npm - @azure/identity - Versions diffs - 4.11.2-alpha.20250829.1 → 4.12.0 - Mend

@azure/identity 4.11.2-alpha.20250829.1 → 4.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (97) hide show

package/dist/commonjs/credentials/azurePowerShellCredential.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"azurePowerShellCredential.js","sourceRoot":"","sources":["../../../src/credentials/azurePowerShellCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAyBlC,sCAMC;AAsPD,wCA2BC;AA7SD,+DAIkC;AAClC,mDAAkF;AAClF,yDAA0F;AAG1F,4CAA0D;AAC1D,6DAAuD;AACvD,mDAAmD;AAEnD,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,2BAA2B,CAAC,CAAC;AAE7D,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AAE/C;;;;GAIG;AACH,SAAgB,aAAa,CAAC,WAAmB;IAC/C,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,GAAG,WAAW,MAAM,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,OAAO,WAAW,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,QAAoB,EAAE,OAAgB;IAC/D,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,EAAE,GAAG,UAAU,CAAC,GAAG,OAAO,CAAC;QACtC,MAAM,MAAM,GAAG,CAAC,MAAM,8BAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,EAAE;YAC5D,QAAQ,EAAE,MAAM;YAChB,OAAO;SACR,CAAC,CAAW,CAAC;QAEd,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACU,QAAA,gBAAgB,GAAG;IAC9B,KAAK,EAAE,gCAAgC;IACvC,SAAS,EACP,uIAAuI;CAC1I,CAAC;AAEF;;;GAGG;AACU,QAAA,6BAA6B,GAAG;IAC3C,KAAK,EACH,8FAA8F;IAChG,SAAS,EAAE,4KAA4K;IACvL,KAAK,EACH,gIAAgI;IAClI,YAAY,EAAE,4FAA4F;CAC3G,CAAC;AAEF,mDAAmD;AACnD,MAAM,YAAY,GAA4C,CAAC,GAAU,EAAE,EAAE,CAC3E,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,wBAAgB,CAAC,KAAK,MAAM,CAAC,CAAC;AAEzD,qDAAqD;AACrD,MAAM,mBAAmB,GAA4C,CAAC,GAAU,EAAE,EAAE,CAClF,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,wBAAgB,CAAC,SAAS,CAAC,CAAC;AAEhD;;;;GAIG;AACU,QAAA,YAAY,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;AAEpD,IAAI,SAAS,EAAE,CAAC;IACd,oBAAY,CAAC,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAa,yBAAyB;IAC5B,QAAQ,CAAU;IAClB,4BAA4B,CAAW;IACvC,OAAO,CAAU;IAEzB;;;;;;;;;;OAUG;IACH,YAAY,OAA0C;QACpD,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;YACtB,IAAA,gCAAa,EAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,4BAA4B,GAAG,IAAA,sDAAmC,EACrE,OAAO,EAAE,0BAA0B,CACpC,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,EAAE,kBAAkB,CAAC;IAC7C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,6BAA6B,CACzC,QAAgB,EAChB,QAAiB,EACjB,OAAgB;QAEhB,uDAAuD;QACvD,KAAK,MAAM,iBAAiB,IAAI,CAAC,GAAG,oBAAY,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC;gBACH,MAAM,WAAW,CAAC,CAAC,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,gFAAgF;gBAChF,oBAAY,CAAC,KAAK,EAAE,CAAC;gBACrB,SAAS;YACX,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC;gBAChC;oBACE,iBAAiB;oBACjB,YAAY;oBACZ,iBAAiB;oBACjB,UAAU;oBACV;yBACe,QAAQ,IAAI,EAAE;;;;;6BAKV,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAmC1B;iBACF;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,cAAc,CAAC,MAAM,CAAC,CAAC;QAChC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;IAC9F,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,OAAO,0BAAa,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE;YACrF,MAAM,KAAK,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAE9D,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC;YACnC,IAAI,WAAW,IAAI,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;gBACtC,IAAI,QAAQ,GAAG,sCAAsC,WAAW,EAAE,CAAC;gBAEnE,MAAM,mBAAmB,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC7C,IAAI,mBAAmB,EAAE,CAAC;oBACxB,QAAQ,IAAI,YAAY,mBAAmB,EAAE,CAAC;gBAChD,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAC1C,GAAG,qCAA6B,CAAC,KAAK,IAAI,QAAQ,EAAE,CACrD,CAAC;gBAEF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,QAAQ,GAAG,IAAA,4CAAyB,EACxC,IAAI,CAAC,QAAQ,EACb,OAAO,EACP,IAAI,CAAC,4BAA4B,CAClC,CAAC;YACF,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAA,gCAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAClC,CAAC;YACD,IAAI,CAAC;gBACH,IAAA,+CAA+B,EAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBAC/C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAC;gBACjD,MAAM,QAAQ,GAAG,IAAA,gCAAgB,EAAC,KAAK,CAAC,CAAC;gBACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC5F,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,0BAAa,EAAC,MAAM,CAAC,CAAC,CAAC;gBAC5C,OAAO;oBACL,KAAK,EAAE,QAAQ,CAAC,KAAK;oBACrB,kBAAkB,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;oBAC1D,SAAS,EAAE,QAAQ;iBACL,CAAC;YACnB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAAC,qCAA6B,CAAC,SAAS,CAAC,CAAC;oBACtF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBAChD,MAAM,KAAK,CAAC;gBACd,CAAC;qBAAM,IAAI,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAAC,qCAA6B,CAAC,KAAK,CAAC,CAAC;oBAClF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBAChD,MAAM,KAAK,CAAC;gBACd,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAC1C,GAAG,GAAG,KAAK,qCAA6B,CAAC,YAAY,EAAE,CACxD,CAAC;gBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AA1KD,8DA0KC;AAED;;;GAGG;AACI,KAAK,UAAU,cAAc,CAClC,MAAc;IAEd,MAAM,SAAS,GAAG,WAAW,CAAC;IAC9B,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,kBAAkB,GAAG,MAAM,CAAC;IAChC,IAAI,OAAO,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACrC,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;wBACvB,kBAAkB,GAAG,kBAAkB,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAC1D,IAAI,kBAAkB,EAAE,CAAC;4BACvB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;wBAC9C,CAAC;wBACD,OAAO,WAAW,CAAC;oBACrB,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,SAAS;gBACX,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,yDAAyD,MAAM,EAAE,CAAC,CAAC;AACrF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging.js\";\nimport { ensureValidScopeForDevTimeCreds, getScopeResource } from \"../util/scopeUtils.js\";\n\nimport type { AzurePowerShellCredentialOptions } from \"./azurePowerShellCredentialOptions.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport { processUtils } from \"../util/processUtils.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"AzurePowerShellCredential\");\n\nconst isWindows = process.platform === \"win32\";\n\n/*\n Returns a platform-appropriate command name by appending \".exe\" on Windows.\n \n @internal\n /\nexport function formatCommand(commandName: string): string {\n if (isWindows) {\n return `${commandName}.exe`;\n } else {\n return commandName;\n }\n}\n\n/\n Receives a list of commands to run, executes them, then returns the outputs.\n * If anything fails, an error is thrown.\n * @internal\n /\nasync function runCommands(commands: string[][], timeout?: number): Promise<string[]> {\n const results: string[] = [];\n\n for (const command of commands) {\n const [file, ...parameters] = command;\n const result = (await processUtils.execFile(file, parameters, {\n encoding: \"utf8\",\n timeout,\n })) as string;\n\n results.push(result);\n }\n\n return results;\n}\n\n/\n Known PowerShell errors\n * @internal\n /\nexport const powerShellErrors = {\n login: \"Run Connect-AzAccount to login\",\n installed:\n \"The specified module 'Az.Accounts' with version '2.2.0' was not loaded because no valid module file was found in any module directory\",\n};\n\n/\n Messages to use when throwing in this credential.\n * @internal\n /\nexport const powerShellPublicErrorMessages = {\n login:\n \"Please run 'Connect-AzAccount' from PowerShell to authenticate before using this credential.\",\n installed: `The 'Az.Account' module >= 2.2.0 is not installed. Install the Azure Az PowerShell module with: \"Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force\".`,\n claim:\n \"This credential doesn't support claims challenges. To authenticate with the required claims, please run the following command:\",\n troubleshoot: `To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.`,\n};\n\n// PowerShell Azure User not logged in error check.\nconst isLoginError: (err: Error) => RegExpMatchArray \| null = (err: Error) =>\n err.message.match(`(.)${powerShellErrors.login}(.)`);\n\n// Az Module not Installed in Azure PowerShell check.\nconst isNotInstalledError: (err: Error) => RegExpMatchArray \| null = (err: Error) =>\n err.message.match(powerShellErrors.installed);\n\n/\n The PowerShell commands to be tried, in order.\n \n @internal\n /\nexport const commandStack = [formatCommand(\"pwsh\")];\n\nif (isWindows) {\n commandStack.push(formatCommand(\"powershell\"));\n}\n\n/\n This credential will use the currently logged-in user information from the\n * Azure PowerShell module. To do so, it will read the user access token and\n * expire time with Azure PowerShell command `Get-AzAccessToken -ResourceUrl {ResourceScope}`\n /\nexport class AzurePowerShellCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private timeout?: number;\n\n /\n Creates an instance of the {@link AzurePowerShellCredential}.\n \n To use this credential:\n * - Install the Azure Az PowerShell module with:\n * `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.\n * - You have already logged in to Azure PowerShell using the command\n * `Connect-AzAccount` from the command line.\n \n @param options - Options, to optionally allow multi-tenant requests.\n /\n constructor(options?: AzurePowerShellCredentialOptions) {\n if (options?.tenantId) {\n checkTenantId(logger, options?.tenantId);\n this.tenantId = options?.tenantId;\n }\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.timeout = options?.processTimeoutInMs;\n }\n\n /\n Gets the access token from Azure PowerShell\n * @param resource - The resource to use when getting the token\n /\n private async getAzurePowerShellAccessToken(\n resource: string,\n tenantId?: string,\n timeout?: number,\n ): Promise<{ Token: string; ExpiresOn: string }> {\n // Clone the stack to avoid mutating it while iterating\n for (const powerShellCommand of [...commandStack]) {\n try {\n await runCommands([[powerShellCommand, \"/?\"]], timeout);\n } catch (e: any) {\n // Remove this credential from the original stack so that we don't try it again.\n commandStack.shift();\n continue;\n }\n\n const results = await runCommands([\n [\n powerShellCommand,\n \"-NoProfile\",\n \"-NonInteractive\",\n \"-Command\",\n `\n $tenantId = \"${tenantId ?? \"\"}\"\n $m = Import-Module Az.Accounts -MinimumVersion 2.2.0 -PassThru\n $useSecureString = $m.Version -ge [version]'2.17.0' -and $m.Version -lt [version]'5.0.0'\n\n $params = @{\n ResourceUrl = \"${resource}\"\n }\n\n if ($tenantId.Length -gt 0) {\n $params[\"TenantId\"] = $tenantId\n }\n\n if ($useSecureString) {\n $params[\"AsSecureString\"] = $true\n }\n\n $token = Get-AzAccessToken @params\n\n $result = New-Object -TypeName PSObject\n $result \| Add-Member -MemberType NoteProperty -Name ExpiresOn -Value $token.ExpiresOn\n\n if ($token.Token -is [System.Security.SecureString]) {\n if ($PSVersionTable.PSVersion.Major -lt 7) {\n $ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($token.Token)\n try {\n $result \| Add-Member -MemberType NoteProperty -Name Token -Value ([System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr))\n }\n finally {\n [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)\n }\n }\n else {\n $result \| Add-Member -MemberType NoteProperty -Name Token -Value ($token.Token \| ConvertFrom-SecureString -AsPlainText)\n }\n }\n else {\n $result \| Add-Member -MemberType NoteProperty -Name Token -Value $token.Token\n }\n\n Write-Output (ConvertTo-Json $result)\n `,\n ],\n ]);\n\n const result = results[0];\n return parseJsonToken(result);\n }\n throw new Error(`Unable to execute PowerShell. Ensure that it is installed in your system`);\n }\n\n /\n Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If the authentication cannot be performed through PowerShell, a {@link CredentialUnavailableError} will be thrown.\n \n @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this TokenCredential implementation might make.\n /\n public async getToken(\n scopes: string \| string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {\n const scope = typeof scopes === \"string\" ? scopes : scopes[0];\n\n const claimsValue = options.claims;\n if (claimsValue && claimsValue.trim()) {\n let loginCmd = `Connect-AzAccount -ClaimsChallenge ${claimsValue}`;\n\n const tenantIdFromOptions = options.tenantId;\n if (tenantIdFromOptions) {\n loginCmd += ` -Tenant ${tenantIdFromOptions}`;\n }\n const error = new CredentialUnavailableError(\n `${powerShellPublicErrorMessages.claim} ${loginCmd}`,\n );\n\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n );\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n try {\n ensureValidScopeForDevTimeCreds(scope, logger);\n logger.getToken.info(`Using the scope ${scope}`);\n const resource = getScopeResource(scope);\n const response = await this.getAzurePowerShellAccessToken(resource, tenantId, this.timeout);\n logger.getToken.info(formatSuccess(scopes));\n return {\n token: response.Token,\n expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),\n tokenType: \"Bearer\",\n } as AccessToken;\n } catch (err: any) {\n if (isNotInstalledError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.installed);\n logger.getToken.info(formatError(scope, error));\n throw error;\n } else if (isLoginError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.login);\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n const error = new CredentialUnavailableError(\n `${err}. ${powerShellPublicErrorMessages.troubleshoot}`,\n );\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n });\n }\n}\n\n/\n \n * @internal\n /\nexport async function parseJsonToken(\n result: string,\n): Promise<{ Token: string; ExpiresOn: string }> {\n const jsonRegex = /{[^{}]}/g;\n const matches = result.match(jsonRegex);\n let resultWithoutToken = result;\n if (matches) {\n try {\n for (const item of matches) {\n try {\n const jsonContent = JSON.parse(item);\n if (jsonContent?.Token) {\n resultWithoutToken = resultWithoutToken.replace(item, \"\");\n if (resultWithoutToken) {\n logger.getToken.warning(resultWithoutToken);\n }\n return jsonContent;\n }\n } catch (e) {\n continue;\n }\n }\n } catch (e: any) {\n throw new Error(`Unable to parse the output of PowerShell. Received output: ${result}`);\n }\n }\n throw new Error(`No access token found in the output. Received output: ${result}`);\n}\n"]}
1	+ {"version":3,"file":"azurePowerShellCredential.js","sourceRoot":"","sources":["../../../src/credentials/azurePowerShellCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAyBlC,sCAMC;AAuPD,wCA2BC;AA9SD,+DAIkC;AAClC,mDAAkF;AAClF,yDAA0F;AAG1F,4CAA0D;AAC1D,6DAAuD;AACvD,mDAAmD;AAEnD,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,2BAA2B,CAAC,CAAC;AAE7D,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AAE/C;;;;GAIG;AACH,SAAgB,aAAa,CAAC,WAAmB;IAC/C,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,GAAG,WAAW,MAAM,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,OAAO,WAAW,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,QAAoB,EAAE,OAAgB;IAC/D,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,EAAE,GAAG,UAAU,CAAC,GAAG,OAAO,CAAC;QACtC,MAAM,MAAM,GAAG,CAAC,MAAM,8BAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,EAAE;YAC5D,QAAQ,EAAE,MAAM;YAChB,OAAO;SACR,CAAC,CAAW,CAAC;QAEd,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACU,QAAA,gBAAgB,GAAG;IAC9B,KAAK,EAAE,gCAAgC;IACvC,SAAS,EACP,uIAAuI;CAC1I,CAAC;AAEF;;;GAGG;AACU,QAAA,6BAA6B,GAAG;IAC3C,KAAK,EACH,8FAA8F;IAChG,SAAS,EAAE,4KAA4K;IACvL,KAAK,EACH,gIAAgI;IAClI,YAAY,EAAE,4FAA4F;CAC3G,CAAC;AAEF,mDAAmD;AACnD,MAAM,YAAY,GAA4C,CAAC,GAAU,EAAE,EAAE,CAC3E,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,wBAAgB,CAAC,KAAK,MAAM,CAAC,CAAC;AAEzD,qDAAqD;AACrD,MAAM,mBAAmB,GAA4C,CAAC,GAAU,EAAE,EAAE,CAClF,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,wBAAgB,CAAC,SAAS,CAAC,CAAC;AAEhD;;;;GAIG;AACU,QAAA,YAAY,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;AAEpD,IAAI,SAAS,EAAE,CAAC;IACd,oBAAY,CAAC,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAa,yBAAyB;IAC5B,QAAQ,CAAU;IAClB,4BAA4B,CAAW;IACvC,OAAO,CAAU;IAEzB;;;;;;;;;;OAUG;IACH,YAAY,OAA0C;QACpD,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;YACtB,IAAA,gCAAa,EAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,4BAA4B,GAAG,IAAA,sDAAmC,EACrE,OAAO,EAAE,0BAA0B,CACpC,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,EAAE,kBAAkB,CAAC;IAC7C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,6BAA6B,CACzC,QAAgB,EAChB,QAAiB,EACjB,OAAgB;QAEhB,uDAAuD;QACvD,KAAK,MAAM,iBAAiB,IAAI,CAAC,GAAG,oBAAY,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC;gBACH,MAAM,WAAW,CAAC,CAAC,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,gFAAgF;gBAChF,oBAAY,CAAC,KAAK,EAAE,CAAC;gBACrB,SAAS;YACX,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC;gBAChC;oBACE,iBAAiB;oBACjB,YAAY;oBACZ,iBAAiB;oBACjB,UAAU;oBACV;yBACe,QAAQ,IAAI,EAAE;;;;;6BAKV,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAmC1B;iBACF;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,cAAc,CAAC,MAAM,CAAC,CAAC;QAChC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;IAC9F,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,OAAO,0BAAa,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE;YACrF,MAAM,KAAK,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAE9D,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC;YACnC,IAAI,WAAW,IAAI,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;gBACtC,MAAM,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;gBACxC,IAAI,QAAQ,GAAG,sCAAsC,aAAa,EAAE,CAAC;gBAErE,MAAM,mBAAmB,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC7C,IAAI,mBAAmB,EAAE,CAAC;oBACxB,QAAQ,IAAI,YAAY,mBAAmB,EAAE,CAAC;gBAChD,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAC1C,GAAG,qCAA6B,CAAC,KAAK,IAAI,QAAQ,EAAE,CACrD,CAAC;gBAEF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,QAAQ,GAAG,IAAA,4CAAyB,EACxC,IAAI,CAAC,QAAQ,EACb,OAAO,EACP,IAAI,CAAC,4BAA4B,CAClC,CAAC;YACF,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAA,gCAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAClC,CAAC;YACD,IAAI,CAAC;gBACH,IAAA,+CAA+B,EAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBAC/C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAC;gBACjD,MAAM,QAAQ,GAAG,IAAA,gCAAgB,EAAC,KAAK,CAAC,CAAC;gBACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC5F,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,0BAAa,EAAC,MAAM,CAAC,CAAC,CAAC;gBAC5C,OAAO;oBACL,KAAK,EAAE,QAAQ,CAAC,KAAK;oBACrB,kBAAkB,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;oBAC1D,SAAS,EAAE,QAAQ;iBACL,CAAC;YACnB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAAC,qCAA6B,CAAC,SAAS,CAAC,CAAC;oBACtF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBAChD,MAAM,KAAK,CAAC;gBACd,CAAC;qBAAM,IAAI,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAAC,qCAA6B,CAAC,KAAK,CAAC,CAAC;oBAClF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBAChD,MAAM,KAAK,CAAC;gBACd,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAC1C,GAAG,GAAG,KAAK,qCAA6B,CAAC,YAAY,EAAE,CACxD,CAAC;gBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AA3KD,8DA2KC;AAED;;;GAGG;AACI,KAAK,UAAU,cAAc,CAClC,MAAc;IAEd,MAAM,SAAS,GAAG,WAAW,CAAC;IAC9B,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,kBAAkB,GAAG,MAAM,CAAC;IAChC,IAAI,OAAO,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACrC,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;wBACvB,kBAAkB,GAAG,kBAAkB,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAC1D,IAAI,kBAAkB,EAAE,CAAC;4BACvB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;wBAC9C,CAAC;wBACD,OAAO,WAAW,CAAC;oBACrB,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,SAAS;gBACX,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,yDAAyD,MAAM,EAAE,CAAC,CAAC;AACrF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging.js\";\nimport { ensureValidScopeForDevTimeCreds, getScopeResource } from \"../util/scopeUtils.js\";\n\nimport type { AzurePowerShellCredentialOptions } from \"./azurePowerShellCredentialOptions.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport { processUtils } from \"../util/processUtils.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"AzurePowerShellCredential\");\n\nconst isWindows = process.platform === \"win32\";\n\n/*\n Returns a platform-appropriate command name by appending \".exe\" on Windows.\n \n @internal\n /\nexport function formatCommand(commandName: string): string {\n if (isWindows) {\n return `${commandName}.exe`;\n } else {\n return commandName;\n }\n}\n\n/\n Receives a list of commands to run, executes them, then returns the outputs.\n * If anything fails, an error is thrown.\n * @internal\n /\nasync function runCommands(commands: string[][], timeout?: number): Promise<string[]> {\n const results: string[] = [];\n\n for (const command of commands) {\n const [file, ...parameters] = command;\n const result = (await processUtils.execFile(file, parameters, {\n encoding: \"utf8\",\n timeout,\n })) as string;\n\n results.push(result);\n }\n\n return results;\n}\n\n/\n Known PowerShell errors\n * @internal\n /\nexport const powerShellErrors = {\n login: \"Run Connect-AzAccount to login\",\n installed:\n \"The specified module 'Az.Accounts' with version '2.2.0' was not loaded because no valid module file was found in any module directory\",\n};\n\n/\n Messages to use when throwing in this credential.\n * @internal\n /\nexport const powerShellPublicErrorMessages = {\n login:\n \"Please run 'Connect-AzAccount' from PowerShell to authenticate before using this credential.\",\n installed: `The 'Az.Account' module >= 2.2.0 is not installed. Install the Azure Az PowerShell module with: \"Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force\".`,\n claim:\n \"This credential doesn't support claims challenges. To authenticate with the required claims, please run the following command:\",\n troubleshoot: `To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.`,\n};\n\n// PowerShell Azure User not logged in error check.\nconst isLoginError: (err: Error) => RegExpMatchArray \| null = (err: Error) =>\n err.message.match(`(.)${powerShellErrors.login}(.)`);\n\n// Az Module not Installed in Azure PowerShell check.\nconst isNotInstalledError: (err: Error) => RegExpMatchArray \| null = (err: Error) =>\n err.message.match(powerShellErrors.installed);\n\n/\n The PowerShell commands to be tried, in order.\n \n @internal\n /\nexport const commandStack = [formatCommand(\"pwsh\")];\n\nif (isWindows) {\n commandStack.push(formatCommand(\"powershell\"));\n}\n\n/\n This credential will use the currently logged-in user information from the\n * Azure PowerShell module. To do so, it will read the user access token and\n * expire time with Azure PowerShell command `Get-AzAccessToken -ResourceUrl {ResourceScope}`\n /\nexport class AzurePowerShellCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private timeout?: number;\n\n /\n Creates an instance of the {@link AzurePowerShellCredential}.\n \n To use this credential:\n * - Install the Azure Az PowerShell module with:\n * `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.\n * - You have already logged in to Azure PowerShell using the command\n * `Connect-AzAccount` from the command line.\n \n @param options - Options, to optionally allow multi-tenant requests.\n /\n constructor(options?: AzurePowerShellCredentialOptions) {\n if (options?.tenantId) {\n checkTenantId(logger, options?.tenantId);\n this.tenantId = options?.tenantId;\n }\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.timeout = options?.processTimeoutInMs;\n }\n\n /\n Gets the access token from Azure PowerShell\n * @param resource - The resource to use when getting the token\n /\n private async getAzurePowerShellAccessToken(\n resource: string,\n tenantId?: string,\n timeout?: number,\n ): Promise<{ Token: string; ExpiresOn: string }> {\n // Clone the stack to avoid mutating it while iterating\n for (const powerShellCommand of [...commandStack]) {\n try {\n await runCommands([[powerShellCommand, \"/?\"]], timeout);\n } catch (e: any) {\n // Remove this credential from the original stack so that we don't try it again.\n commandStack.shift();\n continue;\n }\n\n const results = await runCommands([\n [\n powerShellCommand,\n \"-NoProfile\",\n \"-NonInteractive\",\n \"-Command\",\n `\n $tenantId = \"${tenantId ?? \"\"}\"\n $m = Import-Module Az.Accounts -MinimumVersion 2.2.0 -PassThru\n $useSecureString = $m.Version -ge [version]'2.17.0' -and $m.Version -lt [version]'5.0.0'\n\n $params = @{\n ResourceUrl = \"${resource}\"\n }\n\n if ($tenantId.Length -gt 0) {\n $params[\"TenantId\"] = $tenantId\n }\n\n if ($useSecureString) {\n $params[\"AsSecureString\"] = $true\n }\n\n $token = Get-AzAccessToken @params\n\n $result = New-Object -TypeName PSObject\n $result \| Add-Member -MemberType NoteProperty -Name ExpiresOn -Value $token.ExpiresOn\n\n if ($token.Token -is [System.Security.SecureString]) {\n if ($PSVersionTable.PSVersion.Major -lt 7) {\n $ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($token.Token)\n try {\n $result \| Add-Member -MemberType NoteProperty -Name Token -Value ([System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr))\n }\n finally {\n [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)\n }\n }\n else {\n $result \| Add-Member -MemberType NoteProperty -Name Token -Value ($token.Token \| ConvertFrom-SecureString -AsPlainText)\n }\n }\n else {\n $result \| Add-Member -MemberType NoteProperty -Name Token -Value $token.Token\n }\n\n Write-Output (ConvertTo-Json $result)\n `,\n ],\n ]);\n\n const result = results[0];\n return parseJsonToken(result);\n }\n throw new Error(`Unable to execute PowerShell. Ensure that it is installed in your system`);\n }\n\n /\n Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If the authentication cannot be performed through PowerShell, a {@link CredentialUnavailableError} will be thrown.\n \n @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this TokenCredential implementation might make.\n /\n public async getToken(\n scopes: string \| string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {\n const scope = typeof scopes === \"string\" ? scopes : scopes[0];\n\n const claimsValue = options.claims;\n if (claimsValue && claimsValue.trim()) {\n const encodedClaims = btoa(claimsValue);\n let loginCmd = `Connect-AzAccount -ClaimsChallenge ${encodedClaims}`;\n\n const tenantIdFromOptions = options.tenantId;\n if (tenantIdFromOptions) {\n loginCmd += ` -Tenant ${tenantIdFromOptions}`;\n }\n const error = new CredentialUnavailableError(\n `${powerShellPublicErrorMessages.claim} ${loginCmd}`,\n );\n\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n );\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n try {\n ensureValidScopeForDevTimeCreds(scope, logger);\n logger.getToken.info(`Using the scope ${scope}`);\n const resource = getScopeResource(scope);\n const response = await this.getAzurePowerShellAccessToken(resource, tenantId, this.timeout);\n logger.getToken.info(formatSuccess(scopes));\n return {\n token: response.Token,\n expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),\n tokenType: \"Bearer\",\n } as AccessToken;\n } catch (err: any) {\n if (isNotInstalledError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.installed);\n logger.getToken.info(formatError(scope, error));\n throw error;\n } else if (isLoginError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.login);\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n const error = new CredentialUnavailableError(\n `${err}. ${powerShellPublicErrorMessages.troubleshoot}`,\n );\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n });\n }\n}\n\n/\n \n * @internal\n /\nexport async function parseJsonToken(\n result: string,\n): Promise<{ Token: string; ExpiresOn: string }> {\n const jsonRegex = /{[^{}]}/g;\n const matches = result.match(jsonRegex);\n let resultWithoutToken = result;\n if (matches) {\n try {\n for (const item of matches) {\n try {\n const jsonContent = JSON.parse(item);\n if (jsonContent?.Token) {\n resultWithoutToken = resultWithoutToken.replace(item, \"\");\n if (resultWithoutToken) {\n logger.getToken.warning(resultWithoutToken);\n }\n return jsonContent;\n }\n } catch (e) {\n continue;\n }\n }\n } catch (e: any) {\n throw new Error(`Unable to parse the output of PowerShell. Received output: ${result}`);\n }\n }\n throw new Error(`No access token found in the output. Received output: ${result}`);\n}\n"]}

