thrown from within the constructor of InteractiveBrowserCredential\n this.logger.warning(\n \"Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.\",\n );\n }\n }\n\n if (options?.enableCae) {\n this.caeApp.public = new msalNode.PublicClientApplication(this.msalConfig);\n } else {\n this.app.public = new msalNode.PublicClientApplication(this.msalConfig);\n }\n\n if (this.getAssertion) {\n this.msalConfig.auth.clientAssertion = await this.getAssertion();\n }\n // The confidential client requires either a secret, assertion or certificate.\n if (\n this.msalConfig.auth.clientSecret ||\n this.msalConfig.auth.clientAssertion ||\n this.msalConfig.auth.clientCertificate\n ) {\n if (options?.enableCae) {\n this.caeApp.confidential = new msalNode.ConfidentialClientApplication(this.msalConfig);\n } else {\n this.app.confidential = new msalNode.ConfidentialClientApplication(this.msalConfig);\n }\n } else {\n if (this.requiresConfidential) {\n throw new Error(\n \"Unable to generate the MSAL confidential client. Missing either the client's secret, certificate or assertion.\",\n );\n }\n }\n }\n\n /**\n * Allows the cancellation of a MSAL request.\n */\n protected withCancellation(\n promise: Promise<msalNode.AuthenticationResult | null>,\n abortSignal?: AbortSignalLike,\n onCancel?: () => void,\n ): Promise<msalNode.AuthenticationResult | null> {\n return new Promise((resolve, reject) => {\n promise\n .then((msalToken) => {\n return resolve(msalToken!);\n })\n .catch(reject);\n if (abortSignal) {\n abortSignal.addEventListener(\"abort\", () => {\n onCancel?.();\n });\n }\n });\n }\n\n /**\n * Returns the existing account, attempts to load the account from MSAL.\n */\n async getActiveAccount(enableCae = false): Promise<AuthenticationRecord | undefined> {\n if (this.account) {\n return this.account;\n }\n const cache = this.getApp(\"confidentialFirst\", enableCae).getTokenCache();\n const accountsByTenant = await cache?.getAllAccounts();\n\n if (!accountsByTenant) {\n return;\n }\n\n if (accountsByTenant.length === 1) {\n this.account = msalToPublic(this.clientId, accountsByTenant[0]);\n } else {\n this.logger\n .info(`More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing a credential to prevent this from happening.`);\n return;\n }\n\n return this.account;\n }\n\n /**\n * Attempts to retrieve a token from cache.\n */\n async getTokenSilent(\n scopes: string[],\n options?: CredentialFlowGetTokenOptions,\n ): Promise<AccessToken> {\n await this.getActiveAccount(options?.enableCae);\n if (!this.account) {\n throw new AuthenticationRequiredError({\n scopes,\n getTokenOptions: options,\n message:\n \"Silent authentication failed. We couldn't retrieve an active account from the cache.\",\n });\n }\n\n const silentRequest: msalNode.SilentFlowRequest = {\n // To be able to re-use the account, the Token Cache must also have been provided.\n account: publicToMsal(this.account),\n correlationId: options?.correlationId,\n scopes,\n authority: options?.authority,\n claims: options?.claims,\n };\n\n if (hasNativeBroker() && this.enableBroker) {\n if (!silentRequest.tokenQueryParameters) {\n silentRequest.tokenQueryParameters = {};\n }\n if (!this.parentWindowHandle) {\n // error should have been thrown from within the constructor of InteractiveBrowserCredential\n this.logger.warning(\n \"Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.\",\n );\n }\n if (this.enableMsaPassthrough) {\n silentRequest.tokenQueryParameters[\"msal_request_type\"] = \"consumer_passthrough\";\n }\n }\n\n try {\n this.logger.info(\"Attempting to acquire token silently\");\n /**\n * The following code to retrieve all accounts is done as a workaround in an attempt to force the\n * refresh of the token cache with the token and the account passed in through the\n * `authenticationRecord` parameter. See issue - https://github.com/Azure/azure-sdk-for-js/issues/24349#issuecomment-1496715651\n * This workaround serves as a workaround for silent authentication not happening when authenticationRecord is passed.