@azure/identity 4.10.2 → 4.10.3-alpha.20250714.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/browser/constants.d.ts +1 -1
- package/dist/browser/constants.js +1 -1
- package/dist/browser/constants.js.map +1 -1
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +5 -4
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -1
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.js +16 -6
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -1
- package/dist/commonjs/constants.d.ts +1 -1
- package/dist/commonjs/constants.js +1 -1
- package/dist/commonjs/constants.js.map +1 -1
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +5 -4
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -1
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js +16 -6
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -1
- package/dist/esm/constants.d.ts +1 -1
- package/dist/esm/constants.js +1 -1
- package/dist/esm/constants.js.map +1 -1
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +5 -4
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -1
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.js +16 -6
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -1
- package/dist/workerd/constants.d.ts +1 -1
- package/dist/workerd/constants.js +1 -1
- package/dist/workerd/constants.js.map +1 -1
- package/dist/workerd/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +5 -4
- package/dist/workerd/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -1
- package/dist/workerd/credentials/managedIdentityCredential/imdsRetryPolicy.js +16 -6
- package/dist/workerd/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -1
- package/package.json +5 -5
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.3`;\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n /**\n * China-based Azure Authority Host\n */\n AzureChina = \"https://login.chinacloudapi.cn\",\n /**\n * Germany-based Azure Authority Host\n *\n * @deprecated Microsoft Cloud Germany was closed on October 29th, 2021.\n *\n * */\n AzureGermany = \"https://login.microsoftonline.de\",\n /**\n * US Government Azure Authority Host\n */\n AzureGovernment = \"https://login.microsoftonline.us\",\n /**\n * Public Cloud Azure Authority Host\n */\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/**\n * @internal\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/**\n * @internal\n * The default environment host for Azure Public Cloud\n */\nexport const DefaultAuthority = \"login.microsoftonline.com\";\n\n/**\n * @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n */\nexport const ALL_TENANTS: string[] = [\"*\"];\n\n/**\n * @internal\n */\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/**\n * @internal\n */\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/**\n * @internal\n *\n * The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
import type { PipelinePolicy } from "@azure/core-rest-pipeline";
|
|
2
2
|
import type { MSIConfiguration } from "./models.js";
|
|
3
3
|
/**
|
|
4
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
5
|
-
* 404s, but the IMDS endpoint can return
|
|
6
|
-
* will retry on 404s with an exponential backoff.
|
|
4
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
5
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
6
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
7
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
7
8
|
*
|
|
8
9
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
9
|
-
* @returns - The policy that will retry on 404s.
|
|
10
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
10
11
|
*/
|
|
11
12
|
export declare function imdsRetryPolicy(msiRetryConfig: MSIConfiguration["retryConfig"]): PipelinePolicy;
|
|
12
13
|
//# sourceMappingURL=imdsRetryPolicy.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAYpD;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,cAAc,EAAE,gBAAgB,CAAC,aAAa,CAAC,GAAG,cAAc,CA2B/F"}
|
|
@@ -4,24 +4,34 @@ import { retryPolicy } from "@azure/core-rest-pipeline";
|
|
|
4
4
|
import { calculateRetryDelay } from "@azure/core-util";
|
|
5
5
|
// Matches the default retry configuration in expontentialRetryStrategy.ts
|
|
6
6
|
const DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;
|
|
7
|
+
// For 410 responses, we need at least 70 seconds total retry duration
|
|
8
|
+
// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d
|
|
9
|
+
// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70
|
|
10
|
+
// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.
|
|
11
|
+
const MIN_DELAY_FOR_410_MS = 3000;
|
|
7
12
|
/**
|
|
8
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
9
|
-
* 404s, but the IMDS endpoint can return
|
|
10
|
-
* will retry on 404s with an exponential backoff.
|
|
13
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
14
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
15
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
16
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
11
17
|
*
|
|
12
18
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
13
|
-
* @returns - The policy that will retry on 404s.