package/dist/commonjs/credentials/defaultAzureCredential.d.ts CHANGED Viewed

@@ -29,6 +29,23 @@ export declare class UnavailableDefaultCredential implements TokenCredential {
  *
  * Consult the documentation of these credential types for more information
  * on how they attempt authentication.
+ *
+ * The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.
+ * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.
+ * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.
+ * ```ts snippet:defaultazurecredential_requiredEnvVars
+ * import { DefaultAzureCredential } from "@azure/identity";
+ *
+ * const credential = new DefaultAzureCredential({
+ *   requiredEnvVars: [
+ *     "AZURE_CLIENT_ID",
+ *     "AZURE_TENANT_ID",
+ *     "AZURE_CLIENT_SECRET",
+ *     "AZURE_TOKEN_CREDENTIALS",
+ *   ],
+ * });
+ * ```
  */
 export declare class DefaultAzureCredential extends ChainedTokenCredential {
     /**

package/dist/commonjs/credentials/defaultAzureCredential.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultAzureCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,qCAAqC,EACrC,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,oCAAoC,CAAC;AAO5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAgBxD;;;GAGG;AACH,qBAAa,4BAA6B,YAAW,eAAe;IAClE,iCAAiC,EAAE,MAAM,CAAC;IAC1C,cAAc,EAAE,MAAM,CAAC;gBAEX,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAKnD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAM1B;AAED~~;;;;;;;;;;;;;;;;;;GAkBG~~;AACH,qBAAa,sBAAuB,SAAQ,sBAAsB;IAChE;;;;OAIG;gBACS,OAAO,CAAC,EAAE,qCAAqC;IAE3D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,uCAAuC;IAE7D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,6BAA6B;~~CAoFpD~~"}
1	+ {"version":3,"file":"defaultAzureCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,qCAAqC,EACrC,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,oCAAoC,CAAC;AAO5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAgBxD;;;GAGG;AACH,qBAAa,4BAA6B,YAAW,eAAe;IAClE,iCAAiC,EAAE,MAAM,CAAC;IAC1C,cAAc,EAAE,MAAM,CAAC;gBAEX,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAKnD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAM1B;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,qBAAa,sBAAuB,SAAQ,sBAAsB;IAChE;;;;OAIG;gBACS,OAAO,CAAC,EAAE,qCAAqC;IAE3D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,uCAAuC;IAE7D;;;;OAIG;gBACS,OAAO,CAAC,EAAE,6BAA6B;CAqFpD"}

package/dist/commonjs/credentials/defaultAzureCredential.js CHANGED Viewed

@@ -42,9 +42,27 @@ exports.UnavailableDefaultCredential = UnavailableDefaultCredential;
  *
  * Consult the documentation of these credential types for more information
  * on how they attempt authentication.
+ *
+ * The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.
+ * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.
+ * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.
+ * ```ts snippet:defaultazurecredential_requiredEnvVars
+ * import { DefaultAzureCredential } from "@azure/identity";
+ *
+ * const credential = new DefaultAzureCredential({
+ *   requiredEnvVars: [
+ *     "AZURE_CLIENT_ID",
+ *     "AZURE_TENANT_ID",
+ *     "AZURE_CLIENT_SECRET",
+ *     "AZURE_TOKEN_CREDENTIALS",
+ *   ],
+ * });
+ * ```
  */
 class DefaultAzureCredential extends chainedTokenCredential_js_1.ChainedTokenCredential {
     constructor(options) {
+        validateRequiredEnvVars(options);
         // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.
         const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS
             ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()
@@ -125,4 +143,21 @@ class DefaultAzureCredential extends chainedTokenCredential_js_1.ChainedTokenCre
     }
 }
 exports.DefaultAzureCredential = DefaultAzureCredential;
+/**
+ * @internal This function checks that all environment variables in `options.requiredEnvVars` are set and non-empty.
+ * If any are missing or empty, it throws an error.
+ */
+function validateRequiredEnvVars(options) {
+    if (options?.requiredEnvVars) {
+        const requiredVars = Array.isArray(options.requiredEnvVars)
+            ? options.requiredEnvVars
+            : [options.requiredEnvVars];
+        const missing = requiredVars.filter((envVar) => !process.env[envVar]);
+        if (missing.length > 0) {
+            const errorMessage = `Required environment ${missing.length === 1 ? "variable" : "variables"} '${missing.join(", ")}' for DefaultAzureCredential ${missing.length === 1 ? "is" : "are"} not set or empty.`;
+            logger.warning(errorMessage);
+            throw new Error(errorMessage);
+        }
+    }
+}
 //# sourceMappingURL=defaultAzureCredential.js.map

