@azure/identity 4.1.1-alpha.20240422.3 → 4.2.0-alpha.20240425.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @azure/identity might be problematic. Click here for more details.
- package/dist/index.js +144 -137
- package/dist/index.js.map +1 -1
- package/dist-esm/src/constants.js +1 -1
- package/dist-esm/src/constants.js.map +1 -1
- package/dist-esm/src/msal/nodeFlows/msalClient.js +4 -0
- package/dist-esm/src/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist-esm/src/regionalAuthority.js +4 -0
- package/dist-esm/src/regionalAuthority.js.map +1 -1
- package/package.json +2 -2
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,OAAO,CAAC;AAEnC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAiBX;AAjBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;OAEG;IACH,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EAjBW,mBAAmB,KAAnB,mBAAmB,QAiB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,OAAO,CAAC;AAEnC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAiBX;AAjBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;OAEG;IACH,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EAjBW,mBAAmB,KAAnB,mBAAmB,QAiB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.2.0`;\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n /**\n * China-based Azure Authority Host\n */\n AzureChina = \"https://login.chinacloudapi.cn\",\n /**\n * Germany-based Azure Authority Host\n */\n AzureGermany = \"https://login.microsoftonline.de\",\n /**\n * US Government Azure Authority Host\n */\n AzureGovernment = \"https://login.microsoftonline.us\",\n /**\n * Public Cloud Azure Authority Host\n */\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/**\n * @internal\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/**\n * @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n */\nexport const ALL_TENANTS: string[] = [\"*\"];\n\n/**\n * @internal\n */\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/**\n * @internal\n */\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/**\n * @internal\n *\n * The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}
|
|
@@ -6,6 +6,7 @@ import { credentialLogger, formatSuccess } from "../../util/logging";
|
|
|
6
6
|
import { defaultLoggerCallback, ensureValidMsalToken, getAuthority, getKnownAuthorities, getMSALLogLevel, handleMsalError, publicToMsal, } from "../utils";
|
|
7
7
|
import { AuthenticationRequiredError } from "../../errors";
|
|
8
8
|
import { IdentityClient } from "../../client/identityClient";
|
|
9
|
+
import { calculateRegionalAuthority } from "../../regionalAuthority";
|
|
9
10
|
import { getLogLevel } from "@azure/logger";
|
|
10
11
|
import { resolveTenantId } from "../../util/tenantIdUtils";
|
|
11
12
|
/**
|
|
@@ -168,6 +169,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
|
|
|
168
169
|
return withSilentAuthentication(msalApp, scopes, options, () => msalApp.acquireTokenByClientCredential({
|
|
169
170
|
scopes,
|
|
170
171
|
authority: state.msalConfig.auth.authority,
|
|
172
|
+
azureRegion: calculateRegionalAuthority(),
|
|
171
173
|
claims: options === null || options === void 0 ? void 0 : options.claims,
|
|
172
174
|
}));
|
|
173
175
|
}
|
|
@@ -178,6 +180,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
|
|
|
178
180
|
return withSilentAuthentication(msalApp, scopes, options, () => msalApp.acquireTokenByClientCredential({
|
|
179
181
|
scopes,
|
|
180
182
|
authority: state.msalConfig.auth.authority,
|
|
183
|
+
azureRegion: calculateRegionalAuthority(),
|
|
181
184
|
claims: options === null || options === void 0 ? void 0 : options.claims,
|
|
182
185
|
clientAssertion,
|
|
183
186
|
}));
|
|
@@ -188,6 +191,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
|
|
|
188
191
|
const msalApp = await getConfidentialApp(options);
|
|
189
192
|
return withSilentAuthentication(msalApp, scopes, options, () => msalApp.acquireTokenByClientCredential({
|
|
190
193
|
scopes,
|
|
194
|
+
azureRegion: calculateRegionalAuthority(),
|
|
191
195
|
authority: state.msalConfig.auth.authority,
|
|
192
196
|
claims: options === null || options === void 0 ? void 0 : options.claims,
|
|
193
197
|
}));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"msalClient.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,IAAI,MAAM,kBAAkB,CAAC;AAGzC,OAAO,EAAuB,WAAW,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,eAAe,EACf,YAAY,GACb,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAE3D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAE7D,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAE3D;;GAEG;AACH,MAAM,UAAU,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;AAsDlD;;;;;;;GAOG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAgB,EAChB,QAAgB,EAChB,oBAAuC,EAAE;;IAEzC,MAAM,cAAc,GAAG,eAAe,CAAC,UAAU,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEvE,sDAAsD;IACtD,MAAM,SAAS,GAAG,YAAY,CAC5B,cAAc,EACd,MAAA,iBAAiB,CAAC,aAAa,mCAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CACpE,CAAC;IAEF,MAAM,UAAU,GAAG,IAAI,cAAc,iCAChC,iBAAiB,CAAC,sBAAsB,KAC3C,aAAa,EAAE,SAAS,EACxB,cAAc,EAAE,iBAAiB,CAAC,cAAc,IAChD,CAAC;IAEH,MAAM,UAAU,GAAuB;QACrC,IAAI,EAAE;YACJ,QAAQ;YACR,SAAS;YACT,gBAAgB,EAAE,mBAAmB,CACnC,cAAc,EACd,SAAS,EACT,iBAAiB,CAAC,wBAAwB,CAC3C;SACF;QACD,MAAM,EAAE;YACN,aAAa,EAAE,UAAU;YACzB,aAAa,EAAE;gBACb,cAAc,EAAE,qBAAqB,CAAC,MAAA,iBAAiB,CAAC,MAAM,mCAAI,UAAU,CAAC;gBAC7E,QAAQ,EAAE,eAAe,CAAC,WAAW,EAAE,CAAC;gBACxC,iBAAiB,EAAE,MAAA,iBAAiB,CAAC,cAAc,0CAAE,0BAA0B;aAChF;SACF;KACF,CAAC;IACF,OAAO,UAAU,CAAC;AACpB,CAAC;AAsBD;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,QAAgB,EAChB,0BAA6C,EAAE;IAE/C,MAAM,KAAK,GAAoB;QAC7B,UAAU,EAAE,yBAAyB,CAAC,QAAQ,EAAE,QAAQ,EAAE,uBAAuB,CAAC;QAClF,aAAa,EAAE,uBAAuB,CAAC,oBAAoB;YACzD,CAAC,CAAC,YAAY,CAAC,uBAAuB,CAAC,oBAAoB,CAAC;YAC5D,CAAC,CAAC,IAAI;QACR,mBAAmB,EAAE,WAAW,CAAC,2BAA2B,CAAC,uBAAuB,CAAC;KACtF,CAAC;IAEF,MAAM,gBAAgB,GAAoD,IAAI,GAAG,EAAE,CAAC;IACpF,KAAK,UAAU,kBAAkB,CAC/B,UAA2B,EAAE;QAE7B,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;QAErD,IAAI,qBAAqB,GAAG,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,qBAAqB,EAAE,CAAC;YAC1B,UAAU,CAAC,QAAQ,CAAC,IAAI,CACtB,sEAAsE,CACvE,CAAC;YACF,OAAO,qBAAqB,CAAC;QAC/B,CAAC;QAED,oCAAoC;QACpC,UAAU,CAAC,QAAQ,CAAC,IAAI,CACtB,uDAAuD,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,GAAG,CACrG,CAAC;QAEF,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS;YACnC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,cAAc;YAChD,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC;QAEhD,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEnF,qBAAqB,GAAG,IAAI,IAAI,CAAC,6BAA6B,iCACzD,KAAK,CAAC,UAAU,KACnB,MAAM,EAAE,EAAE,kBAAkB,EAAE,