|
|
19
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
14
20
|
*/
|
|
15
21
|
export function imdsRetryPolicy(msiRetryConfig) {
|
|
16
22
|
return retryPolicy([
|
|
17
23
|
{
|
|
18
24
|
name: "imdsRetryPolicy",
|
|
19
25
|
retry: ({ retryCount, response }) => {
|
|
20
|
-
if ((response === null || response === void 0 ? void 0 : response.status) !== 404) {
|
|
26
|
+
if ((response === null || response === void 0 ? void 0 : response.status) !== 404 && (response === null || response === void 0 ? void 0 : response.status) !== 410) {
|
|
21
27
|
return { skipStrategy: true };
|
|
22
28
|
}
|
|
29
|
+
// For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration
|
|
30
|
+
const initialDelayMs = (response === null || response === void 0 ? void 0 : response.status) === 410
|
|
31
|
+
? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)
|
|
32
|
+
: msiRetryConfig.startDelayInMs;
|
|
23
33
|
return calculateRetryDelay(retryCount, {
|
|
24
|
-
retryDelayInMs:
|
|
34
|
+
retryDelayInMs: initialDelayMs,
|
|
25
35
|
maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,
|
|
26
36
|
});
|
|
27
37
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD,sEAAsE;AACtE,oFAAoF;AACpF,kFAAkF;AAClF,sEAAsE;AACtE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC;;;;;;;;GAQG;AACH,MAAM,UAAU,eAAe,CAAC,cAA+C;IAC7E,OAAO,WAAW,CAChB;QACE;YACE,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAClC,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;oBACzD,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;gBAChC,CAAC;gBAED,qGAAqG;gBACrG,MAAM,cAAc,GAClB,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG;oBACtB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,EAAE,cAAc,CAAC,cAAc,CAAC;oBAC/D,CAAC,CAAC,cAAc,CAAC,cAAc,CAAC;gBAEpC,OAAO,mBAAmB,CAAC,UAAU,EAAE;oBACrC,cAAc,EAAE,cAAc;oBAC9B,iBAAiB,EAAE,iCAAiC;iBACrD,CAAC,CAAC;YACL,CAAC;SACF;KACF,EACD;QACE,UAAU,EAAE,cAAc,CAAC,UAAU;KACtC,CACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelinePolicy } from \"@azure/core-rest-pipeline\";\nimport { retryPolicy } from \"@azure/core-rest-pipeline\";\n\nimport type { MSIConfiguration } from \"./models.js\";\nimport { calculateRetryDelay } from \"@azure/core-util\";\n\n// Matches the default retry configuration in expontentialRetryStrategy.ts\nconst DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;\n\n// For 410 responses, we need at least 70 seconds total retry duration\n// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d\n// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70\n// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.\nconst MIN_DELAY_FOR_410_MS = 3000;\n\n/**\n * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on\n * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when\n * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.\n * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.\n *\n * @param msiRetryConfig - The retry configuration for the MSI credential.\n * @returns - The policy that will retry on 404s and 410s.\n */\nexport function imdsRetryPolicy(msiRetryConfig: MSIConfiguration[\"retryConfig\"]): PipelinePolicy {\n return retryPolicy(\n [\n {\n name: \"imdsRetryPolicy\",\n retry: ({ retryCount, response }) => {\n if (response?.status !== 404 && response?.status !== 410) {\n return { skipStrategy: true };\n }\n\n // For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration\n const initialDelayMs =\n response?.status === 410\n ? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)\n : msiRetryConfig.startDelayInMs;\n\n return calculateRetryDelay(retryCount, {\n retryDelayInMs: initialDelayMs,\n maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,\n });\n },\n },\n ],\n {\n maxRetries: msiRetryConfig.maxRetries,\n },\n );\n}\n"]}
|
|
@@ -6,7 +6,7 @@ exports.DEFAULT_TOKEN_CACHE_NAME = exports.CACHE_NON_CAE_SUFFIX = exports.CACHE_
|
|
|
6
6
|
/**
|
|
7
7
|
* Current version of the `@azure/identity` package.