package/dist/commonjs/credentials/defaultAzureCredential.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultAzureCredential.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAalC,2EAAqE;AAIrE,mDAAsD;AACtD,6FAS8C;AAE9C,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,wBAAwB,CAAC,CAAC;AAE1D;;;GAGG;AACH,MAAa,4BAA4B;IACvC,iCAAiC,CAAS;IAC1C,cAAc,CAAS;IAEvB,YAAY,cAAsB,EAAE,OAAe;QACjD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,iCAAiC,GAAG,OAAO,CAAC;IACnD,CAAC;IAED,QAAQ;QACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,YAAY,IAAI,CAAC,cAAc,aAAa,IAAI,CAAC,iCAAiC,EAAE,CACrF,CAAC;QACF,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF;AAfD,oEAeC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAa,sBAAuB,SAAQ,kDAAsB;IAsBhE,YAAY,OAAuC;QACjD,2EAA2E;QAC3E,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB;YAC/D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;YAC1D,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,sBAAsB,GAAG;YAC7B,4EAAuC;YACvC,oEAA+B;YAC/B,2EAAsC;YACtC,6EAAwC;YACxC,kEAA6B;SAC9B,CAAC;QACF,MAAM,uBAAuB,GAAG;YAC9B,uEAAkC;YAClC,4EAAuC;YACvC,2EAAsC;SACvC,CAAC;QACF,IAAI,mBAAmB,GAAG,EAAE,CAAC;QAC7B,MAAM,oBAAoB,GACxB,sLAAsL,CAAC;QACzL,mFAAmF;QACnF,kIAAkI;QAClI,IAAI,qBAAqB,EAAE,CAAC;YAC1B,QAAQ,qBAAqB,EAAE,CAAC;gBAC9B,KAAK,KAAK;oBACR,mBAAmB,GAAG,sBAAsB,CAAC;oBAC7C,MAAM;gBACR,KAAK,MAAM;oBACT,mBAAmB,GAAG,uBAAuB,CAAC;oBAC9C,MAAM;gBACR,KAAK,uBAAuB;oBAC1B,mBAAmB,GAAG,CAAC,uEAAkC,CAAC,CAAC;oBAC3D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,4EAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,2EAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,4EAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,oBAAoB;oBACvB,mBAAmB,GAAG,CAAC,oEAA+B,CAAC,CAAC;oBACxD,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,2EAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,6BAA6B;oBAChC,mBAAmB,GAAG,CAAC,6EAAwC,CAAC,CAAC;oBACjE,MAAM;gBACR,OAAO,CAAC,CAAC,CAAC;oBACR,6EAA6E;oBAC7E,gEAAgE;oBAChE,MAAM,YAAY,GAAG,+CAA+C,OAAO,CAAC,GAAG,CAAC,uBAAuB,oEAAoE,oBAAoB,GAAG,CAAC;oBACnM,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2EAA2E;YAC3E,mBAAmB,GAAG,CAAC,GAAG,uBAAuB,EAAE,GAAG,sBAAsB,CAAC,CAAC;QAChF,CAAC;QAED,gLAAgL;QAChL,8DAA8D;QAC9D,6DAA6D;QAC7D,gEAAgE;QAChE,sHAAsH;QACtH,MAAM,WAAW,GAAsB,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YACpF,IAAI,CAAC;gBACH,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,OAAO,CACZ,WAAW,kBAAkB,CAAC,IAAI,iDAAiD,GAAG,EAAE,CACzF,CAAC;gBACF,OAAO,IAAI,4BAA4B,CAAC,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YAChF,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC;IACxB,CAAC;CACF;AAxGD,wDAwGC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\n\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport {\n createDefaultAzureCliCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultBrokerCredential,\n createDefaultManagedIdentityCredential,\n createDefaultVisualStudioCodeCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultEnvironmentCredential,\n} from \"./defaultAzureCredentialFunctions.js\";\n\nconst logger = credentialLogger(\"DefaultAzureCredential\");\n\n/*\n A no-op credential that logs the reason it was skipped if getToken is called.\n * @internal\n /\nexport class UnavailableDefaultCredential implements TokenCredential {\n credentialUnavailableErrorMessage: string;\n credentialName: string;\n\n constructor(credentialName: string, message: string) {\n this.credentialName = credentialName;\n this.credentialUnavailableErrorMessage = message;\n }\n\n getToken(): Promise<null> {\n logger.getToken.info(\n `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`,\n );\n return Promise.resolve(null);\n }\n}\n\n/\n Provides a default {@link ChainedTokenCredential} configuration that works for most\n * applications that use Azure SDK client libraries. For more information, see\n * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#use-defaultazurecredential-for-flexibility).\n \n The following credential types will be tried, in order:\n \n - {@link EnvironmentCredential}\n * - {@link WorkloadIdentityCredential}\n * - {@link ManagedIdentityCredential}\n * - {@link VisualStudioCodeCredential}\n * - {@link AzureCliCredential}\n * - {@link AzurePowerShellCredential}\n * - {@link AzureDeveloperCliCredential}\n * - {@link BrokerCredential}\n \n Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n /\nexport class DefaultAzureCredential extends ChainedTokenCredential {\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialClientIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialClientIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialClientIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialResourceIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialResourceIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialResourceIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialOptions}.\n */\n constructor(options?: DefaultAzureCredentialOptions);\n\n constructor(options?: DefaultAzureCredentialOptions) {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS\n ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()\n : undefined;\n const devCredentialFunctions = [\n createDefaultVisualStudioCodeCredential,\n createDefaultAzureCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultBrokerCredential,\n ];\n const prodCredentialFunctions = [\n createDefaultEnvironmentCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultManagedIdentityCredential,\n ];\n let credentialFunctions = [];\n const validCredentialNames =\n \"EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential\";\n // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.\n // The value of AZURE_TOKEN_CREDENTIALS should be either \"dev\" or \"prod\" or any one of these credentials - {validCredentialNames}.\n if (azureTokenCredentials) {\n switch (azureTokenCredentials) {\n case \"dev\":\n credentialFunctions = devCredentialFunctions;\n break;\n case \"prod\":\n credentialFunctions = prodCredentialFunctions;\n break;\n case \"environmentcredential\":\n credentialFunctions = [createDefaultEnvironmentCredential];\n break;\n case \"workloadidentitycredential\":\n credentialFunctions = [createDefaultWorkloadIdentityCredential];\n break;\n case \"managedidentitycredential\":\n credentialFunctions = [createDefaultManagedIdentityCredential];\n break;\n case \"visualstudiocodecredential\":\n credentialFunctions = [createDefaultVisualStudioCodeCredential];\n break;\n case \"azureclicredential\":\n credentialFunctions = [createDefaultAzureCliCredential];\n break;\n case \"azurepowershellcredential\":\n credentialFunctions = [createDefaultAzurePowershellCredential];\n break;\n case \"azuredeveloperclicredential\":\n credentialFunctions = [createDefaultAzureDeveloperCliCredential];\n break;\n default: {\n // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.\n // This will prevent the creation of the DefaultAzureCredential.\n const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;\n logger.warning(errorMessage);\n throw new Error(errorMessage);\n }\n }\n } else {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];\n }\n\n // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.\n // When adding new credentials to the default chain, consider:\n // 1. Making the constructor parameters required and explicit\n // 2. Validating any required parameters in the factory function\n // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason\n const credentials: TokenCredential[] = credentialFunctions.map((createCredentialFn) => {\n try {\n return createCredentialFn(options);\n } catch (err: any) {\n logger.warning(\n `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`,\n );\n return new UnavailableDefaultCredential(createCredentialFn.name, err.message);\n }\n });\n\n super(...credentials);\n }\n}\n"]}
1	+ {"version":3,"file":"defaultAzureCredential.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAalC,2EAAqE;AAIrE,mDAAsD;AACtD,6FAS8C;AAE9C,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,wBAAwB,CAAC,CAAC;AAE1D;;;GAGG;AACH,MAAa,4BAA4B;IACvC,iCAAiC,CAAS;IAC1C,cAAc,CAAS;IAEvB,YAAY,cAAsB,EAAE,OAAe;QACjD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,iCAAiC,GAAG,OAAO,CAAC;IACnD,CAAC;IAED,QAAQ;QACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,YAAY,IAAI,CAAC,cAAc,aAAa,IAAI,CAAC,iCAAiC,EAAE,CACrF,CAAC;QACF,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF;AAfD,oEAeC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,MAAa,sBAAuB,SAAQ,kDAAsB;IAsBhE,YAAY,OAAuC;QACjD,uBAAuB,CAAC,OAAO,CAAC,CAAC;QACjC,2EAA2E;QAC3E,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB;YAC/D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;YAC1D,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,sBAAsB,GAAG;YAC7B,4EAAuC;YACvC,oEAA+B;YAC/B,2EAAsC;YACtC,6EAAwC;YACxC,kEAA6B;SAC9B,CAAC;QACF,MAAM,uBAAuB,GAAG;YAC9B,uEAAkC;YAClC,4EAAuC;YACvC,2EAAsC;SACvC,CAAC;QACF,IAAI,mBAAmB,GAAG,EAAE,CAAC;QAC7B,MAAM,oBAAoB,GACxB,sLAAsL,CAAC;QACzL,mFAAmF;QACnF,kIAAkI;QAClI,IAAI,qBAAqB,EAAE,CAAC;YAC1B,QAAQ,qBAAqB,EAAE,CAAC;gBAC9B,KAAK,KAAK;oBACR,mBAAmB,GAAG,sBAAsB,CAAC;oBAC7C,MAAM;gBACR,KAAK,MAAM;oBACT,mBAAmB,GAAG,uBAAuB,CAAC;oBAC9C,MAAM;gBACR,KAAK,uBAAuB;oBAC1B,mBAAmB,GAAG,CAAC,uEAAkC,CAAC,CAAC;oBAC3D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,4EAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,2EAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,4EAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,oBAAoB;oBACvB,mBAAmB,GAAG,CAAC,oEAA+B,CAAC,CAAC;oBACxD,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,2EAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,6BAA6B;oBAChC,mBAAmB,GAAG,CAAC,6EAAwC,CAAC,CAAC;oBACjE,MAAM;gBACR,OAAO,CAAC,CAAC,CAAC;oBACR,6EAA6E;oBAC7E,gEAAgE;oBAChE,MAAM,YAAY,GAAG,+CAA+C,OAAO,CAAC,GAAG,CAAC,uBAAuB,oEAAoE,oBAAoB,GAAG,CAAC;oBACnM,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2EAA2E;YAC3E,mBAAmB,GAAG,CAAC,GAAG,uBAAuB,EAAE,GAAG,sBAAsB,CAAC,CAAC;QAChF,CAAC;QAED,gLAAgL;QAChL,8DAA8D;QAC9D,6DAA6D;QAC7D,gEAAgE;QAChE,sHAAsH;QACtH,MAAM,WAAW,GAAsB,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YACpF,IAAI,CAAC;gBACH,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACrC,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,OAAO,CACZ,WAAW,kBAAkB,CAAC,IAAI,iDAAiD,GAAG,EAAE,CACzF,CAAC;gBACF,OAAO,IAAI,4BAA4B,CAAC,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YAChF,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC;IACxB,CAAC;CACF;AAzGD,wDAyGC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,OAAuC;IACtE,IAAI,OAAO,EAAE,eAAe,EAAE,CAAC;QAC7B,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC;YACzD,CAAC,CAAC,OAAO,CAAC,eAAe;YACzB,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;QACtE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,YAAY,GAAG,wBAAwB,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,gCAAgC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,oBAAoB,CAAC;YAC3M,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\n\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport {\n createDefaultAzureCliCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultBrokerCredential,\n createDefaultManagedIdentityCredential,\n createDefaultVisualStudioCodeCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultEnvironmentCredential,\n} from \"./defaultAzureCredentialFunctions.js\";\n\nconst logger = credentialLogger(\"DefaultAzureCredential\");\n\n/*\n A no-op credential that logs the reason it was skipped if getToken is called.\n * @internal\n /\nexport class UnavailableDefaultCredential implements TokenCredential {\n credentialUnavailableErrorMessage: string;\n credentialName: string;\n\n constructor(credentialName: string, message: string) {\n this.credentialName = credentialName;\n this.credentialUnavailableErrorMessage = message;\n }\n\n getToken(): Promise<null> {\n logger.getToken.info(\n `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`,\n );\n return Promise.resolve(null);\n }\n}\n\n/\n Provides a default {@link ChainedTokenCredential} configuration that works for most\n * applications that use Azure SDK client libraries. For more information, see\n * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#use-defaultazurecredential-for-flexibility).\n \n The following credential types will be tried, in order:\n \n - {@link EnvironmentCredential}\n * - {@link WorkloadIdentityCredential}\n * - {@link ManagedIdentityCredential}\n * - {@link VisualStudioCodeCredential}\n * - {@link AzureCliCredential}\n * - {@link AzurePowerShellCredential}\n * - {@link AzureDeveloperCliCredential}\n * - {@link BrokerCredential}\n \n Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n \n The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.\n * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.\n * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.\n \n * ```ts snippet:defaultazurecredential_requiredEnvVars\n * import { DefaultAzureCredential } from \"@azure/identity\";\n \n const credential = new DefaultAzureCredential({\n * requiredEnvVars: [\n * \"AZURE_CLIENT_ID\",\n * \"AZURE_TENANT_ID\",\n * \"AZURE_CLIENT_SECRET\",\n * \"AZURE_TOKEN_CREDENTIALS\",\n * ],\n * });\n * ```\n /\nexport class DefaultAzureCredential extends ChainedTokenCredential {\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialClientIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialClientIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialClientIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialResourceIdOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialResourceIdOptions}.\n /\n constructor(options?: DefaultAzureCredentialResourceIdOptions);\n\n /\n Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialOptions}.\n \n @param options - Optional parameters. See {@link DefaultAzureCredentialOptions}.\n /\n constructor(options?: DefaultAzureCredentialOptions);\n\n constructor(options?: DefaultAzureCredentialOptions) {\n validateRequiredEnvVars(options);\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS\n ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()\n : undefined;\n const devCredentialFunctions = [\n createDefaultVisualStudioCodeCredential,\n createDefaultAzureCliCredential,\n createDefaultAzurePowershellCredential,\n createDefaultAzureDeveloperCliCredential,\n createDefaultBrokerCredential,\n ];\n const prodCredentialFunctions = [\n createDefaultEnvironmentCredential,\n createDefaultWorkloadIdentityCredential,\n createDefaultManagedIdentityCredential,\n ];\n let credentialFunctions = [];\n const validCredentialNames =\n \"EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential\";\n // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.\n // The value of AZURE_TOKEN_CREDENTIALS should be either \"dev\" or \"prod\" or any one of these credentials - {validCredentialNames}.\n if (azureTokenCredentials) {\n switch (azureTokenCredentials) {\n case \"dev\":\n credentialFunctions = devCredentialFunctions;\n break;\n case \"prod\":\n credentialFunctions = prodCredentialFunctions;\n break;\n case \"environmentcredential\":\n credentialFunctions = [createDefaultEnvironmentCredential];\n break;\n case \"workloadidentitycredential\":\n credentialFunctions = [createDefaultWorkloadIdentityCredential];\n break;\n case \"managedidentitycredential\":\n credentialFunctions = [createDefaultManagedIdentityCredential];\n break;\n case \"visualstudiocodecredential\":\n credentialFunctions = [createDefaultVisualStudioCodeCredential];\n break;\n case \"azureclicredential\":\n credentialFunctions = [createDefaultAzureCliCredential];\n break;\n case \"azurepowershellcredential\":\n credentialFunctions = [createDefaultAzurePowershellCredential];\n break;\n case \"azuredeveloperclicredential\":\n credentialFunctions = [createDefaultAzureDeveloperCliCredential];\n break;\n default: {\n // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.\n // This will prevent the creation of the DefaultAzureCredential.\n const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;\n logger.warning(errorMessage);\n throw new Error(errorMessage);\n }\n }\n } else {\n // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];\n }\n\n // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.\n // When adding new credentials to the default chain, consider:\n // 1. Making the constructor parameters required and explicit\n // 2. Validating any required parameters in the factory function\n // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason\n const credentials: TokenCredential[] = credentialFunctions.map((createCredentialFn) => {\n try {\n return createCredentialFn(options);\n } catch (err: any) {\n logger.warning(\n `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`,\n );\n return new UnavailableDefaultCredential(createCredentialFn.name, err.message);\n }\n });\n\n super(...credentials);\n }\n}\n\n/\n @internal This function checks that all environment variables in `options.requiredEnvVars` are set and non-empty.\n * If any are missing or empty, it throws an error.\n */\nfunction validateRequiredEnvVars(options?: DefaultAzureCredentialOptions) {\n if (options?.requiredEnvVars) {\n const requiredVars = Array.isArray(options.requiredEnvVars)\n ? options.requiredEnvVars\n : [options.requiredEnvVars];\n const missing = requiredVars.filter((envVar) => !process.env[envVar]);\n if (missing.length > 0) {\n const errorMessage = `Required environment ${missing.length === 1 ? \"variable\" : \"variables\"} '${missing.join(\", \")}' for DefaultAzureCredential ${missing.length === 1 ? \"is\" : \"are\"} not set or empty.`;\n logger.warning(errorMessage);\n throw new Error(errorMessage);\n }\n }\n}\n"]}

package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts CHANGED Viewed

@@ -30,6 +30,10 @@ export interface DefaultAzureCredentialResourceIdOptions extends DefaultAzureCre
      */
     managedIdentityResourceId: string;
 }
+/**
+ * The commonly supported environment variables for the {@link DefaultAzureCredential} class.
+ */
+export type DefaultAzureCredentialEnvVars = "AZURE_TOKEN_CREDENTIALS" | "AZURE_CLIENT_ID" | "AZURE_TENANT_ID" | "AZURE_CLIENT_SECRET" | "AZURE_CLIENT_CERTIFICATE_PATH" | "AZURE_CLIENT_CERTIFICATE_PASSWORD" | "AZURE_ADDITIONALLY_ALLOWED_TENANTS" | "AZURE_CLIENT_SEND_CERTIFICATE_CHAIN" | "AZURE_FEDERATED_TOKEN_FILE";
 /**
  * Provides options to configure the {@link DefaultAzureCredential} class.
  */
@@ -45,5 +49,13 @@ export interface DefaultAzureCredentialOptions extends MultiTenantTokenCredentia
      * Process timeout for credentials should be provided in milliseconds.
      */
     processTimeoutInMs?: number;
+    /**
+     * List of environment variables that must be defined at runtime.
+     * If any variable in this list is missing or set to an empty value,
+     * {@link DefaultAzureCredential} constructor will throw an error.
+     * Use this to enforce that your application has the necessary environment configuration before
+     * continuing execution.
+     */
+    requiredEnvVars?: DefaultAzureCredentialEnvVars | DefaultAzureCredentialEnvVars[];
 }
 //# sourceMappingURL=defaultAzureCredentialOptions.d.ts.map