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,kBAAkB,EAAE,EACnF,KAAK,EAAE,EAAE,WAAW,EAAE,MAAM,WAAW,EAAE,IACzC,CAAC;QAEH,gBAAgB,CAAC,GAAG,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;QAEpD,OAAO,qBAAqB,CAAC;IAC/B,CAAC;IAED,KAAK,UAAU,cAAc,CAC3B,GAAsE,EACtE,MAAgB,EAChB,UAA2B,EAAE;QAE7B,IAAI,KAAK,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YACjC,UAAU,CAAC,QAAQ,CAAC,IAAI,CACtB,gFAAgF,CACjF,CAAC;YACF,MAAM,KAAK,GAAG,GAAG,CAAC,aAAa,EAAE,CAAC;YAClC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,cAAc,EAAE,CAAC;YAE9C,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACpD,MAAM,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;YACpD,CAAC;YAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,UAAU,CAAC,IAAI,CAAC;;;;6KAIqJ,CAAC,CAAC;gBACvK,MAAM,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;YACpD,CAAC;YAED,KAAK,CAAC,aAAa,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;QAED,gEAAgE;QAChE,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,KAAK,CAAC,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;QACtC,CAAC;QAED,MAAM,aAAa,GAA2B;YAC5C,OAAO,EAAE,KAAK,CAAC,aAAa;YAC5B,MAAM;YACN,MAAM,EAAE,KAAK,CAAC,YAAY;SAC3B,CAAC;QAEF,IAAI,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YAC/C,aAAa,CAAC,oBAAoB,KAAlC,aAAa,CAAC,oBAAoB,GAAK,EAAE,EAAC;YAC1C,IAAI,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBAC1D,aAAa,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,sBAAsB,CAAC;YACnF,CAAC;QACH,CAAC;QAED,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACjE,OAAO,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IAC/C,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,UAAU,wBAAwB,CACrC,OAA0E,EAC1E,MAAqB,EACrB,OAAwB,EACxB,wBAAyE;;QAEzE,IAAI,QAAQ,GAAqC,IAAI,CAAC;QACtD,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,IAAI,CAAC,CAAC,IAAI,KAAK,6BAA6B,EAAE,CAAC;gBAC7C,MAAM,CAAC,CAAC;YACV,CAAC;YACD,IAAI,uBAAuB,CAAC,8BAA8B,EAAE,CAAC;gBAC3D,MAAM,IAAI,2BAA2B,CAAC;oBACpC,MAAM;oBACN,eAAe,EAAE,OAAO;oBACxB,OAAO,EACL,uFAAuF;iBAC1F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,wBAAwB,EAAE,CAAC;YAC9C,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,mDAAmD;QACnD,oBAAoB,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAChD,KAAK,CAAC,aAAa,GAAG,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,mCAAI,IAAI,CAAC;QAEhD,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;QAEhD,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,WAAW;YAC3B,kBAAkB,EAAE,QAAQ,CAAC,SAAS,CAAC,OAAO,EAAE;SACjD,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,sBAAsB,CACnC,MAAgB,EAChB,YAAoB,EACpB,UAA2B,EAAE;QAE7B,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAE5E,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QAElD,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAC7D,OAAO,CAAC,8BAA8B,CAAC;YACrC,MAAM;YACN,SAAS,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC1C,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;SACxB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,yBAAyB,CACtC,MAAgB,EAChB,eAAuB,EACvB,UAA2B,EAAE;QAE7B,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;QAE/E,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAExD,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAC7D,OAAO,CAAC,8BAA8B,CAAC;YACrC,MAAM;YACN,SAAS,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC1C,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;YACvB,eAAe;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,2BAA2B,CACxC,MAAgB,EAChB,WAA6B,EAC7B,UAA2B,EAAE;QAE7B,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QAEjF,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,GAAG,WAAW,CAAC;QAEtD,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAC7D,OAAO,CAAC,8BAA8B,CAAC;YACrC,MAAM;YACN,SAAS,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC1C,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;SACxB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO;QACL,sBAAsB;QACtB,yBAAyB;QACzB,2BAA2B;KAC5B,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msal from \"@azure/msal-node\";\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { PluginConfiguration, msalPlugins } from \"./msalPlugins\";\nimport { credentialLogger, formatSuccess } from \"../../util/logging\";\nimport {\n defaultLoggerCallback,\n ensureValidMsalToken,\n getAuthority,\n getKnownAuthorities,\n getMSALLogLevel,\n handleMsalError,\n publicToMsal,\n} from \"../utils\";\n\nimport { AuthenticationRequiredError } from \"../../errors\";\nimport { CertificateParts } from \"../types\";\nimport { IdentityClient } from \"../../client/identityClient\";\nimport { MsalNodeOptions } from \"./msalNodeCommon\";\nimport { getLogLevel } from \"@azure/logger\";\nimport { resolveTenantId } from \"../../util/tenantIdUtils\";\n\n/**\n * The logger for all MsalClient instances.\n */\nconst msalLogger = credentialLogger(\"MsalClient\");\n\n/**\n * Represents a client for interacting with the Microsoft Authentication Library (MSAL).\n */\nexport interface MsalClient {\n /**\n * Retrieves an access token by using a client certificate.\n *\n * @param arrayScopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.\n * @param certificate - The client certificate used for authentication.\n * @param options - Additional options that may be provided to the method.\n * @returns An access token.\n */\n getTokenByClientCertificate(\n arrayScopes: string[],\n certificate: CertificateParts,\n options?: GetTokenOptions,\n ): Promise<AccessToken>;\n\n /**\n * Retrieves an access token by using a client assertion.\n *\n * @param arrayScopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.\n * @param clientAssertion - The client assertion used for authentication.\n * @param options - Additional options that may be provided to the method.\n * @returns An access token.\n */\n getTokenByClientAssertion(\n arrayScopes: string[],\n clientAssertion: string,\n options?: GetTokenOptions,\n ): Promise<AccessToken>;\n\n /**\n * Retrieves an access token by using a client secret.\n *\n * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.\n * @param clientSecret - The client secret of the application. This is a credential that the application can use to authenticate itself.\n * @param options - Additional options that may be provided to the method.\n * @returns An access token.\n */\n getTokenByClientSecret(\n scopes: string[],\n clientSecret: string,\n options?: GetTokenOptions,\n ): Promise<AccessToken>;\n}\n\n/**\n * Options for creating an instance of the MsalClient.\n */\nexport type MsalClientOptions = Partial<Omit<MsalNodeOptions, \"clientId\" | \"tenantId\">>;\n\n/**\n * Generates the configuration for MSAL (Microsoft Authentication Library).