@azure/identity 4.14.0-beta.1 → 4.14.0-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -40
- package/dist/browser/client/identityClient.d.ts +5 -4
- package/dist/browser/client/identityClient.d.ts.map +1 -1
- package/dist/browser/client/identityClient.js +56 -18
- package/dist/browser/client/identityClient.js.map +1 -1
- package/dist/browser/constants.d.ts +1 -1
- package/dist/browser/constants.js +1 -1
- package/dist/browser/constants.js.map +1 -1
- package/dist/browser/credentials/authorizationCodeCredential.d.ts +3 -3
- package/dist/browser/credentials/authorizationCodeCredential.d.ts.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredential.js +2 -2
- package/dist/browser/credentials/authorizationCodeCredential.js.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/authorizationCodeCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/azureCliCredential.d.ts +5 -4
- package/dist/browser/credentials/azureCliCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azureCliCredential.js +3 -3
- package/dist/browser/credentials/azureCliCredential.js.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential.d.ts +5 -4
- package/dist/browser/credentials/azureDeveloperCliCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential.js +3 -3
- package/dist/browser/credentials/azureDeveloperCliCredential.js.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential.d.ts +5 -4
- package/dist/browser/credentials/azurePipelinesCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential.js +3 -3
- package/dist/browser/credentials/azurePipelinesCredential.js.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/azurePipelinesCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/azurePowerShellCredential.d.ts +5 -4
- package/dist/browser/credentials/azurePowerShellCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azurePowerShellCredential.js +3 -3
- package/dist/browser/credentials/azurePowerShellCredential.js.map +1 -0
- package/dist/browser/credentials/brokerCredential.d.ts +2 -2
- package/dist/browser/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/browser/credentials/brokerCredential.js +0 -1
- package/dist/browser/credentials/brokerCredential.js.map +1 -1
- package/dist/browser/credentials/clientAssertionCredential.d.ts +5 -4
- package/dist/browser/credentials/clientAssertionCredential.d.ts.map +1 -0
- package/dist/browser/credentials/clientAssertionCredential.js +3 -3
- package/dist/browser/credentials/clientAssertionCredential.js.map +1 -0
- package/dist/browser/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/clientAssertionCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/clientCertificateCredential.d.ts +6 -4
- package/dist/browser/credentials/clientCertificateCredential.d.ts.map +1 -0
- package/dist/browser/credentials/clientCertificateCredential.js +3 -3
- package/dist/browser/credentials/clientCertificateCredential.js.map +1 -0
- package/dist/browser/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/clientCertificateCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/clientSecretCredential.d.ts +1 -1
- package/dist/browser/credentials/clientSecretCredential.d.ts.map +1 -0
- package/dist/browser/credentials/clientSecretCredential.js +1 -1
- package/dist/browser/credentials/clientSecretCredential.js.map +1 -0
- package/dist/browser/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/clientSecretCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/defaultAzureCredential.d.ts +3 -3
- package/dist/browser/credentials/defaultAzureCredential.d.ts.map +1 -0
- package/dist/browser/credentials/defaultAzureCredential.js +2 -2
- package/dist/browser/credentials/defaultAzureCredential.js.map +1 -0
- package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/defaultAzureCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/deviceCodeCredential.d.ts +5 -4
- package/dist/browser/credentials/deviceCodeCredential.d.ts.map +1 -0
- package/dist/browser/credentials/deviceCodeCredential.js +3 -3
- package/dist/browser/credentials/deviceCodeCredential.js.map +1 -0
- package/dist/browser/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/deviceCodeCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/environmentCredential.d.ts +5 -4
- package/dist/browser/credentials/environmentCredential.d.ts.map +1 -0
- package/dist/browser/credentials/environmentCredential.js +3 -3
- package/dist/browser/credentials/environmentCredential.js.map +1 -0
- package/dist/browser/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/environmentCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/interactiveBrowserCredential.d.ts +1 -1
- package/dist/browser/credentials/interactiveBrowserCredential.d.ts.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredential.js +1 -1
- package/dist/browser/credentials/interactiveBrowserCredential.js.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/interactiveCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/managedIdentityCredential/index.d.ts +9 -4
- package/dist/browser/credentials/managedIdentityCredential/index.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/index.js +3 -3
- package/dist/browser/credentials/managedIdentityCredential/index.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist/browser/credentials/onBehalfOfCredential.d.ts +5 -4
- package/dist/browser/credentials/onBehalfOfCredential.d.ts.map +1 -0
- package/dist/browser/credentials/onBehalfOfCredential.js +3 -3
- package/dist/browser/credentials/onBehalfOfCredential.js.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential.d.ts +1 -1
- package/dist/browser/credentials/usernamePasswordCredential.d.ts.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential.js +1 -1
- package/dist/browser/credentials/usernamePasswordCredential.js.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/usernamePasswordCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/visualStudioCodeCredential.d.ts +5 -4
- package/dist/browser/credentials/visualStudioCodeCredential.d.ts.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredential.js +3 -3
- package/dist/browser/credentials/visualStudioCodeCredential.js.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential.d.ts +5 -4
- package/dist/browser/credentials/workloadIdentityCredential.d.ts.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential.js +3 -3
- package/dist/browser/credentials/workloadIdentityCredential.js.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/workloadIdentityCredentialOptions.js.map +1 -1
- package/dist/browser/index.d.ts +33 -33
- package/dist/browser/index.d.ts.map +1 -1
- package/dist/browser/index.js.map +1 -1
- package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/browser/msal/browserFlows/msalBrowserCommon.js +2 -3
- package/dist/browser/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist/browser/msal/msal.d.ts +2 -3
- package/dist/browser/msal/msal.d.ts.map +1 -0
- package/dist/browser/msal/msal.js +2 -3
- package/dist/browser/msal/msal.js.map +1 -0
- package/dist/browser/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/browser/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/browser/msal/nodeFlows/msalClient.js +6 -6
- package/dist/browser/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist/browser/msal/utils.d.ts +5 -13
- package/dist/browser/msal/utils.d.ts.map +1 -1
- package/dist/browser/msal/utils.js +12 -25
- package/dist/browser/msal/utils.js.map +1 -1
- package/dist/browser/plugins/consumer.d.ts +1 -1
- package/dist/browser/plugins/consumer.d.ts.map +1 -0
- package/dist/browser/plugins/consumer.js +1 -1
- package/dist/browser/plugins/consumer.js.map +1 -0
- package/dist/browser/util/authorityHost.d.ts +10 -0
- package/dist/browser/util/authorityHost.d.ts.map +1 -0
- package/dist/browser/util/authorityHost.js +18 -0
- package/dist/browser/util/authorityHost.js.map +1 -0
- package/dist/browser/util/processMultiTenantRequest.d.ts +3 -2
- package/dist/browser/util/processMultiTenantRequest.d.ts.map +1 -0
- package/dist/browser/util/processMultiTenantRequest.js +2 -2
- package/dist/browser/util/processMultiTenantRequest.js.map +1 -0
- package/dist/commonjs/client/identityClient.d.ts +5 -4
- package/dist/commonjs/client/identityClient.d.ts.map +1 -1
- package/dist/commonjs/client/identityClient.js +295 -252
- package/dist/commonjs/client/identityClient.js.map +7 -1
- package/dist/commonjs/constants.d.ts +1 -1
- package/dist/commonjs/constants.js +61 -78
- package/dist/commonjs/constants.js.map +7 -1
- package/dist/commonjs/credentials/authorityValidationOptions.js +16 -5
- package/dist/commonjs/credentials/authorityValidationOptions.js.map +7 -1
- package/dist/commonjs/credentials/authorizationCodeCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/authorizationCodeCredential.js +98 -75
- package/dist/commonjs/credentials/authorizationCodeCredential.js.map +7 -1
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azureCliCredential.js +245 -214
- package/dist/commonjs/credentials/azureCliCredential.js.map +7 -1
- package/dist/commonjs/credentials/azureCliCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azureCliCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts +10 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/azureDeveloperCliCredential.js +237 -202
- package/dist/commonjs/credentials/azureDeveloperCliCredential.js.map +7 -1
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azurePipelinesCredential.js +173 -135
- package/dist/commonjs/credentials/azurePipelinesCredential.js.map +7 -1
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azurePowerShellCredential.js +201 -205
- package/dist/commonjs/credentials/azurePowerShellCredential.js.map +7 -1
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/brokerAuthOptions.js +16 -3
- package/dist/commonjs/credentials/brokerAuthOptions.js.map +7 -1
- package/dist/commonjs/credentials/brokerCredential.d.ts +2 -2
- package/dist/commonjs/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/brokerCredential.js +103 -71
- package/dist/commonjs/credentials/brokerCredential.js.map +7 -1
- package/dist/commonjs/credentials/browserCustomizationOptions.js +16 -5
- package/dist/commonjs/credentials/browserCustomizationOptions.js.map +7 -1
- package/dist/commonjs/credentials/chainedTokenCredential.js +113 -93
- package/dist/commonjs/credentials/chainedTokenCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientAssertionCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientAssertionCredential.js +101 -64
- package/dist/commonjs/credentials/clientAssertionCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/clientCertificateCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientCertificateCredential.js +129 -124