package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultAzureCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;;GAGG;AACH,MAAM,WAAW,qCAAsC,SAAQ,6BAA6B;IAC1F;;;OAGG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC;;;OAGG;IACH,wBAAwB,CAAC,EAAE,MAAM,CAAC;CACnC;AAED;;;GAGG;AACH,MAAM,WAAW,uCAAwC,SAAQ,6BAA6B;IAC5F;;;;;;OAMG;IACH,yBAAyB,EAAE,MAAM,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,6BACf,SAAQ,iCAAiC,EACvC,0BAA0B;IAC5B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;~~CAC7B~~"}
1	+ {"version":3,"file":"defaultAzureCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;;GAGG;AACH,MAAM,WAAW,qCAAsC,SAAQ,6BAA6B;IAC1F;;;OAGG;IACH,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC;;;OAGG;IACH,wBAAwB,CAAC,EAAE,MAAM,CAAC;CACnC;AAED;;;GAGG;AACH,MAAM,WAAW,uCAAwC,SAAQ,6BAA6B;IAC5F;;;;;;OAMG;IACH,yBAAyB,EAAE,MAAM,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,MAAM,6BAA6B,GACrC,yBAAyB,GACzB,iBAAiB,GACjB,iBAAiB,GACjB,qBAAqB,GACrB,+BAA+B,GAC/B,mCAAmC,GACnC,oCAAoC,GACpC,qCAAqC,GACrC,4BAA4B,CAAC;AAEjC;;GAEG;AACH,MAAM,WAAW,6BACf,SAAQ,iCAAiC,EACvC,0BAA0B;IAC5B;;;OAGG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;;;;;OAMG;IACH,eAAe,CAAC,EAAE,6BAA6B,GAAG,6BAA6B,EAAE,CAAC;CACnF"}

package/dist/commonjs/credentials/defaultAzureCredentialOptions.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"defaultAzureCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredentialOptions.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/*\n Provides options to configure the {@link DefaultAzureCredential} class.\n * This variation supports `managedIdentityClientId` and not `managedIdentityResourceId`, since only one of both is supported.\n /\nexport interface DefaultAzureCredentialClientIdOptions extends DefaultAzureCredentialOptions {\n /\n Optionally pass in a user assigned client ID to be used by the {@link ManagedIdentityCredential}.\n * This client ID can also be passed through to the {@link ManagedIdentityCredential} through the environment variable: AZURE_CLIENT_ID.\n /\n managedIdentityClientId?: string;\n /\n Optionally pass in a user assigned client ID to be used by the {@link WorkloadIdentityCredential}.\n * This client ID can also be passed through to the {@link WorkloadIdentityCredential} through the environment variable: AZURE_CLIENT_ID.\n /\n workloadIdentityClientId?: string;\n}\n\n/\n Provides options to configure the {@link DefaultAzureCredential} class.\n * This variation supports `managedIdentityResourceId` and not `managedIdentityClientId`, since only one of both is supported.\n /\nexport interface DefaultAzureCredentialResourceIdOptions extends DefaultAzureCredentialOptions {\n /\n Optionally pass in a resource ID to be used by the {@link ManagedIdentityCredential}.\n * In scenarios such as when user assigned identities are created using an ARM template,\n * where the resource Id of the identity is known but the client Id can't be known ahead of time,\n * this parameter allows programs to use these user assigned identities\n * without having to first determine the client Id of the created identity.\n /\n managedIdentityResourceId: string;\n}\n\n/\n Provides options to configure the {@link DefaultAzureCredential} class.\n /\nexport interface DefaultAzureCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n AuthorityValidationOptions {\n /\n Optionally pass in a Tenant ID to be used as part of the credential.\n * By default it may use a generic tenant ID depending on the underlying credential.\n /\n tenantId?: string;\n\n /\n Timeout configurable for making token requests for developer credentials, namely, {@link AzurePowershellCredential},\n * {@link AzureDeveloperCliCredential} and {@link AzureCliCredential}.\n * Process timeout for credentials should be provided in milliseconds.\n */\n processTimeoutInMs?: number;\n}\n"]}
1	+ {"version":3,"file":"defaultAzureCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredentialOptions.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/*\n Provides options to configure the {@link DefaultAzureCredential} class.\n * This variation supports `managedIdentityClientId` and not `managedIdentityResourceId`, since only one of both is supported.\n /\nexport interface DefaultAzureCredentialClientIdOptions extends DefaultAzureCredentialOptions {\n /\n Optionally pass in a user assigned client ID to be used by the {@link ManagedIdentityCredential}.\n * This client ID can also be passed through to the {@link ManagedIdentityCredential} through the environment variable: AZURE_CLIENT_ID.\n /\n managedIdentityClientId?: string;\n /\n Optionally pass in a user assigned client ID to be used by the {@link WorkloadIdentityCredential}.\n * This client ID can also be passed through to the {@link WorkloadIdentityCredential} through the environment variable: AZURE_CLIENT_ID.\n /\n workloadIdentityClientId?: string;\n}\n\n/\n Provides options to configure the {@link DefaultAzureCredential} class.\n * This variation supports `managedIdentityResourceId` and not `managedIdentityClientId`, since only one of both is supported.\n /\nexport interface DefaultAzureCredentialResourceIdOptions extends DefaultAzureCredentialOptions {\n /\n Optionally pass in a resource ID to be used by the {@link ManagedIdentityCredential}.\n * In scenarios such as when user assigned identities are created using an ARM template,\n * where the resource Id of the identity is known but the client Id can't be known ahead of time,\n * this parameter allows programs to use these user assigned identities\n * without having to first determine the client Id of the created identity.\n /\n managedIdentityResourceId: string;\n}\n\n/\n The commonly supported environment variables for the {@link DefaultAzureCredential} class.\n /\nexport type DefaultAzureCredentialEnvVars =\n \| \"AZURE_TOKEN_CREDENTIALS\"\n \| \"AZURE_CLIENT_ID\"\n \| \"AZURE_TENANT_ID\"\n \| \"AZURE_CLIENT_SECRET\"\n \| \"AZURE_CLIENT_CERTIFICATE_PATH\"\n \| \"AZURE_CLIENT_CERTIFICATE_PASSWORD\"\n \| \"AZURE_ADDITIONALLY_ALLOWED_TENANTS\"\n \| \"AZURE_CLIENT_SEND_CERTIFICATE_CHAIN\"\n \| \"AZURE_FEDERATED_TOKEN_FILE\";\n\n/\n Provides options to configure the {@link DefaultAzureCredential} class.\n /\nexport interface DefaultAzureCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n AuthorityValidationOptions {\n /\n Optionally pass in a Tenant ID to be used as part of the credential.\n * By default it may use a generic tenant ID depending on the underlying credential.\n /\n tenantId?: string;\n\n /\n Timeout configurable for making token requests for developer credentials, namely, {@link AzurePowershellCredential},\n * {@link AzureDeveloperCliCredential} and {@link AzureCliCredential}.\n * Process timeout for credentials should be provided in milliseconds.\n /\n processTimeoutInMs?: number;\n /\n List of environment variables that must be defined at runtime.\n * If any variable in this list is missing or set to an empty value,\n * {@link DefaultAzureCredential} constructor will throw an error.\n * Use this to enforce that your application has the necessary environment configuration before\n * continuing execution.\n */\n requiredEnvVars?: DefaultAzureCredentialEnvVars \| DefaultAzureCredentialEnvVars[];\n}\n"]}

package/dist/commonjs/credentials/visualStudioCodeCredential.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"visualStudioCodeCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAOtF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AA0BhG;;;;GAIG;AACH,qBAAa,0BAA2B,YAAW,eAAe;IAChE,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,4BAA4B,CAAW;IAC/C,OAAO,CAAC,UAAU,CAAyB;IAC3C,OAAO,CAAC,OAAO,CAAoC;IAEnD;;;;;;;;OAQG;gBACS,OAAO,CAAC,EAAE,iCAAiC;IAiBvD;;;;;OAKG;YACW,OAAO;IAgCrB;;OAEG;IACH,OAAO,CAAC,cAAc,CAA4B;IAElD;;OAEG;IACH,OAAO,CAAC,WAAW;IAOnB;;;;;;;OAOG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC;~~IAiBvB~~;;;;;OAKG;YACW,cAAc;CAiB7B"}
1	+ {"version":3,"file":"visualStudioCodeCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAOtF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AA0BhG;;;;GAIG;AACH,qBAAa,0BAA2B,YAAW,eAAe;IAChE,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,4BAA4B,CAAW;IAC/C,OAAO,CAAC,UAAU,CAAyB;IAC3C,OAAO,CAAC,OAAO,CAAoC;IAEnD;;;;;;;;OAQG;gBACS,OAAO,CAAC,EAAE,iCAAiC;IAiBvD;;;;;OAKG;YACW,OAAO;IAgCrB;;OAEG;IACH,OAAO,CAAC,cAAc,CAA4B;IAElD;;OAEG;IACH,OAAO,CAAC,WAAW;IAOnB;;;;;;;OAOG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC;IAoBvB;;;;;OAKG;YACW,cAAc;CAiB7B"}

package/dist/commonjs/credentials/visualStudioCodeCredential.js CHANGED Viewed

@@ -115,7 +115,11 @@ class VisualStudioCodeCredential {
                 " signed into Azure via VS Code, installed the @azure/identity-vscode package," +
                 " and properly configured the extension.");
         }
-        return this.msalClient.getTokenByInteractiveRequest(scopeArray, options || {});
+        // Disable automatic authentication to ensure that the user is not prompted interactively if no token is available
+        return this.msalClient.getTokenByInteractiveRequest(scopeArray, {
+            ...options,
+            disableAutomaticAuthentication: true,
+        });
     }
     /**
      * Loads the authentication record from the specified path.