\n *\n * @param clientId - The client ID of the application.\n * @param tenantId - The tenant ID of the Azure Active Directory.\n * @param msalClientOptions - Optional. Additional options for creating the MSAL client.\n * @returns The MSAL configuration object.\n */\nexport function generateMsalConfiguration(\n clientId: string,\n tenantId: string,\n msalClientOptions: MsalClientOptions = {},\n): msal.Configuration {\n const resolvedTenant = resolveTenantId(msalLogger, tenantId, clientId);\n\n // TODO: move and reuse getIdentityClientAuthorityHost\n const authority = getAuthority(\n resolvedTenant,\n msalClientOptions.authorityHost ?? process.env.AZURE_AUTHORITY_HOST,\n );\n\n const httpClient = new IdentityClient({\n ...msalClientOptions.tokenCredentialOptions,\n authorityHost: authority,\n loggingOptions: msalClientOptions.loggingOptions,\n });\n\n const msalConfig: msal.Configuration = {\n auth: {\n clientId,\n authority,\n knownAuthorities: getKnownAuthorities(\n resolvedTenant,\n authority,\n msalClientOptions.disableInstanceDiscovery,\n ),\n },\n system: {\n networkClient: httpClient,\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(msalClientOptions.logger ?? msalLogger),\n logLevel: getMSALLogLevel(getLogLevel()),\n piiLoggingEnabled: msalClientOptions.loggingOptions?.enableUnsafeSupportLogging,\n },\n },\n };\n return msalConfig;\n}\n\n/**\n * Represents the state necessary for the MSAL (Microsoft Authentication Library) client to operate.\n * This includes the MSAL configuration, cached account information, Azure region, and a flag to disable automatic authentication.\n *\n * @internal\n */\ninterface MsalClientState {\n /** The configuration for the MSAL client. */\n msalConfig: msal.Configuration;\n\n /** The cached account information, or null if no account information is cached. */\n cachedAccount: msal.AccountInfo | null;\n\n /** Configured plugins */\n pluginConfiguration: PluginConfiguration;\n\n /** Claims received from challenges, cached for the next request */\n cachedClaims?: string;\n}\n\n/**\n * Creates an instance of the MSAL (Microsoft Authentication Library) client.\n *\n * @param clientId - The client ID of the application.\n * @param tenantId - The tenant ID of the Azure Active Directory.\n * @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.\n * @returns An instance of the MSAL client.\n *\n * @public\n */\nexport function createMsalClient(\n clientId: string,\n tenantId: string,\n createMsalClientOptions: MsalClientOptions = {},\n): MsalClient {\n const state: MsalClientState = {\n msalConfig: generateMsalConfiguration(clientId, tenantId, createMsalClientOptions),\n cachedAccount: createMsalClientOptions.authenticationRecord\n ? publicToMsal(createMsalClientOptions.authenticationRecord)\n : null,\n pluginConfiguration: msalPlugins.generatePluginConfiguration(createMsalClientOptions),\n };\n\n const confidentialApps: Map<string, msal.ConfidentialClientApplication> = new Map();\n async function getConfidentialApp(\n options: GetTokenOptions = {},\n ): Promise<msal.ConfidentialClientApplication> {\n const appKey = options.enableCae ? \"CAE\" : \"default\";\n\n let confidentialClientApp = confidentialApps.get(appKey);\n if (confidentialClientApp) {\n msalLogger.getToken.info(\n \"Existing ConfidentialClientApplication found in cache, returning it.\",\n );\n return confidentialClientApp;\n }\n\n // Initialize a new app and cache it\n msalLogger.getToken.info(\n `Creating new ConfidentialClientApplication with CAE ${options.enableCae ? \"enabled\" : \"disabled\"}.`,\n );\n\n const cachePlugin = options.enableCae\n ? state.pluginConfiguration.cache.cachePluginCae\n : state.pluginConfiguration.cache.cachePlugin;\n\n state.msalConfig.auth.clientCapabilities = options.enableCae ? [\"cp1\"] : undefined;\n\n confidentialClientApp = new msal.ConfidentialClientApplication({\n ...state.msalConfig,\n broker: { nativeBrokerPlugin: state.pluginConfiguration.broker.nativeBrokerPlugin },\n cache: { cachePlugin: await cachePlugin },\n });\n\n confidentialApps.set(appKey, confidentialClientApp);\n\n return confidentialClientApp;\n }\n\n async function getTokenSilent(\n app: msal.ConfidentialClientApplication | msal.PublicClientApplication,\n scopes: string[],\n options: GetTokenOptions = {},\n ): Promise<msal.AuthenticationResult> {\n if (state.cachedAccount === null) {\n msalLogger.getToken.info(\n \"No cached account found in local state, attempting to load it from MSAL cache.\",\n );\n const cache = app.getTokenCache();\n const accounts = await cache.getAllAccounts();\n\n if (accounts === undefined || accounts.length === 0) {\n throw new AuthenticationRequiredError({ scopes });\n }\n\n if (accounts.length > 1) {\n msalLogger.info(`More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing a credential to prevent this from happening.`);\n throw new AuthenticationRequiredError({ scopes });\n }\n\n state.cachedAccount = accounts[0];\n }\n\n // Keep track and reuse the claims we received across challenges\n if (options.claims) {\n state.cachedClaims = options.claims;\n }\n\n const silentRequest: msal.SilentFlowRequest = {\n account: state.cachedAccount,\n scopes,\n claims: state.cachedClaims,\n };\n\n if (state.pluginConfiguration.broker.isEnabled) {\n silentRequest.tokenQueryParameters ||= {};\n if (state.pluginConfiguration.broker.enableMsaPassthrough) {\n silentRequest.tokenQueryParameters[\"msal_request_type\"] = \"consumer_passthrough\";\n }\n }\n\n msalLogger.getToken.info(\"Attempting to acquire token silently\");\n return app.acquireTokenSilent(silentRequest);\n }\n\n /**\n * Performs silent authentication using MSAL to acquire an access token.\n * If silent authentication fails, falls back to interactive authentication.\n *\n * @param msalApp - The MSAL application instance.\n * @param scopes - The scopes for which to acquire the access token.\n * @param options - The options for acquiring the access token.\n * @param onAuthenticationRequired - A callback function to handle interactive authentication when silent authentication fails.\n * @returns A promise that resolves to an AccessToken object containing the access token and its expiration timestamp.\n */\n async function withSilentAuthentication(\n msalApp: msal.ConfidentialClientApplication | msal.PublicClientApplication,\n scopes: Array<string>,\n options: GetTokenOptions,\n onAuthenticationRequired: () => Promise<msal.AuthenticationResult | null>,\n ): Promise<AccessToken> {\n let response: msal.AuthenticationResult | null = null;\n try {\n response = await getTokenSilent(msalApp, scopes, options);\n } catch (e: any) {\n if (e.name !