- package/dist/commonjs/credentials/clientCertificateCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientCertificateCredentialModels.js +16 -5
- package/dist/commonjs/credentials/clientCertificateCredentialModels.js.map +7 -1
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/clientSecretCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientSecretCredential.js +96 -68
- package/dist/commonjs/credentials/clientSecretCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientSecretCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/clientSecretCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/credentialPersistenceOptions.js +16 -5
- package/dist/commonjs/credentials/credentialPersistenceOptions.js.map +7 -1
- package/dist/commonjs/credentials/defaultAzureCredential.js +121 -159
- package/dist/commonjs/credentials/defaultAzureCredential.js.map +7 -1
- package/dist/commonjs/credentials/defaultAzureCredentialFunctions.js +110 -140
- package/dist/commonjs/credentials/defaultAzureCredentialFunctions.js.map +7 -1
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/deviceCodeCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/deviceCodeCredential.js +132 -104
- package/dist/commonjs/credentials/deviceCodeCredential.js.map +7 -1
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/environmentCredential.js +157 -123
- package/dist/commonjs/credentials/environmentCredential.js.map +7 -1
- package/dist/commonjs/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/environmentCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/environmentCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/interactiveBrowserCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/interactiveBrowserCredential.js +144 -108
- package/dist/commonjs/credentials/interactiveBrowserCredential.js.map +7 -1
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/interactiveCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/interactiveCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js +92 -91
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js +51 -44
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/index.js +256 -242
- package/dist/commonjs/credentials/managedIdentityCredential/index.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/models.js +16 -5
- package/dist/commonjs/credentials/managedIdentityCredential/models.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/options.js +16 -5
- package/dist/commonjs/credentials/managedIdentityCredential/options.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js +56 -39
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/utils.js +79 -75
- package/dist/commonjs/credentials/managedIdentityCredential/utils.js.map +7 -1
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/onBehalfOfCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/onBehalfOfCredential.js +168 -127
- package/dist/commonjs/credentials/onBehalfOfCredential.js.map +7 -1
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/usernamePasswordCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/usernamePasswordCredential.js +112 -76
- package/dist/commonjs/credentials/usernamePasswordCredential.js.map +7 -1
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/visualStudioCodeCredential.js +144 -132
- package/dist/commonjs/credentials/visualStudioCodeCredential.js.map +7 -1
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js +16 -5
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js.map +7 -1
- package/dist/commonjs/credentials/workloadIdentityCredential.js +284 -274
- package/dist/commonjs/credentials/workloadIdentityCredential.js.map +7 -1
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js.map +7 -1
- package/dist/commonjs/errors.js +131 -132
- package/dist/commonjs/errors.js.map +7 -1
- package/dist/commonjs/index.d.ts +33 -33
- package/dist/commonjs/index.d.ts.map +1 -1
- package/dist/commonjs/index.js +115 -67
- package/dist/commonjs/index.js.map +7 -1
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js +226 -249
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js.map +7 -1
- package/dist/commonjs/msal/browserFlows/msalBrowserOptions.js +16 -5
- package/dist/commonjs/msal/browserFlows/msalBrowserOptions.js.map +7 -1
- package/dist/commonjs/msal/credentials.js +16 -5
- package/dist/commonjs/msal/credentials.js.map +7 -1
- package/dist/commonjs/msal/msal.d.ts +1 -2
- package/dist/commonjs/msal/msal.d.ts.map +1 -1
- package/dist/commonjs/msal/msal.js +30 -9
- package/dist/commonjs/msal/msal.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/brokerOptions.js +16 -3
- package/dist/commonjs/msal/nodeFlows/brokerOptions.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/commonjs/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/commonjs/msal/nodeFlows/msalClient.js +450 -478
- package/dist/commonjs/msal/nodeFlows/msalClient.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/msalPlugins.js +140 -147
- package/dist/commonjs/msal/nodeFlows/msalPlugins.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js +16 -5
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js.map +7 -1
- package/dist/commonjs/msal/types.js +16 -5
- package/dist/commonjs/msal/types.js.map +7 -1
- package/dist/commonjs/msal/utils.d.ts +5 -13
- package/dist/commonjs/msal/utils.d.ts.map +1 -1
- package/dist/commonjs/msal/utils.js +172 -226
- package/dist/commonjs/msal/utils.js.map +7 -1
- package/dist/commonjs/plugins/consumer.js +32 -40
- package/dist/commonjs/plugins/consumer.js.map +7 -1
- package/dist/commonjs/plugins/provider.js +16 -5
- package/dist/commonjs/plugins/provider.js.map +7 -1
- package/dist/commonjs/regionalAuthority.js +93 -141
- package/dist/commonjs/regionalAuthority.js.map +7 -1
- package/dist/commonjs/tokenCredentialOptions.js +16 -5
- package/dist/commonjs/tokenCredentialOptions.js.map +7 -1
- package/dist/commonjs/tokenProvider.js +52 -52
- package/dist/commonjs/tokenProvider.js.map +7 -1
- package/dist/commonjs/tsdoc-metadata.json +1 -1
- package/dist/commonjs/util/authorityHost.d.ts +10 -0
- package/dist/commonjs/util/authorityHost.d.ts.map +1 -0
- package/dist/commonjs/util/authorityHost.js +36 -0
- package/dist/commonjs/util/authorityHost.js.map +7 -0
- package/dist/commonjs/util/certificatesUtils.js +54 -45
- package/dist/commonjs/util/certificatesUtils.js.map +7 -1
- package/dist/commonjs/util/identityTokenEndpoint.js +32 -12
- package/dist/commonjs/util/identityTokenEndpoint.js.map +7 -1
- package/dist/commonjs/util/logging.js +91 -97
- package/dist/commonjs/util/logging.js.map +7 -1
- package/dist/commonjs/util/processMultiTenantRequest.js +43 -33
- package/dist/commonjs/util/processMultiTenantRequest.js.map +7 -1
- package/dist/commonjs/util/processUtils.js +60 -35
- package/dist/commonjs/util/processUtils.js.map +7 -1
- package/dist/commonjs/util/scopeUtils.js +39 -28
- package/dist/commonjs/util/scopeUtils.js.map +7 -1
- package/dist/commonjs/util/subscriptionUtils.js +35 -17
- package/dist/commonjs/util/subscriptionUtils.js.map +7 -1
- package/dist/commonjs/util/tenantIdUtils.js +61 -45
- package/dist/commonjs/util/tenantIdUtils.js.map +7 -1
- package/dist/commonjs/util/tracing.js +33 -16
- package/dist/commonjs/util/tracing.js.map +7 -1
- package/dist/esm/client/identityClient.d.ts +5 -4
- package/dist/esm/client/identityClient.d.ts.map +1 -1
- package/dist/esm/client/identityClient.js +56 -18
- package/dist/esm/client/identityClient.js.map +1 -1
- package/dist/esm/constants.d.ts +1 -1
- package/dist/esm/constants.js +1 -1
- package/dist/esm/constants.js.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredential.d.ts.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredential.js +0 -1
- package/dist/esm/credentials/authorizationCodeCredential.js.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/azureDeveloperCliCredential.d.ts +10 -0
- package/dist/esm/credentials/azureDeveloperCliCredential.d.ts.map +1 -1
- package/dist/esm/credentials/azureDeveloperCliCredential.js +24 -1
- package/dist/esm/credentials/azureDeveloperCliCredential.js.map +1 -1
- package/dist/esm/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/azurePipelinesCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/brokerCredential.d.ts +2 -2
- package/dist/esm/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/esm/credentials/brokerCredential.js +0 -1
- package/dist/esm/credentials/brokerCredential.js.map +1 -1
- package/dist/esm/credentials/clientAssertionCredential.d.ts.map +1 -1
- package/dist/esm/credentials/clientAssertionCredential.js +1 -2
- package/dist/esm/credentials/clientAssertionCredential.js.map +1 -1
- package/dist/esm/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/clientAssertionCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/clientCertificateCredential.d.ts.map +1 -1
- package/dist/esm/credentials/clientCertificateCredential.js +0 -1
- package/dist/esm/credentials/clientCertificateCredential.js.map +1 -1
- package/dist/esm/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/clientCertificateCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/clientSecretCredential.d.ts.map +1 -1
- package/dist/esm/credentials/clientSecretCredential.js +0 -1
- package/dist/esm/credentials/clientSecretCredential.js.map +1 -1
- package/dist/esm/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/clientSecretCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/defaultAzureCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/deviceCodeCredential.d.ts.map +1 -1
- package/dist/esm/credentials/deviceCodeCredential.js +0 -1
- package/dist/esm/credentials/deviceCodeCredential.js.map +1 -1
- package/dist/esm/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/deviceCodeCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/environmentCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredential.d.ts.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredential.js +0 -1
- package/dist/esm/credentials/interactiveBrowserCredential.js.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/interactiveCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist/esm/credentials/onBehalfOfCredential.d.ts.map +1 -1
- package/dist/esm/credentials/onBehalfOfCredential.js +0 -1
- package/dist/esm/credentials/onBehalfOfCredential.js.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredential.d.ts.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredential.js +0 -1
- package/dist/esm/credentials/usernamePasswordCredential.js.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/visualStudioCodeCredential.js.map +1 -1
- package/dist/esm/credentials/workloadIdentityCredential.js +3 -3
- package/dist/esm/credentials/workloadIdentityCredential.js.map +1 -1
- package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/workloadIdentityCredentialOptions.js.map +1 -1