\n */\n await this.getApp(\"publicFirst\", options?.enableCae)?.getTokenCache().getAllAccounts();\n const response =\n (await this.getApp(\"confidential\", options?.enableCae)?.acquireTokenSilent(\n silentRequest,\n )) ?? (await this.getApp(\"public\", options?.enableCae).acquireTokenSilent(silentRequest));\n return this.handleResult(scopes, response || undefined);\n } catch (err: any) {\n throw handleMsalError(scopes, err, options);\n }\n }\n\n /**\n * Attempts to retrieve an authenticated token from MSAL.\n */\n protected abstract doGetToken(scopes: string[], options?: GetTokenOptions): Promise<AccessToken>;\n\n /**\n * Wrapper around each MSAL flow get token operation: doGetToken.\n * If disableAutomaticAuthentication is sent through the constructor, it will prevent MSAL from requesting the user input.\n */\n public async getToken(\n scopes: string[],\n options: CredentialFlowGetTokenOptions = {},\n ): Promise<AccessToken> {\n const tenantId =\n processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds) ||\n this.tenantId;\n\n options.authority = getAuthority(tenantId, this.authorityHost);\n\n options.correlationId = options?.correlationId || randomUUID();\n await this.init(options);\n\n try {\n // MSAL now caches tokens based on their claims,\n // so now one has to keep track fo claims in order to retrieve the newer tokens from acquireTokenSilent\n // This update happened on PR: https://github.com/AzureAD/microsoft-authentication-library-for-js/pull/4533\n const optionsClaims = (options as any).claims;\n if (optionsClaims) {\n this.cachedClaims = optionsClaims;\n }\n if (this.cachedClaims && !optionsClaims) {\n options.claims = this.cachedClaims;\n }\n // We don't return the promise since we want to catch errors right here.\n return await this.getTokenSilent(scopes, options);\n } catch (err: any) {\n if (err.name !== \"AuthenticationRequiredError\") {\n throw err;\n }\n if (options?.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError({\n scopes,\n getTokenOptions: options,\n message:\n \"Automatic authentication has been disabled. You may call the authentication() method.\",\n });\n }\n this.logger.info(`Silent authentication failed, falling back to interactive method.`);\n return this.doGetToken(scopes, options);\n }\n }\n\n /**\n * Handles the MSAL authentication result.\n * If the result has an account, we update the local account reference.\n * If the token received is invalid, an error will be thrown depending on what's missing.\n */\n protected handleResult(\n scopes: string | string[],\n result?: MsalResult,\n getTokenOptions?: GetTokenOptions,\n ): AccessToken {\n if (result?.account) {\n this.account = msalToPublic(this.clientId, result.account);\n }\n ensureValidMsalToken(scopes, result, getTokenOptions);\n this.logger.getToken.info(formatSuccess(scopes));\n return {\n token: result.accessToken,\n expiresOnTimestamp: result.expiresOn.getTime(),\n };\n }\n}\n"]}
|
|
@@ -112,4 +112,25 @@ export var RegionalAuthority;
|
|
|
112
112
|
/** Uses the {@link RegionalAuthority} for the Azure 'usdodcentral' region. */
|
|
113
113
|
RegionalAuthority["GovernmentUSDodCentral"] = "usdodcentral";
|
|
114
114
|
})(RegionalAuthority || (RegionalAuthority = {}));
|
|
115
|
+
/**
|
|
116
|
+
* Calculates the correct regional authority based on the supplied value
|
|
117
|
+
* and the AZURE_REGIONAL_AUTHORITY_NAME environment variable.
|
|
118
|
+
*
|
|
119
|
+
* Values will be returned verbatim, except for {@link RegionalAuthority.AutoDiscoverRegion}
|
|
120
|
+
* which is mapped to a value MSAL can understand.