package/dist/commonjs/credentials/visualStudioCodeCredential.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"visualStudioCodeCredential.js","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAGlC,mDAAmE;AACnE,+DAGkC;AAClC,4CAA0D;AAE1D,+DAAyD;AACzD,mEAA+E;AAC/E,yDAAqD;AACrD,qEAAyF;AACzF,+CAAmE;AACnE,+CAA4C;AAG5C,MAAM,cAAc,GAAG,QAAQ,CAAC;AAChC,MAAM,cAAc,GAAG,sCAAsC,CAAC;AAC9D,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,4BAA4B,CAAC,CAAC;AAE9D,oEAAoE;AACpE,MAAM,oBAAoB,GAA2B;IACnD,IAAI,EAAE,mFAAmF;CAC1F,CAAC;AAEF,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,8CAA8C;IAC9C,MAAM,sBAAsB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAC9D,IAAI,sBAAsB,EAAE,CAAC;QAC3B,MAAM,IAAI,sCAA0B,CAAC,sBAAsB,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAa,0BAA0B;IAC7B,QAAQ,CAAS;IACjB,4BAA4B,CAAW;IACvC,UAAU,CAAyB;IACnC,OAAO,CAAoC;IAEnD;;;;;;;;OAQG;IACH,YAAY,OAA2C;QACrD,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;QAE7B,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YAChC,IAAA,gCAAa,EAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACnC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QACjC,CAAC;QAED,IAAI,CAAC,4BAA4B,GAAG,IAAA,sDAAmC,EACrE,OAAO,EAAE,0BAA0B,CACpC,CAAC;QAEF,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,OAAO,CAAC,MAAgB;QACpC,MAAM,QAAQ,GACZ,IAAA,4CAAyB,EACvB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,IAAI,IAAI,CAAC,QAAQ,CAAC;QAErB,IAAI,CAAC,IAAA,gCAAe,GAAE,IAAI,CAAC,qCAAoB,EAAE,CAAC;YAChD,MAAM,IAAI,sCAA0B,CAClC,qDAAqD;gBACnD,uEAAuE;gBACvE,+EAA+E;gBAC/E,yCAAyC,CAC5C,CAAC;QACJ,CAAC;QAED,wDAAwD;QACxD,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,qCAAoB,EAAE,MAAM,CAAC,CAAC;QAErF,IAAI,CAAC,UAAU,GAAG,IAAA,gCAAgB,EAAC,cAAc,EAAE,QAAQ,EAAE;YAC3D,GAAG,IAAI,CAAC,OAAO;YACf,kBAAkB,EAAE,IAAI;YACxB,aAAa,EAAE;gBACb,OAAO,EAAE,IAAI;gBACb,kBAAkB,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC;gBACrC,uBAAuB,EAAE,IAAI;aAC9B;YACD,oBAAoB;SACrB,CAAC,CAAC;IACL,CAAC;IACD;;OAEG;IACK,cAAc,CAA4B;IAElD;;OAEG;IACK,WAAW,CAAC,MAAgB;QAClC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,OAAyB;QAEzB,sDAAsD;QACtD,MAAM,UAAU,GAAG,IAAA,4BAAY,EAAC,MAAM,CAAC,CAAC;QACxC,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAEnC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,IAAI,sCAA0B,CAClC,yDAAyD;gBACvD,uEAAuE;gBACvE,+EAA+E;gBAC/E,yCAAyC,CAC5C,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,UAAU,CAAC,4BAA4B,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE,CAAC,CAAC;IACjF,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,cAAc,CAC1B,cAAsB,EACtB,MAAgB;QAEhB,IAAI,CAAC;YACH,MAAM,iBAAiB,GAAG,MAAM,IAAA,mBAAQ,EAAC,cAAc,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YAC/E,OAAO,IAAA,0CAA+B,EAAC,iBAAiB,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;YACjD,MAAM,IAAI,sCAA0B,CAClC,0DAA0D;gBACxD,uEAAuE;gBACvE,+EAA+E;gBAC/E,yCAAyC,CAC5C,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAxID,gEAwIC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport type { VisualStudioCodeCredentialOptions } from \"./visualStudioCodeCredentialOptions.js\";\nimport { checkTenantId } from \"../util/tenantIdUtils.js\";\nimport { createMsalClient, MsalClient } from \"../msal/nodeFlows/msalClient.js\";\nimport { ensureScopes } from \"../util/scopeUtils.js\";\nimport { hasVSCodePlugin, vsCodeAuthRecordPath } from \"../msal/nodeFlows/msalPlugins.js\";\nimport { deserializeAuthenticationRecord } from \"../msal/utils.js\";\nimport { readFile } from \"node:fs/promises\";\nimport { AuthenticationRecord } from \"../msal/types.js\";\n\nconst CommonTenantId = \"common\";\nconst VSCodeClientId = \"aebc6443-996d-45c2-90f0-388ff96faa56\";\nconst logger = credentialLogger(\"VisualStudioCodeCredential\");\n\n// Map of unsupported Tenant IDs and the errors we will be throwing.\nconst unsupportedTenantIds: Record<string, string> = {\n adfs: \"The VisualStudioCodeCredential does not support authentication with ADFS tenants.\",\n};\n\nfunction checkUnsupportedTenant(tenantId: string): void {\n // If the Tenant ID isn't supported, we throw.\n const unsupportedTenantError = unsupportedTenantIds[tenantId];\n if (unsupportedTenantError) {\n throw new CredentialUnavailableError(unsupportedTenantError);\n }\n}\n\n/*\n Connects to Azure using the user account signed in through the Azure Resources extension in Visual Studio Code.\n * Once the user has logged in via the extension, this credential can share the same refresh token\n * that is cached by the extension.\n /\nexport class VisualStudioCodeCredential implements TokenCredential {\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private msalClient: MsalClient \| undefined;\n private options: VisualStudioCodeCredentialOptions;\n\n /\n Creates an instance of VisualStudioCodeCredential to use for automatically authenticating via VSCode.\n \n Note: `VisualStudioCodeCredential` is provided by a plugin package:\n * `@azure/identity-vscode`. If this package is not installed, then authentication using\n * `VisualStudioCodeCredential` will not be available.\n \n @param options - Options for configuring the client which makes the authentication request.\n /\n constructor(options?: VisualStudioCodeCredentialOptions) {\n this.options = options \|\| {};\n\n if (options && options.tenantId) {\n checkTenantId(logger, options.tenantId);\n this.tenantId = options.tenantId;\n } else {\n this.tenantId = CommonTenantId;\n }\n\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n checkUnsupportedTenant(this.tenantId);\n }\n\n /\n Runs preparations for any further getToken request:\n * - Validates that the plugin is available.\n * - Loads the authentication record from VSCode if available.\n * - Creates the MSAL client with the loaded plugin and authentication record.\n /\n private async prepare(scopes: string[]): Promise<void> {\n const tenantId =\n processMultiTenantRequest(\n this.tenantId,\n this.options,\n this.additionallyAllowedTenantIds,\n logger,\n ) \|\| this.tenantId;\n\n if (!hasVSCodePlugin() \|\| !vsCodeAuthRecordPath) {\n throw new CredentialUnavailableError(\n \"Visual Studio Code Authentication is not available.\" +\n \" Ensure you have have Azure Resources Extension installed in VS Code,\" +\n \" signed into Azure via VS Code, installed the @azure/identity-vscode package,\" +\n \" and properly configured the extension.\",\n );\n }\n\n // Load the authentication record directly from the path\n const authenticationRecord = await this.loadAuthRecord(vsCodeAuthRecordPath, scopes);\n\n this.msalClient = createMsalClient(VSCodeClientId, tenantId, {\n ...this.options,\n isVSCodeCredential: true,\n brokerOptions: {\n enabled: true,\n parentWindowHandle: new Uint8Array(0),\n useDefaultBrokerAccount: true,\n },\n authenticationRecord,\n });\n }\n /\n The promise of the single preparation that will be executed at the first getToken request for an instance of this class.\n /\n private preparePromise: Promise<void> \| undefined;\n\n /\n Runs preparations for any further getToken, but only once.\n /\n private prepareOnce(scopes: string[]): Promise<void> \| undefined {\n if (!this.preparePromise) {\n this.preparePromise = this.prepare(scopes);\n }\n return this.preparePromise;\n }\n\n /\n Returns the token found by searching VSCode's authentication cache or\n * returns null if no token could be found.\n \n @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * `TokenCredential` implementation might make.\n /\n public async getToken(\n scopes: string \| string[],\n options?: GetTokenOptions,\n ): Promise<AccessToken> {\n // Load the plugin and authentication record only once\n const scopeArray = ensureScopes(scopes);\n await this.prepareOnce(scopeArray);\n\n if (!this.msalClient) {\n throw new CredentialUnavailableError(\n \"Visual Studio Code Authentication failed to initialize.\" +\n \" Ensure you have have Azure Resources Extension installed in VS Code,\" +\n \" signed into Azure via VS Code, installed the @azure/identity-vscode package,\" +\n \" and properly configured the extension.\",\n );\n }\n\n return this.msalClient.getTokenByInteractiveRequest(scopeArray, options \|\| {});\n }\n\n /\n Loads the authentication record from the specified path.\n * @param authRecordPath - The path to the authentication record file.\n * @param scopes - The list of scopes for which the token will have access.\n * @returns The authentication record or undefined if loading fails.\n */\n private async loadAuthRecord(\n authRecordPath: string,\n scopes: string[],\n ): Promise<AuthenticationRecord> {\n try {\n const authRecordContent = await readFile(authRecordPath, { encoding: \"utf8\" });\n return deserializeAuthenticationRecord(authRecordContent);\n } catch (error: any) {\n logger.getToken.info(formatError(scopes, error));\n throw new CredentialUnavailableError(\n \"Cannot load authentication record in Visual Studio Code.\" +\n \" Ensure you have have Azure Resources Extension installed in VS Code,\" +\n \" signed into Azure via VS Code, installed the @azure/identity-vscode package,\" +\n \" and properly configured the extension.\",\n );\n }\n }\n}\n"]}
1	+ {"version":3,"file":"visualStudioCodeCredential.js","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAGlC,mDAAmE;AACnE,+DAGkC;AAClC,4CAA0D;AAE1D,+DAAyD;AACzD,mEAA+E;AAC/E,yDAAqD;AACrD,qEAAyF;AACzF,+CAAmE;AACnE,+CAA4C;AAG5C,MAAM,cAAc,GAAG,QAAQ,CAAC;AAChC,MAAM,cAAc,GAAG,sCAAsC,CAAC;AAC9D,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,4BAA4B,CAAC,CAAC;AAE9D,oEAAoE;AACpE,MAAM,oBAAoB,GAA2B;IACnD,IAAI,EAAE,mFAAmF;CAC1F,CAAC;AAEF,SAAS,sBAAsB,CAAC,QAAgB;IAC9C,8CAA8C;IAC9C,MAAM,sBAAsB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAC9D,IAAI,sBAAsB,EAAE,CAAC;QAC3B,MAAM,IAAI,sCAA0B,CAAC,sBAAsB,CAAC,CAAC;IAC/D,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAa,0BAA0B;IAC7B,QAAQ,CAAS;IACjB,4BAA4B,CAAW;IACvC,UAAU,CAAyB;IACnC,OAAO,CAAoC;IAEnD;;;;;;;;OAQG;IACH,YAAY,OAA2C;QACrD,IAAI,CAAC,OAAO,GAAG,OAAO,IAAI,EAAE,CAAC;QAE7B,IAAI,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YAChC,IAAA,gCAAa,EAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;YACxC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACnC,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QACjC,CAAC;QAED,IAAI,CAAC,4BAA4B,GAAG,IAAA,sDAAmC,EACrE,OAAO,EAAE,0BAA0B,CACpC,CAAC;QAEF,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,OAAO,CAAC,MAAgB;QACpC,MAAM,QAAQ,GACZ,IAAA,4CAAyB,EACvB,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,IAAI,IAAI,CAAC,QAAQ,CAAC;QAErB,IAAI,CAAC,IAAA,gCAAe,GAAE,IAAI,CAAC,qCAAoB,EAAE,CAAC;YAChD,MAAM,IAAI,sCAA0B,CAClC,qDAAqD;gBACnD,uEAAuE;gBACvE,+EAA+E;gBAC/E,yCAAyC,CAC5C,CAAC;QACJ,CAAC;QAED,wDAAwD;QACxD,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,qCAAoB,EAAE,MAAM,CAAC,CAAC;QAErF,IAAI,CAAC,UAAU,GAAG,IAAA,gCAAgB,EAAC,cAAc,EAAE,QAAQ,EAAE;YAC3D,GAAG,IAAI,CAAC,OAAO;YACf,kBAAkB,EAAE,IAAI;YACxB,aAAa,EAAE;gBACb,OAAO,EAAE,IAAI;gBACb,kBAAkB,EAAE,IAAI,UAAU,CAAC,CAAC,CAAC;gBACrC,uBAAuB,EAAE,IAAI;aAC9B;YACD,oBAAoB;SACrB,CAAC,CAAC;IACL,CAAC;IACD;;OAEG;IACK,cAAc,CAA4B;IAElD;;OAEG;IACK,WAAW,CAAC,MAAgB;QAClC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,OAAyB;QAEzB,sDAAsD;QACtD,MAAM,UAAU,GAAG,IAAA,4BAAY,EAAC,MAAM,CAAC,CAAC;QACxC,MAAM,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAEnC,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrB,MAAM,IAAI,sCAA0B,CAClC,yDAAyD;gBACvD,uEAAuE;gBACvE,+EAA+E;gBAC/E,yCAAyC,CAC5C,CAAC;QACJ,CAAC;QACD,kHAAkH;QAClH,OAAO,IAAI,CAAC,UAAU,CAAC,4BAA4B,CAAC,UAAU,EAAE;YAC9D,GAAG,OAAO;YACV,8BAA8B,EAAE,IAAI;SACrC,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,cAAc,CAC1B,cAAsB,EACtB,MAAgB;QAEhB,IAAI,CAAC;YACH,MAAM,iBAAiB,GAAG,MAAM,IAAA,mBAAQ,EAAC,cAAc,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YAC/E,OAAO,IAAA,0CAA+B,EAAC,iBAAiB,CAAC,CAAC;QAC5D,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC;YACjD,MAAM,IAAI,sCAA0B,CAClC,0DAA0D;gBACxD,uEAAuE;gBACvE,+EAA+E;gBAC/E,yCAAyC,CAC5C,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AA3ID,gEA2IC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\nimport {\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport type { VisualStudioCodeCredentialOptions } from \"./visualStudioCodeCredentialOptions.js\";\nimport { checkTenantId } from \"../util/tenantIdUtils.js\";\nimport { createMsalClient, MsalClient } from \"../msal/nodeFlows/msalClient.js\";\nimport { ensureScopes } from \"../util/scopeUtils.js\";\nimport { hasVSCodePlugin, vsCodeAuthRecordPath } from \"../msal/nodeFlows/msalPlugins.js\";\nimport { deserializeAuthenticationRecord } from \"../msal/utils.js\";\nimport { readFile } from \"node:fs/promises\";\nimport { AuthenticationRecord } from \"../msal/types.js\";\n\nconst CommonTenantId = \"common\";\nconst VSCodeClientId = \"aebc6443-996d-45c2-90f0-388ff96faa56\";\nconst logger = credentialLogger(\"VisualStudioCodeCredential\");\n\n// Map of unsupported Tenant IDs and the errors we will be throwing.\nconst unsupportedTenantIds: Record<string, string> = {\n adfs: \"The VisualStudioCodeCredential does not support authentication with ADFS tenants.\",\n};\n\nfunction checkUnsupportedTenant(tenantId: string): void {\n // If the Tenant ID isn't supported, we throw.\n const unsupportedTenantError = unsupportedTenantIds[tenantId];\n if (unsupportedTenantError) {\n throw new CredentialUnavailableError(unsupportedTenantError);\n }\n}\n\n/*\n Connects to Azure using the user account signed in through the Azure Resources extension in Visual Studio Code.\n * Once the user has logged in via the extension, this credential can share the same refresh token\n * that is cached by the extension.\n /\nexport class VisualStudioCodeCredential implements TokenCredential {\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private msalClient: MsalClient \| undefined;\n private options: VisualStudioCodeCredentialOptions;\n\n /\n Creates an instance of VisualStudioCodeCredential to use for automatically authenticating via VSCode.\n \n Note: `VisualStudioCodeCredential` is provided by a plugin package:\n * `@azure/identity-vscode`. If this package is not installed, then authentication using\n * `VisualStudioCodeCredential` will not be available.\n \n @param options - Options for configuring the client which makes the authentication request.\n /\n constructor(options?: VisualStudioCodeCredentialOptions) {\n this.options = options \|\| {};\n\n if (options && options.tenantId) {\n checkTenantId(logger, options.tenantId);\n this.tenantId = options.tenantId;\n } else {\n this.tenantId = CommonTenantId;\n }\n\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n\n checkUnsupportedTenant(this.tenantId);\n }\n\n /\n Runs preparations for any further getToken request:\n * - Validates that the plugin is available.\n * - Loads the authentication record from VSCode if available.\n * - Creates the MSAL client with the loaded plugin and authentication record.\n /\n private async prepare(scopes: string[]): Promise<void> {\n const tenantId =\n processMultiTenantRequest(\n this.tenantId,\n this.options,\n this.additionallyAllowedTenantIds,\n logger,\n ) \|\| this.tenantId;\n\n if (!hasVSCodePlugin() \|\| !vsCodeAuthRecordPath) {\n throw new CredentialUnavailableError(\n \"Visual Studio Code Authentication is not available.\" +\n \" Ensure you have have Azure Resources Extension installed in VS Code,\" +\n \" signed into Azure via VS Code, installed the @azure/identity-vscode package,\" +\n \" and properly configured the extension.\",\n );\n }\n\n // Load the authentication record directly from the path\n const authenticationRecord = await this.loadAuthRecord(vsCodeAuthRecordPath, scopes);\n\n this.msalClient = createMsalClient(VSCodeClientId, tenantId, {\n ...this.options,\n isVSCodeCredential: true,\n brokerOptions: {\n enabled: true,\n parentWindowHandle: new Uint8Array(0),\n useDefaultBrokerAccount: true,\n },\n authenticationRecord,\n });\n }\n /\n The promise of the single preparation that will be executed at the first getToken request for an instance of this class.\n /\n private preparePromise: Promise<void> \| undefined;\n\n /\n Runs preparations for any further getToken, but only once.\n /\n private prepareOnce(scopes: string[]): Promise<void> \| undefined {\n if (!this.preparePromise) {\n this.preparePromise = this.prepare(scopes);\n }\n return this.preparePromise;\n }\n\n /\n Returns the token found by searching VSCode's authentication cache or\n * returns null if no token could be found.\n \n @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * `TokenCredential` implementation might make.\n /\n public async getToken(\n scopes: string \| string[],\n options?: GetTokenOptions,\n ): Promise<AccessToken> {\n // Load the plugin and authentication record only once\n const scopeArray = ensureScopes(scopes);\n await this.prepareOnce(scopeArray);\n\n if (!this.msalClient) {\n throw new CredentialUnavailableError(\n \"Visual Studio Code Authentication failed to initialize.\" +\n \" Ensure you have have Azure Resources Extension installed in VS Code,\" +\n \" signed into Azure via VS Code, installed the @azure/identity-vscode package,\" +\n \" and properly configured the extension.\",\n );\n }\n // Disable automatic authentication to ensure that the user is not prompted interactively if no token is available\n return this.msalClient.getTokenByInteractiveRequest(scopeArray, {\n ...options,\n disableAutomaticAuthentication: true,\n });\n }\n\n /\n Loads the authentication record from the specified path.\n * @param authRecordPath - The path to the authentication record file.\n * @param scopes - The list of scopes for which the token will have access.\n * @returns The authentication record or undefined if loading fails.\n */\n private async loadAuthRecord(\n authRecordPath: string,\n scopes: string[],\n ): Promise<AuthenticationRecord> {\n try {\n const authRecordContent = await readFile(authRecordPath, { encoding: \"utf8\" });\n return deserializeAuthenticationRecord(authRecordContent);\n } catch (error: any) {\n logger.getToken.info(formatError(scopes, error));\n throw new CredentialUnavailableError(\n \"Cannot load authentication record in Visual Studio Code.\" +\n \" Ensure you have have Azure Resources Extension installed in VS Code,\" +\n \" signed into Azure via VS Code, installed the @azure/identity-vscode package,\" +\n \" and properly configured the extension.\",\n );\n }\n }\n}\n"]}

package/dist/commonjs/index.d.ts CHANGED Viewed

@@ -14,7 +14,7 @@ export { ChainedTokenCredential } from "./credentials/chainedTokenCredential.js"
 export { ClientSecretCredential } from "./credentials/clientSecretCredential.js";
 export { ClientSecretCredentialOptions } from "./credentials/clientSecretCredentialOptions.js";
 export { DefaultAzureCredential } from "./credentials/defaultAzureCredential.js";
-export { DefaultAzureCredentialOptions, DefaultAzureCredentialClientIdOptions, DefaultAzureCredentialResourceIdOptions, } from "./credentials/defaultAzureCredentialOptions.js";
+export { DefaultAzureCredentialOptions, DefaultAzureCredentialClientIdOptions, DefaultAzureCredentialResourceIdOptions, DefaultAzureCredentialEnvVars, } from "./credentials/defaultAzureCredentialOptions.js";
 export { EnvironmentCredential } from "./credentials/environmentCredential.js";
 export { EnvironmentCredentialOptions } from "./credentials/environmentCredentialOptions.js";
 export { ClientCertificateCredential } from "./credentials/clientCertificateCredential.js";