== \"AuthenticationRequiredError\") {\n throw e;\n }\n if (createMsalClientOptions.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError({\n scopes,\n getTokenOptions: options,\n message:\n \"Automatic authentication has been disabled. You may call the authentication() method.\",\n });\n }\n }\n\n // Silent authentication failed\n if (response === null) {\n try {\n response = await onAuthenticationRequired();\n } catch (err: any) {\n throw handleMsalError(scopes, err, options);\n }\n }\n\n // At this point we should have a token, process it\n ensureValidMsalToken(scopes, response, options);\n state.cachedAccount = response?.account ?? null;\n\n msalLogger.getToken.info(formatSuccess(scopes));\n\n return {\n token: response.accessToken,\n expiresOnTimestamp: response.expiresOn.getTime(),\n };\n }\n\n async function getTokenByClientSecret(\n scopes: string[],\n clientSecret: string,\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n msalLogger.getToken.info(`Attempting to acquire token using client secret`);\n\n state.msalConfig.auth.clientSecret = clientSecret;\n\n const msalApp = await getConfidentialApp(options);\n\n return withSilentAuthentication(msalApp, scopes, options, () =>\n msalApp.acquireTokenByClientCredential({\n scopes,\n authority: state.msalConfig.auth.authority,\n claims: options?.claims,\n }),\n );\n }\n\n async function getTokenByClientAssertion(\n scopes: string[],\n clientAssertion: string,\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n msalLogger.getToken.info(`Attempting to acquire token using client assertion`);\n\n state.msalConfig.auth.clientAssertion = clientAssertion;\n\n const msalApp = await getConfidentialApp(options);\n\n return withSilentAuthentication(msalApp, scopes, options, () =>\n msalApp.acquireTokenByClientCredential({\n scopes,\n authority: state.msalConfig.auth.authority,\n claims: options?.claims,\n clientAssertion,\n }),\n );\n }\n\n async function getTokenByClientCertificate(\n scopes: string[],\n certificate: CertificateParts,\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n msalLogger.getToken.info(`Attempting to acquire token using client certificate`);\n\n state.msalConfig.auth.clientCertificate = certificate;\n\n const msalApp = await getConfidentialApp(options);\n\n return withSilentAuthentication(msalApp, scopes, options, () =>\n msalApp.acquireTokenByClientCredential({\n scopes,\n authority: state.msalConfig.auth.authority,\n claims: options?.claims,\n }),\n );\n }\n\n return {\n getTokenByClientSecret,\n getTokenByClientAssertion,\n getTokenByClientCertificate,\n };\n}\n"]}
|
|
1
|
+
{"version":3,"file":"msalClient.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalClient.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,IAAI,MAAM,kBAAkB,CAAC;AAGzC,OAAO,EAAuB,WAAW,EAAE,MAAM,eAAe,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EACL,qBAAqB,EACrB,oBAAoB,EACpB,YAAY,EACZ,mBAAmB,EACnB,eAAe,EACf,eAAe,EACf,YAAY,GACb,MAAM,UAAU,CAAC;AAElB,OAAO,EAAE,2BAA2B,EAAE,MAAM,cAAc,CAAC;AAE3D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAE7D,OAAO,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAE3D;;GAEG;AACH,MAAM,UAAU,GAAG,gBAAgB,CAAC,YAAY,CAAC,CAAC;AAsDlD;;;;;;;GAOG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAgB,EAChB,QAAgB,EAChB,oBAAuC,EAAE;;IAEzC,MAAM,cAAc,GAAG,eAAe,CAAC,UAAU,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEvE,sDAAsD;IACtD,MAAM,SAAS,GAAG,YAAY,CAC5B,cAAc,EACd,MAAA,iBAAiB,CAAC,aAAa,mCAAI,OAAO,CAAC,GAAG,CAAC,oBAAoB,CACpE,CAAC;IAEF,MAAM,UAAU,GAAG,IAAI,cAAc,iCAChC,iBAAiB,CAAC,sBAAsB,KAC3C,aAAa,EAAE,SAAS,EACxB,cAAc,EAAE,iBAAiB,CAAC,cAAc,IAChD,CAAC;IAEH,MAAM,UAAU,GAAuB;QACrC,IAAI,EAAE;YACJ,QAAQ;YACR,SAAS;YACT,gBAAgB,EAAE,mBAAmB,CACnC,cAAc,EACd,SAAS,EACT,iBAAiB,CAAC,wBAAwB,CAC3C;SACF;QACD,MAAM,EAAE;YACN,aAAa,EAAE,UAAU;YACzB,aAAa,EAAE;gBACb,cAAc,EAAE,qBAAqB,CAAC,MAAA,iBAAiB,CAAC,MAAM,mCAAI,UAAU,CAAC;gBAC7E,QAAQ,EAAE,eAAe,CAAC,WAAW,EAAE,CAAC;gBACxC,iBAAiB,EAAE,MAAA,iBAAiB,CAAC,cAAc,0CAAE,0BAA0B;aAChF;SACF;KACF,CAAC;IACF,OAAO,UAAU,CAAC;AACpB,CAAC;AAsBD;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAgB,EAChB,QAAgB,EAChB,0BAA6C,EAAE;IAE/C,MAAM,KAAK,GAAoB;QAC7B,UAAU,EAAE,yBAAyB,CAAC,QAAQ,EAAE,QAAQ,EAAE,uBAAuB,CAAC;QAClF,aAAa,EAAE,uBAAuB,CAAC,oBAAoB;YACzD,CAAC,CAAC,YAAY,CAAC,uBAAuB,CAAC,oBAAoB,CAAC;YAC5D,CAAC,CAAC,IAAI;QACR,mBAAmB,EAAE,WAAW,CAAC,2BAA2B,CAAC,uBAAuB,CAAC;KACtF,CAAC;IAEF,MAAM,gBAAgB,GAAoD,IAAI,GAAG,EAAE,CAAC;IACpF,KAAK,UAAU,kBAAkB,CAC/B,UAA2B,EAAE;QAE7B,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;QAErD,IAAI,qBAAqB,GAAG,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACzD,IAAI,qBAAqB,EAAE,CAAC;YAC1B,UAAU,CAAC,QAAQ,CAAC,IAAI,CACtB,sEAAsE,CACvE,CAAC;YACF,OAAO,qBAAqB,CAAC;QAC/B,CAAC;QAED,oCAAoC;QACpC,UAAU,CAAC,QAAQ,CAAC,IAAI,CACtB,uDAAuD,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,GAAG,CACrG,CAAC;QAEF,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS;YACnC,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,cAAc;YAChD,CAAC,CAAC,KAAK,CAAC,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC;QAEhD,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QAEnF,qBAAqB,GAAG,IAAI,IAAI,CAAC,6BAA6B,iCACzD,KAAK,CAAC,UAAU,KACnB,MAAM,EAAE,EAAE,kBAAkB,EAAE,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,kBAAkB,EAAE,EACnF,KAAK,EAAE,EAAE,WAAW,EAAE,MAAM,WAAW,EAAE,IACzC,CAAC;QAEH,gBAAgB,CAAC,GAAG,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;QAEpD,OAAO,qBAAqB,CAAC;IAC/B,CAAC;IAED,KAAK,UAAU,cAAc,CAC3B,GAAsE,EACtE,MAAgB,EAChB,UAA2B,EAAE;QAE7B,IAAI,KAAK,CAAC,aAAa,KAAK,IAAI,EAAE,CAAC;YACjC,UAAU,CAAC,QAAQ,CAAC,IAAI,CACtB,gFAAgF,CACjF,CAAC;YACF,MAAM,KAAK,GAAG,GAAG,CAAC,aAAa,EAAE,CAAC;YAClC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,cAAc,EAAE,CAAC;YAE9C,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACpD,MAAM,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;YACpD,CAAC;YAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,UAAU,CAAC,IAAI,CAAC;;;;6KAIqJ,CAAC,CAAC;gBACvK,MAAM,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;YACpD,CAAC;YAED,KAAK,CAAC,aAAa,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;QAED,gEAAgE;QAChE,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,KAAK,CAAC,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;QACtC,CAAC;QAED,MAAM,aAAa,GAA2B;YAC5C,OAAO,EAAE,KAAK,CAAC,aAAa;YAC5B,MAAM;YACN,MAAM,EAAE,KAAK,CAAC,YAAY;SAC3B,CAAC;QAEF,IAAI,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;YAC/C,aAAa,CAAC,oBAAoB,KAAlC,aAAa,CAAC,oBAAoB,GAAK,EAAE,EAAC;YAC1C,IAAI,KAAK,CAAC,mBAAmB,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBAC1D,aAAa,