|
|
121
|
+
*
|
|
122
|
+
* @internal
|
|
123
|
+
*/
|
|
124
|
+
export function calculateRegionalAuthority(regionalAuthority) {
|
|
125
|
+
var _a, _b;
|
|
126
|
+
let azureRegion = regionalAuthority;
|
|
127
|
+
if (azureRegion === undefined &&
|
|
128
|
+
((_b = (_a = globalThis.process) === null || _a === void 0 ? void 0 : _a.env) === null || _b === void 0 ? void 0 : _b.AZURE_REGIONAL_AUTHORITY_NAME) !== undefined) {
|
|
129
|
+
azureRegion = process.env.AZURE_REGIONAL_AUTHORITY_NAME;
|
|
130
|
+
}
|
|
131
|
+
if (azureRegion === RegionalAuthority.AutoDiscoverRegion) {
|
|
132
|
+
return "AUTO_DISCOVER";
|
|
133
|
+
}
|
|
134
|
+
return azureRegion;
|
|
135
|
+
}
|
|
115
136
|
//# sourceMappingURL=regionalAuthority.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"regionalAuthority.js","sourceRoot":"","sources":["../../src/regionalAuthority.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAN,IAAY,iBA2GX;AA3GD,WAAY,iBAAiB;IAC3B,uDAAuD;IACvD,8DAAyC,CAAA;IACzC,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,mFAAmF;IACnF,4DAAuC,CAAA;IACvC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,+EAA+E;IAC/E,2DAAsC,CAAA;IACtC,2EAA2E;IAC3E,mDAA8B,CAAA;IAC9B,8EAA8E;IAC9E,yDAAoC,CAAA;IACpC,4EAA4E;IAC5E,qDAAgC,CAAA;IAChC,2EAA2E;IAC3E,sDAAiC,CAAA;IACjC,8EAA8E;IAC9E,4DAAuC,CAAA;AACzC,CAAC,EA3GW,iBAAiB,KAAjB,iBAAiB,QA2G5B","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * Helps specify a regional authority, or \"AutoDiscoverRegion\" to auto-detect the region.\n */\nexport enum RegionalAuthority {\n /** Instructs MSAL to attempt to discover the region */\n AutoDiscoverRegion = \"AutoDiscoverRegion\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westus' region. */\n USWest = \"westus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westus2' region. */\n USWest2 = \"westus2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'centralus' region. */\n USCentral = \"centralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastus' region. */\n USEast = \"eastus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastus2' region. */\n USEast2 = \"eastus2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'northcentralus' region. */\n USNorthCentral = \"northcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southcentralus' region. */\n USSouthCentral = \"southcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westcentralus' region. */\n USWestCentral = \"westcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'canadacentral' region. */\n CanadaCentral = \"canadacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'canadaeast' region. */\n CanadaEast = \"canadaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'brazilsouth' region. */\n BrazilSouth = \"brazilsouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'northeurope' region. */\n EuropeNorth = \"northeurope\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westeurope' region. */\n EuropeWest = \"westeurope\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uksouth' region. */\n UKSouth = \"uksouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'ukwest' region. */\n UKWest = \"ukwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'francecentral' region. */\n FranceCentral = \"francecentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'francesouth' region. */\n FranceSouth = \"francesouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandnorth' region. */\n SwitzerlandNorth = \"switzerlandnorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandwest' region. */\n SwitzerlandWest = \"switzerlandwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanynorth' region. */\n GermanyNorth = \"germanynorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanywestcentral' region. */\n GermanyWestCentral = \"germanywestcentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'norwaywest' region. */\n NorwayWest = \"norwaywest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'norwayeast' region. */\n NorwayEast = \"norwayeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastasia' region. */\n AsiaEast = \"eastasia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southeastasia' region. */\n AsiaSouthEast = \"southeastasia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'japaneast' region. */\n JapanEast = \"japaneast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'japanwest' region. */\n JapanWest = \"japanwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiaeast' region. */\n AustraliaEast = \"australiaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiasoutheast' region. */\n AustraliaSouthEast = \"australiasoutheast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral' region. */\n AustraliaCentral = \"australiacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral2' region. */\n AustraliaCentral2 = \"australiacentral2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'centralindia' region. */\n IndiaCentral = \"centralindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southindia' region. */\n IndiaSouth = \"southindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westindia' region. */\n IndiaWest = \"westindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'koreasouth' region. */\n KoreaSouth = \"koreasouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'koreacentral' region. */\n KoreaCentral = \"koreacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uaecentral' region. */\n UAECentral = \"uaecentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uaenorth' region. */\n UAENorth = \"uaenorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southafricanorth' region. */\n SouthAfricaNorth = \"southafricanorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southafricawest' region. */\n SouthAfricaWest = \"southafricawest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth' region. */\n ChinaNorth = \"chinanorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast' region. */\n ChinaEast = \"chinaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth2' region. */\n ChinaNorth2 = \"chinanorth2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast2' region. */\n ChinaEast2 = \"chinaeast2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanycentral' region. */\n GermanyCentral = \"germanycentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanynortheast' region. */\n GermanyNorthEast = \"germanynortheast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovvirginia' region. */\n GovernmentUSVirginia = \"usgovvirginia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgoviowa' region. */\n GovernmentUSIowa = \"usgoviowa\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovarizona' region. */\n GovernmentUSArizona = \"usgovarizona\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovtexas' region. */\n GovernmentUSTexas = \"usgovtexas\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usdodeast' region. */\n GovernmentUSDodEast = \"usdodeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usdodcentral' region. */\n GovernmentUSDodCentral = \"usdodcentral\",\n}\n"]}
|
|
1
|
+
{"version":3,"file":"regionalAuthority.js","sourceRoot":"","sources":["../../src/regionalAuthority.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAN,IAAY,iBA2GX;AA3GD,WAAY,iBAAiB;IAC3B,uDAAuD;IACvD,8DAAyC,CAAA;IACzC,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,mFAAmF;IACnF,4DAAuC,CAAA;IACvC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,+EAA+E;IAC/E,2DAAsC,CAAA;IACtC,2EAA2E;IAC3E,mDAA8B,CAAA;IAC9B,8EAA8E;IAC9E,yDAAoC,CAAA;IACpC,4EAA4E;IAC5E,qDAAgC,CAAA;IAChC,2EAA2E;IAC3E,sDAAiC,CAAA;IACjC,8EAA8E;IAC9E,4DAAuC,CAAA;AACzC,CAAC,EA3GW,iBAAiB,KAAjB,iBAAiB,QA2G5B;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,0BAA0B,CAAC,iBAA0B;;IACnE,IAAI,WAAW,GAAG,iBAAiB,CAAC;IAEpC,IACE,WAAW,KAAK,SAAS;QACzB,CAAA,MAAA,MAAA,UAAU,CAAC,OAAO,0CAAE,GAAG,0CAAE,6BAA6B,MAAK,SAAS,EACpE,CAAC;QACD,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IAC1D,CAAC;IAED,IAAI,WAAW,KAAK,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;QACzD,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * Helps specify a regional authority, or \"AutoDiscoverRegion\" to auto-detect the region.\n */\nexport enum RegionalAuthority {\n /** Instructs MSAL to attempt to discover the region */\n AutoDiscoverRegion = \"AutoDiscoverRegion\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westus' region. */\n USWest = \"westus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westus2' region. */\n USWest2 = \"westus2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'centralus' region. */\n USCentral = \"centralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastus' region. */\n USEast = \"eastus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastus2' region. */\n USEast2 = \"eastus2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'northcentralus' region. */\n USNorthCentral = \"northcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southcentralus' region. */\n USSouthCentral = \"southcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westcentralus' region. */\n USWestCentral = \"westcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'canadacentral' region. */\n CanadaCentral = \"canadacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'canadaeast' region. */\n CanadaEast = \"canadaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'brazilsouth' region. */\n BrazilSouth = \"brazilsouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'northeurope' region. */\n EuropeNorth = \"northeurope\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westeurope' region. */\n EuropeWest = \"westeurope\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uksouth' region. */\n UKSouth = \"uksouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'ukwest' region. */\n UKWest = \"ukwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'francecentral' region. */\n FranceCentral = \"francecentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'francesouth' region. */\n FranceSouth = \"francesouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandnorth' region. */\n SwitzerlandNorth = \"switzerlandnorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandwest' region. */\n SwitzerlandWest = \"switzerlandwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanynorth' region. */\n GermanyNorth = \"germanynorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanywestcentral' region. */\n GermanyWestCentral = \"germanywestcentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'norwaywest' region. */\n NorwayWest = \"norwaywest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'norwayeast' region. */\n NorwayEast = \"norwayeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastasia' region. */\n