- package/dist/esm/index.d.ts +33 -33
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/esm/msal/browserFlows/msalBrowserCommon.js +2 -3
- package/dist/esm/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist/esm/msal/msal.d.ts +1 -2
- package/dist/esm/msal/msal.d.ts.map +1 -1
- package/dist/esm/msal/msal.js +1 -2
- package/dist/esm/msal/msal.js.map +1 -1
- package/dist/esm/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/esm/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/esm/msal/nodeFlows/msalClient.js +6 -6
- package/dist/esm/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist/esm/msal/utils.d.ts +5 -13
- package/dist/esm/msal/utils.d.ts.map +1 -1
- package/dist/esm/msal/utils.js +12 -25
- package/dist/esm/msal/utils.js.map +1 -1
- package/dist/esm/util/authorityHost.d.ts +10 -0
- package/dist/esm/util/authorityHost.d.ts.map +1 -0
- package/dist/esm/util/authorityHost.js +18 -0
- package/dist/esm/util/authorityHost.js.map +1 -0
- package/dist/workerd/client/identityClient.d.ts +5 -4
- package/dist/workerd/client/identityClient.d.ts.map +1 -1
- package/dist/workerd/client/identityClient.js +56 -18
- package/dist/workerd/client/identityClient.js.map +1 -1
- package/dist/workerd/constants.d.ts +1 -1
- package/dist/workerd/constants.js +1 -1
- package/dist/workerd/constants.js.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredential.js +0 -1
- package/dist/workerd/credentials/authorizationCodeCredential.js.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/azureDeveloperCliCredential.d.ts +10 -0
- package/dist/workerd/credentials/azureDeveloperCliCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/azureDeveloperCliCredential.js +24 -1
- package/dist/workerd/credentials/azureDeveloperCliCredential.js.map +1 -1
- package/dist/workerd/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/azurePipelinesCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/brokerCredential.d.ts +2 -2
- package/dist/workerd/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/brokerCredential.js +0 -1
- package/dist/workerd/credentials/brokerCredential.js.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredential.js +1 -2
- package/dist/workerd/credentials/clientAssertionCredential.js.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredential.js +0 -1
- package/dist/workerd/credentials/clientCertificateCredential.js.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/clientSecretCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/clientSecretCredential.js +0 -1
- package/dist/workerd/credentials/clientSecretCredential.js.map +1 -1
- package/dist/workerd/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/clientSecretCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/workerd/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/defaultAzureCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredential.js +0 -1
- package/dist/workerd/credentials/deviceCodeCredential.js.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/environmentCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredential.js +0 -1
- package/dist/workerd/credentials/interactiveBrowserCredential.js.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/interactiveCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist/workerd/credentials/onBehalfOfCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/onBehalfOfCredential.js +0 -1
- package/dist/workerd/credentials/onBehalfOfCredential.js.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredential.js +0 -1
- package/dist/workerd/credentials/usernamePasswordCredential.js.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/visualStudioCodeCredential.js.map +1 -1
- package/dist/workerd/credentials/workloadIdentityCredential.js +3 -3
- package/dist/workerd/credentials/workloadIdentityCredential.js.map +1 -1
- package/dist/workerd/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/workerd/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/workloadIdentityCredentialOptions.js.map +1 -1
- package/dist/workerd/index.d.ts +33 -33
- package/dist/workerd/index.d.ts.map +1 -1
- package/dist/workerd/index.js.map +1 -1
- package/dist/workerd/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/workerd/msal/browserFlows/msalBrowserCommon.js +2 -3
- package/dist/workerd/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist/workerd/msal/msal.d.ts +1 -2
- package/dist/workerd/msal/msal.d.ts.map +1 -1
- package/dist/workerd/msal/msal.js +1 -2
- package/dist/workerd/msal/msal.js.map +1 -1
- package/dist/workerd/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/workerd/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/workerd/msal/nodeFlows/msalClient.js +6 -6
- package/dist/workerd/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist/workerd/msal/utils.d.ts +5 -13
- package/dist/workerd/msal/utils.d.ts.map +1 -1
- package/dist/workerd/msal/utils.js +12 -25
- package/dist/workerd/msal/utils.js.map +1 -1
- package/dist/workerd/util/authorityHost.d.ts +10 -0
- package/dist/workerd/util/authorityHost.d.ts.map +1 -0
- package/dist/workerd/util/authorityHost.js +18 -0
- package/dist/workerd/util/authorityHost.js.map +1 -0
- package/package.json +17 -34
- package/dist/browser/credentials/authorizationCodeCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/authorizationCodeCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azureCliCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azureCliCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azureDeveloperCliCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azureDeveloperCliCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azurePipelinesCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azurePipelinesCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azurePowerShellCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azurePowerShellCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/clientAssertionCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/clientAssertionCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/clientCertificateCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/clientCertificateCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/clientSecretCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/clientSecretCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/defaultAzureCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/defaultAzureCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/deviceCodeCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/deviceCodeCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/environmentCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/environmentCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/interactiveBrowserCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/interactiveBrowserCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/managedIdentityCredential/index-browser.d.mts.map +0 -1
- package/dist/browser/credentials/managedIdentityCredential/index-browser.mjs.map +0 -1
- package/dist/browser/credentials/onBehalfOfCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/onBehalfOfCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/usernamePasswordCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/usernamePasswordCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/visualStudioCodeCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/visualStudioCodeCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/workloadIdentityCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/workloadIdentityCredential-browser.mjs.map +0 -1
- package/dist/browser/msal/msal-browser.d.mts.map +0 -1
- package/dist/browser/msal/msal-browser.mjs.map +0 -1
- package/dist/browser/plugins/consumer-browser.d.mts.map +0 -1
- package/dist/browser/plugins/consumer-browser.mjs.map +0 -1
- package/dist/browser/util/authHostEnv-browser.d.mts +0 -4
- package/dist/browser/util/authHostEnv-browser.d.mts.map +0 -1
- package/dist/browser/util/authHostEnv-browser.mjs +0 -7
- package/dist/browser/util/authHostEnv-browser.mjs.map +0 -1
- package/dist/browser/util/processMultiTenantRequest-browser.d.mts.map +0 -1
- package/dist/browser/util/processMultiTenantRequest-browser.mjs.map +0 -1
- package/dist/esm/util/authHostEnv-browser.d.mts +0 -4
- package/dist/esm/util/authHostEnv-browser.d.mts.map +0 -1
- package/dist/esm/util/authHostEnv-browser.mjs +0 -7
- package/dist/esm/util/authHostEnv-browser.mjs.map +0 -1
- package/dist/workerd/util/authHostEnv-browser.d.mts +0 -4
- package/dist/workerd/util/authHostEnv-browser.d.mts.map +0 -1
- package/dist/workerd/util/authHostEnv-browser.mjs +0 -7
- package/dist/workerd/util/authHostEnv-browser.mjs.map +0 -1
|
@@ -1,129 +1,117 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
1
|
+
var __defProp = Object.defineProperty;
|
|
2
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
3
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
4
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
5
|
+
var __export = (target, all) => {
|
|
6
|
+
for (var name in all)
|
|
7
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
8
|
+
};
|
|
9
|
+
var __copyProps = (to, from, except, desc) => {
|
|
10
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
11
|
+
for (let key of __getOwnPropNames(from))
|
|
12
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
13
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
14
|
+
}
|
|
15
|
+
return to;
|
|
16
|
+
};
|
|
17
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
18
|
+
var azurePowerShellCredential_exports = {};
|
|
19
|
+
__export(azurePowerShellCredential_exports, {
|
|
20
|
+
AzurePowerShellCredential: () => AzurePowerShellCredential,
|
|
21
|
+
commandStack: () => commandStack,
|
|
22
|
+
formatCommand: () => formatCommand,
|
|
23
|
+
parseJsonToken: () => parseJsonToken,
|
|
24
|
+
powerShellErrors: () => powerShellErrors,
|
|
25
|
+
powerShellPublicErrorMessages: () => powerShellPublicErrorMessages
|
|
26
|
+
});
|
|
27
|
+
module.exports = __toCommonJS(azurePowerShellCredential_exports);
|
|
28
|
+
var import_tenantIdUtils = require("../util/tenantIdUtils.js");
|
|
29
|
+
var import_logging = require("../util/logging.js");
|
|
30
|
+
var import_scopeUtils = require("../util/scopeUtils.js");
|
|
31
|
+
var import_errors = require("../errors.js");
|
|
32
|
+
var import_processUtils = require("../util/processUtils.js");
|
|
33
|
+
var import_tracing = require("../util/tracing.js");
|
|
34
|
+
const logger = (0, import_logging.credentialLogger)("AzurePowerShellCredential");
|
|
15
35
|
const isWindows = process.platform === "win32";
|
|
16
|
-
/**
|
|
17
|
-
* Returns a platform-appropriate command name by appending ".exe" on Windows.
