npm - @azure/identity - Versions diffs - 4.11.0-alpha.20250717.4 → 4.11.0-alpha.20250718.3 - Mend

@azure/identity 4.11.0-alpha.20250717.4 → 4.11.0-alpha.20250718.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (42) hide show

package/dist/esm/credentials/defaultAzureCredential.js CHANGED Viewed

@@ -1,151 +1,9 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
-import { ManagedIdentityCredential } from "./managedIdentityCredential/index.js";
-import { AzureCliCredential } from "./azureCliCredential.js";
-import { AzureDeveloperCliCredential } from "./azureDeveloperCliCredential.js";
-import { AzurePowerShellCredential } from "./azurePowerShellCredential.js";
 import { ChainedTokenCredential } from "./chainedTokenCredential.js";
-import { EnvironmentCredential } from "./environmentCredential.js";
-import { WorkloadIdentityCredential } from "./workloadIdentityCredential.js";
 import { credentialLogger } from "../util/logging.js";
-import { VisualStudioCodeCredential } from "./visualStudioCodeCredential.js";
-import { BrokerCredential } from "./brokerCredential.js";
+import { createDefaultAzureCliCredential, createDefaultAzureDeveloperCliCredential, createDefaultAzurePowershellCredential, createDefaultBrokerCredential, createDefaultManagedIdentityCredential, createDefaultVisualStudioCodeCredential, createDefaultWorkloadIdentityCredential, createDefaultEnvironmentCredential, } from "./defaultAzureCredentialFunctions.js";
 const logger = credentialLogger("DefaultAzureCredential");
-/**
- * Creates a {@link ManagedIdentityCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-export function createDefaultManagedIdentityCredential(options = {}) {
-    options.retryOptions ??= {
-        maxRetries: 5,
-        retryDelayInMs: 800,
-    };
-    const managedIdentityClientId = options?.managedIdentityClientId ??
-        process.env.AZURE_CLIENT_ID;
-    const workloadIdentityClientId = options?.workloadIdentityClientId ??
-        managedIdentityClientId;
-    const managedResourceId = options
-        ?.managedIdentityResourceId;
-    const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
-    const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
-    if (managedResourceId) {
-        const managedIdentityResourceIdOptions = {
-            ...options,
-            resourceId: managedResourceId,
-        };
-        return new ManagedIdentityCredential(managedIdentityResourceIdOptions);
-    }
-    if (workloadFile && workloadIdentityClientId) {
-        const workloadIdentityCredentialOptions = {
-            ...options,
-            tenantId: tenantId,
-        };
-        return new ManagedIdentityCredential(workloadIdentityClientId, workloadIdentityCredentialOptions);
-    }
-    if (managedIdentityClientId) {
-        const managedIdentityClientOptions = {
-            ...options,
-            clientId: managedIdentityClientId,
-        };
-        return new ManagedIdentityCredential(managedIdentityClientOptions);
-    }
-    // We may be able to return a UnavailableCredential here, but that may be a breaking change
-    return new ManagedIdentityCredential(options);
-}
-/**
- * Creates a {@link WorkloadIdentityCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-function createDefaultWorkloadIdentityCredential(options) {
-    const managedIdentityClientId = options?.managedIdentityClientId ??
-        process.env.AZURE_CLIENT_ID;
-    const workloadIdentityClientId = options?.workloadIdentityClientId ??
-        managedIdentityClientId;
-    const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
-    const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
-    if (workloadFile && workloadIdentityClientId) {
-        const workloadIdentityCredentialOptions = {
-            ...options,
-            tenantId,
-            clientId: workloadIdentityClientId,
-            tokenFilePath: workloadFile,
-        };
-        return new WorkloadIdentityCredential(workloadIdentityCredentialOptions);
-    }
-    if (tenantId) {
-        const workloadIdentityClientTenantOptions = {
-            ...options,
-            tenantId,
-        };
-        return new WorkloadIdentityCredential(workloadIdentityClientTenantOptions);
-    }
-    // We may be able to return a UnavailableCredential here, but that may be a breaking change
-    return new WorkloadIdentityCredential(options);
-}
-/**
- * Creates a {@link AzureDeveloperCliCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-function createDefaultAzureDeveloperCliCredential(options = {}) {
-    const processTimeoutInMs = options.processTimeoutInMs;
-    return new AzureDeveloperCliCredential({ processTimeoutInMs, ...options });
-}
-/**
- * Creates a {@link AzureCliCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-function createDefaultAzureCliCredential(options = {}) {
-    const processTimeoutInMs = options.processTimeoutInMs;
-    return new AzureCliCredential({ processTimeoutInMs, ...options });
-}
-/**
- * Creates a {@link AzurePowerShellCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-function createDefaultAzurePowershellCredential(options = {}) {
-    const processTimeoutInMs = options.processTimeoutInMs;
-    return new AzurePowerShellCredential({ processTimeoutInMs, ...options });
-}
-/**
- * Creates a BrokerCredential instance with the provided options.
- * This credential uses the Windows Authentication Manager (WAM) broker for authentication.
- * It will only attempt to authenticate silently using the default broker account
- *
- * @param options - Options for configuring the credential.
- *
- * @internal
- */
-export function createDefaultBrokerCredential(options = {}) {
-    return new BrokerCredential(options);
-}
-/**
- * Creates an {@link EnvironmentCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-export function createEnvironmentCredential(options = {}) {
-    return new EnvironmentCredential(options);
-}
-/**
- * Creates a {@link VisualStudioCodeCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-export function createDefaultVisualStudioCodeCredential(options = {}) {
-    return new VisualStudioCodeCredential(options);
-}
 /**
  * A no-op credential that logs the reason it was skipped if getToken is called.
  * @internal
@@ -172,13 +30,24 @@ export class UnavailableDefaultCredential {
  * - {@link EnvironmentCredential}
  * - {@link WorkloadIdentityCredential}
  * - {@link ManagedIdentityCredential}
+ * - {@link VisualStudioCodeCredential}
  * - {@link AzureCliCredential}
  * - {@link AzurePowerShellCredential}
  * - {@link AzureDeveloperCliCredential}
- * - {@link VisualStudioCodeCredential}
  *
  * Consult the documentation of these credential types for more information
  * on how they attempt authentication.
+ *
+ * Selecting credentials
+ *
+ * Set environment variable AZURE_TOKEN_CREDENTIALS to select a subset of the credential chain.
+ * DefaultAzureCredential will try only the specified credential(s), but its other behavior remains the same.
+ * Valid values for AZURE_TOKEN_CREDENTIALS are the name of any single type in the above chain, for example
+ * "EnvironmentCredential" or "AzureCliCredential", and these special values:
+ *
+ *   - "dev": try [VisualStudioCodeCredential], [AzureCliCredential], [AzurePowerShellCredential] and [AzureDeveloperCliCredential], in that order
+ *   - "prod": try [EnvironmentCredential], [WorkloadIdentityCredential], and [ManagedIdentityCredential], in that order
+ *
  */
 export class DefaultAzureCredential extends ChainedTokenCredential {
     constructor(options) {
@@ -194,27 +63,47 @@ export class DefaultAzureCredential extends ChainedTokenCredential {
             createDefaultBrokerCredential,
         ];
         const prodCredentialFunctions = [
-            createEnvironmentCredential,
+            createDefaultEnvironmentCredential,
             createDefaultWorkloadIdentityCredential,
             createDefaultManagedIdentityCredential,
         ];
         let credentialFunctions = [];
+        const validCredentialNames = "EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential";
         // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.
-        // The value of AZURE_TOKEN_CREDENTIALS should be either "dev" or "prod".
+        // The value of AZURE_TOKEN_CREDENTIALS should be either "dev" or "prod" or any one of these credentials - {validCredentialNames}.
         if (azureTokenCredentials) {
             switch (azureTokenCredentials) {
                 case "dev":
-                    // If AZURE_TOKEN_CREDENTIALS is set to "dev", use the developer tool-based credential chain.
                     credentialFunctions = devCredentialFunctions;
                     break;
                 case "prod":
-                    // If AZURE_TOKEN_CREDENTIALS is set to "prod", use the production credential chain.
                     credentialFunctions = prodCredentialFunctions;
                     break;
+                case "environmentcredential":
+                    credentialFunctions = [createDefaultEnvironmentCredential];
+                    break;
+                case "workloadidentitycredential":
+                    credentialFunctions = [createDefaultWorkloadIdentityCredential];
+                    break;
+                case "managedidentitycredential":
+                    credentialFunctions = [createDefaultManagedIdentityCredential];
+                    break;
+                case "visualstudiocodecredential":
+                    credentialFunctions = [createDefaultVisualStudioCodeCredential];
+                    break;
+                case "azureclicredential":
+                    credentialFunctions = [createDefaultAzureCliCredential];
+                    break;
+                case "azurepowershellcredential":
+                    credentialFunctions = [createDefaultAzurePowershellCredential];
+                    break;
+                case "azuredeveloperclicredential":
+                    credentialFunctions = [createDefaultAzureDeveloperCliCredential];
+                    break;
                 default: {
                     // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.
-                    // We will throw an error here to prevent the creation of the DefaultAzureCredential.
-                    const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev'.`;
+                    // This will prevent the creation of the DefaultAzureCredential.
+                    const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;
                     logger.warning(errorMessage);
                     throw new Error(errorMessage);
                 }