AsiaEast = \"eastasia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southeastasia' region. */\n AsiaSouthEast = \"southeastasia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'japaneast' region. */\n JapanEast = \"japaneast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'japanwest' region. */\n JapanWest = \"japanwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiaeast' region. */\n AustraliaEast = \"australiaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiasoutheast' region. */\n AustraliaSouthEast = \"australiasoutheast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral' region. */\n AustraliaCentral = \"australiacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral2' region. */\n AustraliaCentral2 = \"australiacentral2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'centralindia' region. */\n IndiaCentral = \"centralindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southindia' region. */\n IndiaSouth = \"southindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westindia' region. */\n IndiaWest = \"westindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'koreasouth' region. */\n KoreaSouth = \"koreasouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'koreacentral' region. */\n KoreaCentral = \"koreacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uaecentral' region. */\n UAECentral = \"uaecentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uaenorth' region. */\n UAENorth = \"uaenorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southafricanorth' region. */\n SouthAfricaNorth = \"southafricanorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southafricawest' region. */\n SouthAfricaWest = \"southafricawest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth' region. */\n ChinaNorth = \"chinanorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast' region. */\n ChinaEast = \"chinaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth2' region. */\n ChinaNorth2 = \"chinanorth2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast2' region. */\n ChinaEast2 = \"chinaeast2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanycentral' region. */\n GermanyCentral = \"germanycentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanynortheast' region. */\n GermanyNorthEast = \"germanynortheast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovvirginia' region. */\n GovernmentUSVirginia = \"usgovvirginia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgoviowa' region. */\n GovernmentUSIowa = \"usgoviowa\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovarizona' region. */\n GovernmentUSArizona = \"usgovarizona\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovtexas' region. */\n GovernmentUSTexas = \"usgovtexas\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usdodeast' region. */\n GovernmentUSDodEast = \"usdodeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usdodcentral' region. */\n GovernmentUSDodCentral = \"usdodcentral\",\n}\n\n/**\n * Calculates the correct regional authority based on the supplied value\n * and the AZURE_REGIONAL_AUTHORITY_NAME environment variable.\n *\n * Values will be returned verbatim, except for {@link RegionalAuthority.AutoDiscoverRegion}\n * which is mapped to a value MSAL can understand.\n *\n * @internal\n */\nexport function calculateRegionalAuthority(regionalAuthority?: string): string | undefined {\n let azureRegion = regionalAuthority;\n\n if (\n azureRegion === undefined &&\n globalThis.process?.env?.AZURE_REGIONAL_AUTHORITY_NAME !== undefined\n ) {\n azureRegion = process.env.AZURE_REGIONAL_AUTHORITY_NAME;\n }\n\n if (azureRegion === RegionalAuthority.AutoDiscoverRegion) {\n return \"AUTO_DISCOVER\";\n }\n\n return azureRegion;\n}\n"]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@azure/identity",
|
|
3
3
|
"sdk-type": "client",
|
|
4
|
-
"version": "4.1.0-alpha.
|
|
4
|
+
"version": "4.1.0-alpha.20240328.2",
|
|
5
5
|
"description": "Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID",
|
|
6
6
|
"main": "dist/index.js",
|
|
7
7
|
"module": "dist-esm/src/index.js",
|
|
@@ -55,7 +55,8 @@
|
|
|
55
55
|
"format": "dev-tool run vendored prettier --write --config ../../../.prettierrc.json --ignore-path ../../../.prettierignore \"src/**/*.ts\" \"test/**/*.ts\" \"samples-dev/**/*.ts\" \"*.{js,json}\"",
|
|
56
56
|
"check-format": "dev-tool run vendored prettier --list-different --config ../../../.prettierrc.json --ignore-path ../../../.prettierignore \"src/**/*.ts\" \"test/**/*.ts\" \"samples-dev/**/*.ts\" \"*.{js,json}\"",
|
|
57
57
|
"integration-test:browser": "echo skipped",
|
|
58
|
-
"integration-test:node": "dev-tool run test:node-ts-input -- --timeout 180000 'test/public/node/*.spec.ts' 'test/internal/node/*.spec.ts'
|
|
58
|
+
"integration-test:node": "dev-tool run test:node-ts-input -- --timeout 180000 'test/public/node/*.spec.ts' 'test/internal/node/*.spec.ts'",
|
|
59
|
+
"integration-test:msi": "dev-tool run test:node-ts-input -- --timeout 180000 'test/integration/**/*.spec.ts'",
|
|
59
60
|
"integration-test": "npm run integration-test:node && npm run integration-test:browser",
|
|
60
61
|
"lint:fix": "eslint package.json api-extractor.json src test --ext .ts --fix --fix-type [problem,suggestion]",
|
|
61
62
|
"lint": "eslint package.json api-extractor.json src test --ext .ts",
|