|
|
18
|
-
*
|
|
19
|
-
* @internal
|
|
20
|
-
*/
|
|
21
36
|
function formatCommand(commandName) {
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
}
|
|
37
|
+
if (isWindows) {
|
|
38
|
+
return `${commandName}.exe`;
|
|
39
|
+
} else {
|
|
40
|
+
return commandName;
|
|
41
|
+
}
|
|
28
42
|
}
|
|
29
|
-
/**
|
|
30
|
-
* Receives a list of commands to run, executes them, then returns the outputs.
|
|
31
|
-
* If anything fails, an error is thrown.
|
|
32
|
-
* @internal
|
|
33
|
-
*/
|
|
34
43
|
async function runCommands(commands, timeout) {
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
44
|
+
const results = [];
|
|
45
|
+
for (const command of commands) {
|
|
46
|
+
const [file, ...parameters] = command;
|
|
47
|
+
const result = await import_processUtils.processUtils.execFile(file, parameters, {
|
|
48
|
+
encoding: "utf8",
|
|
49
|
+
timeout
|
|
50
|
+
});
|
|
51
|
+
results.push(result);
|
|
52
|
+
}
|
|
53
|
+
return results;
|
|
45
54
|
}
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
*/
|
|
50
|
-
exports.powerShellErrors = {
|
|
51
|
-
login: "Run Connect-AzAccount to login",
|
|
52
|
-
installed: "The specified module 'Az.Accounts' with version '2.2.0' was not loaded because no valid module file was found in any module directory",
|
|
55
|
+
const powerShellErrors = {
|
|
56
|
+
login: "Run Connect-AzAccount to login",
|
|
57
|
+
installed: "The specified module 'Az.Accounts' with version '2.2.0' was not loaded because no valid module file was found in any module directory"
|
|
53
58
|
};
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
login: "Please run 'Connect-AzAccount' from PowerShell to authenticate before using this credential.",
|
|
60
|
-
installed: `The 'Az.Account' module >= 2.2.0 is not installed. Install the Azure Az PowerShell module with: "Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force".`,
|
|
61
|
-
claim: "This credential doesn't support claims challenges. To authenticate with the required claims, please run the following command:",
|
|
62
|
-
troubleshoot: `To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.`,
|
|
59
|
+
const powerShellPublicErrorMessages = {
|
|
60
|
+
login: "Please run 'Connect-AzAccount' from PowerShell to authenticate before using this credential.",
|
|
61
|
+
installed: `The 'Az.Account' module >= 2.2.0 is not installed. Install the Azure Az PowerShell module with: "Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force".`,
|
|
62
|
+
claim: "This credential doesn't support claims challenges. To authenticate with the required claims, please run the following command:",
|
|
63
|
+
troubleshoot: `To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.`
|
|
63
64
|
};
|
|
64
|
-
|
|
65
|
-
const
|
|
66
|
-
|
|
67
|
-
const isNotInstalledError = (err) => err.message.match(exports.powerShellErrors.installed);
|
|
68
|
-
/**
|
|
69
|
-
* The PowerShell commands to be tried, in order.
|
|
70
|
-
*
|
|
71
|
-
* @internal
|
|
72
|
-
*/
|
|
73
|
-
exports.commandStack = [formatCommand("pwsh")];
|
|
65
|
+
const isLoginError = (err) => err.message.match(`(.*)${powerShellErrors.login}(.*)`);
|
|
66
|
+
const isNotInstalledError = (err) => err.message.match(powerShellErrors.installed);
|
|
67
|
+
const commandStack = [formatCommand("pwsh")];
|
|
74
68
|
if (isWindows) {
|
|
75
|
-
|
|
69
|
+
commandStack.push(formatCommand("powershell"));
|
|
76
70
|
}
|
|
77
|
-
/**
|
|
78
|
-
* This credential will use the currently logged-in user information from the
|
|
79
|
-
* Azure PowerShell module. To do so, it will read the user access token and
|
|
80
|
-
* expire time with Azure PowerShell command `Get-AzAccessToken -ResourceUrl {ResourceScope}`
|
|
81
|
-
*/
|
|
82
71
|
class AzurePowerShellCredential {
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
}
|
|
102
|
-
this.additionallyAllowedTenantIds = (0, tenantIdUtils_js_1.resolveAdditionallyAllowedTenantIds)(options?.additionallyAllowedTenants);
|
|
103
|
-
this.timeout = options?.processTimeoutInMs;
|
|
72
|
+
tenantId;
|
|
73
|
+
additionallyAllowedTenantIds;
|
|
74
|
+
timeout;
|
|
75
|
+
/**
|
|
76
|
+
* Creates an instance of the {@link AzurePowerShellCredential}.
|
|
77
|
+
*
|
|
78
|
+
* To use this credential:
|
|
79
|
+
* - Install the Azure Az PowerShell module with:
|
|
80
|
+
* `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.
|
|
81
|
+
* - You have already logged in to Azure PowerShell using the command
|
|
82
|
+
* `Connect-AzAccount` from the command line.
|
|
83
|
+
*
|
|
84
|
+
* @param options - Options, to optionally allow multi-tenant requests.
|
|
85
|
+
*/
|
|
86
|
+
constructor(options) {
|
|
87
|
+
if (options?.tenantId) {
|
|
88
|
+
(0, import_tenantIdUtils.checkTenantId)(logger, options?.tenantId);
|
|
89
|
+
this.tenantId = options?.tenantId;
|
|
104
90
|
}
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
91
|
+
this.additionallyAllowedTenantIds = (0, import_tenantIdUtils.resolveAdditionallyAllowedTenantIds)(
|
|
92
|
+
options?.additionallyAllowedTenants
|
|
93
|
+
);
|
|
94
|
+
this.timeout = options?.processTimeoutInMs;
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Gets the access token from Azure PowerShell
|
|
98
|
+
* @param resource - The resource to use when getting the token
|
|
99
|
+
*/
|
|
100
|
+
async getAzurePowerShellAccessToken(resource, tenantId, timeout) {
|
|
101
|
+
for (const powerShellCommand of [...commandStack]) {
|
|
102
|
+
try {
|
|
103
|
+
await runCommands([[powerShellCommand, "/?"]], timeout);
|
|
104
|
+
} catch (e) {
|
|
105
|
+
commandStack.shift();
|
|
106
|
+
continue;
|
|
107
|
+
}
|
|
108
|
+
const results = await runCommands([
|
|
109
|
+
[
|
|
110
|
+
powerShellCommand,
|
|
111
|
+
"-NoProfile",
|
|
112
|
+
"-NonInteractive",
|
|
113
|
+
"-Command",
|
|
114
|
+
`
|
|
127
115
|
$tenantId = "${tenantId ?? ""}"
|
|
128
116
|
$m = Import-Module Az.Accounts -MinimumVersion 2.2.0 -PassThru
|
|
129
117
|
$useSecureString = $m.Version -ge [version]'2.17.0' -and $m.Version -lt [version]'5.0.0'
|
|
@@ -164,101 +152,109 @@ class AzurePowerShellCredential {
|
|
|
164
152
|
}
|
|
165
153
|
|
|
166
154
|
Write-Output (ConvertTo-Json $result)
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
}
|
|
173
|
-
throw new Error(`Unable to execute PowerShell. Ensure that it is installed in your system`);
|
|
174
|
-
}
|
|
175
|
-
/**
|
|
176
|
-
* Authenticates with Microsoft Entra ID and returns an access token if successful.