|
|
8
8
|
*/
|
|
9
|
-
exports.SDK_VERSION = `4.10.
|
|
9
|
+
exports.SDK_VERSION = `4.10.3`;
|
|
10
10
|
/**
|
|
11
11
|
* The default client ID for authentication
|
|
12
12
|
* @internal
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAElC;;GAEG;AACU,QAAA,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AAC1F,QAAA,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACU,QAAA,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,mCAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACU,QAAA,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACU,QAAA,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACU,QAAA,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACU,QAAA,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACU,QAAA,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACU,QAAA,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAElC;;GAEG;AACU,QAAA,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AAC1F,QAAA,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACU,QAAA,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,mCAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACU,QAAA,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACU,QAAA,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACU,QAAA,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACU,QAAA,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACU,QAAA,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACU,QAAA,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.3`;\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n /**\n * China-based Azure Authority Host\n */\n AzureChina = \"https://login.chinacloudapi.cn\",\n /**\n * Germany-based Azure Authority Host\n *\n * @deprecated Microsoft Cloud Germany was closed on October 29th, 2021.\n *\n * */\n AzureGermany = \"https://login.microsoftonline.de\",\n /**\n * US Government Azure Authority Host\n */\n AzureGovernment = \"https://login.microsoftonline.us\",\n /**\n * Public Cloud Azure Authority Host\n */\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/**\n * @internal\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/**\n * @internal\n * The default environment host for Azure Public Cloud\n */\nexport const DefaultAuthority = \"login.microsoftonline.com\";\n\n/**\n * @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n */\nexport const ALL_TENANTS: string[] = [\"*\"];\n\n/**\n * @internal\n */\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/**\n * @internal\n */\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/**\n * @internal\n *\n * The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
import type { PipelinePolicy } from "@azure/core-rest-pipeline";
|
|
2
2
|
import type { MSIConfiguration } from "./models.js";
|
|
3
3
|
/**
|
|
4
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
5
|
-
* 404s, but the IMDS endpoint can return
|
|
6
|
-
* will retry on 404s with an exponential backoff.
|
|
4
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
5
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
6
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
7
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
7
8
|
*
|
|
8
9
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
9
|
-
* @returns - The policy that will retry on 404s.
|
|
10
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
10
11
|
*/
|
|
11
12
|
export declare function imdsRetryPolicy(msiRetryConfig: MSIConfiguration["retryConfig"]): PipelinePolicy;
|
|
12
13
|
//# sourceMappingURL=imdsRetryPolicy.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAYpD;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,cAAc,EAAE,gBAAgB,CAAC,aAAa,CAAC,GAAG,cAAc,CA2B/F"}
|
|
@@ -7,24 +7,34 @@ const core_rest_pipeline_1 = require("@azure/core-rest-pipeline");
|
|
|
7
7
|
const core_util_1 = require("@azure/core-util");
|
|
8
8
|
// Matches the default retry configuration in expontentialRetryStrategy.ts
|
|
9
9
|
const DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;
|
|
10
|
+
// For 410 responses, we need at least 70 seconds total retry duration
|
|
11
|
+
// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d
|
|
12
|
+
// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70
|
|
13
|
+
// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.
|
|
14
|
+
const MIN_DELAY_FOR_410_MS = 3000;
|
|
10
15
|
/**
|
|
11
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
12
|
-
* 404s, but the IMDS endpoint can return
|
|
13
|
-
* will retry on 404s with an exponential backoff.
|
|
16
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
17
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
18
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
19
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
14
20
|
*
|
|
15
21
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
16
|
-
* @returns - The policy that will retry on 404s.