package/dist/esm/credentials/defaultAzureCredential.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultAzureCredential.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAWlC,OAAO,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAC;AAEjF,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAEnE,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAE7E,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEzD,MAAM,MAAM,GAAG,gBAAgB,CAAC,wBAAwB,CAAC,CAAC;AAE1D;;;;;GAKG;AACH,MAAM,UAAU,sCAAsC,CACpD,UAG4C,EAAE;IAE9C,OAAO,CAAC,YAAY,KAAK;QACvB,UAAU,EAAE,CAAC;QACb,cAAc,EAAE,GAAG;KACpB,CAAC;IACF,MAAM,uBAAuB,GAC1B,OAAiD,EAAE,uBAAuB;QAC3E,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAC9B,MAAM,wBAAwB,GAC3B,OAAiD,EAAE,wBAAwB;QAC5E,uBAAuB,CAAC;IAC1B,MAAM,iBAAiB,GAAI,OAAmD;QAC5E,EAAE,yBAAyB,CAAC;IAC9B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;IAC5D,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAClE,IAAI,iBAAiB,EAAE,CAAC;QACtB,MAAM,gCAAgC,GAA+C;YACnF,GAAG,OAAO;YACV,UAAU,EAAE,iBAAiB;SAC9B,CAAC;QACF,OAAO,IAAI,yBAAyB,CAAC,gCAAgC,CAAC,CAAC;IACzE,CAAC;IAED,IAAI,YAAY,IAAI,wBAAwB,EAAE,CAAC;QAC7C,MAAM,iCAAiC,GAAkC;YACvE,GAAG,OAAO;YACV,QAAQ,EAAE,QAAQ;SACnB,CAAC;QAEF,OAAO,IAAI,yBAAyB,CAClC,wBAAwB,EACxB,iCAAiC,CAClC,CAAC;IACJ,CAAC;IAED,IAAI,uBAAuB,EAAE,CAAC;QAC5B,MAAM,4BAA4B,GAA6C;YAC7E,GAAG,OAAO;YACV,QAAQ,EAAE,uBAAuB;SAClC,CAAC;QAEF,OAAO,IAAI,yBAAyB,CAAC,4BAA4B,CAAC,CAAC;IACrE,CAAC;IAED,2FAA2F;IAC3F,OAAO,IAAI,yBAAyB,CAAC,OAAO,CAAC,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,SAAS,uCAAuC,CAC9C,OAA+E;IAE/E,MAAM,uBAAuB,GAC1B,OAAiD,EAAE,uBAAuB;QAC3E,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAC9B,MAAM,wBAAwB,GAC3B,OAAiD,EAAE,wBAAwB;QAC5E,uBAAuB,CAAC;IAC1B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;IAC5D,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAClE,IAAI,YAAY,IAAI,wBAAwB,EAAE,CAAC;QAC7C,MAAM,iCAAiC,GAAsC;YAC3E,GAAG,OAAO;YACV,QAAQ;YACR,QAAQ,EAAE,wBAAwB;YAClC,aAAa,EAAE,YAAY;SAC5B,CAAC;QACF,OAAO,IAAI,0BAA0B,CAAC,iCAAiC,CAAC,CAAC;IAC3E,CAAC;IACD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,mCAAmC,GAAsC;YAC7E,GAAG,OAAO;YACV,QAAQ;SACT,CAAC;QACF,OAAO,IAAI,0BAA0B,CAAC,mCAAmC,CAAC,CAAC;IAC7E,CAAC;IAED,2FAA2F;IAC3F,OAAO,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;AACjD,CAAC;AAED;;;;;GAKG;AACH,SAAS,wCAAwC,CAC/C,UAAyC,EAAE;IAE3C,MAAM,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IACtD,OAAO,IAAI,2BAA2B,CAAC,EAAE,kBAAkB,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AAC7E,CAAC;AAED;;;;;GAKG;AACH,SAAS,+BAA+B,CACtC,UAAyC,EAAE;IAE3C,MAAM,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IACtD,OAAO,IAAI,kBAAkB,CAAC,EAAE,kBAAkB,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AACpE,CAAC;AAED;;;;;GAKG;AACH,SAAS,sCAAsC,CAC7C,UAAyC,EAAE;IAE3C,MAAM,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IACtD,OAAO,IAAI,yBAAyB,CAAC,EAAE,kBAAkB,EAAE,GAAG,OAAO,EAAE,CAAC,CAAC;AAC3E,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,6BAA6B,CAC3C,UAAyC,EAAE;IAE3C,OAAO,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B,CACzC,UAAyC,EAAE;IAE3C,OAAO,IAAI,qBAAqB,CAAC,OAAO,CAAC,CAAC;AAC5C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uCAAuC,CACrD,UAAyC,EAAE;IAE3C,OAAO,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IACvC,iCAAiC,CAAS;IAC1C,cAAc,CAAS;IAEvB,YAAY,cAAsB,EAAE,OAAe;QACjD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,iCAAiC,GAAG,OAAO,CAAC;IACnD,CAAC;IAED,QAAQ;QACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,YAAY,IAAI,CAAC,cAAc,aAAa,IAAI,CAAC,iCAAiC,EAAE,CACrF,CAAC;QACF,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,OAAO,sBAAuB,SAAQ,sBAAsB;IAsBhE,YAAY,OAAuC;QACjD,2EAA2E;QAC3E,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB;YAC/D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;YAC1D,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,sBAAsB,GAAG;YAC7B,uCAAuC;YACvC,+BAA+B;YAC/B,sCAAsC;YACtC,wCAAwC;YACxC,6BAA6B;SAC9B,CAAC;QACF,MAAM,uBAAuB,GAAG;YAC9B,2BAA2B;YAC3B,uCAAuC;YACvC,sCAAsC;SACvC,CAAC;QACF,IAAI,mBAAmB,GAAG,EAAE,CAAC;QAC7B,mFAAmF;QACnF,yEAAyE;QACzE,IAAI,qBAAqB,EAAE,CAAC;YAC1B,QAAQ,qBAAqB,EAAE,CAAC;gBAC9B,KAAK,KAAK;oBACR,6FAA6F;oBAC7F,mBAAmB,GAAG,sBAAsB,CAAC;oBAC7C,MAAM;gBACR,KAAK,MAAM;oBACT,oFAAoF;oBACpF,mBAAmB,GAAG,uBAAuB,CAAC;oBAC9C,MAAM;gBACR,OAAO,CAAC,CAAC,CAAC;oBACR,6EAA6E;oBAC7E,qFAAqF;oBACrF,MAAM,YAAY,GAAG,+CAA+C,OAAO,CAAC,GAAG,CAAC,uBAAuB,qCAAqC,CAAC;oBAC7I,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2EAA2E;YAC3E,mBAAmB,GAAG,CAAC,GAAG,uBAAuB,EAAE,GAAG,sBAAsB,CAAC,CAAC;QAChF,CAAC;QAED,gLAAgL;QAChL,8DAA8D;QAC9D,6DAA6D;QAC7D,gEAAgE;QAChE,sHAAsH;QACtH,MAAM,WAAW,GAAsB,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YACpF,IAAI,CAAC;gBACH,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,OAAO,CACZ,WAAW,kBAAkB,CAAC,IAAI,iDAAiD,GAAG,EAAE,CACzF,CAAC;gBACF,OAAO,IAAI,4BAA4B,CAAC,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YAChF,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC;IACxB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\nimport type {\n ManagedIdentityCredentialClientIdOptions,\n ManagedIdentityCredentialResourceIdOptions,\n} from \"./managedIdentityCredential/options.js\";\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\n\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport type { WorkloadIdentityCredentialOptions } from \"./workloadIdentityCredentialOptions.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { BrokerCredential } from \"./brokerCredential.js\";\n\nconst logger = credentialLogger(\"DefaultAzureCredential\");\n\n/*\n Creates a {@link ManagedIdentityCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nexport function createDefaultManagedIdentityCredential(\n options:\n \| DefaultAzureCredentialOptions\n \| DefaultAzureCredentialResourceIdOptions\n \| DefaultAzureCredentialClientIdOptions = {},\n): TokenCredential {\n options.retryOptions ??= {\n maxRetries: 5,\n retryDelayInMs: 800,\n };\n const managedIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.managedIdentityClientId ??\n process.env.AZURE_CLIENT_ID;\n const workloadIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.workloadIdentityClientId ??\n managedIdentityClientId;\n const managedResourceId = (options as DefaultAzureCredentialResourceIdOptions)\n ?.managedIdentityResourceId;\n const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;\n const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;\n if (managedResourceId) {\n const managedIdentityResourceIdOptions: ManagedIdentityCredentialResourceIdOptions = {\n ...options,\n resourceId: managedResourceId,\n };\n return new ManagedIdentityCredential(managedIdentityResourceIdOptions);\n }\n\n if (workloadFile && workloadIdentityClientId) {\n const workloadIdentityCredentialOptions: DefaultAzureCredentialOptions = {\n ...options,\n tenantId: tenantId,\n };\n\n return new ManagedIdentityCredential(\n workloadIdentityClientId,\n workloadIdentityCredentialOptions,\n );\n }\n\n if (managedIdentityClientId) {\n const managedIdentityClientOptions: ManagedIdentityCredentialClientIdOptions = {\n ...options,\n clientId: managedIdentityClientId,\n };\n\n return new ManagedIdentityCredential(managedIdentityClientOptions);\n }\n\n // We may be able to return a UnavailableCredential here, but that may be a breaking change\n return new ManagedIdentityCredential(options);\n}\n\n/\n Creates a {@link WorkloadIdentityCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nfunction createDefaultWorkloadIdentityCredential(\n options?: DefaultAzureCredentialOptions \| DefaultAzureCredentialClientIdOptions,\n): TokenCredential {\n const managedIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.managedIdentityClientId ??