package/dist/commonjs/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,cAAc,uBAAuB,CAAC;AAEtC,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGxD,OAAO,EACL,mBAAmB,EACnB,aAAa,EACb,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC9B,2BAA2B,EAC3B,kCAAkC,GACnC,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,iBAAiB,CAAC;AACjG,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AAIzF,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAE7F,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAEjF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EAAE,6BAA6B,EAAE,MAAM,gDAAgD,CAAC;AAE/F,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EACL,6BAA6B,EAC7B,qCAAqC,EACrC,uCAAuC,~~GACxC~~,MAAM,gDAAgD,CAAC;AAExD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAE7F,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EACL,2CAA2C,EAC3C,mCAAmC,EACnC,+BAA+B,GAChC,MAAM,oDAAoD,CAAC;AAC5D,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,mDAAmD,CAAC;AACrG,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AACzE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAC7F,OAAO,EACL,uCAAuC,EACvC,4CAA4C,EAC5C,iBAAiB,GAClB,MAAM,sDAAsD,CAAC;AAC9D,OAAO,EAAE,yBAAyB,EAAE,MAAM,kDAAkD,CAAC;AAC7F,OAAO,EACL,wCAAwC,EACxC,0CAA0C,EAC1C,wCAAwC,GACzC,MAAM,oDAAoD,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EACL,wBAAwB,EACxB,cAAc,GACf,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,wBAAwB,IAAI,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AACjH,OAAO,EAAE,+BAA+B,IAAI,+BAA+B,EAAE,MAAM,kDAAkD,CAAC;AACtI,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,mDAAmD,CAAC;AACrG,OAAO,EACL,2BAA2B,EAC3B,iCAAiC,EACjC,sCAAsC,EACtC,oCAAoC,GACrC,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,4BAA4B,EAAE,MAAM,kDAAkD,CAAC;AAEhG,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD;;GAEG;AACH,wBAAgB,yBAAyB,IAAI,eAAe,CAE3D;AAED,OAAO,EAAE,sBAAsB,EAAE,6BAA6B,EAAE,MAAM,oBAAoB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,cAAc,uBAAuB,CAAC;AAEtC,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGxD,OAAO,EACL,mBAAmB,EACnB,aAAa,EACb,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC9B,2BAA2B,EAC3B,kCAAkC,GACnC,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,iBAAiB,CAAC;AACjG,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AAIzF,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAE7F,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAEjF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EAAE,6BAA6B,EAAE,MAAM,gDAAgD,CAAC;AAE/F,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EACL,6BAA6B,EAC7B,qCAAqC,EACrC,uCAAuC,EACvC,6BAA6B,GAC9B,MAAM,gDAAgD,CAAC;AAExD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAE7F,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EACL,2CAA2C,EAC3C,mCAAmC,EACnC,+BAA+B,GAChC,MAAM,oDAAoD,CAAC;AAC5D,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,mDAAmD,CAAC;AACrG,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AACzE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAC7F,OAAO,EACL,uCAAuC,EACvC,4CAA4C,EAC5C,iBAAiB,GAClB,MAAM,sDAAsD,CAAC;AAC9D,OAAO,EAAE,yBAAyB,EAAE,MAAM,kDAAkD,CAAC;AAC7F,OAAO,EACL,wCAAwC,EACxC,0CAA0C,EAC1C,wCAAwC,GACzC,MAAM,oDAAoD,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EACL,wBAAwB,EACxB,cAAc,GACf,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,wBAAwB,IAAI,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AACjH,OAAO,EAAE,+BAA+B,IAAI,+BAA+B,EAAE,MAAM,kDAAkD,CAAC;AACtI,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,mDAAmD,CAAC;AACrG,OAAO,EACL,2BAA2B,EAC3B,iCAAiC,EACjC,sCAAsC,EACtC,oCAAoC,GACrC,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,4BAA4B,EAAE,MAAM,kDAAkD,CAAC;AAEhG,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD;;GAEG;AACH,wBAAgB,yBAAyB,IAAI,eAAe,CAE3D;AAED,OAAO,EAAE,sBAAsB,EAAE,6BAA6B,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/commonjs/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;~~AAkHlC~~,8DAEC;;~~AAlHD~~,gEAAsC;AAKtC,uFAAiF;AAEjF,yCAUqB;AATnB,gHAAA,mBAAmB,OAAA;AAEnB,yHAAA,4BAA4B,OAAA;AAC5B,oHAAA,uBAAuB,OAAA;AACvB,6HAAA,gCAAgC,OAAA;AAChC,uHAAA,0BAA0B,OAAA;AAC1B,2HAAA,8BAA8B,OAAA;AAC9B,wHAAA,2BAA2B,OAAA;AAK7B,4CAAiG;AAAxF,yHAAA,6BAA6B,OAAA;AAAE,2HAAA,+BAA+B,OAAA;AAevE,qFAAiF;AAAxE,mIAAA,sBAAsB,OAAA;AAE/B,qFAAiF;AAAxE,mIAAA,sBAAsB,OAAA;AAG/B,qFAAiF;AAAxE,mIAAA,sBAAsB,OAAA;~~AAO~~/B,mFAA+E;AAAtE,iIAAA,qBAAqB,OAAA;AAG9B,+FAA2F;AAAlF,6IAAA,2BAA2B,OAAA;AAOpC,2FAAuF;AAA9E,yIAAA,yBAAyB,OAAA;AAGlC,6EAAyE;AAAhE,2HAAA,kBAAkB,OAAA;AAE3B,+FAA2F;AAAlF,6IAAA,2BAA2B,OAAA;AAEpC,iGAA6F;AAApF,+IAAA,4BAA4B,OAAA;AAMrC,6EAA6F;AAApF,qHAAA,yBAAyB,OAAA;AAMlC,iFAA6E;AAApE,+HAAA,oBAAoB,OAAA;AAM7B,yFAAiH;AAAxG,uIAAA,wBAAwB,OAA4B;AAE7D,+FAA2F;AAAlF,6IAAA,2BAA2B,OAAA;AAEpC,2FAAuF;AAA9E,yIAAA,yBAAyB,OAAA;AAQlC,6FAAyF;AAAhF,2IAAA,0BAA0B,OAAA;AAEnC,6FAAyF;AAAhF,2IAAA,0BAA0B,OAAA;AAEnC,iFAA6E;AAApE,+HAAA,oBAAoB,OAAA;AAC7B,6FAAyF;AAAhF,2IAAA,0BAA0B,OAAA;AAMnC,gDAA2C;AAAlC,oGAAA,MAAM,OAAA;AAEf,+CAAqD;AAA5C,mHAAA,mBAAmB,OAAA;AAE5B;;GAEG;AACH,SAAgB,yBAAyB;IACvC,OAAO,IAAI,kDAAsB,EAAE,CAAC;AACtC,CAAC;AAED,uDAA2F;AAAlF,0HAAA,sBAAsB,OAAA","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport * from \"./plugins/consumer.js\";\n\nexport { IdentityPlugin } from \"./plugins/provider.js\";\n\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential.js\";\n\nexport {\n AuthenticationError,\n ErrorResponse,\n AggregateAuthenticationError,\n AuthenticationErrorName,\n AggregateAuthenticationErrorName,\n CredentialUnavailableError,\n CredentialUnavailableErrorName,\n AuthenticationRequiredError,\n AuthenticationRequiredErrorOptions,\n} from \"./errors.js\";\n\nexport { AuthenticationRecord } from \"./msal/types.js\";\nexport { serializeAuthenticationRecord, deserializeAuthenticationRecord } from \"./msal/utils.js\";\nexport { TokenCredentialOptions } from \"./tokenCredentialOptions.js\";\nexport { MultiTenantTokenCredentialOptions } from \"./credentials/multiTenantTokenCredentialOptions.js\";\nexport { AuthorityValidationOptions } from \"./credentials/authorityValidationOptions.js\";\n// TODO: Export again once we're ready to release this feature.\n// export { RegionalAuthority } from \"./regionalAuthority\";\n\nexport { BrokerAuthOptions } from \"./credentials/brokerAuthOptions.js\";\nexport {\n BrokerOptions,\n BrokerEnabledOptions,\n BrokerDisabledOptions,\n} from \"./msal/nodeFlows/brokerOptions.js\";\nexport { InteractiveCredentialOptions } from \"./credentials/interactiveCredentialOptions.js\";\n\nexport { ChainedTokenCredential } from \"./credentials/chainedTokenCredential.js\";\n\nexport { ClientSecretCredential } from \"./credentials/clientSecretCredential.js\";\nexport { ClientSecretCredentialOptions } from \"./credentials/clientSecretCredentialOptions.js\";\n\nexport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential.js\";\nexport {\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./credentials/defaultAzureCredentialOptions.js\";\n\nexport { EnvironmentCredential } from \"./credentials/environmentCredential.js\";\nexport { EnvironmentCredentialOptions } from \"./credentials/environmentCredentialOptions.js\";\n\nexport { ClientCertificateCredential } from \"./credentials/clientCertificateCredential.js\";\nexport {\n ClientCertificateCredentialPEMConfiguration,\n ClientCertificatePEMCertificatePath,\n ClientCertificatePEMCertificate,\n} from \"./credentials/clientCertificateCredentialModels.js\";\nexport { ClientCertificateCredentialOptions } from \"./credentials/clientCertificateCredentialOptions.js\";\nexport { ClientAssertionCredential } from \"./credentials/clientAssertionCredential.js\";\nexport { ClientAssertionCredentialOptions } from \"./credentials/clientAssertionCredentialOptions.js\";\nexport { CredentialPersistenceOptions } from \"./credentials/credentialPersistenceOptions.js\";\nexport { AzureCliCredential } from \"./credentials/azureCliCredential.js\";\nexport { AzureCliCredentialOptions } from \"./credentials/azureCliCredentialOptions.js\";\nexport { AzureDeveloperCliCredential } from \"./credentials/azureDeveloperCliCredential.js\";\nexport { AzureDeveloperCliCredentialOptions } from \"./credentials/azureDeveloperCliCredentialOptions.js\";\nexport { InteractiveBrowserCredential } from \"./credentials/interactiveBrowserCredential.js\";\nexport {\n InteractiveBrowserCredentialNodeOptions,\n InteractiveBrowserCredentialInBrowserOptions,\n BrowserLoginStyle,\n} from \"./credentials/interactiveBrowserCredentialOptions.js\";\nexport { ManagedIdentityCredential } from \"./credentials/managedIdentityCredential/index.js\";\nexport {\n ManagedIdentityCredentialClientIdOptions,\n ManagedIdentityCredentialResourceIdOptions,\n ManagedIdentityCredentialObjectIdOptions,\n} from \"./credentials/managedIdentityCredential/options.js\";\nexport { DeviceCodeCredential } from \"./credentials/deviceCodeCredential.js\";\nexport {\n DeviceCodePromptCallback,\n DeviceCodeInfo,\n} from \"./credentials/deviceCodeCredentialOptions.js\";\nexport { DeviceCodeCredentialOptions } from \"./credentials/deviceCodeCredentialOptions.js\";\nexport { AzurePipelinesCredential as AzurePipelinesCredential } from \"./credentials/azurePipelinesCredential.js\";\nexport { AzurePipelinesCredentialOptions as AzurePipelinesCredentialOptions } from \"./credentials/azurePipelinesCredentialOptions.js\";\nexport { AuthorizationCodeCredential } from \"./credentials/authorizationCodeCredential.js\";\nexport { AuthorizationCodeCredentialOptions } from \"./credentials/authorizationCodeCredentialOptions.js\";\nexport { AzurePowerShellCredential } from \"./credentials/azurePowerShellCredential.js\";\nexport { AzurePowerShellCredentialOptions } from \"./credentials/azurePowerShellCredentialOptions.js\";\nexport {\n OnBehalfOfCredentialOptions,\n OnBehalfOfCredentialSecretOptions,\n OnBehalfOfCredentialCertificateOptions,\n OnBehalfOfCredentialAssertionOptions,\n} from \"./credentials/onBehalfOfCredentialOptions.js\";\nexport { UsernamePasswordCredential } from \"./credentials/usernamePasswordCredential.js\";\nexport { UsernamePasswordCredentialOptions } from \"./credentials/usernamePasswordCredentialOptions.js\";\nexport { VisualStudioCodeCredential } from \"./credentials/visualStudioCodeCredential.js\";\nexport { VisualStudioCodeCredentialOptions } from \"./credentials/visualStudioCodeCredentialOptions.js\";\nexport { OnBehalfOfCredential } from \"./credentials/onBehalfOfCredential.js\";\nexport { WorkloadIdentityCredential } from \"./credentials/workloadIdentityCredential.js\";\nexport { WorkloadIdentityCredentialOptions } from \"./credentials/workloadIdentityCredentialOptions.js\";\nexport { BrowserCustomizationOptions } from \"./credentials/browserCustomizationOptions.js\";\nexport { TokenCachePersistenceOptions } from \"./msal/nodeFlows/tokenCachePersistenceOptions.js\";\n\nexport { TokenCredential, GetTokenOptions, AccessToken } from \"@azure/core-auth\";\nexport { logger } from \"./util/logging.js\";\n\nexport { AzureAuthorityHosts } from \"./constants.js\";\n\n/*\n Returns a new instance of the {@link DefaultAzureCredential}.\n */\nexport function getDefaultAzureCredential(): TokenCredential {\n return new DefaultAzureCredential();\n}\n\nexport { getBearerTokenProvider, GetBearerTokenProviderOptions } from \"./tokenProvider.js\";\n"]}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAmHlC,8DAEC;;AAnHD,gEAAsC;AAKtC,uFAAiF;AAEjF,yCAUqB;AATnB,gHAAA,mBAAmB,OAAA;AAEnB,yHAAA,4BAA4B,OAAA;AAC5B,oHAAA,uBAAuB,OAAA;AACvB,6HAAA,gCAAgC,OAAA;AAChC,uHAAA,0BAA0B,OAAA;AAC1B,2HAAA,8BAA8B,OAAA;AAC9B,wHAAA,2BAA2B,OAAA;AAK7B,4CAAiG;AAAxF,yHAAA,6BAA6B,OAAA;AAAE,2HAAA,+BAA+B,OAAA;AAevE,qFAAiF;AAAxE,mIAAA,sBAAsB,OAAA;AAE/B,qFAAiF;AAAxE,mIAAA,sBAAsB,OAAA;AAG/B,qFAAiF;AAAxE,mIAAA,sBAAsB,OAAA;AAQ/B,mFAA+E;AAAtE,iIAAA,qBAAqB,OAAA;AAG9B,+FAA2F;AAAlF,6IAAA,2BAA2B,OAAA;AAOpC,2FAAuF;AAA9E,yIAAA,yBAAyB,OAAA;AAGlC,6EAAyE;AAAhE,2HAAA,kBAAkB,OAAA;AAE3B,+FAA2F;AAAlF,6IAAA,2BAA2B,OAAA;AAEpC,iGAA6F;AAApF,+IAAA,4BAA4B,OAAA;AAMrC,6EAA6F;AAApF,qHAAA,yBAAyB,OAAA;AAMlC,iFAA6E;AAApE,+HAAA,oBAAoB,OAAA;AAM7B,yFAAiH;AAAxG,uIAAA,wBAAwB,OAA4B;AAE7D,+FAA2F;AAAlF,6IAAA,2BAA2B,OAAA;AAEpC,2FAAuF;AAA9E,yIAAA,yBAAyB,OAAA;AAQlC,6FAAyF;AAAhF,2IAAA,0BAA0B,OAAA;AAEnC,6FAAyF;AAAhF,2IAAA,0BAA0B,OAAA;AAEnC,iFAA6E;AAApE,+HAAA,oBAAoB,OAAA;AAC7B,6FAAyF;AAAhF,2IAAA,0BAA0B,OAAA;AAMnC,gDAA2C;AAAlC,oGAAA,MAAM,OAAA;AAEf,+CAAqD;AAA5C,mHAAA,mBAAmB,OAAA;AAE5B;;GAEG;AACH,SAAgB,yBAAyB;IACvC,OAAO,IAAI,kDAAsB,EAAE,CAAC;AACtC,CAAC;AAED,uDAA2F;AAAlF,0HAAA,sBAAsB,OAAA","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport * from \"./plugins/consumer.js\";\n\nexport { IdentityPlugin } from \"./plugins/provider.js\";\n\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential.js\";\n\nexport {\n AuthenticationError,\n ErrorResponse,\n AggregateAuthenticationError,\n AuthenticationErrorName,\n AggregateAuthenticationErrorName,\n CredentialUnavailableError,\n CredentialUnavailableErrorName,\n AuthenticationRequiredError,\n AuthenticationRequiredErrorOptions,\n} from \"./errors.js\";\n\nexport { AuthenticationRecord } from \"./msal/types.js\";\nexport { serializeAuthenticationRecord, deserializeAuthenticationRecord } from \"./msal/utils.js\";\nexport { TokenCredentialOptions } from \"./tokenCredentialOptions.js\";\nexport { MultiTenantTokenCredentialOptions } from \"./credentials/multiTenantTokenCredentialOptions.js\";\nexport { AuthorityValidationOptions } from \"./credentials/authorityValidationOptions.js\";\n// TODO: Export again once we're ready to release this feature.\n// export { RegionalAuthority } from \"./regionalAuthority\";\n\nexport { BrokerAuthOptions } from \"./credentials/brokerAuthOptions.js\";\nexport {\n BrokerOptions,\n BrokerEnabledOptions,\n BrokerDisabledOptions,\n} from \"./msal/nodeFlows/brokerOptions.js\";\nexport { InteractiveCredentialOptions } from \"./credentials/interactiveCredentialOptions.js\";\n\nexport { ChainedTokenCredential } from \"./credentials/chainedTokenCredential.js\";\n\nexport { ClientSecretCredential } from \"./credentials/clientSecretCredential.js\";\nexport { ClientSecretCredentialOptions } from \"./credentials/clientSecretCredentialOptions.js\";\n\nexport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential.js\";\nexport {\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialResourceIdOptions,\n DefaultAzureCredentialEnvVars,\n} from \"./credentials/defaultAzureCredentialOptions.js\";\n\nexport { EnvironmentCredential } from \"./credentials/environmentCredential.js\";\nexport { EnvironmentCredentialOptions } from \"./credentials/environmentCredentialOptions.js\";\n\nexport { ClientCertificateCredential } from \"./credentials/clientCertificateCredential.js\";\nexport {\n ClientCertificateCredentialPEMConfiguration,\n ClientCertificatePEMCertificatePath,\n ClientCertificatePEMCertificate,\n} from \"./credentials/clientCertificateCredentialModels.js\";\nexport { ClientCertificateCredentialOptions } from \"./credentials/clientCertificateCredentialOptions.js\";\nexport { ClientAssertionCredential } from \"./credentials/clientAssertionCredential.js\";\nexport { ClientAssertionCredentialOptions } from \"./credentials/clientAssertionCredentialOptions.js\";\nexport { CredentialPersistenceOptions } from \"./credentials/credentialPersistenceOptions.js\";\nexport { AzureCliCredential } from \"./credentials/azureCliCredential.js\";\nexport { AzureCliCredentialOptions } from \"./credentials/azureCliCredentialOptions.js\";\nexport { AzureDeveloperCliCredential } from \"./credentials/azureDeveloperCliCredential.js\";\nexport { AzureDeveloperCliCredentialOptions } from \"./credentials/azureDeveloperCliCredentialOptions.js\";\nexport { InteractiveBrowserCredential } from \"./credentials/interactiveBrowserCredential.js\";\nexport {\n InteractiveBrowserCredentialNodeOptions,\n InteractiveBrowserCredentialInBrowserOptions,\n BrowserLoginStyle,\n} from \"./credentials/interactiveBrowserCredentialOptions.js\";\nexport { ManagedIdentityCredential } from \"./credentials/managedIdentityCredential/index.js\";\nexport {\n ManagedIdentityCredentialClientIdOptions,\n ManagedIdentityCredentialResourceIdOptions,\n ManagedIdentityCredentialObjectIdOptions,\n} from \"./credentials/managedIdentityCredential/options.js\";\nexport { DeviceCodeCredential } from \"./credentials/deviceCodeCredential.js\";\nexport {\n DeviceCodePromptCallback,\n DeviceCodeInfo,\n} from \"./credentials/deviceCodeCredentialOptions.js\";\nexport { DeviceCodeCredentialOptions } from \"./credentials/deviceCodeCredentialOptions.js\";\nexport { AzurePipelinesCredential as AzurePipelinesCredential } from \"./credentials/azurePipelinesCredential.js\";\nexport { AzurePipelinesCredentialOptions as AzurePipelinesCredentialOptions } from \"./credentials/azurePipelinesCredentialOptions.js\";\nexport { AuthorizationCodeCredential } from \"./credentials/authorizationCodeCredential.js\";\nexport { AuthorizationCodeCredentialOptions } from \"./credentials/authorizationCodeCredentialOptions.js\";\nexport { AzurePowerShellCredential } from \"./credentials/azurePowerShellCredential.js\";\nexport { AzurePowerShellCredentialOptions } from \"./credentials/azurePowerShellCredentialOptions.js\";\nexport {\n OnBehalfOfCredentialOptions,\n OnBehalfOfCredentialSecretOptions,\n OnBehalfOfCredentialCertificateOptions,\n OnBehalfOfCredentialAssertionOptions,\n} from \"./credentials/onBehalfOfCredentialOptions.js\";\nexport { UsernamePasswordCredential } from \"./credentials/usernamePasswordCredential.js\";\nexport { UsernamePasswordCredentialOptions } from \"./credentials/usernamePasswordCredentialOptions.js\";\nexport { VisualStudioCodeCredential } from \"./credentials/visualStudioCodeCredential.js\";\nexport { VisualStudioCodeCredentialOptions } from \"./credentials/visualStudioCodeCredentialOptions.js\";\nexport { OnBehalfOfCredential } from \"./credentials/onBehalfOfCredential.js\";\nexport { WorkloadIdentityCredential } from \"./credentials/workloadIdentityCredential.js\";\nexport { WorkloadIdentityCredentialOptions } from \"./credentials/workloadIdentityCredentialOptions.js\";\nexport { BrowserCustomizationOptions } from \"./credentials/browserCustomizationOptions.js\";\nexport { TokenCachePersistenceOptions } from \"./msal/nodeFlows/tokenCachePersistenceOptions.js\";\n\nexport { TokenCredential, GetTokenOptions, AccessToken } from \"@azure/core-auth\";\nexport { logger } from \"./util/logging.js\";\n\nexport { AzureAuthorityHosts } from \"./constants.js\";\n\n/*\n Returns a new instance of the {@link DefaultAzureCredential}.\n */\nexport function getDefaultAzureCredential(): TokenCredential {\n return new DefaultAzureCredential();\n}\n\nexport { getBearerTokenProvider, GetBearerTokenProviderOptions } from \"./tokenProvider.js\";\n"]}