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,GAAG,sBAAsB,CAAC;YACnF,CAAC;QACH,CAAC;QAED,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACjE,OAAO,GAAG,CAAC,kBAAkB,CAAC,aAAa,CAAC,CAAC;IAC/C,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,UAAU,wBAAwB,CACrC,OAA0E,EAC1E,MAAqB,EACrB,OAAwB,EACxB,wBAAyE;;QAEzE,IAAI,QAAQ,GAAqC,IAAI,CAAC;QACtD,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,IAAI,CAAC,CAAC,IAAI,KAAK,6BAA6B,EAAE,CAAC;gBAC7C,MAAM,CAAC,CAAC;YACV,CAAC;YACD,IAAI,uBAAuB,CAAC,8BAA8B,EAAE,CAAC;gBAC3D,MAAM,IAAI,2BAA2B,CAAC;oBACpC,MAAM;oBACN,eAAe,EAAE,OAAO;oBACxB,OAAO,EACL,uFAAuF;iBAC1F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,IAAI,CAAC;gBACH,QAAQ,GAAG,MAAM,wBAAwB,EAAE,CAAC;YAC9C,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,eAAe,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,mDAAmD;QACnD,oBAAoB,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAChD,KAAK,CAAC,aAAa,GAAG,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,OAAO,mCAAI,IAAI,CAAC;QAEhD,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;QAEhD,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,WAAW;YAC3B,kBAAkB,EAAE,QAAQ,CAAC,SAAS,CAAC,OAAO,EAAE;SACjD,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,sBAAsB,CACnC,MAAgB,EAChB,YAAoB,EACpB,UAA2B,EAAE;QAE7B,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAE5E,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QAElD,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAC7D,OAAO,CAAC,8BAA8B,CAAC;YACrC,MAAM;YACN,SAAS,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC1C,WAAW,EAAE,0BAA0B,EAAE;YACzC,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;SACxB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,yBAAyB,CACtC,MAAgB,EAChB,eAAuB,EACvB,UAA2B,EAAE;QAE7B,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;QAE/E,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QAExD,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAC7D,OAAO,CAAC,8BAA8B,CAAC;YACrC,MAAM;YACN,SAAS,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC1C,WAAW,EAAE,0BAA0B,EAAE;YACzC,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;YACvB,eAAe;SAChB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,KAAK,UAAU,2BAA2B,CACxC,MAAgB,EAChB,WAA6B,EAC7B,UAA2B,EAAE;QAE7B,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;QAEjF,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,iBAAiB,GAAG,WAAW,CAAC;QAEtD,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAElD,OAAO,wBAAwB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAC7D,OAAO,CAAC,8BAA8B,CAAC;YACrC,MAAM;YACN,WAAW,EAAE,0BAA0B,EAAE;YACzC,SAAS,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS;YAC1C,MAAM,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,MAAM;SACxB,CAAC,CACH,CAAC;IACJ,CAAC;IAED,OAAO;QACL,sBAAsB;QACtB,yBAAyB;QACzB,2BAA2B;KAC5B,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as msal from \"@azure/msal-node\";\n\nimport { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport { PluginConfiguration, msalPlugins } from \"./msalPlugins\";\nimport { credentialLogger, formatSuccess } from \"../../util/logging\";\nimport {\n defaultLoggerCallback,\n ensureValidMsalToken,\n getAuthority,\n getKnownAuthorities,\n getMSALLogLevel,\n handleMsalError,\n publicToMsal,\n} from \"../utils\";\n\nimport { AuthenticationRequiredError } from \"../../errors\";\nimport { CertificateParts } from \"../types\";\nimport { IdentityClient } from \"../../client/identityClient\";\nimport { MsalNodeOptions } from \"./msalNodeCommon\";\nimport { calculateRegionalAuthority } from \"../../regionalAuthority\";\nimport { getLogLevel } from \"@azure/logger\";\nimport { resolveTenantId } from \"../../util/tenantIdUtils\";\n\n/**\n * The logger for all MsalClient instances.\n */\nconst msalLogger = credentialLogger(\"MsalClient\");\n\n/**\n * Represents a client for interacting with the Microsoft Authentication Library (MSAL).\n */\nexport interface MsalClient {\n /**\n * Retrieves an access token by using a client certificate.\n *\n * @param arrayScopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.\n * @param certificate - The client certificate used for authentication.\n * @param options - Additional options that may be provided to the method.\n * @returns An access token.\n */\n getTokenByClientCertificate(\n arrayScopes: string[],\n certificate: CertificateParts,\n options?: GetTokenOptions,\n ): Promise<AccessToken>;\n\n /**\n * Retrieves an access token by using a client assertion.\n *\n * @param arrayScopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.\n * @param clientAssertion - The client assertion used for authentication.\n * @param options - Additional options that may be provided to the method.\n * @returns An access token.\n */\n getTokenByClientAssertion(\n arrayScopes: string[],\n clientAssertion: string,\n options?: GetTokenOptions,\n ): Promise<AccessToken>;\n\n /**\n * Retrieves an access token by using a client secret.\n *\n * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.\n * @param clientSecret - The client secret of the application. This is a credential that the application can use to authenticate itself.\n * @param options - Additional options that may be provided to the method.\n * @returns An access token.\n */\n getTokenByClientSecret(\n scopes: string[],\n clientSecret: string,\n options?: GetTokenOptions,\n ): Promise<AccessToken>;\n}\n\n/**\n * Options for creating an instance of the MsalClient.\n */\nexport type MsalClientOptions = Partial<Omit<MsalNodeOptions, \"clientId\" | \"tenantId\">>;\n\n/**\n * Generates the configuration for MSAL (Microsoft Authentication Library).\n *\n * @param clientId - The client ID of the application.\n * @param tenantId - The tenant ID of the Azure Active Directory.\n * @param msalClientOptions - Optional. Additional options for creating the MSAL client.\n * @returns The MSAL configuration object.\n */\nexport function generateMsalConfiguration(\n clientId: string,\n tenantId: string,\n msalClientOptions: MsalClientOptions = {},\n): msal.Configuration {\n const resolvedTenant = resolveTenantId(msalLogger, tenantId, clientId);\n\n // TODO: move and reuse getIdentityClientAuthorityHost\n const authority = getAuthority(\n resolvedTenant,\n msalClientOptions.authorityHost ?? process.env.AZURE_AUTHORITY_HOST,\n );\n\n const httpClient = new IdentityClient({\n ...msalClientOptions.tokenCredentialOptions,\n authorityHost: authority,\n loggingOptions: msalClientOptions.loggingOptions,\n });\n\n const msalConfig: msal.Configuration = {\n auth: {\n clientId,\n authority,\n knownAuthorities: getKnownAuthorities(\n resolvedTenant,\n authority,\n msalClientOptions.disableInstanceDiscovery,\n ),\n },\n system: {\n networkClient: httpClient,\n loggerOptions: {\n loggerCallback: defaultLoggerCallback(msalClientOptions.logger ?? msalLogger),\n logLevel: getMSALLogLevel(getLogLevel()),\n piiLoggingEnabled: msalClientOptions.loggingOptions?.enableUnsafeSupportLogging,\n },\n },\n };\n return msalConfig;\n}\n\n/**\n * Represents the state necessary for the MSAL (Microsoft Authentication Library) client to operate.