\n process.env.AZURE_CLIENT_ID;\n const workloadIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.workloadIdentityClientId ??\n managedIdentityClientId;\n const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;\n const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;\n if (workloadFile && workloadIdentityClientId) {\n const workloadIdentityCredentialOptions: WorkloadIdentityCredentialOptions = {\n ...options,\n tenantId,\n clientId: workloadIdentityClientId,\n tokenFilePath: workloadFile,\n };\n return new WorkloadIdentityCredential(workloadIdentityCredentialOptions);\n }\n if (tenantId) {\n const workloadIdentityClientTenantOptions: WorkloadIdentityCredentialOptions = {\n ...options,\n tenantId,\n };\n return new WorkloadIdentityCredential(workloadIdentityClientTenantOptions);\n }\n\n // We may be able to return a UnavailableCredential here, but that may be a breaking change\n return new WorkloadIdentityCredential(options);\n}\n\n/\n Creates a {@link AzureDeveloperCliCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nfunction createDefaultAzureDeveloperCliCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n const processTimeoutInMs = options.processTimeoutInMs;\n return new AzureDeveloperCliCredential({ processTimeoutInMs, ...options });\n}\n\n/\n Creates a {@link AzureCliCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nfunction createDefaultAzureCliCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n const processTimeoutInMs = options.processTimeoutInMs;\n return new AzureCliCredential({ processTimeoutInMs, ...options });\n}\n\n/\n Creates a {@link AzurePowerShellCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nfunction createDefaultAzurePowershellCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n const processTimeoutInMs = options.processTimeoutInMs;\n return new AzurePowerShellCredential({ processTimeoutInMs, ...options });\n}\n\n/\n Creates a BrokerCredential instance with the provided options.\n * This credential uses the Windows Authentication Manager (WAM) broker for authentication.\n * It will only attempt to authenticate silently using the default broker account\n \n @param options - Options for configuring the credential.\n \n @internal\n /\nexport function createDefaultBrokerCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new BrokerCredential(options);\n}\n\n/\n Creates an {@link EnvironmentCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nexport function createEnvironmentCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new EnvironmentCredential(options);\n}\n\n/\n Creates a {@link VisualStudioCodeCredential} from the provided options.\n * @param options - Options to configure the credential.\n \n @internal\n /\nexport function createDefaultVisualStudioCodeCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new VisualStudioCodeCredential(options);\n}\n\n/\n A no-op credential that logs the reason it was skipped if getToken is called.\n * @internal\n /\nexport class UnavailableDefaultCredential implements TokenCredential {\n credentialUnavailableErrorMessage: string;\n credentialName: string;\n\n constructor(credentialName: string, message: string) {\n this.credentialName = credentialName;\n this.credentialUnavailableErrorMessage = message;\n }\n\n getToken(): Promise<null> {\n logger.getToken.info(\n `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`,\n );\n return Promise.resolve(null);\n }\n}\n\n/\n Provides a default {@link ChainedTokenCredential} configuration that works for most\n * applications that use Azure SDK client libraries. For more information, see\n * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#use-defaultazurecredential-for-flexibility).\n \n The following credential types will be tried, in order:\n \n - {@link EnvironmentCredential}\n * - {@link WorkloadIdentityCredential}\n * - {@link ManagedIdentityCredential}\n * - {@link AzureCliCredential}\n * - {@link AzurePowerShellCredential}\n * - {@link AzureDeveloperCliCredential}\n * - {@link VisualStudioCodeCredential}\n \n Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n /\nexport class DefaultAzureCredential extends ChainedTokenCredential {\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialClientIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialClientIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialClientIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialResourceIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialResourceIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialResourceIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialOptions}.\n */\n constructor(options?: DefaultAzureCredentialOptions);\n\n constructor(options?: DefaultAzureCredentialOptions) {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS\n ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()\n : undefined;\n const devCredentialFunctions = [\n createDefaultVisualStudioCodeCredential,\n createDefaultAzureCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultBrokerCredential,\n ];\n const prodCredentialFunctions = [\n createEnvironmentCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultManagedIdentityCredential,\n ];\n let credentialFunctions = [];\n // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.\n // The value of AZURE_TOKEN_CREDENTIALS should be either \"dev\" or \"prod\".\n if (azureTokenCredentials) {\n switch (azureTokenCredentials) {\n case \"dev\":\n // If AZURE_TOKEN_CREDENTIALS is set to \"dev\", use the developer tool-based credential chain.\n credentialFunctions = devCredentialFunctions;\n break;\n case \"prod\":\n // If AZURE_TOKEN_CREDENTIALS is set to \"prod\", use the production credential chain.\n credentialFunctions = prodCredentialFunctions;\n break;\n default: {\n // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.\n // We will throw an error here to prevent the creation of the DefaultAzureCredential.\n const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev'.`;\n logger.warning(errorMessage);\n throw new Error(errorMessage);\n }\n }\n } else {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];\n }\n\n // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.\n // When adding new credentials to the default chain, consider:\n // 1. Making the constructor parameters required and explicit\n // 2. Validating any required parameters in the factory function\n // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason\n const credentials: TokenCredential[] = credentialFunctions.map((createCredentialFn) => {\n try {\n return createCredentialFn(options);\n } catch (err: any) {\n logger.warning(\n `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`,\n );\n return new UnavailableDefaultCredential(createCredentialFn.name, err.message);\n }\n });\n\n super(...credentials);\n }\n}\n"]}