package/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"msalPlugins.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAQlD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,KAAK,EACV,yBAAyB,EACzB,iCAAiC,EAClC,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAEtF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,KAAK,EAAE;QACL;;WAEG;QACH,WAAW,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAC7C;;WAEG;QACH,cAAc,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;KACjD,CAAC;IACF;;OAEG;IACH,MAAM,EAAE;QACN;;;;WAIG;QACH,SAAS,EAAE,OAAO,CAAC;QACnB;;WAEG;QACH,oBAAoB,EAAE,OAAO,CAAC;QAC9B;;WAEG;QACH,kBAAkB,CAAC,EAAE,UAAU,CAAC;QAChC;;WAEG;QACH,kBAAkB,CAAC,EAAE,QAAQ,CAAC,mBAAmB,CAAC;QAClD;;WAEG;QACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;KACnC,CAAC;CACH;AAED;;;GAGG;AACH,eAAO,IAAI,mBAAmB,EAC1B,CAAC,CAAC,OAAO,CAAC,EAAE,4BAA4B,KAAK,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,GAC5E,SAAqB,CAAC;AAE1B;;;GAGG;AACH,eAAO,MAAM,wBAAwB;mCACJ,OAAO,CAAC,OAAO,mBAAmB,EAAE,SAAS,CAAC,GAAG,IAAI;CAGrF,CAAC;AAEF;;;GAGG;AACH,eAAO,IAAI,gBAAgB,EACvB;IACE,MAAM,EAAE,QAAQ,CAAC,mBAAmB,CAAC;CACtC,GACD,SAAqB,CAAC;AAE1B;;;GAGG;AACH,eAAO,IAAI,oBAAoB,EAAE,MAAM,GAAG,SAAqB,CAAC;AAEhE;;;GAGG;AACH,eAAO,IAAI,gBAAgB,EACvB;IACE,MAAM,EAAE,QAAQ,CAAC,mBAAmB,CAAC;CACtC,GACD,SAAqB,CAAC;AAE1B,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED;;;GAGG;AACH,eAAO,MAAM,+BAA+B,EAAE,yBAM7C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,mCAAmC,EAAE,iCASjD,CAAC;AAEF;;;;;;;GAOG;AACH,iBAAS,2BAA2B,CAAC,OAAO,EAAE,iBAAiB,GAAG,mBAAmB,~~CA8DpF~~;~~AAED~~;;GAEG;AACH,eAAO,MAAM,WAAW;;CAEvB,CAAC"}
1	+ {"version":3,"file":"msalPlugins.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAQlD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,KAAK,EACV,yBAAyB,EACzB,iCAAiC,EAClC,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAEtF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,KAAK,EAAE;QACL;;WAEG;QACH,WAAW,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAC7C;;WAEG;QACH,cAAc,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;KACjD,CAAC;IACF;;OAEG;IACH,MAAM,EAAE;QACN;;;;WAIG;QACH,SAAS,EAAE,OAAO,CAAC;QACnB;;WAEG;QACH,oBAAoB,EAAE,OAAO,CAAC;QAC9B;;WAEG;QACH,kBAAkB,CAAC,EAAE,UAAU,CAAC;QAChC;;WAEG;QACH,kBAAkB,CAAC,EAAE,QAAQ,CAAC,mBAAmB,CAAC;QAClD;;WAEG;QACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;KACnC,CAAC;CACH;AAED;;;GAGG;AACH,eAAO,IAAI,mBAAmB,EAC1B,CAAC,CAAC,OAAO,CAAC,EAAE,4BAA4B,KAAK,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,GAC5E,SAAqB,CAAC;AAE1B;;;GAGG;AACH,eAAO,MAAM,wBAAwB;mCACJ,OAAO,CAAC,OAAO,mBAAmB,EAAE,SAAS,CAAC,GAAG,IAAI;CAGrF,CAAC;AAEF;;;GAGG;AACH,eAAO,IAAI,gBAAgB,EACvB;IACE,MAAM,EAAE,QAAQ,CAAC,mBAAmB,CAAC;CACtC,GACD,SAAqB,CAAC;AAE1B;;;GAGG;AACH,eAAO,IAAI,oBAAoB,EAAE,MAAM,GAAG,SAAqB,CAAC;AAEhE;;;GAGG;AACH,eAAO,IAAI,gBAAgB,EACvB;IACE,MAAM,EAAE,QAAQ,CAAC,mBAAmB,CAAC;CACtC,GACD,SAAqB,CAAC;AAE1B,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED;;;GAGG;AACH,eAAO,MAAM,+BAA+B,EAAE,yBAM7C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,mCAAmC,EAAE,iCASjD,CAAC;AAEF;;;;;;;GAOG;AACH,iBAAS,2BAA2B,CAAC,OAAO,EAAE,iBAAiB,GAAG,mBAAmB,CAqCpF;AAyDD;;GAEG;AACH,eAAO,MAAM,WAAW;;CAEvB,CAAC"}

package/dist/commonjs/msal/nodeFlows/msalPlugins.js CHANGED Viewed

@@ -103,31 +103,59 @@ function generatePluginConfiguration(options) {
         });
     }
     if (options.brokerOptions?.enabled) {
-        if (options.isVSCodeCredential) {
-            if (exports.vsCodeBrokerInfo === undefined) {
-                throw new Error([
-                    "Visual Studio Code Credential was requested, but no plugin was configured or no authentication record was found.",
-                    "You must install the identity-vscode plugin package (`npm install --save @azure/identity-vscode`)",
-                    "and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling",
-                    "`useIdentityPlugin(vsCodePlugin)` before using `enableBroker`.",
-                ].join(" "));
-            }
-            config.broker.nativeBrokerPlugin = exports.vsCodeBrokerInfo.broker;
-        }
-        else {
-            if (exports.nativeBrokerInfo === undefined) {
-                throw new Error([
-                    "Broker for WAM was requested to be enabled, but no native broker was configured.",
-                    "You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)",
-                    "and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling",
-                    "`useIdentityPlugin(brokerPlugin)` before using `enableBroker`.",
-                ].join(" "));
-            }
-            config.broker.nativeBrokerPlugin = exports.nativeBrokerInfo.broker;
-        }
+        config.broker.nativeBrokerPlugin = getBrokerPlugin(options.isVSCodeCredential || false);
     }
     return config;
 }
+// Broker error message templates with variables for credential and package names
+const brokerErrorTemplates = {
+    missing: (credentialName, packageName, pluginVar) => [
+        `${credentialName} was requested, but no plugin was configured or no authentication record was found.`,
+        `You must install the ${packageName} plugin package (npm install --save ${packageName})`,
+        "and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling",
+        `useIdentityPlugin(${pluginVar}) before using enableBroker.`,
+    ].join(" "),
+    unavailable: (credentialName, packageName) => [
+        `${credentialName} was requested, and the plugin is configured, but the broker is unavailable.`,
+        `Ensure the ${credentialName} plugin is properly installed and configured.`,
+        "Check for missing native dependencies and ensure the package is properly installed.",
+        `See the README for prerequisites on installing and using ${packageName}.`,
+    ].join(" "),
+};
+// Values for VSCode and native broker configurations for error message
+const brokerConfig = {
+    vsCode: {
+        credentialName: "Visual Studio Code Credential",
+        packageName: "@azure/identity-vscode",
+        pluginVar: "vsCodePlugin",
+        get brokerInfo() {
+            return exports.vsCodeBrokerInfo;
+        },
+    },
+    native: {
+        credentialName: "Broker for WAM",
+        packageName: "@azure/identity-broker",
+        pluginVar: "nativeBrokerPlugin",
+        get brokerInfo() {
+            return exports.nativeBrokerInfo;
+        },
+    },
+};
+/**
+ * Set appropriate broker plugin based on whether VSCode or native broker is requested.
+ * @param isVSCodePlugin - true for VSCode broker, false for native broker
+ * @returns the broker plugin if available
+ */
+function getBrokerPlugin(isVSCodePlugin) {
+    const { credentialName, packageName, pluginVar, brokerInfo } = brokerConfig[isVSCodePlugin ? "vsCode" : "native"];
+    if (brokerInfo === undefined) {
+        throw new Error(brokerErrorTemplates.missing(credentialName, packageName, pluginVar));
+    }
+    if (brokerInfo.broker.isBrokerAvailable === false) {
+        throw new Error(brokerErrorTemplates.unavailable(credentialName, packageName));
+    }
+    return brokerInfo.broker;
+}
 /**
  * Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.
  */