|
|
22
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
17
23
|
*/
|
|
18
24
|
function imdsRetryPolicy(msiRetryConfig) {
|
|
19
25
|
return (0, core_rest_pipeline_1.retryPolicy)([
|
|
20
26
|
{
|
|
21
27
|
name: "imdsRetryPolicy",
|
|
22
28
|
retry: ({ retryCount, response }) => {
|
|
23
|
-
if ((response === null || response === void 0 ? void 0 : response.status) !== 404) {
|
|
29
|
+
if ((response === null || response === void 0 ? void 0 : response.status) !== 404 && (response === null || response === void 0 ? void 0 : response.status) !== 410) {
|
|
24
30
|
return { skipStrategy: true };
|
|
25
31
|
}
|
|
32
|
+
// For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration
|
|
33
|
+
const initialDelayMs = (response === null || response === void 0 ? void 0 : response.status) === 410
|
|
34
|
+
? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)
|
|
35
|
+
: msiRetryConfig.startDelayInMs;
|
|
26
36
|
return (0, core_util_1.calculateRetryDelay)(retryCount, {
|
|
27
|
-
retryDelayInMs:
|
|
37
|
+
retryDelayInMs: initialDelayMs,
|
|
28
38
|
maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,
|
|
29
39
|
});
|
|
30
40
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;AA0BlC,0CA2BC;AAlDD,kEAAwD;AAGxD,gDAAuD;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD,sEAAsE;AACtE,oFAAoF;AACpF,kFAAkF;AAClF,sEAAsE;AACtE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC;;;;;;;;GAQG;AACH,SAAgB,eAAe,CAAC,cAA+C;IAC7E,OAAO,IAAA,gCAAW,EAChB;QACE;YACE,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAClC,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;oBACzD,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;gBAChC,CAAC;gBAED,qGAAqG;gBACrG,MAAM,cAAc,GAClB,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG;oBACtB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,EAAE,cAAc,CAAC,cAAc,CAAC;oBAC/D,CAAC,CAAC,cAAc,CAAC,cAAc,CAAC;gBAEpC,OAAO,IAAA,+BAAmB,EAAC,UAAU,EAAE;oBACrC,cAAc,EAAE,cAAc;oBAC9B,iBAAiB,EAAE,iCAAiC;iBACrD,CAAC,CAAC;YACL,CAAC;SACF;KACF,EACD;QACE,UAAU,EAAE,cAAc,CAAC,UAAU;KACtC,CACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelinePolicy } from \"@azure/core-rest-pipeline\";\nimport { retryPolicy } from \"@azure/core-rest-pipeline\";\n\nimport type { MSIConfiguration } from \"./models.js\";\nimport { calculateRetryDelay } from \"@azure/core-util\";\n\n// Matches the default retry configuration in expontentialRetryStrategy.ts\nconst DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;\n\n// For 410 responses, we need at least 70 seconds total retry duration\n// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d\n// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70\n// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.\nconst MIN_DELAY_FOR_410_MS = 3000;\n\n/**\n * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on\n * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when\n * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.\n * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.\n *\n * @param msiRetryConfig - The retry configuration for the MSI credential.\n * @returns - The policy that will retry on 404s and 410s.\n */\nexport function imdsRetryPolicy(msiRetryConfig: MSIConfiguration[\"retryConfig\"]): PipelinePolicy {\n return retryPolicy(\n [\n {\n name: \"imdsRetryPolicy\",\n retry: ({ retryCount, response }) => {\n if (response?.status !== 404 && response?.status !== 410) {\n return { skipStrategy: true };\n }\n\n // For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration\n const initialDelayMs =\n response?.status === 410\n ? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)\n : msiRetryConfig.startDelayInMs;\n\n return calculateRetryDelay(retryCount, {\n retryDelayInMs: initialDelayMs,\n maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,\n });\n },\n },\n ],\n {\n maxRetries: msiRetryConfig.maxRetries,\n },\n );\n}\n"]}