1	+ {"version":3,"file":"defaultAzureCredential.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAalC,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAIrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EACL,+BAA+B,EAC/B,wCAAwC,EACxC,sCAAsC,EACtC,6BAA6B,EAC7B,sCAAsC,EACtC,uCAAuC,EACvC,uCAAuC,EACvC,kCAAkC,GACnC,MAAM,sCAAsC,CAAC;AAE9C,MAAM,MAAM,GAAG,gBAAgB,CAAC,wBAAwB,CAAC,CAAC;AAE1D;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IACvC,iCAAiC,CAAS;IAC1C,cAAc,CAAS;IAEvB,YAAY,cAAsB,EAAE,OAAe;QACjD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,iCAAiC,GAAG,OAAO,CAAC;IACnD,CAAC;IAED,QAAQ;QACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,YAAY,IAAI,CAAC,cAAc,aAAa,IAAI,CAAC,iCAAiC,EAAE,CACrF,CAAC;QACF,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,MAAM,OAAO,sBAAuB,SAAQ,sBAAsB;IAsBhE,YAAY,OAAuC;QACjD,2EAA2E;QAC3E,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB;YAC/D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;YAC1D,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,sBAAsB,GAAG;YAC7B,uCAAuC;YACvC,+BAA+B;YAC/B,sCAAsC;YACtC,wCAAwC;YACxC,6BAA6B;SAC9B,CAAC;QACF,MAAM,uBAAuB,GAAG;YAC9B,kCAAkC;YAClC,uCAAuC;YACvC,sCAAsC;SACvC,CAAC;QACF,IAAI,mBAAmB,GAAG,EAAE,CAAC;QAC7B,MAAM,oBAAoB,GACxB,sLAAsL,CAAC;QACzL,mFAAmF;QACnF,kIAAkI;QAClI,IAAI,qBAAqB,EAAE,CAAC;YAC1B,QAAQ,qBAAqB,EAAE,CAAC;gBAC9B,KAAK,KAAK;oBACR,mBAAmB,GAAG,sBAAsB,CAAC;oBAC7C,MAAM;gBACR,KAAK,MAAM;oBACT,mBAAmB,GAAG,uBAAuB,CAAC;oBAC9C,MAAM;gBACR,KAAK,uBAAuB;oBAC1B,mBAAmB,GAAG,CAAC,kCAAkC,CAAC,CAAC;oBAC3D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,uCAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,uCAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,oBAAoB;oBACvB,mBAAmB,GAAG,CAAC,+BAA+B,CAAC,CAAC;oBACxD,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,sCAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,6BAA6B;oBAChC,mBAAmB,GAAG,CAAC,wCAAwC,CAAC,CAAC;oBACjE,MAAM;gBACR,OAAO,CAAC,CAAC,CAAC;oBACR,6EAA6E;oBAC7E,gEAAgE;oBAChE,MAAM,YAAY,GAAG,+CAA+C,OAAO,CAAC,GAAG,CAAC,uBAAuB,oEAAoE,oBAAoB,GAAG,CAAC;oBACnM,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2EAA2E;YAC3E,mBAAmB,GAAG,CAAC,GAAG,uBAAuB,EAAE,GAAG,sBAAsB,CAAC,CAAC;QAChF,CAAC;QAED,gLAAgL;QAChL,8DAA8D;QAC9D,6DAA6D;QAC7D,gEAAgE;QAChE,sHAAsH;QACtH,MAAM,WAAW,GAAsB,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YACpF,IAAI,CAAC;gBACH,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,OAAO,CACZ,WAAW,kBAAkB,CAAC,IAAI,iDAAiD,GAAG,EAAE,CACzF,CAAC;gBACF,OAAO,IAAI,4BAA4B,CAAC,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YAChF,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC;IACxB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\n\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport {\n createDefaultAzureCliCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultBrokerCredential,\n createDefaultManagedIdentityCredential,\n createDefaultVisualStudioCodeCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultEnvironmentCredential,\n} from \"./defaultAzureCredentialFunctions.js\";\n\nconst logger = credentialLogger(\"DefaultAzureCredential\");\n\n/*\n A no-op credential that logs the reason it was skipped if getToken is called.\n * @internal\n /\nexport class UnavailableDefaultCredential implements TokenCredential {\n credentialUnavailableErrorMessage: string;\n credentialName: string;\n\n constructor(credentialName: string, message: string) {\n this.credentialName = credentialName;\n this.credentialUnavailableErrorMessage = message;\n }\n\n getToken(): Promise<null> {\n logger.getToken.info(\n `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`,\n );\n return Promise.resolve(null);\n }\n}\n\n/\n Provides a default {@link ChainedTokenCredential} configuration that works for most\n * applications that use Azure SDK client libraries. For more information, see\n * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#use-defaultazurecredential-for-flexibility).\n \n The following credential types will be tried, in order:\n \n - {@link EnvironmentCredential}\n * - {@link WorkloadIdentityCredential}\n * - {@link ManagedIdentityCredential}\n * - {@link VisualStudioCodeCredential}\n * - {@link AzureCliCredential}\n * - {@link AzurePowerShellCredential}\n * - {@link AzureDeveloperCliCredential}\n \n Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n \n Selecting credentials\n \n Set environment variable AZURE_TOKEN_CREDENTIALS to select a subset of the credential chain.\n * DefaultAzureCredential will try only the specified credential(s), but its other behavior remains the same.\n * Valid values for AZURE_TOKEN_CREDENTIALS are the name of any single type in the above chain, for example\n * \"EnvironmentCredential\" or \"AzureCliCredential\", and these special values:\n \n - \"dev\": try [VisualStudioCodeCredential], [AzureCliCredential], [AzurePowerShellCredential] and [AzureDeveloperCliCredential], in that order\n * - \"prod\": try [EnvironmentCredential], [WorkloadIdentityCredential], and [ManagedIdentityCredential], in that order\n \n /\nexport class DefaultAzureCredential extends ChainedTokenCredential {\n /*\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialClientIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialClientIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialClientIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialResourceIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialResourceIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialResourceIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialOptions}.\n */\n constructor(options?: DefaultAzureCredentialOptions);\n\n constructor(options?: DefaultAzureCredentialOptions) {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS\n ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()\n : undefined;\n const devCredentialFunctions = [\n createDefaultVisualStudioCodeCredential,\n createDefaultAzureCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultBrokerCredential,\n ];\n const prodCredentialFunctions = [\n createDefaultEnvironmentCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultManagedIdentityCredential,\n ];\n let credentialFunctions = [];\n const validCredentialNames =\n \"EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential\";\n // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.\n // The value of AZURE_TOKEN_CREDENTIALS should be either \"dev\" or \"prod\" or any one of these credentials - {validCredentialNames}.\n if (azureTokenCredentials) {\n switch (azureTokenCredentials) {\n case \"dev\":\n credentialFunctions = devCredentialFunctions;\n break;\n case \"prod\":\n credentialFunctions = prodCredentialFunctions;\n break;\n case \"environmentcredential\":\n credentialFunctions = [createDefaultEnvironmentCredential];\n break;\n case \"workloadidentitycredential\":\n credentialFunctions = [createDefaultWorkloadIdentityCredential];\n break;\n case \"managedidentitycredential\":\n credentialFunctions = [createDefaultManagedIdentityCredential];\n break;\n case \"visualstudiocodecredential\":\n credentialFunctions = [createDefaultVisualStudioCodeCredential];\n break;\n case \"azureclicredential\":\n credentialFunctions = [createDefaultAzureCliCredential];\n break;\n case \"azurepowershellcredential\":\n credentialFunctions = [createDefaultAzurePowershellCredential];\n break;\n case \"azuredeveloperclicredential\":\n credentialFunctions = [createDefaultAzureDeveloperCliCredential];\n break;\n default: {\n // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.\n // This will prevent the creation of the DefaultAzureCredential.\n const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;\n logger.warning(errorMessage);\n throw new Error(errorMessage);\n }\n }\n } else {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];\n }\n\n // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.\n // When adding new credentials to the default chain, consider:\n // 1. Making the constructor parameters required and explicit\n // 2. Validating any required parameters in the factory function\n // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason\n const credentials: TokenCredential[] = credentialFunctions.map((createCredentialFn) => {\n try {\n return createCredentialFn(options);\n } catch (err: any) {\n logger.warning(\n `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`,\n );\n return new UnavailableDefaultCredential(createCredentialFn.name, err.message);\n }\n });\n\n super(...credentials);\n }\n}\n"]}