package/dist/commonjs/msal/nodeFlows/msalPlugins.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"msalPlugins.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AA2GlC,0CAEC;AAED,0CAEC;AA7GD,qDAI4B;AAuD5B;;;GAGG;AACQ,QAAA,mBAAmB,GAEd,SAAS,CAAC;AAE1B;;;GAGG;AACU,QAAA,wBAAwB,GAAG;IACtC,cAAc,CAAC,cAA8D;QAC3E,2BAAmB,GAAG,cAAc,CAAC;IACvC,CAAC;CACF,CAAC;AAEF;;;GAGG;AACQ,QAAA,gBAAgB,GAIX,SAAS,CAAC;AAE1B;;;GAGG;AACQ,QAAA,oBAAoB,GAAuB,SAAS,CAAC;AAEhE;;;GAGG;AACQ,QAAA,gBAAgB,GAIX,SAAS,CAAC;AAE1B,SAAgB,eAAe;IAC7B,OAAO,wBAAgB,KAAK,SAAS,CAAC;AACxC,CAAC;AAED,SAAgB,eAAe;IAC7B,OAAO,4BAAoB,KAAK,SAAS,IAAI,wBAAgB,KAAK,SAAS,CAAC;AAC9E,CAAC;AAED;;;GAGG;AACU,QAAA,+BAA+B,GAA8B;IACxE,eAAe,CAAC,MAAM;QACpB,wBAAgB,GAAG;YACjB,MAAM;SACP,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;;GAGG;AACU,QAAA,mCAAmC,GAAsC;IACpF,uBAAuB,CAAC,IAAY;QAClC,4BAAoB,GAAG,IAAI,CAAC;IAC9B,CAAC;IACD,eAAe,CAAC,MAAoC;QAClD,wBAAgB,GAAG;YACjB,MAAM;SACP,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;;;;;;GAOG;AACH,SAAS,2BAA2B,CAAC,OAA0B;IAC7D,MAAM,MAAM,GAAwB;QAClC,KAAK,EAAE,EAAE;QACT,MAAM,EAAE;YACN,GAAG,OAAO,CAAC,aAAa;YACxB,SAAS,EAAE,OAAO,CAAC,aAAa,EAAE,OAAO,IAAI,KAAK;YAClD,oBAAoB,EAAE,OAAO,CAAC,aAAa,EAAE,0BAA0B,IAAI,KAAK;SACjF;KACF,CAAC;IAEF,IAAI,OAAO,CAAC,4BAA4B,EAAE,OAAO,EAAE,CAAC;QAClD,IAAI,2BAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,OAAO,CAAC,4BAA4B,CAAC,IAAI,IAAI,uCAAwB,CAAC;QAC5F,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,IAAA,2BAAmB,EAAC;YAC7C,IAAI,EAAE,GAAG,aAAa,IAAI,mCAAoB,EAAE;YAChD,GAAG,OAAO,CAAC,4BAA4B;SACxC,CAAC,CAAC;QACH,MAAM,CAAC,KAAK,CAAC,cAAc,GAAG,IAAA,2BAAmB,EAAC;YAChD,IAAI,EAAE,GAAG,aAAa,IAAI,+BAAgB,EAAE;YAC5C,GAAG,OAAO,CAAC,4BAA4B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,OAAO,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;QACnC,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;YAC/B,IAAI,wBAAgB,KAAK,SAAS,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CACb;oBACE,kHAAkH;oBAClH,mGAAmG;oBACnG,mFAAmF;oBACnF,gEAAgE;iBACjE,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;YACJ,CAAC;YACD,MAAM,CAAC,MAAM,CAAC,kBAAkB,GAAG,wBAAiB,CAAC,MAAM,CAAC;QAC9D,CAAC;aAAM,CAAC;YACN,IAAI,wBAAgB,KAAK,SAAS,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CACb;oBACE,kFAAkF;oBAClF,mGAAmG;oBACnG,mFAAmF;oBACnF,gEAAgE;iBACjE,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;YACJ,CAAC;YACD,MAAM,CAAC,MAAM,CAAC,kBAAkB,GAAG,wBAAiB,CAAC,MAAM,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACU,QAAA,WAAW,GAAG;IACzB,2BAA2B;CAC5B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type * as msalNode from \"@azure/msal-node\";\n\nimport {\n CACHE_CAE_SUFFIX,\n CACHE_NON_CAE_SUFFIX,\n DEFAULT_TOKEN_CACHE_NAME,\n} from \"../../constants.js\";\n\nimport type { MsalClientOptions } from \"./msalClient.js\";\nimport type {\n NativeBrokerPluginControl,\n VisualStudioCodeCredentialControl,\n} from \"../../plugins/provider.js\";\nimport type { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions.js\";\n\n/*\n Configuration for the plugins used by the MSAL node client.\n /\nexport interface PluginConfiguration {\n /\n Configuration for the cache plugin.\n /\n cache: {\n /\n The non-CAE cache plugin handler.\n /\n cachePlugin?: Promise<msalNode.ICachePlugin>;\n /\n The CAE cache plugin handler - persisted to a different file.\n /\n cachePluginCae?: Promise<msalNode.ICachePlugin>;\n };\n /\n Configuration for the broker plugin.\n /\n broker: {\n /\n True if the broker plugin is enabled and available. False otherwise.\n \n It is a bug if this is true and the broker plugin is not available.\n /\n isEnabled: boolean;\n /\n If true, MSA account will be passed through, required for WAM authentication.\n /\n enableMsaPassthrough: boolean;\n /\n The parent window handle for the broker.\n /\n parentWindowHandle?: Uint8Array;\n /\n The native broker plugin handler.\n /\n nativeBrokerPlugin?: msalNode.INativeBrokerPlugin;\n /\n If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication. Default is set to false.\n /\n useDefaultBrokerAccount?: boolean;\n };\n}\n\n/\n The current persistence provider, undefined by default.\n * @internal\n /\nexport let persistenceProvider:\n \| ((options?: TokenCachePersistenceOptions) => Promise<msalNode.ICachePlugin>)\n \| undefined = undefined;\n\n/\n An object that allows setting the persistence provider.\n * @internal\n /\nexport const msalNodeFlowCacheControl = {\n setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void {\n persistenceProvider = pluginProvider;\n },\n};\n\n/\n The current native broker provider, undefined by default.\n * @internal\n /\nexport let nativeBrokerInfo:\n \| {\n broker: msalNode.INativeBrokerPlugin;\n }\n \| undefined = undefined;\n\n/\n The current VSCode auth record path, undefined by default.\n * @internal\n /\nexport let vsCodeAuthRecordPath: string \| undefined = undefined;\n\n/\n The current VSCode broker, undefined by default.\n * @internal\n /\nexport let vsCodeBrokerInfo:\n \| {\n broker: msalNode.INativeBrokerPlugin;\n }\n \| undefined = undefined;\n\nexport function hasNativeBroker(): boolean {\n return nativeBrokerInfo !== undefined;\n}\n\nexport function hasVSCodePlugin(): boolean {\n return vsCodeAuthRecordPath !== undefined && vsCodeBrokerInfo !== undefined;\n}\n\n/\n An object that allows setting the native broker provider.\n * @internal\n /\nexport const msalNodeFlowNativeBrokerControl: NativeBrokerPluginControl = {\n setNativeBroker(broker): void {\n nativeBrokerInfo = {\n broker,\n };\n },\n};\n\n/\n An object that allows setting the VSCode credential auth record path and broker.\n * @internal\n /\nexport const msalNodeFlowVSCodeCredentialControl: VisualStudioCodeCredentialControl = {\n setVSCodeAuthRecordPath(path: string): void {\n vsCodeAuthRecordPath = path;\n },\n setVSCodeBroker(broker: msalNode.INativeBrokerPlugin): void {\n vsCodeBrokerInfo = {\n broker,\n };\n },\n};\n\n/\n Configures plugins, validating that required plugins are available and enabled.\n \n Does not create the plugins themselves, but rather returns the configuration that will be used to create them.\n \n @param options - options for creating the MSAL client\n * @returns plugin configuration\n /\nfunction generatePluginConfiguration(options: MsalClientOptions): PluginConfiguration {\n const config: PluginConfiguration = {\n cache: {},\n broker: {\n ...options.brokerOptions,\n isEnabled: options.brokerOptions?.enabled ?? false,\n enableMsaPassthrough: options.brokerOptions?.legacyEnableMsaPassthrough ?? false,\n },\n };\n\n if (options.tokenCachePersistenceOptions?.enabled) {\n if (persistenceProvider === undefined) {\n throw new Error(\n [\n \"Persistent token caching was requested, but no persistence provider was configured.\",\n \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\",\n ].join(\" \"),\n );\n }\n\n const cacheBaseName = options.tokenCachePersistenceOptions.name \|\| DEFAULT_TOKEN_CACHE_NAME;\n config.cache.cachePlugin = persistenceProvider({\n name: `${cacheBaseName}.${CACHE_NON_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n });\n config.cache.cachePluginCae = persistenceProvider({\n name: `${cacheBaseName}.${CACHE_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n });\n }\n\n if (options.brokerOptions?.enabled) {\n if (options.isVSCodeCredential) {\n if (vsCodeBrokerInfo === undefined) {\n throw new Error(\n [\n \"Visual Studio Code Credential was requested, but no plugin was configured or no authentication record was found.\",\n \"You must install the identity-vscode plugin package (`npm install --save @azure/identity-vscode`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(vsCodePlugin)` before using `enableBroker`.\",\n ].join(\" \"),\n );\n }\n config.broker.nativeBrokerPlugin = vsCodeBrokerInfo!.broker;\n } else {\n if (nativeBrokerInfo === undefined) {\n throw new Error(\n [\n \"Broker for WAM was requested to be enabled, but no native broker was configured.\",\n \"You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(brokerPlugin)` before using `enableBroker`.\",\n ].join(\" \"),\n );\n }\n config.broker.nativeBrokerPlugin = nativeBrokerInfo!.broker;\n }\n }\n\n return config;\n}\n\n/\n Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.\n */\nexport const msalPlugins = {\n generatePluginConfiguration,\n};\n"]}
1	+ {"version":3,"file":"msalPlugins.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AA2GlC,0CAEC;AAED,0CAEC;AA7GD,qDAI4B;AAuD5B;;;GAGG;AACQ,QAAA,mBAAmB,GAEd,SAAS,CAAC;AAE1B;;;GAGG;AACU,QAAA,wBAAwB,GAAG;IACtC,cAAc,CAAC,cAA8D;QAC3E,2BAAmB,GAAG,cAAc,CAAC;IACvC,CAAC;CACF,CAAC;AAEF;;;GAGG;AACQ,QAAA,gBAAgB,GAIX,SAAS,CAAC;AAE1B;;;GAGG;AACQ,QAAA,oBAAoB,GAAuB,SAAS,CAAC;AAEhE;;;GAGG;AACQ,QAAA,gBAAgB,GAIX,SAAS,CAAC;AAE1B,SAAgB,eAAe;IAC7B,OAAO,wBAAgB,KAAK,SAAS,CAAC;AACxC,CAAC;AAED,SAAgB,eAAe;IAC7B,OAAO,4BAAoB,KAAK,SAAS,IAAI,wBAAgB,KAAK,SAAS,CAAC;AAC9E,CAAC;AAED;;;GAGG;AACU,QAAA,+BAA+B,GAA8B;IACxE,eAAe,CAAC,MAAM;QACpB,wBAAgB,GAAG;YACjB,MAAM;SACP,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;;GAGG;AACU,QAAA,mCAAmC,GAAsC;IACpF,uBAAuB,CAAC,IAAY;QAClC,4BAAoB,GAAG,IAAI,CAAC;IAC9B,CAAC;IACD,eAAe,CAAC,MAAoC;QAClD,wBAAgB,GAAG;YACjB,MAAM;SACP,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;;;;;;GAOG;AACH,SAAS,2BAA2B,CAAC,OAA0B;IAC7D,MAAM,MAAM,GAAwB;QAClC,KAAK,EAAE,EAAE;QACT,MAAM,EAAE;YACN,GAAG,OAAO,CAAC,aAAa;YACxB,SAAS,EAAE,OAAO,CAAC,aAAa,EAAE,OAAO,IAAI,KAAK;YAClD,oBAAoB,EAAE,OAAO,CAAC,aAAa,EAAE,0BAA0B,IAAI,KAAK;SACjF;KACF,CAAC;IAEF,IAAI,OAAO,CAAC,4BAA4B,EAAE,OAAO,EAAE,CAAC;QAClD,IAAI,2BAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,OAAO,CAAC,4BAA4B,CAAC,IAAI,IAAI,uCAAwB,CAAC;QAC5F,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,IAAA,2BAAmB,EAAC;YAC7C,IAAI,EAAE,GAAG,aAAa,IAAI,mCAAoB,EAAE;YAChD,GAAG,OAAO,CAAC,4BAA4B;SACxC,CAAC,CAAC;QACH,MAAM,CAAC,KAAK,CAAC,cAAc,GAAG,IAAA,2BAAmB,EAAC;YAChD,IAAI,EAAE,GAAG,aAAa,IAAI,+BAAgB,EAAE;YAC5C,GAAG,OAAO,CAAC,4BAA4B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,OAAO,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,kBAAkB,GAAG,eAAe,CAAC,OAAO,CAAC,kBAAkB,IAAI,KAAK,CAAC,CAAC;IAC1F,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,iFAAiF;AACjF,MAAM,oBAAoB,GAAG;IAC3B,OAAO,EAAE,CAAC,cAAsB,EAAE,WAAmB,EAAE,SAAiB,EAAE,EAAE,CAC1E;QACE,GAAG,cAAc,qFAAqF;QACtG,wBAAwB,WAAW,uCAAuC,WAAW,GAAG;QACxF,mFAAmF;QACnF,qBAAqB,SAAS,8BAA8B;KAC7D,CAAC,IAAI,CAAC,GAAG,CAAC;IACb,WAAW,EAAE,CAAC,cAAsB,EAAE,WAAmB,EAAE,EAAE,CAC3D;QACE,GAAG,cAAc,8EAA8E;QAC/F,cAAc,cAAc,+CAA+C;QAC3E,qFAAqF;QACrF,4DAA4D,WAAW,GAAG;KAC3E,CAAC,IAAI,CAAC,GAAG,CAAC;CACd,CAAC;AAEF,uEAAuE;AACvE,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE;QACN,cAAc,EAAE,+BAA+B;QAC/C,WAAW,EAAE,wBAAwB;QACrC,SAAS,EAAE,cAAc;QACzB,IAAI,UAAU;YACZ,OAAO,wBAAgB,CAAC;QAC1B,CAAC;KACF;IACD,MAAM,EAAE;QACN,cAAc,EAAE,gBAAgB;QAChC,WAAW,EAAE,wBAAwB;QACrC,SAAS,EAAE,oBAAoB;QAC/B,IAAI,UAAU;YACZ,OAAO,wBAAgB,CAAC;QAC1B,CAAC;KACF;CACO,CAAC;AAEX;;;;GAIG;AACH,SAAS,eAAe,CAAC,cAAuB;IAC9C,MAAM,EAAE,cAAc,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,EAAE,GAC1D,YAAY,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACrD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,OAAO,CAAC,cAAc,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC;IACxF,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,CAAC,iBAAiB,KAAK,KAAK,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,WAAW,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC,CAAC;IACjF,CAAC;IACD,OAAO,UAAU,CAAC,MAAM,CAAC;AAC3B,CAAC;AAED;;GAEG;AACU,QAAA,WAAW,GAAG;IACzB,2BAA2B;CAC5B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type * as msalNode from \"@azure/msal-node\";\n\nimport {\n CACHE_CAE_SUFFIX,\n CACHE_NON_CAE_SUFFIX,\n DEFAULT_TOKEN_CACHE_NAME,\n} from \"../../constants.js\";\n\nimport type { MsalClientOptions } from \"./msalClient.js\";\nimport type {\n NativeBrokerPluginControl,\n VisualStudioCodeCredentialControl,\n} from \"../../plugins/provider.js\";\nimport type { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions.js\";\n\n/*\n Configuration for the plugins used by the MSAL node client.\n /\nexport interface PluginConfiguration {\n /\n Configuration for the cache plugin.\n /\n cache: {\n /\n The non-CAE cache plugin handler.\n /\n cachePlugin?: Promise<msalNode.ICachePlugin>;\n /\n The CAE cache plugin handler - persisted to a different file.\n /\n cachePluginCae?: Promise<msalNode.ICachePlugin>;\n };\n /\n Configuration for the broker plugin.\n /\n broker: {\n /\n True if the broker plugin is enabled and available. False otherwise.\n \n It is a bug if this is true and the broker plugin is not available.\n /\n isEnabled: boolean;\n /\n If true, MSA account will be passed through, required for WAM authentication.\n /\n enableMsaPassthrough: boolean;\n /\n The parent window handle for the broker.\n /\n parentWindowHandle?: Uint8Array;\n /\n The native broker plugin handler.\n /\n nativeBrokerPlugin?: msalNode.INativeBrokerPlugin;\n /\n If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication. Default is set to false.\n /\n useDefaultBrokerAccount?: boolean;\n };\n}\n\n/\n The current persistence provider, undefined by default.\n * @internal\n /\nexport let persistenceProvider:\n \| ((options?: TokenCachePersistenceOptions) => Promise<msalNode.ICachePlugin>)\n \| undefined = undefined;\n\n/\n An object that allows setting the persistence provider.\n * @internal\n /\nexport const msalNodeFlowCacheControl = {\n setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void {\n persistenceProvider = pluginProvider;\n },\n};\n\n/\n The current native broker provider, undefined by default.\n * @internal\n /\nexport let nativeBrokerInfo:\n \| {\n broker: msalNode.INativeBrokerPlugin;\n }\n \| undefined = undefined;\n\n/\n The current VSCode auth record path, undefined by default.\n * @internal\n /\nexport let vsCodeAuthRecordPath: string \| undefined = undefined;\n\n/\n The current VSCode broker, undefined by default.\n * @internal\n /\nexport let vsCodeBrokerInfo:\n \| {\n broker: msalNode.INativeBrokerPlugin;\n }\n \| undefined = undefined;\n\nexport function hasNativeBroker(): boolean {\n return nativeBrokerInfo !== undefined;\n}\n\nexport function hasVSCodePlugin(): boolean {\n return vsCodeAuthRecordPath !== undefined && vsCodeBrokerInfo !== undefined;\n}\n\n/\n An object that allows setting the native broker provider.\n * @internal\n /\nexport const msalNodeFlowNativeBrokerControl: NativeBrokerPluginControl = {\n setNativeBroker(broker): void {\n nativeBrokerInfo = {\n broker,\n };\n },\n};\n\n/\n An object that allows setting the VSCode credential auth record path and broker.\n * @internal\n /\nexport const msalNodeFlowVSCodeCredentialControl: VisualStudioCodeCredentialControl = {\n setVSCodeAuthRecordPath(path: string): void {\n vsCodeAuthRecordPath = path;\n },\n setVSCodeBroker(broker: msalNode.INativeBrokerPlugin): void {\n vsCodeBrokerInfo = {\n broker,\n };\n },\n};\n\n/\n Configures plugins, validating that required plugins are available and enabled.\n \n Does not create the plugins themselves, but rather returns the configuration that will be used to create them.\n \n @param options - options for creating the MSAL client\n * @returns plugin configuration\n /\nfunction generatePluginConfiguration(options: MsalClientOptions): PluginConfiguration {\n const config: PluginConfiguration = {\n cache: {},\n broker: {\n ...options.brokerOptions,\n isEnabled: options.brokerOptions?.enabled ?? false,\n enableMsaPassthrough: options.brokerOptions?.legacyEnableMsaPassthrough ?? false,\n },\n };\n\n if (options.tokenCachePersistenceOptions?.enabled) {\n if (persistenceProvider === undefined) {\n throw new Error(\n [\n \"Persistent token caching was requested, but no persistence provider was configured.\",\n \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\",\n ].join(\" \"),\n );\n }\n\n const cacheBaseName = options.tokenCachePersistenceOptions.name \|\| DEFAULT_TOKEN_CACHE_NAME;\n config.cache.cachePlugin = persistenceProvider({\n name: `${cacheBaseName}.${CACHE_NON_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n });\n config.cache.cachePluginCae = persistenceProvider({\n name: `${cacheBaseName}.${CACHE_CAE_SUFFIX}`,\n ...options.tokenCachePersistenceOptions,\n });\n }\n\n if (options.brokerOptions?.enabled) {\n config.broker.nativeBrokerPlugin = getBrokerPlugin(options.isVSCodeCredential \|\| false);\n }\n return config;\n}\n\n// Broker error message templates with variables for credential and package names\nconst brokerErrorTemplates = {\n missing: (credentialName: string, packageName: string, pluginVar: string) =>\n [\n `${credentialName} was requested, but no plugin was configured or no authentication record was found.`,\n `You must install the ${packageName} plugin package (npm install --save ${packageName})`,\n \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n `useIdentityPlugin(${pluginVar}) before using enableBroker.`,\n ].join(\" \"),\n unavailable: (credentialName: string, packageName: string) =>\n [\n `${credentialName} was requested, and the plugin is configured, but the broker is unavailable.`,\n `Ensure the ${credentialName} plugin is properly installed and configured.`,\n \"Check for missing native dependencies and ensure the package is properly installed.\",\n `See the README for prerequisites on installing and using ${packageName}.`,\n ].join(\" \"),\n};\n\n// Values for VSCode and native broker configurations for error message\nconst brokerConfig = {\n vsCode: {\n credentialName: \"Visual Studio Code Credential\",\n packageName: \"@azure/identity-vscode\",\n pluginVar: \"vsCodePlugin\",\n get brokerInfo() {\n return vsCodeBrokerInfo;\n },\n },\n native: {\n credentialName: \"Broker for WAM\",\n packageName: \"@azure/identity-broker\",\n pluginVar: \"nativeBrokerPlugin\",\n get brokerInfo() {\n return nativeBrokerInfo;\n },\n },\n} as const;\n\n/\n Set appropriate broker plugin based on whether VSCode or native broker is requested.\n * @param isVSCodePlugin - true for VSCode broker, false for native broker\n * @returns the broker plugin if available\n /\nfunction getBrokerPlugin(isVSCodePlugin: boolean): msalNode.INativeBrokerPlugin {\n const { credentialName, packageName, pluginVar, brokerInfo } =\n brokerConfig[isVSCodePlugin ? \"vsCode\" : \"native\"];\n if (brokerInfo === undefined) {\n throw new Error(brokerErrorTemplates.missing(credentialName, packageName, pluginVar));\n }\n if (brokerInfo.broker.isBrokerAvailable === false) {\n throw new Error(brokerErrorTemplates.unavailable(credentialName, packageName));\n }\n return brokerInfo.broker;\n}\n\n/\n Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.\n */\nexport const msalPlugins = {\n generatePluginConfiguration,\n};\n"]}

package/dist/esm/constants.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /**
  * Current version of the `@azure/identity` package.
  */
-export declare const SDK_VERSION = "4.11.2";
+export declare const SDK_VERSION = "4.12.0";
 /**
  * The default client ID for authentication
  * @internal

package/dist/esm/constants.js CHANGED Viewed

@@ -3,7 +3,7 @@
 /**
  * Current version of the `@azure/identity` package.
  */
-export const SDK_VERSION = `4.11.2`;
+export const SDK_VERSION = `4.12.0`;
 /**
  * The default client ID for authentication
  * @internal