|
package/dist/esm/constants.d.ts
CHANGED
package/dist/esm/constants.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.3`;\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n /**\n * China-based Azure Authority Host\n */\n AzureChina = \"https://login.chinacloudapi.cn\",\n /**\n * Germany-based Azure Authority Host\n *\n * @deprecated Microsoft Cloud Germany was closed on October 29th, 2021.\n *\n * */\n AzureGermany = \"https://login.microsoftonline.de\",\n /**\n * US Government Azure Authority Host\n */\n AzureGovernment = \"https://login.microsoftonline.us\",\n /**\n * Public Cloud Azure Authority Host\n */\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/**\n * @internal\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/**\n * @internal\n * The default environment host for Azure Public Cloud\n */\nexport const DefaultAuthority = \"login.microsoftonline.com\";\n\n/**\n * @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n */\nexport const ALL_TENANTS: string[] = [\"*\"];\n\n/**\n * @internal\n */\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/**\n * @internal\n */\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/**\n * @internal\n *\n * The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
import type { PipelinePolicy } from "@azure/core-rest-pipeline";
|
|
2
2
|
import type { MSIConfiguration } from "./models.js";
|
|
3
3
|
/**
|
|
4
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
5
|
-
* 404s, but the IMDS endpoint can return
|
|
6
|
-
* will retry on 404s with an exponential backoff.
|
|
4
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
5
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
6
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
7
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
7
8
|
*
|
|
8
9
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
9
|
-
* @returns - The policy that will retry on 404s.
|
|
10
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
10
11
|
*/
|
|
11
12
|
export declare function imdsRetryPolicy(msiRetryConfig: MSIConfiguration["retryConfig"]): PipelinePolicy;
|
|
12
13
|
//# sourceMappingURL=imdsRetryPolicy.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAYpD;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,cAAc,EAAE,gBAAgB,CAAC,aAAa,CAAC,GAAG,cAAc,CA2B/F"}
|
|
@@ -4,24 +4,34 @@ import { retryPolicy } from "@azure/core-rest-pipeline";
|
|
|
4
4
|
import { calculateRetryDelay } from "@azure/core-util";
|
|
5
5
|
// Matches the default retry configuration in expontentialRetryStrategy.ts
|
|
6
6
|
const DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;
|
|
7
|
+
// For 410 responses, we need at least 70 seconds total retry duration
|
|
8
|
+
// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d
|
|
9
|
+
// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70
|
|
10
|
+
// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.
|
|
11
|
+
const MIN_DELAY_FOR_410_MS = 3000;
|
|
7
12
|
/**
|
|
8
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
9
|
-
* 404s, but the IMDS endpoint can return
|
|
10
|
-
* will retry on 404s with an exponential backoff.
|
|
13
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
14
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
15
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
16
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
11
17
|
*
|
|
12
18
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
13
|
-
* @returns - The policy that will retry on 404s.