package/dist/esm/credentials/defaultAzureCredentialFunctions.d.ts ADDED Viewed

@@ -0,0 +1,62 @@
+import type { TokenCredential } from "@azure/core-auth";
+import type { DefaultAzureCredentialClientIdOptions, DefaultAzureCredentialOptions, DefaultAzureCredentialResourceIdOptions } from "./defaultAzureCredentialOptions.js";
+/**
+ * Creates a {@link BrokerCredential} instance with the provided options.
+ * This credential uses the Windows Authentication Manager (WAM) broker for authentication.
+ * It will only attempt to authenticate silently using the default broker account
+ *
+ * @param options - Options for configuring the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultBrokerCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
+/**
+ * Creates a {@link VisualStudioCodeCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultVisualStudioCodeCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
+/**
+ * Creates a {@link ManagedIdentityCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultManagedIdentityCredential(options?: DefaultAzureCredentialOptions | DefaultAzureCredentialResourceIdOptions | DefaultAzureCredentialClientIdOptions): TokenCredential;
+/**
+ * Creates a {@link WorkloadIdentityCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultWorkloadIdentityCredential(options?: DefaultAzureCredentialOptions | DefaultAzureCredentialClientIdOptions): TokenCredential;
+/**
+ * Creates a {@link AzureDeveloperCliCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultAzureDeveloperCliCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
+/**
+ * Creates a {@link AzureCliCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultAzureCliCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
+/**
+ * Creates a {@link AzurePowerShellCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultAzurePowershellCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
+/**
+ * Creates an {@link EnvironmentCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export declare function createDefaultEnvironmentCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
+//# sourceMappingURL=defaultAzureCredentialFunctions.d.ts.map

package/dist/esm/credentials/defaultAzureCredentialFunctions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"defaultAzureCredentialFunctions.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredentialFunctions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,KAAK,EACV,qCAAqC,EACrC,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,oCAAoC,CAAC;AAe5C;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAC3C,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,uCAAuC,CACrD,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,sCAAsC,CACpD,OAAO,GACH,6BAA6B,GAC7B,uCAAuC,GACvC,qCAA0C,GAC7C,eAAe,CA8CjB;AAED;;;;;GAKG;AACH,wBAAgB,uCAAuC,CACrD,OAAO,CAAC,EAAE,6BAA6B,GAAG,qCAAqC,GAC9E,eAAe,CA4BjB;AAED;;;;;GAKG;AACH,wBAAgB,wCAAwC,CACtD,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,+BAA+B,CAC7C,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,sCAAsC,CACpD,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,kCAAkC,CAChD,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB"}