|
|
177
|
-
* If the authentication cannot be performed through PowerShell, a {@link CredentialUnavailableError} will be thrown.
|
|
178
|
-
*
|
|
179
|
-
* @param scopes - The list of scopes for which the token will have access.
|
|
180
|
-
* @param options - The options used to configure any requests this TokenCredential implementation might make.
|
|
181
|
-
*/
|
|
182
|
-
async getToken(scopes, options = {}) {
|
|
183
|
-
return tracing_js_1.tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
|
|
184
|
-
const scope = typeof scopes === "string" ? scopes : scopes[0];
|
|
185
|
-
const claimsValue = options.claims;
|
|
186
|
-
if (claimsValue && claimsValue.trim()) {
|
|
187
|
-
const encodedClaims = btoa(claimsValue);
|
|
188
|
-
let loginCmd = `Connect-AzAccount -ClaimsChallenge ${encodedClaims}`;
|
|
189
|
-
const tenantIdFromOptions = options.tenantId;
|
|
190
|
-
if (tenantIdFromOptions) {
|
|
191
|
-
loginCmd += ` -Tenant ${tenantIdFromOptions}`;
|
|
192
|
-
}
|
|
193
|
-
const error = new errors_js_1.CredentialUnavailableError(`${exports.powerShellPublicErrorMessages.claim} ${loginCmd}`);
|
|
194
|
-
logger.getToken.info((0, logging_js_1.formatError)(scope, error));
|
|
195
|
-
throw error;
|
|
196
|
-
}
|
|
197
|
-
const tenantId = (0, tenantIdUtils_js_1.processMultiTenantRequest)(this.tenantId, options, this.additionallyAllowedTenantIds);
|
|
198
|
-
if (tenantId) {
|
|
199
|
-
(0, tenantIdUtils_js_1.checkTenantId)(logger, tenantId);
|
|
200
|
-
}
|
|
201
|
-
try {
|
|
202
|
-
(0, scopeUtils_js_1.ensureValidScopeForDevTimeCreds)(scope, logger);
|
|
203
|
-
logger.getToken.info(`Using the scope ${scope}`);
|
|
204
|
-
const resource = (0, scopeUtils_js_1.getScopeResource)(scope);
|
|
205
|
-
const response = await this.getAzurePowerShellAccessToken(resource, tenantId, this.timeout);
|
|
206
|
-
logger.getToken.info((0, logging_js_1.formatSuccess)(scopes));
|
|
207
|
-
return {
|
|
208
|
-
token: response.Token,
|
|
209
|
-
expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),
|
|
210
|
-
tokenType: "Bearer",
|
|
211
|
-
};
|
|
212
|
-
}
|
|
213
|
-
catch (err) {
|
|
214
|
-
if (isNotInstalledError(err)) {
|
|
215
|
-
const error = new errors_js_1.CredentialUnavailableError(exports.powerShellPublicErrorMessages.installed);
|
|
216
|
-
logger.getToken.info((0, logging_js_1.formatError)(scope, error));
|
|
217
|
-
throw error;
|
|
218
|
-
}
|
|
219
|
-
else if (isLoginError(err)) {
|
|
220
|
-
const error = new errors_js_1.CredentialUnavailableError(exports.powerShellPublicErrorMessages.login);
|
|
221
|
-
logger.getToken.info((0, logging_js_1.formatError)(scope, error));
|
|
222
|
-
throw error;
|
|
223
|
-
}
|
|
224
|
-
const error = new errors_js_1.CredentialUnavailableError(`${err}. ${exports.powerShellPublicErrorMessages.troubleshoot}`);
|
|
225
|
-
logger.getToken.info((0, logging_js_1.formatError)(scope, error));
|
|
226
|
-
throw error;
|
|
227
|
-
}
|
|
228
|
-
});
|
|
155
|
+
`
|
|
156
|
+
]
|
|
157
|
+
]);
|
|
158
|
+
const result = results[0];
|
|
159
|
+
return parseJsonToken(result);
|
|
229
160
|
}
|
|
161
|
+
throw new Error(`Unable to execute PowerShell. Ensure that it is installed in your system`);
|
|
162
|
+
}
|
|
163
|
+
/**
|
|
164
|
+
* Authenticates with Microsoft Entra ID and returns an access token if successful.
|
|
165
|
+
* If the authentication cannot be performed through PowerShell, a {@link CredentialUnavailableError} will be thrown.
|
|
166
|
+
*
|
|
167
|
+
* @param scopes - The list of scopes for which the token will have access.
|
|
168
|
+
* @param options - The options used to configure any requests this TokenCredential implementation might make.
|
|
169
|
+
*/
|
|
170
|
+
async getToken(scopes, options = {}) {
|
|
171
|
+
return import_tracing.tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
|
|
172
|
+
const scope = typeof scopes === "string" ? scopes : scopes[0];
|
|
173
|
+
const claimsValue = options.claims;
|
|
174
|
+
if (claimsValue && claimsValue.trim()) {
|
|
175
|
+
const encodedClaims = btoa(claimsValue);
|
|
176
|
+
let loginCmd = `Connect-AzAccount -ClaimsChallenge ${encodedClaims}`;
|
|
177
|
+
const tenantIdFromOptions = options.tenantId;
|
|
178
|
+
if (tenantIdFromOptions) {
|
|
179
|
+
loginCmd += ` -Tenant ${tenantIdFromOptions}`;
|
|
180
|
+
}
|
|
181
|
+
const error = new import_errors.CredentialUnavailableError(
|
|
182
|
+
`${powerShellPublicErrorMessages.claim} ${loginCmd}`
|
|
183
|
+
);
|
|
184
|
+
logger.getToken.info((0, import_logging.formatError)(scope, error));
|
|
185
|
+
throw error;
|
|
186
|
+
}
|
|
187
|
+
const tenantId = (0, import_tenantIdUtils.processMultiTenantRequest)(
|
|
188
|
+
this.tenantId,
|
|
189
|
+
options,
|
|
190
|
+
this.additionallyAllowedTenantIds
|
|
191
|
+
);
|
|
192
|
+
if (tenantId) {
|
|
193
|
+
(0, import_tenantIdUtils.checkTenantId)(logger, tenantId);
|
|
194
|
+
}
|
|
195
|
+
try {
|
|
196
|
+
(0, import_scopeUtils.ensureValidScopeForDevTimeCreds)(scope, logger);
|
|
197
|
+
logger.getToken.info(`Using the scope ${scope}`);
|
|
198
|
+
const resource = (0, import_scopeUtils.getScopeResource)(scope);
|
|
199
|
+
const response = await this.getAzurePowerShellAccessToken(resource, tenantId, this.timeout);
|
|
200
|
+
logger.getToken.info((0, import_logging.formatSuccess)(scopes));
|
|
201
|
+
return {
|
|
202
|
+
token: response.Token,
|
|
203
|
+
expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),
|
|
204
|
+
tokenType: "Bearer"
|
|
205
|
+
};
|
|
206
|
+
} catch (err) {
|
|
207
|
+
if (isNotInstalledError(err)) {
|
|
208
|
+
const error2 = new import_errors.CredentialUnavailableError(powerShellPublicErrorMessages.installed);
|
|
209
|
+
logger.getToken.info((0, import_logging.formatError)(scope, error2));
|
|
210
|
+
throw error2;
|
|
211
|
+
} else if (isLoginError(err)) {
|
|
212
|
+
const error2 = new import_errors.CredentialUnavailableError(powerShellPublicErrorMessages.login);
|
|
213
|
+
logger.getToken.info((0, import_logging.formatError)(scope, error2));
|
|
214
|
+
throw error2;
|
|
215
|
+
}
|
|
216
|
+
const error = new import_errors.CredentialUnavailableError(
|
|
217
|
+
`${err}. ${powerShellPublicErrorMessages.troubleshoot}`
|
|
218
|
+
);
|
|
219
|
+
logger.getToken.info((0, import_logging.formatError)(scope, error));
|
|
220
|
+
throw error;
|
|
221
|
+
}
|
|
222
|
+
});
|
|
223
|
+
}
|
|
230
224
|
}
|
|
231
|
-
exports.AzurePowerShellCredential = AzurePowerShellCredential;
|
|
232
|
-
/**
|
|
233
|
-
*
|
|
234
|
-
* @internal
|
|
235
|
-
*/
|
|
236
225
|
async function parseJsonToken(result) {
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
|
|
240
|
-
|
|
226
|
+
const jsonRegex = /{[^{}]*}/g;
|
|
227
|
+
const matches = result.match(jsonRegex);
|
|
228
|
+
let resultWithoutToken = result;
|
|
229
|
+
if (matches) {
|
|
230
|
+
try {
|
|
231
|
+
for (const item of matches) {
|
|
241
232
|
try {
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
if (resultWithoutToken) {
|
|
248
|
-
logger.getToken.warning(resultWithoutToken);
|
|
249
|
-
}
|
|
250
|
-
return jsonContent;
|
|
251
|
-
}
|
|
252
|
-
}
|
|
253
|
-
catch (e) {
|
|
254
|
-
continue;
|
|
255
|
-
}
|
|
233
|
+
const jsonContent = JSON.parse(item);
|
|
234
|
+
if (jsonContent?.Token) {
|
|
235
|
+
resultWithoutToken = resultWithoutToken.replace(item, "");
|
|
236
|
+
if (resultWithoutToken) {
|
|
237
|
+
logger.getToken.warning(resultWithoutToken);
|
|
256
238
|
}
|
|
239
|
+
return jsonContent;
|
|
240
|
+
}
|
|
241
|
+
} catch (e) {
|
|
242
|
+
continue;
|
|
257
243
|
}
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
244
|
+
}
|
|
245
|
+
} catch (e) {
|
|
246
|
+
throw new Error(`Unable to parse the output of PowerShell. Received output: ${result}`);
|
|
261
247
|
}
|
|
262
|
-
|
|
248
|
+
}
|
|
249
|
+
throw new Error(`No access token found in the output. Received output: ${result}`);
|