|
|
19
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
14
20
|
*/
|
|
15
21
|
export function imdsRetryPolicy(msiRetryConfig) {
|
|
16
22
|
return retryPolicy([
|
|
17
23
|
{
|
|
18
24
|
name: "imdsRetryPolicy",
|
|
19
25
|
retry: ({ retryCount, response }) => {
|
|
20
|
-
if ((response === null || response === void 0 ? void 0 : response.status) !== 404) {
|
|
26
|
+
if ((response === null || response === void 0 ? void 0 : response.status) !== 404 && (response === null || response === void 0 ? void 0 : response.status) !== 410) {
|
|
21
27
|
return { skipStrategy: true };
|
|
22
28
|
}
|
|
29
|
+
// For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration
|
|
30
|
+
const initialDelayMs = (response === null || response === void 0 ? void 0 : response.status) === 410
|
|
31
|
+
? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)
|
|
32
|
+
: msiRetryConfig.startDelayInMs;
|
|
23
33
|
return calculateRetryDelay(retryCount, {
|
|
24
|
-
retryDelayInMs:
|
|
34
|
+
retryDelayInMs: initialDelayMs,
|
|
25
35
|
maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,
|
|
26
36
|
});
|
|
27
37
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD,sEAAsE;AACtE,oFAAoF;AACpF,kFAAkF;AAClF,sEAAsE;AACtE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC;;;;;;;;GAQG;AACH,MAAM,UAAU,eAAe,CAAC,cAA+C;IAC7E,OAAO,WAAW,CAChB;QACE;YACE,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAClC,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;oBACzD,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;gBAChC,CAAC;gBAED,qGAAqG;gBACrG,MAAM,cAAc,GAClB,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG;oBACtB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,EAAE,cAAc,CAAC,cAAc,CAAC;oBAC/D,CAAC,CAAC,cAAc,CAAC,cAAc,CAAC;gBAEpC,OAAO,mBAAmB,CAAC,UAAU,EAAE;oBACrC,cAAc,EAAE,cAAc;oBAC9B,iBAAiB,EAAE,iCAAiC;iBACrD,CAAC,CAAC;YACL,CAAC;SACF;KACF,EACD;QACE,UAAU,EAAE,cAAc,CAAC,UAAU;KACtC,CACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelinePolicy } from \"@azure/core-rest-pipeline\";\nimport { retryPolicy } from \"@azure/core-rest-pipeline\";\n\nimport type { MSIConfiguration } from \"./models.js\";\nimport { calculateRetryDelay } from \"@azure/core-util\";\n\n// Matches the default retry configuration in expontentialRetryStrategy.ts\nconst DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;\n\n// For 410 responses, we need at least 70 seconds total retry duration\n// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d\n// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70\n// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.\nconst MIN_DELAY_FOR_410_MS = 3000;\n\n/**\n * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on\n * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when\n * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.\n * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.\n *\n * @param msiRetryConfig - The retry configuration for the MSI credential.\n * @returns - The policy that will retry on 404s and 410s.\n */\nexport function imdsRetryPolicy(msiRetryConfig: MSIConfiguration[\"retryConfig\"]): PipelinePolicy {\n return retryPolicy(\n [\n {\n name: \"imdsRetryPolicy\",\n retry: ({ retryCount, response }) => {\n if (response?.status !== 404 && response?.status !== 410) {\n return { skipStrategy: true };\n }\n\n // For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration\n const initialDelayMs =\n response?.status === 410\n ? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)\n : msiRetryConfig.startDelayInMs;\n\n return calculateRetryDelay(retryCount, {\n retryDelayInMs: initialDelayMs,\n maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,\n });\n },\n },\n ],\n {\n maxRetries: msiRetryConfig.maxRetries,\n },\n );\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,QAAQ,CAAC;AAEpC;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Current version of the `@azure/identity` package.\n */\nexport const SDK_VERSION = `4.10.3`;\n\n/**\n * The default client ID for authentication\n * @internal\n */\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/**\n * The default tenant for authentication\n * @internal\n */\nexport const DefaultTenantId = \"common\";\n\n/**\n * A list of known Azure authority hosts\n */\nexport enum AzureAuthorityHosts {\n /**\n * China-based Azure Authority Host\n */\n AzureChina = \"https://login.chinacloudapi.cn\",\n /**\n * Germany-based Azure Authority Host\n *\n * @deprecated Microsoft Cloud Germany was closed on October 29th, 2021.\n *\n * */\n AzureGermany = \"https://login.microsoftonline.de\",\n /**\n * US Government Azure Authority Host\n */\n AzureGovernment = \"https://login.microsoftonline.us\",\n /**\n * Public Cloud Azure Authority Host\n */\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/**\n * @internal\n * The default authority host.\n */\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/**\n * @internal\n * The default environment host for Azure Public Cloud\n */\nexport const DefaultAuthority = \"login.microsoftonline.com\";\n\n/**\n * @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n */\nexport const ALL_TENANTS: string[] = [\"*\"];\n\n/**\n * @internal\n */\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/**\n * @internal\n */\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/**\n * @internal\n *\n * The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
import type { PipelinePolicy } from "@azure/core-rest-pipeline";
|
|
2
2
|
import type { MSIConfiguration } from "./models.js";
|
|
3
3
|
/**
|
|
4
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
5
|
-
* 404s, but the IMDS endpoint can return
|
|
6
|
-
* will retry on 404s with an exponential backoff.