package/dist/esm/credentials/defaultAzureCredentialFunctions.js ADDED Viewed

@@ -0,0 +1,143 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { EnvironmentCredential } from "./environmentCredential.js";
+import { ManagedIdentityCredential } from "./managedIdentityCredential/index.js";
+import { WorkloadIdentityCredential } from "./workloadIdentityCredential.js";
+import { AzureDeveloperCliCredential } from "./azureDeveloperCliCredential.js";
+import { AzureCliCredential } from "./azureCliCredential.js";
+import { AzurePowerShellCredential } from "./azurePowerShellCredential.js";
+import { VisualStudioCodeCredential } from "./visualStudioCodeCredential.js";
+import { BrokerCredential } from "./brokerCredential.js";
+/**
+ * Creates a {@link BrokerCredential} instance with the provided options.
+ * This credential uses the Windows Authentication Manager (WAM) broker for authentication.
+ * It will only attempt to authenticate silently using the default broker account
+ *
+ * @param options - Options for configuring the credential.
+ *
+ * @internal
+ */
+export function createDefaultBrokerCredential(options = {}) {
+    return new BrokerCredential(options);
+}
+/**
+ * Creates a {@link VisualStudioCodeCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultVisualStudioCodeCredential(options = {}) {
+    return new VisualStudioCodeCredential(options);
+}
+/**
+ * Creates a {@link ManagedIdentityCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultManagedIdentityCredential(options = {}) {
+    options.retryOptions ??= {
+        maxRetries: 5,
+        retryDelayInMs: 800,
+    };
+    const managedIdentityClientId = options?.managedIdentityClientId ??
+        process.env.AZURE_CLIENT_ID;
+    const workloadIdentityClientId = options?.workloadIdentityClientId ??
+        managedIdentityClientId;
+    const managedResourceId = options
+        ?.managedIdentityResourceId;
+    const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
+    const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
+    if (managedResourceId) {
+        const managedIdentityResourceIdOptions = {
+            ...options,
+            resourceId: managedResourceId,
+        };
+        return new ManagedIdentityCredential(managedIdentityResourceIdOptions);
+    }
+    if (workloadFile && workloadIdentityClientId) {
+        const workloadIdentityCredentialOptions = {
+            ...options,
+            tenantId: tenantId,
+        };
+        return new ManagedIdentityCredential(workloadIdentityClientId, workloadIdentityCredentialOptions);
+    }
+    if (managedIdentityClientId) {
+        const managedIdentityClientOptions = {
+            ...options,
+            clientId: managedIdentityClientId,
+        };
+        return new ManagedIdentityCredential(managedIdentityClientOptions);
+    }
+    // We may be able to return a UnavailableCredential here, but that may be a breaking change
+    return new ManagedIdentityCredential(options);
+}
+/**
+ * Creates a {@link WorkloadIdentityCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultWorkloadIdentityCredential(options) {
+    const managedIdentityClientId = options?.managedIdentityClientId ??
+        process.env.AZURE_CLIENT_ID;
+    const workloadIdentityClientId = options?.workloadIdentityClientId ??
+        managedIdentityClientId;
+    const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
+    const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
+    if (workloadFile && workloadIdentityClientId) {
+        const workloadIdentityCredentialOptions = {
+            ...options,
+            tenantId,
+            clientId: workloadIdentityClientId,
+            tokenFilePath: workloadFile,
+        };
+        return new WorkloadIdentityCredential(workloadIdentityCredentialOptions);
+    }
+    if (tenantId) {
+        const workloadIdentityClientTenantOptions = {
+            ...options,
+            tenantId,
+        };
+        return new WorkloadIdentityCredential(workloadIdentityClientTenantOptions);
+    }
+    // We may be able to return a UnavailableCredential here, but that may be a breaking change
+    return new WorkloadIdentityCredential(options);
+}
+/**
+ * Creates a {@link AzureDeveloperCliCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultAzureDeveloperCliCredential(options = {}) {
+    return new AzureDeveloperCliCredential(options);
+}
+/**
+ * Creates a {@link AzureCliCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultAzureCliCredential(options = {}) {
+    return new AzureCliCredential(options);
+}
+/**
+ * Creates a {@link AzurePowerShellCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultAzurePowershellCredential(options = {}) {
+    return new AzurePowerShellCredential(options);
+}
+/**
+ * Creates an {@link EnvironmentCredential} from the provided options.
+ * @param options - Options to configure the credential.
+ *
+ * @internal
+ */
+export function createDefaultEnvironmentCredential(options = {}) {
+    return new EnvironmentCredential(options);
+}
+//# sourceMappingURL=defaultAzureCredentialFunctions.js.map