|
263
250
|
}
|
|
264
|
-
|
|
251
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
252
|
+
0 && (module.exports = {
|
|
253
|
+
AzurePowerShellCredential,
|
|
254
|
+
commandStack,
|
|
255
|
+
formatCommand,
|
|
256
|
+
parseJsonToken,
|
|
257
|
+
powerShellErrors,
|
|
258
|
+
powerShellPublicErrorMessages
|
|
259
|
+
});
|
|
260
|
+
//# sourceMappingURL=azurePowerShellCredential.js.map
|
|
@@ -1 +1,7 @@
|
|
|
1
|
-
{"version":3,"file":"azurePowerShellCredential.js","sourceRoot":"","sources":["../../../src/credentials/azurePowerShellCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAyBlC,sCAMC;AAuPD,wCA2BC;AA9SD,+DAIkC;AAClC,mDAAkF;AAClF,yDAA0F;AAG1F,4CAA0D;AAC1D,6DAAuD;AACvD,mDAAmD;AAEnD,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,2BAA2B,CAAC,CAAC;AAE7D,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC;AAE/C;;;;GAIG;AACH,SAAgB,aAAa,CAAC,WAAmB;IAC/C,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,GAAG,WAAW,MAAM,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,OAAO,WAAW,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,QAAoB,EAAE,OAAgB;IAC/D,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,EAAE,GAAG,UAAU,CAAC,GAAG,OAAO,CAAC;QACtC,MAAM,MAAM,GAAG,CAAC,MAAM,8BAAY,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,EAAE;YAC5D,QAAQ,EAAE,MAAM;YAChB,OAAO;SACR,CAAC,CAAW,CAAC;QAEd,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACU,QAAA,gBAAgB,GAAG;IAC9B,KAAK,EAAE,gCAAgC;IACvC,SAAS,EACP,uIAAuI;CAC1I,CAAC;AAEF;;;GAGG;AACU,QAAA,6BAA6B,GAAG;IAC3C,KAAK,EACH,8FAA8F;IAChG,SAAS,EAAE,4KAA4K;IACvL,KAAK,EACH,gIAAgI;IAClI,YAAY,EAAE,4FAA4F;CAC3G,CAAC;AAEF,mDAAmD;AACnD,MAAM,YAAY,GAA4C,CAAC,GAAU,EAAE,EAAE,CAC3E,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,wBAAgB,CAAC,KAAK,MAAM,CAAC,CAAC;AAEzD,qDAAqD;AACrD,MAAM,mBAAmB,GAA4C,CAAC,GAAU,EAAE,EAAE,CAClF,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,wBAAgB,CAAC,SAAS,CAAC,CAAC;AAEhD;;;;GAIG;AACU,QAAA,YAAY,GAAG,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;AAEpD,IAAI,SAAS,EAAE,CAAC;IACd,oBAAY,CAAC,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,MAAa,yBAAyB;IAC5B,QAAQ,CAAU;IAClB,4BAA4B,CAAW;IACvC,OAAO,CAAU;IAEzB;;;;;;;;;;OAUG;IACH,YAAY,OAA0C;QACpD,IAAI,OAAO,EAAE,QAAQ,EAAE,CAAC;YACtB,IAAA,gCAAa,EAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACzC,IAAI,CAAC,QAAQ,GAAG,OAAO,EAAE,QAAQ,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,4BAA4B,GAAG,IAAA,sDAAmC,EACrE,OAAO,EAAE,0BAA0B,CACpC,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,EAAE,kBAAkB,CAAC;IAC7C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,6BAA6B,CACzC,QAAgB,EAChB,QAAiB,EACjB,OAAgB;QAEhB,uDAAuD;QACvD,KAAK,MAAM,iBAAiB,IAAI,CAAC,GAAG,oBAAY,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC;gBACH,MAAM,WAAW,CAAC,CAAC,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YAC1D,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,gFAAgF;gBAChF,oBAAY,CAAC,KAAK,EAAE,CAAC;gBACrB,SAAS;YACX,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC;gBAChC;oBACE,iBAAiB;oBACjB,YAAY;oBACZ,iBAAiB;oBACjB,UAAU;oBACV;yBACe,QAAQ,IAAI,EAAE;;;;;6BAKV,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAmC1B;iBACF;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YAC1B,OAAO,cAAc,CAAC,MAAM,CAAC,CAAC;QAChC,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,0EAA0E,CAAC,CAAC;IAC9F,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,OAAO,0BAAa,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE;YACrF,MAAM,KAAK,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YAE9D,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC;YACnC,IAAI,WAAW,IAAI,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;gBACtC,MAAM,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;gBACxC,IAAI,QAAQ,GAAG,sCAAsC,aAAa,EAAE,CAAC;gBAErE,MAAM,mBAAmB,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC7C,IAAI,mBAAmB,EAAE,CAAC;oBACxB,QAAQ,IAAI,YAAY,mBAAmB,EAAE,CAAC;gBAChD,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAC1C,GAAG,qCAA6B,CAAC,KAAK,IAAI,QAAQ,EAAE,CACrD,CAAC;gBAEF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,KAAK,CAAC;YACd,CAAC;YAED,MAAM,QAAQ,GAAG,IAAA,4CAAyB,EACxC,IAAI,CAAC,QAAQ,EACb,OAAO,EACP,IAAI,CAAC,4BAA4B,CAClC,CAAC;YACF,IAAI,QAAQ,EAAE,CAAC;gBACb,IAAA,gCAAa,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YAClC,CAAC;YACD,IAAI,CAAC;gBACH,IAAA,+CAA+B,EAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBAC/C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAC;gBACjD,MAAM,QAAQ,GAAG,IAAA,gCAAgB,EAAC,KAAK,CAAC,CAAC;gBACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC5F,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,0BAAa,EAAC,MAAM,CAAC,CAAC,CAAC;gBAC5C,OAAO;oBACL,KAAK,EAAE,QAAQ,CAAC,KAAK;oBACrB,kBAAkB,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE;oBAC1D,SAAS,EAAE,QAAQ;iBACL,CAAC;YACnB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAAC,qCAA6B,CAAC,SAAS,CAAC,CAAC;oBACtF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBAChD,MAAM,KAAK,CAAC;gBACd,CAAC;qBAAM,IAAI,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAAC,qCAA6B,CAAC,KAAK,CAAC,CAAC;oBAClF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;oBAChD,MAAM,KAAK,CAAC;gBACd,CAAC;gBACD,MAAM,KAAK,GAAG,IAAI,sCAA0B,CAC1C,GAAG,GAAG,KAAK,qCAA6B,CAAC,YAAY,EAAE,CACxD,CAAC;gBACF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBAChD,MAAM,KAAK,CAAC;YACd,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AA3KD,8DA2KC;AAED;;;GAGG;AACI,KAAK,UAAU,cAAc,CAClC,MAAc;IAEd,MAAM,SAAS,GAAG,WAAW,CAAC;IAC9B,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,kBAAkB,GAAG,MAAM,CAAC;IAChC,IAAI,OAAO,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACrC,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;wBACvB,kBAAkB,GAAG,kBAAkB,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAC1D,IAAI,kBAAkB,EAAE,CAAC;4BACvB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;wBAC9C,CAAC;wBACD,OAAO,WAAW,CAAC;oBACrB,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,SAAS;gBACX,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,CAAM,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,8DAA8D,MAAM,EAAE,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,yDAAyD,MAAM,EAAE,CAAC,CAAC;AACrF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging.js\";\nimport { ensureValidScopeForDevTimeCreds, getScopeResource } from \"../util/scopeUtils.js\";\n\nimport type { AzurePowerShellCredentialOptions } from \"./azurePowerShellCredentialOptions.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport { processUtils } from \"../util/processUtils.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"AzurePowerShellCredential\");\n\nconst isWindows = process.platform === \"win32\";\n\n/**\n * Returns a platform-appropriate command name by appending \".exe\" on Windows.\n *\n * @internal\n */\nexport function formatCommand(commandName: string): string {\n if (isWindows) {\n return `${commandName}.exe`;\n } else {\n return commandName;\n }\n}\n\n/**\n * Receives a list of commands to run, executes them, then returns the outputs.\n * If anything fails, an error is thrown.\n * @internal\n */\nasync function runCommands(commands: string[][], timeout?: number): Promise<string[]> {\n const results: string[] = [];\n\n for (const command of commands) {\n const [file, ...parameters] = command;\n const result = (await processUtils.execFile(file, parameters, {\n encoding: \"utf8\",\n timeout,\n })) as string;\n\n results.push(result);\n }\n\n return results;\n}\n\n/**\n * Known PowerShell errors\n * @internal\n */\nexport const powerShellErrors = {\n login: \"Run Connect-AzAccount to login\",\n installed:\n \"The specified module 'Az.Accounts' with version '2.2.0' was not loaded because no valid module file was found in any module directory\",\n};\n\n/**\n * Messages to use when throwing in this credential.\n * @internal\n */\nexport const powerShellPublicErrorMessages = {\n login:\n \"Please run 'Connect-AzAccount' from PowerShell to authenticate before using this credential.