|
|
4
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
5
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
6
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
7
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
7
8
|
*
|
|
8
9
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
9
|
-
* @returns - The policy that will retry on 404s.
|
|
10
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
10
11
|
*/
|
|
11
12
|
export declare function imdsRetryPolicy(msiRetryConfig: MSIConfiguration["retryConfig"]): PipelinePolicy;
|
|
12
13
|
//# sourceMappingURL=imdsRetryPolicy.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAYpD;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,cAAc,EAAE,gBAAgB,CAAC,aAAa,CAAC,GAAG,cAAc,CA2B/F"}
|
|
@@ -4,24 +4,34 @@ import { retryPolicy } from "@azure/core-rest-pipeline";
|
|
|
4
4
|
import { calculateRetryDelay } from "@azure/core-util";
|
|
5
5
|
// Matches the default retry configuration in expontentialRetryStrategy.ts
|
|
6
6
|
const DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;
|
|
7
|
+
// For 410 responses, we need at least 70 seconds total retry duration
|
|
8
|
+
// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d
|
|
9
|
+
// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70
|
|
10
|
+
// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.
|
|
11
|
+
const MIN_DELAY_FOR_410_MS = 3000;
|
|
7
12
|
/**
|
|
8
|
-
* An additional policy that retries on 404 errors. The default retry policy does not retry on
|
|
9
|
-
* 404s, but the IMDS endpoint can return
|
|
10
|
-
* will retry on 404s with an exponential backoff.
|
|
13
|
+
* An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
|
|
14
|
+
* 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
|
|
15
|
+
* the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
|
|
16
|
+
* For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
|
|
11
17
|
*
|
|
12
18
|
* @param msiRetryConfig - The retry configuration for the MSI credential.
|
|
13
|
-
* @returns - The policy that will retry on 404s.
|
|
19
|
+
* @returns - The policy that will retry on 404s and 410s.
|
|
14
20
|
*/
|
|
15
21
|
export function imdsRetryPolicy(msiRetryConfig) {
|
|
16
22
|
return retryPolicy([
|
|
17
23
|
{
|
|
18
24
|
name: "imdsRetryPolicy",
|
|
19
25
|
retry: ({ retryCount, response }) => {
|
|
20
|
-
if ((response === null || response === void 0 ? void 0 : response.status) !== 404) {
|
|
26
|
+
if ((response === null || response === void 0 ? void 0 : response.status) !== 404 && (response === null || response === void 0 ? void 0 : response.status) !== 410) {
|
|
21
27
|
return { skipStrategy: true };
|
|
22
28
|
}
|
|
29
|
+
// For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration
|
|
30
|
+
const initialDelayMs = (response === null || response === void 0 ? void 0 : response.status) === 410
|
|
31
|
+
? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)
|
|
32
|
+
: msiRetryConfig.startDelayInMs;
|
|
23
33
|
return calculateRetryDelay(retryCount, {
|
|
24
|
-
retryDelayInMs:
|
|
34
|
+
retryDelayInMs: initialDelayMs,
|
|
25
35
|
maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,
|
|
26
36
|
});
|
|
27
37
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD
|
|
1
|
+