package/dist/esm/credentials/defaultAzureCredentialFunctions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"defaultAzureCredentialFunctions.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredentialFunctions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAQlC,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AAKnE,OAAO,EAAE,yBAAyB,EAAE,MAAM,sCAAsC,CAAC;AACjF,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAC/E,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAE3E,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;;;;;;;GAQG;AACH,MAAM,UAAU,6BAA6B,CAC3C,UAAyC,EAAE;IAE3C,OAAO,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uCAAuC,CACrD,UAAyC,EAAE;IAE3C,OAAO,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;AACjD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sCAAsC,CACpD,UAG4C,EAAE;IAE9C,OAAO,CAAC,YAAY,KAAK;QACvB,UAAU,EAAE,CAAC;QACb,cAAc,EAAE,GAAG;KACpB,CAAC;IACF,MAAM,uBAAuB,GAC1B,OAAiD,EAAE,uBAAuB;QAC3E,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAC9B,MAAM,wBAAwB,GAC3B,OAAiD,EAAE,wBAAwB;QAC5E,uBAAuB,CAAC;IAC1B,MAAM,iBAAiB,GAAI,OAAmD;QAC5E,EAAE,yBAAyB,CAAC;IAC9B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;IAC5D,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAClE,IAAI,iBAAiB,EAAE,CAAC;QACtB,MAAM,gCAAgC,GAA+C;YACnF,GAAG,OAAO;YACV,UAAU,EAAE,iBAAiB;SAC9B,CAAC;QACF,OAAO,IAAI,yBAAyB,CAAC,gCAAgC,CAAC,CAAC;IACzE,CAAC;IAED,IAAI,YAAY,IAAI,wBAAwB,EAAE,CAAC;QAC7C,MAAM,iCAAiC,GAAkC;YACvE,GAAG,OAAO;YACV,QAAQ,EAAE,QAAQ;SACnB,CAAC;QAEF,OAAO,IAAI,yBAAyB,CAClC,wBAAwB,EACxB,iCAAiC,CAClC,CAAC;IACJ,CAAC;IAED,IAAI,uBAAuB,EAAE,CAAC;QAC5B,MAAM,4BAA4B,GAA6C;YAC7E,GAAG,OAAO;YACV,QAAQ,EAAE,uBAAuB;SAClC,CAAC;QAEF,OAAO,IAAI,yBAAyB,CAAC,4BAA4B,CAAC,CAAC;IACrE,CAAC;IAED,2FAA2F;IAC3F,OAAO,IAAI,yBAAyB,CAAC,OAAO,CAAC,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uCAAuC,CACrD,OAA+E;IAE/E,MAAM,uBAAuB,GAC1B,OAAiD,EAAE,uBAAuB;QAC3E,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAC9B,MAAM,wBAAwB,GAC3B,OAAiD,EAAE,wBAAwB;QAC5E,uBAAuB,CAAC;IAC1B,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;IAC5D,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAClE,IAAI,YAAY,IAAI,wBAAwB,EAAE,CAAC;QAC7C,MAAM,iCAAiC,GAAsC;YAC3E,GAAG,OAAO;YACV,QAAQ;YACR,QAAQ,EAAE,wBAAwB;YAClC,aAAa,EAAE,YAAY;SAC5B,CAAC;QACF,OAAO,IAAI,0BAA0B,CAAC,iCAAiC,CAAC,CAAC;IAC3E,CAAC;IACD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,mCAAmC,GAAsC;YAC7E,GAAG,OAAO;YACV,QAAQ;SACT,CAAC;QACF,OAAO,IAAI,0BAA0B,CAAC,mCAAmC,CAAC,CAAC;IAC7E,CAAC;IAED,2FAA2F;IAC3F,OAAO,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;AACjD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,wCAAwC,CACtD,UAAyC,EAAE;IAE3C,OAAO,IAAI,2BAA2B,CAAC,OAAO,CAAC,CAAC;AAClD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,+BAA+B,CAC7C,UAAyC,EAAE;IAE3C,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;AACzC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sCAAsC,CACpD,UAAyC,EAAE;IAE3C,OAAO,IAAI,yBAAyB,CAAC,OAAO,CAAC,CAAC;AAChD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,kCAAkC,CAChD,UAAyC,EAAE;IAE3C,OAAO,IAAI,qBAAqB,CAAC,OAAO,CAAC,CAAC;AAC5C,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport type {\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type {\n ManagedIdentityCredentialClientIdOptions,\n ManagedIdentityCredentialResourceIdOptions,\n} from \"./managedIdentityCredential/options.js\";\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport type { WorkloadIdentityCredentialOptions } from \"./workloadIdentityCredentialOptions.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { BrokerCredential } from \"./brokerCredential.js\";\n\n/**\n * Creates a {@link BrokerCredential} instance with the provided options.\n * This credential uses the Windows Authentication Manager (WAM) broker for authentication.\n * It will only attempt to authenticate silently using the default broker account\n *\n * @param options - Options for configuring the credential.\n *\n * @internal\n */\nexport function createDefaultBrokerCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new BrokerCredential(options);\n}\n\n/**\n * Creates a {@link VisualStudioCodeCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultVisualStudioCodeCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new VisualStudioCodeCredential(options);\n}\n\n/**\n * Creates a {@link ManagedIdentityCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultManagedIdentityCredential(\n options:\n | DefaultAzureCredentialOptions\n | DefaultAzureCredentialResourceIdOptions\n | DefaultAzureCredentialClientIdOptions = {},\n): TokenCredential {\n options.retryOptions ??= {\n maxRetries: 5,\n retryDelayInMs: 800,\n };\n const managedIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.managedIdentityClientId ??\n process.env.AZURE_CLIENT_ID;\n const workloadIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.workloadIdentityClientId ??\n managedIdentityClientId;\n const managedResourceId = (options as DefaultAzureCredentialResourceIdOptions)\n ?.managedIdentityResourceId;\n const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;\n const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;\n if (managedResourceId) {\n const managedIdentityResourceIdOptions: ManagedIdentityCredentialResourceIdOptions = {\n ...options,\n resourceId: managedResourceId,\n };\n return new ManagedIdentityCredential(managedIdentityResourceIdOptions);\n }\n\n if (workloadFile && workloadIdentityClientId) {\n const workloadIdentityCredentialOptions: DefaultAzureCredentialOptions = {\n ...options,\n tenantId: tenantId,\n };\n\n return new ManagedIdentityCredential(\n workloadIdentityClientId,\n workloadIdentityCredentialOptions,\n );\n }\n\n if (managedIdentityClientId) {\n const managedIdentityClientOptions: ManagedIdentityCredentialClientIdOptions = {\n ...options,\n clientId: managedIdentityClientId,\n };\n\n return new ManagedIdentityCredential(managedIdentityClientOptions);\n }\n\n // We may be able to return a UnavailableCredential here, but that may be a breaking change\n return new ManagedIdentityCredential(options);\n}\n\n/**\n * Creates a {@link WorkloadIdentityCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultWorkloadIdentityCredential(\n options?: DefaultAzureCredentialOptions | DefaultAzureCredentialClientIdOptions,\n): TokenCredential {\n const managedIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.managedIdentityClientId ??\n process.env.AZURE_CLIENT_ID;\n const workloadIdentityClientId =\n (options as DefaultAzureCredentialClientIdOptions)?.workloadIdentityClientId ??\n managedIdentityClientId;\n const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;\n const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;\n if (workloadFile && workloadIdentityClientId) {\n const workloadIdentityCredentialOptions: WorkloadIdentityCredentialOptions = {\n ...options,\n tenantId,\n clientId: workloadIdentityClientId,\n tokenFilePath: workloadFile,\n };\n return new WorkloadIdentityCredential(workloadIdentityCredentialOptions);\n }\n if (tenantId) {\n const workloadIdentityClientTenantOptions: WorkloadIdentityCredentialOptions = {\n ...options,\n tenantId,\n };\n return new WorkloadIdentityCredential(workloadIdentityClientTenantOptions);\n }\n\n // We may be able to return a UnavailableCredential here, but that may be a breaking change\n return new WorkloadIdentityCredential(options);\n}\n\n/**\n * Creates a {@link AzureDeveloperCliCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultAzureDeveloperCliCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new AzureDeveloperCliCredential(options);\n}\n\n/**\n * Creates a {@link AzureCliCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultAzureCliCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new AzureCliCredential(options);\n}\n\n/**\n * Creates a {@link AzurePowerShellCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultAzurePowershellCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new AzurePowerShellCredential(options);\n}\n\n/**\n * Creates an {@link EnvironmentCredential} from the provided options.\n * @param options - Options to configure the credential.\n *\n * @internal\n */\nexport function createDefaultEnvironmentCredential(\n options: DefaultAzureCredentialOptions = {},\n): TokenCredential {\n return new EnvironmentCredential(options);\n}\n"]}

package/dist/workerd/constants.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
  * Current version of the `@azure/identity` package.
  */
-export declare const SDK_VERSION = "4.11.0-beta.1";
+export declare const SDK_VERSION = "4.11.0-beta.2";
 /**
  * The default client ID for authentication
  * @internal

package/dist/workerd/constants.js CHANGED Viewed

@@ -3,7 +3,7 @@
 /**
  * Current version of the `@azure/identity` package.
  */
-export const SDK_VERSION = `4.11.0-beta.1`;
+export const SDK_VERSION = `4.11.0-beta.2`;
 /**
  * The default client ID for authentication
  * @internal