\n * This includes the MSAL configuration, cached account information, Azure region, and a flag to disable automatic authentication.\n *\n * @internal\n */\ninterface MsalClientState {\n /** The configuration for the MSAL client. */\n msalConfig: msal.Configuration;\n\n /** The cached account information, or null if no account information is cached. */\n cachedAccount: msal.AccountInfo | null;\n\n /** Configured plugins */\n pluginConfiguration: PluginConfiguration;\n\n /** Claims received from challenges, cached for the next request */\n cachedClaims?: string;\n}\n\n/**\n * Creates an instance of the MSAL (Microsoft Authentication Library) client.\n *\n * @param clientId - The client ID of the application.\n * @param tenantId - The tenant ID of the Azure Active Directory.\n * @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.\n * @returns An instance of the MSAL client.\n *\n * @public\n */\nexport function createMsalClient(\n clientId: string,\n tenantId: string,\n createMsalClientOptions: MsalClientOptions = {},\n): MsalClient {\n const state: MsalClientState = {\n msalConfig: generateMsalConfiguration(clientId, tenantId, createMsalClientOptions),\n cachedAccount: createMsalClientOptions.authenticationRecord\n ? publicToMsal(createMsalClientOptions.authenticationRecord)\n : null,\n pluginConfiguration: msalPlugins.generatePluginConfiguration(createMsalClientOptions),\n };\n\n const confidentialApps: Map<string, msal.ConfidentialClientApplication> = new Map();\n async function getConfidentialApp(\n options: GetTokenOptions = {},\n ): Promise<msal.ConfidentialClientApplication> {\n const appKey = options.enableCae ? \"CAE\" : \"default\";\n\n let confidentialClientApp = confidentialApps.get(appKey);\n if (confidentialClientApp) {\n msalLogger.getToken.info(\n \"Existing ConfidentialClientApplication found in cache, returning it.\",\n );\n return confidentialClientApp;\n }\n\n // Initialize a new app and cache it\n msalLogger.getToken.info(\n `Creating new ConfidentialClientApplication with CAE ${options.enableCae ? \"enabled\" : \"disabled\"}.`,\n );\n\n const cachePlugin = options.enableCae\n ? state.pluginConfiguration.cache.cachePluginCae\n : state.pluginConfiguration.cache.cachePlugin;\n\n state.msalConfig.auth.clientCapabilities = options.enableCae ? [\"cp1\"] : undefined;\n\n confidentialClientApp = new msal.ConfidentialClientApplication({\n ...state.msalConfig,\n broker: { nativeBrokerPlugin: state.pluginConfiguration.broker.nativeBrokerPlugin },\n cache: { cachePlugin: await cachePlugin },\n });\n\n confidentialApps.set(appKey, confidentialClientApp);\n\n return confidentialClientApp;\n }\n\n async function getTokenSilent(\n app: msal.ConfidentialClientApplication | msal.PublicClientApplication,\n scopes: string[],\n options: GetTokenOptions = {},\n ): Promise<msal.AuthenticationResult> {\n if (state.cachedAccount === null) {\n msalLogger.getToken.info(\n \"No cached account found in local state, attempting to load it from MSAL cache.\",\n );\n const cache = app.getTokenCache();\n const accounts = await cache.getAllAccounts();\n\n if (accounts === undefined || accounts.length === 0) {\n throw new AuthenticationRequiredError({ scopes });\n }\n\n if (accounts.length > 1) {\n msalLogger.info(`More than one account was found authenticated for this Client ID and Tenant ID.\nHowever, no \"authenticationRecord\" has been provided for this credential,\ntherefore we're unable to pick between these accounts.\nA new login attempt will be requested, to ensure the correct account is picked.\nTo work with multiple accounts for the same Client ID and Tenant ID, please provide an \"authenticationRecord\" when initializing a credential to prevent this from happening.`);\n throw new AuthenticationRequiredError({ scopes });\n }\n\n state.cachedAccount = accounts[0];\n }\n\n // Keep track and reuse the claims we received across challenges\n if (options.claims) {\n state.cachedClaims = options.claims;\n }\n\n const silentRequest: msal.SilentFlowRequest = {\n account: state.cachedAccount,\n scopes,\n claims: state.cachedClaims,\n };\n\n if (state.pluginConfiguration.broker.isEnabled) {\n silentRequest.tokenQueryParameters ||= {};\n if (state.pluginConfiguration.broker.enableMsaPassthrough) {\n silentRequest.tokenQueryParameters[\"msal_request_type\"] = \"consumer_passthrough\";\n }\n }\n\n msalLogger.getToken.info(\"Attempting to acquire token silently\");\n return app.acquireTokenSilent(silentRequest);\n }\n\n /**\n * Performs silent authentication using MSAL to acquire an access token.\n * If silent authentication fails, falls back to interactive authentication.\n *\n * @param msalApp - The MSAL application instance.\n * @param scopes - The scopes for which to acquire the access token.\n * @param options - The options for acquiring the access token.\n * @param onAuthenticationRequired - A callback function to handle interactive authentication when silent authentication fails.\n * @returns A promise that resolves to an AccessToken object containing the access token and its expiration timestamp.\n */\n async function withSilentAuthentication(\n msalApp: msal.ConfidentialClientApplication | msal.PublicClientApplication,\n scopes: Array<string>,\n options: GetTokenOptions,\n onAuthenticationRequired: () => Promise<msal.AuthenticationResult | null>,\n ): Promise<AccessToken> {\n let response: msal.AuthenticationResult | null = null;\n try {\n response = await getTokenSilent(msalApp, scopes, options);\n } catch (e: any) {\n if (e.name !== \"AuthenticationRequiredError\") {\n throw e;\n }\n if (createMsalClientOptions.disableAutomaticAuthentication) {\n throw new AuthenticationRequiredError({\n scopes,\n getTokenOptions: options,\n message:\n \"Automatic authentication has been disabled. You may call the authentication() method.