{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD,sEAAsE;AACtE,oFAAoF;AACpF,kFAAkF;AAClF,sEAAsE;AACtE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC;;;;;;;;GAQG;AACH,MAAM,UAAU,eAAe,CAAC,cAA+C;IAC7E,OAAO,WAAW,CAChB;QACE;YACE,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAClC,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;oBACzD,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;gBAChC,CAAC;gBAED,qGAAqG;gBACrG,MAAM,cAAc,GAClB,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG;oBACtB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,EAAE,cAAc,CAAC,cAAc,CAAC;oBAC/D,CAAC,CAAC,cAAc,CAAC,cAAc,CAAC;gBAEpC,OAAO,mBAAmB,CAAC,UAAU,EAAE;oBACrC,cAAc,EAAE,cAAc;oBAC9B,iBAAiB,EAAE,iCAAiC;iBACrD,CAAC,CAAC;YACL,CAAC;SACF;KACF,EACD;QACE,UAAU,EAAE,cAAc,CAAC,UAAU;KACtC,CACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelinePolicy } from \"@azure/core-rest-pipeline\";\nimport { retryPolicy } from \"@azure/core-rest-pipeline\";\n\nimport type { MSIConfiguration } from \"./models.js\";\nimport { calculateRetryDelay } from \"@azure/core-util\";\n\n// Matches the default retry configuration in expontentialRetryStrategy.ts\nconst DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;\n\n// For 410 responses, we need at least 70 seconds total retry duration\n// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d\n// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70\n// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.\nconst MIN_DELAY_FOR_410_MS = 3000;\n\n/**\n * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on\n * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when\n * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.\n * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.\n *\n * @param msiRetryConfig - The retry configuration for the MSI credential.\n * @returns - The policy that will retry on 404s and 410s.\n */\nexport function imdsRetryPolicy(msiRetryConfig: MSIConfiguration[\"retryConfig\"]): PipelinePolicy {\n return retryPolicy(\n [\n {\n name: \"imdsRetryPolicy\",\n retry: ({ retryCount, response }) => {\n if (response?.status !== 404 && response?.status !== 410) {\n return { skipStrategy: true };\n }\n\n // For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration\n const initialDelayMs =\n response?.status === 410\n ? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)\n : msiRetryConfig.startDelayInMs;\n\n return calculateRetryDelay(retryCount, {\n retryDelayInMs: initialDelayMs,\n maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,\n });\n },\n },\n ],\n {\n maxRetries: msiRetryConfig.maxRetries,\n },\n );\n}\n"]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@azure/identity",
|
|
3
3
|
"sdk-type": "client",
|
|
4
|
-
"version": "4.10.
|
|
4
|
+
"version": "4.10.3-alpha.20250714.3",
|
|
5
5
|
"description": "Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID",
|
|
6
6
|
"main": "./dist/commonjs/index.js",
|
|
7
7
|
"module": "./dist/esm/index.js",
|
|
@@ -86,10 +86,10 @@
|
|
|
86
86
|
"tslib": "^2.2.0"
|
|
87
87
|
},
|
|
88
88
|
"devDependencies": {
|
|
89
|
-
"@azure-tools/test-recorder": "
|
|
90
|
-
"@azure-tools/test-utils-vitest": "
|
|
91
|
-
"@azure/dev-tool": "
|
|
92
|
-
"@azure/eslint-plugin-azure-sdk": "
|
|
89
|
+
"@azure-tools/test-recorder": ">=4.1.0-alpha <4.1.0-alphb",
|
|
90
|
+
"@azure-tools/test-utils-vitest": ">=1.0.0-alpha <1.0.0-alphb",
|
|
91
|
+
"@azure/dev-tool": ">=1.0.0-alpha <1.0.0-alphb",
|
|
92
|
+
"@azure/eslint-plugin-azure-sdk": ">=3.0.0-alpha <3.0.0-alphb",
|
|
93
93
|
"@azure/keyvault-keys": "^4.2.0",
|
|
94
94
|
"@types/jsonwebtoken": "^9.0.0",
|
|
95
95
|
"@types/ms": "^2.1.0",
|