package/dist/workerd/constants.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC;AAE3C;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/*\n Current version of the `@azure/identity` package.\n /\nexport const SDK_VERSION = `4.11.0-beta.1`;\n\n/\n The default client ID for authentication\n * @internal\n /\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/\n The default tenant for authentication\n * @internal\n /\nexport const DefaultTenantId = \"common\";\n\n/\n A list of known Azure authority hosts\n /\nexport enum AzureAuthorityHosts {\n /\n China-based Azure Authority Host\n /\n AzureChina = \"https://login.chinacloudapi.cn\",\n /\n Germany-based Azure Authority Host\n \n @deprecated Microsoft Cloud Germany was closed on October 29th, 2021.\n \n /\n AzureGermany = \"https://login.microsoftonline.de\",\n /\n US Government Azure Authority Host\n /\n AzureGovernment = \"https://login.microsoftonline.us\",\n /\n Public Cloud Azure Authority Host\n /\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/\n @internal\n * The default authority host.\n /\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/\n @internal\n * The default environment host for Azure Public Cloud\n /\nexport const DefaultAuthority = \"login.microsoftonline.com\";\n\n/\n @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n /\nexport const ALL_TENANTS: string[] = [\"\"];\n\n/*\n @internal\n /\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/\n @internal\n /\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/\n @internal\n \n The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}
1	+ {"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,CAAC;AAE3C;;;GAGG;AACH,2EAA2E;AAC3E,6CAA6C;AAC7C,uGAAuG;AACvG,MAAM,CAAC,MAAM,uBAAuB,GAAG,sCAAsC,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,QAAQ,CAAC;AAExC;;GAEG;AACH,MAAM,CAAN,IAAY,mBAoBX;AApBD,WAAY,mBAAmB;IAC7B;;OAEG;IACH,oEAA6C,CAAA;IAC7C;;;;;SAKK;IACL,wEAAiD,CAAA;IACjD;;OAEG;IACH,2EAAoD,CAAA;IACpD;;OAEG;IACH,6EAAsD,CAAA;AACxD,CAAC,EApBW,mBAAmB,KAAnB,mBAAmB,QAoB9B;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,gBAAgB,CAAC;AAEzE;;;GAGG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D;;;GAGG;AACH,MAAM,CAAC,MAAM,WAAW,GAAa,CAAC,GAAG,CAAC,CAAC;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,KAAK,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,OAAO,CAAC;AAE5C;;;;;GAKG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,YAAY,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/*\n Current version of the `@azure/identity` package.\n /\nexport const SDK_VERSION = `4.11.0-beta.2`;\n\n/\n The default client ID for authentication\n * @internal\n /\n// TODO: temporary - this is the Azure CLI clientID - we'll replace it when\n// Developer Sign On application is available\n// https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/Constants.cs#L9\nexport const DeveloperSignOnClientId = \"04b07795-8ddb-461a-bbee-02f9e1bf7b46\";\n\n/\n The default tenant for authentication\n * @internal\n /\nexport const DefaultTenantId = \"common\";\n\n/\n A list of known Azure authority hosts\n /\nexport enum AzureAuthorityHosts {\n /\n China-based Azure Authority Host\n /\n AzureChina = \"https://login.chinacloudapi.cn\",\n /\n Germany-based Azure Authority Host\n \n @deprecated Microsoft Cloud Germany was closed on October 29th, 2021.\n \n /\n AzureGermany = \"https://login.microsoftonline.de\",\n /\n US Government Azure Authority Host\n /\n AzureGovernment = \"https://login.microsoftonline.us\",\n /\n Public Cloud Azure Authority Host\n /\n AzurePublicCloud = \"https://login.microsoftonline.com\",\n}\n\n/\n @internal\n * The default authority host.\n /\nexport const DefaultAuthorityHost = AzureAuthorityHosts.AzurePublicCloud;\n\n/\n @internal\n * The default environment host for Azure Public Cloud\n /\nexport const DefaultAuthority = \"login.microsoftonline.com\";\n\n/\n @internal\n * Allow acquiring tokens for any tenant for multi-tentant auth.\n /\nexport const ALL_TENANTS: string[] = [\"\"];\n\n/*\n @internal\n /\nexport const CACHE_CAE_SUFFIX = \"cae\";\n\n/\n @internal\n /\nexport const CACHE_NON_CAE_SUFFIX = \"nocae\";\n\n/\n @internal\n \n The default name for the cache persistence plugin.\n * Matches the constant defined in the cache persistence package.\n */\nexport const DEFAULT_TOKEN_CACHE_NAME = \"msal.cache\";\n"]}

package/dist/workerd/credentials/defaultAzureCredential.d.ts CHANGED Viewed

@@ -1,37 +1,6 @@
 import type { DefaultAzureCredentialClientIdOptions, DefaultAzureCredentialOptions, DefaultAzureCredentialResourceIdOptions } from "./defaultAzureCredentialOptions.js";
 import { ChainedTokenCredential } from "./chainedTokenCredential.js";
 import type { TokenCredential } from "@azure/core-auth";
-/**
- * Creates a {@link ManagedIdentityCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-export declare function createDefaultManagedIdentityCredential(options?: DefaultAzureCredentialOptions | DefaultAzureCredentialResourceIdOptions | DefaultAzureCredentialClientIdOptions): TokenCredential;
-/**
- * Creates a BrokerCredential instance with the provided options.
- * This credential uses the Windows Authentication Manager (WAM) broker for authentication.
- * It will only attempt to authenticate silently using the default broker account
- *
- * @param options - Options for configuring the credential.
- *
- * @internal
- */
-export declare function createDefaultBrokerCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
-/**
- * Creates an {@link EnvironmentCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-export declare function createEnvironmentCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
-/**
- * Creates a {@link VisualStudioCodeCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
-export declare function createDefaultVisualStudioCodeCredential(options?: DefaultAzureCredentialOptions): TokenCredential;
 /**
  * A no-op credential that logs the reason it was skipped if getToken is called.
  * @internal
@@ -52,13 +21,24 @@ export declare class UnavailableDefaultCredential implements TokenCredential {
  * - {@link EnvironmentCredential}
  * - {@link WorkloadIdentityCredential}
  * - {@link ManagedIdentityCredential}
+ * - {@link VisualStudioCodeCredential}
  * - {@link AzureCliCredential}
  * - {@link AzurePowerShellCredential}
  * - {@link AzureDeveloperCliCredential}
- * - {@link VisualStudioCodeCredential}
  *
  * Consult the documentation of these credential types for more information
  * on how they attempt authentication.
+ *
+ * Selecting credentials
+ *
+ * Set environment variable AZURE_TOKEN_CREDENTIALS to select a subset of the credential chain.
+ * DefaultAzureCredential will try only the specified credential(s), but its other behavior remains the same.
+ * Valid values for AZURE_TOKEN_CREDENTIALS are the name of any single type in the above chain, for example
+ * "EnvironmentCredential" or "AzureCliCredential", and these special values:
+ *
+ *   - "dev": try [VisualStudioCodeCredential], [AzureCliCredential], [AzurePowerShellCredential] and [AzureDeveloperCliCredential], in that order
+ *   - "prod": try [EnvironmentCredential], [WorkloadIdentityCredential], and [ManagedIdentityCredential], in that order
+ *
  */
 export declare class DefaultAzureCredential extends ChainedTokenCredential {
     /**

package/dist/workerd/credentials/defaultAzureCredential.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultAzureCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,qCAAqC,EACrC,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,oCAAoC,CAAC;~~AAU5C~~,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AASxD;;;;;GAKG;AACH,wBAAgB,sCAAsC,CACpD,OAAO,GACH,6BAA6B,GAC7B,uCAAuC,GACvC,qCAA0C,GAC7C,eAAe,CA8CjB;AA+ED;;;;;;;;GAQG;AACH,wBAAgB,6BAA6B,CAC3C,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CACzC,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;;;GAKG;AACH,wBAAgB,uCAAuC,CACrD,OAAO,GAAE,6BAAkC,GAC1C,eAAe,CAEjB;AAED;;;GAGG;AACH,qBAAa,4BAA6B,YAAW,eAAe;IAClE,iCAAiC,EAAE,MAAM,CAAC;IAC1C,cAAc,EAAE,MAAM,CAAC;gBAEX,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAKnD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAM1B;AAED~~;;;;;;;;;;;;;;;;;GAiBG~~;AACH,qBAAa,sBAAuB,SAAQ,sBAAsB;IAChE;;;;OAIG;gBACS,OAAO,CAAC,EAAE,qCAAqC;IAE3D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,uCAAuC;IAE7D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,6BAA6B;~~CA+DpD~~"}
1	+ {"version":3,"file":"defaultAzureCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,qCAAqC,EACrC,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,oCAAoC,CAAC;AAO5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAgBxD;;;GAGG;AACH,qBAAa,4BAA6B,YAAW,eAAe;IAClE,iCAAiC,EAAE,MAAM,CAAC;IAC1C,cAAc,EAAE,MAAM,CAAC;gBAEX,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAKnD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAM1B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AACH,qBAAa,sBAAuB,SAAQ,sBAAsB;IAChE;;;;OAIG;gBACS,OAAO,CAAC,EAAE,qCAAqC;IAE3D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,uCAAuC;IAE7D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,6BAA6B;CAoFpD"}