\",\n });\n }\n }\n\n // Silent authentication failed\n if (response === null) {\n try {\n response = await onAuthenticationRequired();\n } catch (err: any) {\n throw handleMsalError(scopes, err, options);\n }\n }\n\n // At this point we should have a token, process it\n ensureValidMsalToken(scopes, response, options);\n state.cachedAccount = response?.account ?? null;\n\n msalLogger.getToken.info(formatSuccess(scopes));\n\n return {\n token: response.accessToken,\n expiresOnTimestamp: response.expiresOn.getTime(),\n };\n }\n\n async function getTokenByClientSecret(\n scopes: string[],\n clientSecret: string,\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n msalLogger.getToken.info(`Attempting to acquire token using client secret`);\n\n state.msalConfig.auth.clientSecret = clientSecret;\n\n const msalApp = await getConfidentialApp(options);\n\n return withSilentAuthentication(msalApp, scopes, options, () =>\n msalApp.acquireTokenByClientCredential({\n scopes,\n authority: state.msalConfig.auth.authority,\n azureRegion: calculateRegionalAuthority(),\n claims: options?.claims,\n }),\n );\n }\n\n async function getTokenByClientAssertion(\n scopes: string[],\n clientAssertion: string,\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n msalLogger.getToken.info(`Attempting to acquire token using client assertion`);\n\n state.msalConfig.auth.clientAssertion = clientAssertion;\n\n const msalApp = await getConfidentialApp(options);\n\n return withSilentAuthentication(msalApp, scopes, options, () =>\n msalApp.acquireTokenByClientCredential({\n scopes,\n authority: state.msalConfig.auth.authority,\n azureRegion: calculateRegionalAuthority(),\n claims: options?.claims,\n clientAssertion,\n }),\n );\n }\n\n async function getTokenByClientCertificate(\n scopes: string[],\n certificate: CertificateParts,\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n msalLogger.getToken.info(`Attempting to acquire token using client certificate`);\n\n state.msalConfig.auth.clientCertificate = certificate;\n\n const msalApp = await getConfidentialApp(options);\n\n return withSilentAuthentication(msalApp, scopes, options, () =>\n msalApp.acquireTokenByClientCredential({\n scopes,\n azureRegion: calculateRegionalAuthority(),\n authority: state.msalConfig.auth.authority,\n claims: options?.claims,\n }),\n );\n }\n\n return {\n getTokenByClientSecret,\n getTokenByClientAssertion,\n getTokenByClientCertificate,\n };\n}\n"]}
|
|
@@ -122,7 +122,11 @@ export var RegionalAuthority;
|
|
|
122
122
|
* @internal
|
|
123
123
|
*/
|
|
124
124
|
export function calculateRegionalAuthority(regionalAuthority) {
|
|
125
|
+
// Note: as of today only 3 credentials support regional authority, and the parameter
|
|
126
|
+
// is not exposed via the public API. Regional Authority is _only_ supported
|
|
127
|
+
// via the AZURE_REGIONAL_AUTHORITY_NAME env var and _only_ for: ClientSecretCredential, ClientCertificateCredential, and ClientAssertionCredential.
|
|
125
128
|
var _a, _b;
|
|
129
|
+
// Accepting the regionalAuthority parameter will allow us to support it in the future.
|
|
126
130
|
let azureRegion = regionalAuthority;
|
|
127
131
|
if (azureRegion === undefined &&
|
|
128
132
|
((_b = (_a = globalThis.process) === null || _a === void 0 ? void 0 : _a.env) === null || _b === void 0 ? void 0 : _b.AZURE_REGIONAL_AUTHORITY_NAME) !== undefined) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"regionalAuthority.js","sourceRoot":"","sources":["../../src/regionalAuthority.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAN,IAAY,iBA2GX;AA3GD,WAAY,iBAAiB;IAC3B,uDAAuD;IACvD,8DAAyC,CAAA;IACzC,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,mFAAmF;IACnF,4DAAuC,CAAA;IACvC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,+EAA+E;IAC/E,2DAAsC,CAAA;IACtC,2EAA2E;IAC3E,mDAA8B,CAAA;IAC9B,8EAA8E;IAC9E,yDAAoC,CAAA;IACpC,4EAA4E;IAC5E,qDAAgC,CAAA;IAChC,2EAA2E;IAC3E,sDAAiC,CAAA;IACjC,8EAA8E;IAC9E,4DAAuC,CAAA;AACzC,CAAC,EA3GW,iBAAiB,KAAjB,iBAAiB,QA2G5B;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,0BAA0B,CAAC,iBAA0B
|
|
1
|
+
{"version":3,"file":"regionalAuthority.js","sourceRoot":"","sources":["../../src/regionalAuthority.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAN,IAAY,iBA2GX;AA3GD,WAAY,iBAAiB;IAC3B,uDAAuD;IACvD,8DAAyC,CAAA;IACzC,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,yEAAyE;IACzE,wCAAmB,CAAA;IACnB,wEAAwE;IACxE,sCAAiB,CAAA;IACjB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,+EAA+E;IAC/E,oDAA+B,CAAA;IAC/B,oFAAoF;IACpF,8DAAyC,CAAA;IACzC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,mFAAmF;IACnF,4DAAuC,CAAA;IACvC,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,8EAA8E;IAC9E,kDAA6B,CAAA;IAC7B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,0EAA0E;IAC1E,0CAAqB,CAAA;IACrB,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,iFAAiF;IACjF,wDAAmC,CAAA;IACnC,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,2EAA2E;IAC3E,4CAAuB,CAAA;IACvB,6EAA6E;IAC7E,gDAA2B,CAAA;IAC3B,4EAA4E;IAC5E,8CAAyB,CAAA;IACzB,gFAAgF;IAChF,sDAAiC,CAAA;IACjC,kFAAkF;IAClF,0DAAqC,CAAA;IACrC,+EAA+E;IAC/E,2DAAsC,CAAA;IACtC,2EAA2E;IAC3E,mDAA8B,CAAA;IAC9B,8EAA8E;IAC9E,yDAAoC,CAAA;IACpC,4EAA4E;IAC5E,qDAAgC,CAAA;IAChC,2EAA2E;IAC3E,sDAAiC,CAAA;IACjC,8EAA8E;IAC9E,4DAAuC,CAAA;AACzC,CAAC,EA3GW,iBAAiB,KAAjB,iBAAiB,QA2G5B;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,0BAA0B,CAAC,iBAA0B;IACnE,qFAAqF;IACrF,4EAA4E;IAC5E,oJAAoJ;;IAEpJ,uFAAuF;IACvF,IAAI,WAAW,GAAG,iBAAiB,CAAC;IAEpC,IACE,WAAW,KAAK,SAAS;QACzB,CAAA,MAAA,MAAA,UAAU,CAAC,OAAO,0CAAE,GAAG,0CAAE,6BAA6B,MAAK,SAAS,EACpE,CAAC;QACD,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC;IAC1D,CAAC;IAED,IAAI,WAAW,KAAK,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;QACzD,OAAO,eAAe,CAAC;IACzB,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * Helps specify a regional authority, or \"AutoDiscoverRegion\" to auto-detect the region.\n */\nexport enum RegionalAuthority {\n /** Instructs MSAL to attempt to discover the region */\n AutoDiscoverRegion = \"AutoDiscoverRegion\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westus' region. */\n USWest = \"westus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westus2' region. */\n USWest2 = \"westus2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'centralus' region. */\n USCentral = \"centralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastus' region. */\n USEast = \"eastus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastus2' region. */\n USEast2 = \"eastus2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'northcentralus' region. */\n USNorthCentral = \"northcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southcentralus' region. */\n USSouthCentral = \"southcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westcentralus' region. */\n USWestCentral = \"westcentralus\",\n /** Uses the {@link RegionalAuthority} for the Azure 'canadacentral' region. */\n CanadaCentral = \"canadacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'canadaeast' region. */\n CanadaEast = \"canadaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'brazilsouth' region. */\n BrazilSouth = \"brazilsouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'northeurope' region. */\n EuropeNorth = \"northeurope\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westeurope' region. */\n EuropeWest = \"westeurope\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uksouth' region. */\n UKSouth = \"uksouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'ukwest' region. */\n UKWest = \"ukwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'francecentral' region. */\n FranceCentral = \"francecentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'francesouth' region. */\n FranceSouth = \"francesouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandnorth' region. */\n SwitzerlandNorth = \"switzerlandnorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'switzerlandwest' region. */\n SwitzerlandWest = \"switzerlandwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanynorth' region. */\n GermanyNorth = \"germanynorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanywestcentral' region. */\n GermanyWestCentral = \"germanywestcentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'norwaywest' region. */\n NorwayWest = \"norwaywest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'norwayeast' region. */\n NorwayEast = \"norwayeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'eastasia' region. */\n AsiaEast = \"eastasia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southeastasia' region. */\n AsiaSouthEast = \"southeastasia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'japaneast' region. */\n JapanEast = \"japaneast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'japanwest' region. */\n JapanWest = \"japanwest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiaeast' region. */\n AustraliaEast = \"australiaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiasoutheast' region. */\n AustraliaSouthEast = \"australiasoutheast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral' region. */\n AustraliaCentral = \"australiacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'australiacentral2' region. */\n AustraliaCentral2 = \"australiacentral2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'centralindia' region. */\n IndiaCentral = \"centralindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southindia' region. */\n IndiaSouth = \"southindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'westindia' region. */\n IndiaWest = \"westindia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'koreasouth' region. */\n KoreaSouth = \"koreasouth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'koreacentral' region. */\n KoreaCentral = \"koreacentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uaecentral' region. */\n UAECentral = \"uaecentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'uaenorth' region. */\n UAENorth = \"uaenorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southafricanorth' region. */\n SouthAfricaNorth = \"southafricanorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'southafricawest' region. */\n SouthAfricaWest = \"southafricawest\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth' region. */\n ChinaNorth = \"chinanorth\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast' region. */\n ChinaEast = \"chinaeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinanorth2' region. */\n ChinaNorth2 = \"chinanorth2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'chinaeast2' region. */\n ChinaEast2 = \"chinaeast2\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanycentral' region. */\n GermanyCentral = \"germanycentral\",\n /** Uses the {@link RegionalAuthority} for the Azure 'germanynortheast' region. */\n GermanyNorthEast = \"germanynortheast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovvirginia' region. */\n GovernmentUSVirginia = \"usgovvirginia\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgoviowa' region. */\n GovernmentUSIowa = \"usgoviowa\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovarizona' region. */\n GovernmentUSArizona = \"usgovarizona\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usgovtexas' region. */\n GovernmentUSTexas = \"usgovtexas\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usdodeast' region. */\n GovernmentUSDodEast = \"usdodeast\",\n /** Uses the {@link RegionalAuthority} for the Azure 'usdodcentral' region. */\n GovernmentUSDodCentral = \"usdodcentral\",\n}\n\n/**\n * Calculates the correct regional authority based on the supplied value\n * and the AZURE_REGIONAL_AUTHORITY_NAME environment variable.\n *\n * Values will be returned verbatim, except for {@link RegionalAuthority.AutoDiscoverRegion}\n * which is mapped to a value MSAL can understand.\n *\n * @internal\n */\nexport function calculateRegionalAuthority(regionalAuthority?: string): string | undefined {\n // Note: as of today only 3 credentials support regional authority, and the parameter\n // is not exposed via the public API. Regional Authority is _only_ supported\n // via the AZURE_REGIONAL_AUTHORITY_NAME env var and _only_ for: ClientSecretCredential, ClientCertificateCredential, and ClientAssertionCredential.\n\n // Accepting the regionalAuthority parameter will allow us to support it in the future.\n let azureRegion = regionalAuthority;\n\n if (\n azureRegion === undefined &&\n globalThis.process?.env?.AZURE_REGIONAL_AUTHORITY_NAME !== undefined\n ) {\n azureRegion = process.env.AZURE_REGIONAL_AUTHORITY_NAME;\n }\n\n if (azureRegion === RegionalAuthority.AutoDiscoverRegion) {\n return \"AUTO_DISCOVER\";\n }\n\n return azureRegion;\n}\n"]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@azure/identity",
|
|
3
3
|
"sdk-type": "client",
|
|
4
|
-
"version": "4.
|
|
4
|
+
"version": "4.2.0-alpha.20240425.2",
|
|
5
5
|
"description": "Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID",
|
|
6
6
|
"main": "dist/index.js",
|
|
7
7
|
"module": "dist-esm/src/index.js",
|
|
@@ -127,7 +127,7 @@
|
|
|
127
127
|
"@azure/dev-tool": ">=1.0.0-alpha <1.0.0-alphb",
|
|
128
128
|
"@azure/eslint-plugin-azure-sdk": ">=3.0.0-alpha <3.0.0-alphb",
|
|
129
129
|
"@azure/keyvault-keys": "^4.2.0",
|
|
130
|
-
"@azure/test-utils": ">=1.0.0-alpha <1.0.0-alphb",
|
|
130
|
+
"@azure-tools/test-utils": ">=1.0.0-alpha <1.0.0-alphb",
|
|
131
131
|
"@microsoft/api-extractor": "^7.31.1",
|
|
132
132
|
"@types/chai": "^4.1.6",
|
|
133
133
|
"@types/jsonwebtoken": "^9.0.0",
|