\",\n installed: `The 'Az.Account' module >= 2.2.0 is not installed. Install the Azure Az PowerShell module with: \"Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force\".`,\n claim:\n \"This credential doesn't support claims challenges. To authenticate with the required claims, please run the following command:\",\n troubleshoot: `To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.`,\n};\n\n// PowerShell Azure User not logged in error check.\nconst isLoginError: (err: Error) => RegExpMatchArray | null = (err: Error) =>\n err.message.match(`(.*)${powerShellErrors.login}(.*)`);\n\n// Az Module not Installed in Azure PowerShell check.\nconst isNotInstalledError: (err: Error) => RegExpMatchArray | null = (err: Error) =>\n err.message.match(powerShellErrors.installed);\n\n/**\n * The PowerShell commands to be tried, in order.\n *\n * @internal\n */\nexport const commandStack = [formatCommand(\"pwsh\")];\n\nif (isWindows) {\n commandStack.push(formatCommand(\"powershell\"));\n}\n\n/**\n * This credential will use the currently logged-in user information from the\n * Azure PowerShell module. To do so, it will read the user access token and\n * expire time with Azure PowerShell command `Get-AzAccessToken -ResourceUrl {ResourceScope}`\n */\nexport class AzurePowerShellCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private timeout?: number;\n\n /**\n * Creates an instance of the {@link AzurePowerShellCredential}.\n *\n * To use this credential:\n * - Install the Azure Az PowerShell module with:\n * `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.\n * - You have already logged in to Azure PowerShell using the command\n * `Connect-AzAccount` from the command line.\n *\n * @param options - Options, to optionally allow multi-tenant requests.\n */\n constructor(options?: AzurePowerShellCredentialOptions) {\n if (options?.tenantId) {\n checkTenantId(logger, options?.tenantId);\n this.tenantId = options?.tenantId;\n }\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.timeout = options?.processTimeoutInMs;\n }\n\n /**\n * Gets the access token from Azure PowerShell\n * @param resource - The resource to use when getting the token\n */\n private async getAzurePowerShellAccessToken(\n resource: string,\n tenantId?: string,\n timeout?: number,\n ): Promise<{ Token: string; ExpiresOn: string }> {\n // Clone the stack to avoid mutating it while iterating\n for (const powerShellCommand of [...commandStack]) {\n try {\n await runCommands([[powerShellCommand, \"/?\"]], timeout);\n } catch (e: any) {\n // Remove this credential from the original stack so that we don't try it again.\n commandStack.shift();\n continue;\n }\n\n const results = await runCommands([\n [\n powerShellCommand,\n \"-NoProfile\",\n \"-NonInteractive\",\n \"-Command\",\n `\n $tenantId = \"${tenantId ?? \"\"}\"\n $m = Import-Module Az.Accounts -MinimumVersion 2.2.0 -PassThru\n $useSecureString = $m.Version -ge [version]'2.17.0' -and $m.Version -lt [version]'5.0.0'\n\n $params = @{\n ResourceUrl = \"${resource}\"\n }\n\n if ($tenantId.Length -gt 0) {\n $params[\"TenantId\"] = $tenantId\n }\n\n if ($useSecureString) {\n $params[\"AsSecureString\"] = $true\n }\n\n $token = Get-AzAccessToken @params\n\n $result = New-Object -TypeName PSObject\n $result | Add-Member -MemberType NoteProperty -Name ExpiresOn -Value $token.ExpiresOn\n\n if ($token.Token -is [System.Security.SecureString]) {\n if ($PSVersionTable.PSVersion.Major -lt 7) {\n $ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($token.Token)\n try {\n $result | Add-Member -MemberType NoteProperty -Name Token -Value ([System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr))\n }\n finally {\n [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)\n }\n }\n else {\n $result | Add-Member -MemberType NoteProperty -Name Token -Value ($token.Token | ConvertFrom-SecureString -AsPlainText)\n }\n }\n else {\n $result | Add-Member -MemberType NoteProperty -Name Token -Value $token.Token\n }\n\n Write-Output (ConvertTo-Json $result)\n `,\n ],\n ]);\n\n const result = results[0];\n return parseJsonToken(result);\n }\n throw new Error(`Unable to execute PowerShell. Ensure that it is installed in your system`);\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If the authentication cannot be performed through PowerShell, a {@link CredentialUnavailableError} will be thrown.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {\n const scope = typeof scopes === \"string\" ? scopes : scopes[0];\n\n const claimsValue = options.claims;\n if (claimsValue && claimsValue.trim()) {\n const encodedClaims = btoa(claimsValue);\n let loginCmd = `Connect-AzAccount -ClaimsChallenge ${encodedClaims}`;\n\n const tenantIdFromOptions = options.tenantId;\n if (tenantIdFromOptions) {\n loginCmd += ` -Tenant ${tenantIdFromOptions}`;\n }\n const error = new CredentialUnavailableError(\n `${powerShellPublicErrorMessages.claim} ${loginCmd}`,\n );\n\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n );\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n try {\n ensureValidScopeForDevTimeCreds(scope, logger);\n logger.getToken.info(`Using the scope ${scope}`);\n const resource = getScopeResource(scope);\n const response = await this.getAzurePowerShellAccessToken(resource, tenantId, this.timeout);\n logger.getToken.info(formatSuccess(scopes));\n return {\n token: response.Token,\n expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),\n tokenType: \"Bearer\",\n } as AccessToken;\n } catch (err: any) {\n if (isNotInstalledError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.installed);\n logger.getToken.info(formatError(scope, error));\n throw error;\n } else if (isLoginError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.login);\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n const error = new CredentialUnavailableError(\n `${err}. ${powerShellPublicErrorMessages.troubleshoot}`,\n );\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n });\n }\n}\n\n/**\n *\n * @internal\n */\nexport async function parseJsonToken(\n result: string,\n): Promise<{ Token: string; ExpiresOn: string }> {\n const jsonRegex = /{[^{}]*}/g;\n const matches = result.match(jsonRegex);\n let resultWithoutToken = result;\n if (matches) {\n try {\n for (const item of matches) {\n try {\n const jsonContent = JSON.parse(item);\n if (jsonContent?.Token) {\n resultWithoutToken = resultWithoutToken.replace(item, \"\");\n if (resultWithoutToken) {\n logger.getToken.warning(resultWithoutToken);\n }\n return jsonContent;\n }\n } catch (e) {\n continue;\n }\n }\n } catch (e: any) {\n throw new Error(`Unable to parse the output of PowerShell. Received output: ${result}`);\n }\n }\n throw new Error(`No access token found in the output. Received output: ${result}`);\n}\n"]}
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../src/credentials/azurePowerShellCredential.ts"],
|
|
4
|
+
"sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { credentialLogger, formatError, formatSuccess } from \"../util/logging.js\";\nimport { ensureValidScopeForDevTimeCreds, getScopeResource } from \"../util/scopeUtils.js\";\n\nimport type { AzurePowerShellCredentialOptions } from \"./azurePowerShellCredentialOptions.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport { processUtils } from \"../util/processUtils.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"AzurePowerShellCredential\");\n\nconst isWindows = process.platform === \"win32\";\n\n/**\n * Returns a platform-appropriate command name by appending \".exe\" on Windows.\n *\n * @internal\n */\nexport function formatCommand(commandName: string): string {\n if (isWindows) {\n return `${commandName}.exe`;\n } else {\n return commandName;\n }\n}\n\n/**\n * Receives a list of commands to run, executes them, then returns the outputs.\n * If anything fails, an error is thrown.\n * @internal\n */\nasync function runCommands(commands: string[][], timeout?: number): Promise<string[]> {\n const results: string[] = [];\n\n for (const command of commands) {\n const [file, ...parameters] = command;\n const result = (await processUtils.execFile(file, parameters, {\n encoding: \"utf8\",\n timeout,\n })) as string;\n\n results.push(result);\n }\n\n return results;\n}\n\n/**\n * Known PowerShell errors\n * @internal\n */\nexport const powerShellErrors = {\n login: \"Run Connect-AzAccount to login\",\n installed:\n \"The specified module 'Az.Accounts' with version '2.2.0' was not loaded because no valid module file was found in any module directory\",\n};\n\n/**\n * Messages to use when throwing in this credential.\n * @internal\n */\nexport const powerShellPublicErrorMessages = {\n login:\n \"Please run 'Connect-AzAccount' from PowerShell to authenticate before using this credential.\",\n installed: `The 'Az.Account' module >= 2.2.0 is not installed. Install the Azure Az PowerShell module with: \"Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force\".`,\n claim:\n \"This credential doesn't support claims challenges. To authenticate with the required claims, please run the following command:\",\n troubleshoot: `To troubleshoot, visit https://aka.ms/azsdk/js/identity/powershellcredential/troubleshoot.`,\n};\n\n// PowerShell Azure User not logged in error check.\nconst isLoginError: (err: Error) => RegExpMatchArray | null = (err: Error) =>\n err.message.match(`(.*)${powerShellErrors.login}(.*)`);\n\n// Az Module not Installed in Azure PowerShell check.\nconst isNotInstalledError: (err: Error) => RegExpMatchArray | null = (err: Error) =>\n err.message.match(powerShellErrors.installed);\n\n/**\n * The PowerShell commands to be tried, in order.\n *\n * @internal\n */\nexport const commandStack = [formatCommand(\"pwsh\")];\n\nif (isWindows) {\n commandStack.push(formatCommand(\"powershell\"));\n}\n\n/**\n * This credential will use the currently logged-in user information from the\n * Azure PowerShell module. To do so, it will read the user access token and\n * expire time with Azure PowerShell command `Get-AzAccessToken -ResourceUrl {ResourceScope}`\n */\nexport class AzurePowerShellCredential implements TokenCredential {\n private tenantId?: string;\n private additionallyAllowedTenantIds: string[];\n private timeout?: number;\n\n /**\n * Creates an instance of the {@link AzurePowerShellCredential}.\n *\n * To use this credential:\n * - Install the Azure Az PowerShell module with:\n * `Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force`.\n * - You have already logged in to Azure PowerShell using the command\n * `Connect-AzAccount` from the command line.\n *\n * @param options - Options, to optionally allow multi-tenant requests.\n */\n constructor(options?: AzurePowerShellCredentialOptions) {\n if (options?.tenantId) {\n checkTenantId(logger, options?.tenantId);\n this.tenantId = options?.tenantId;\n }\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.timeout = options?.processTimeoutInMs;\n }\n\n /**\n * Gets the access token from Azure PowerShell\n * @param resource - The resource to use when getting the token\n */\n private async getAzurePowerShellAccessToken(\n resource: string,\n tenantId?: string,\n timeout?: number,\n ): Promise<{ Token: string; ExpiresOn: string }> {\n // Clone the stack to avoid mutating it while iterating\n for (const powerShellCommand of [...commandStack]) {\n try {\n await runCommands([[powerShellCommand, \"/?\"]], timeout);\n } catch (e: any) {\n // Remove this credential from the original stack so that we don't try it again.\n commandStack.shift();\n continue;\n }\n\n const results = await runCommands([\n [\n powerShellCommand,\n \"-NoProfile\",\n \"-NonInteractive\",\n \"-Command\",\n `\n $tenantId = \"${tenantId ?? \"\"}\"\n $m = Import-Module Az.Accounts -MinimumVersion 2.2.0 -PassThru\n $useSecureString = $m.Version -ge [version]'2.17.0' -and $m.Version -lt [version]'5.0.0'\n\n $params = @{\n ResourceUrl = \"${resource}\"\n }\n\n if ($tenantId.Length -gt 0) {\n $params[\"TenantId\"] = $tenantId\n }\n\n if ($useSecureString) {\n $params[\"AsSecureString\"] = $true\n }\n\n $token = Get-AzAccessToken @params\n\n $result = New-Object -TypeName PSObject\n $result | Add-Member -MemberType NoteProperty -Name ExpiresOn -Value $token.ExpiresOn\n\n if ($token.Token -is [System.Security.SecureString]) {\n if ($PSVersionTable.PSVersion.Major -lt 7) {\n $ssPtr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($token.Token)\n try {\n $result | Add-Member -MemberType NoteProperty -Name Token -Value ([System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($ssPtr))\n }\n finally {\n [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ssPtr)\n }\n }\n else {\n $result | Add-Member -MemberType NoteProperty -Name Token -Value ($token.Token | ConvertFrom-SecureString -AsPlainText)\n }\n }\n else {\n $result | Add-Member -MemberType NoteProperty -Name Token -Value $token.Token\n }\n\n Write-Output (ConvertTo-Json $result)\n `,\n ],\n ]);\n\n const result = results[0];\n return parseJsonToken(result);\n }\n throw new Error(`Unable to execute PowerShell. Ensure that it is installed in your system`);\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If the authentication cannot be performed through PowerShell, a {@link CredentialUnavailableError} will be thrown.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {\n const scope = typeof scopes === \"string\" ? scopes : scopes[0];\n\n const claimsValue = options.claims;\n if (claimsValue && claimsValue.trim()) {\n const encodedClaims = btoa(claimsValue);\n let loginCmd = `Connect-AzAccount -ClaimsChallenge ${encodedClaims}`;\n\n const tenantIdFromOptions = options.tenantId;\n if (tenantIdFromOptions) {\n loginCmd += ` -Tenant ${tenantIdFromOptions}`;\n }\n const error = new CredentialUnavailableError(\n `${powerShellPublicErrorMessages.claim} ${loginCmd}`,\n );\n\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n options,\n this.additionallyAllowedTenantIds,\n );\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n try {\n ensureValidScopeForDevTimeCreds(scope, logger);\n logger.getToken.info(`Using the scope ${scope}`);\n const resource = getScopeResource(scope);\n const response = await this.getAzurePowerShellAccessToken(resource, tenantId, this.timeout);\n logger.getToken.info(formatSuccess(scopes));\n return {\n token: response.Token,\n expiresOnTimestamp: new Date(response.ExpiresOn).getTime(),\n tokenType: \"Bearer\",\n } as AccessToken;\n } catch (err: any) {\n if (isNotInstalledError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.installed);\n logger.getToken.info(formatError(scope, error));\n throw error;\n } else if (isLoginError(err)) {\n const error = new CredentialUnavailableError(powerShellPublicErrorMessages.login);\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n const error = new CredentialUnavailableError(\n `${err}. ${powerShellPublicErrorMessages.troubleshoot}`,\n );\n logger.getToken.info(formatError(scope, error));\n throw error;\n }\n });\n }\n}\n\n/**\n *\n * @internal\n */\nexport async function parseJsonToken(\n result: string,\n): Promise<{ Token: string; ExpiresOn: string }> {\n const jsonRegex = /{[^{}]*}/g;\n const matches = result.match(jsonRegex);\n let resultWithoutToken = result;\n if (matches) {\n try {\n for (const item of matches) {\n try {\n const jsonContent = JSON.parse(item);\n if (jsonContent?.Token) {\n resultWithoutToken = resultWithoutToken.replace(item, \"\");\n if (resultWithoutToken) {\n logger.getToken.warning(resultWithoutToken);\n }\n return jsonContent;\n }\n } catch (e) {\n continue;\n }\n }\n } catch (e: any) {\n throw new Error(`Unable to parse the output of PowerShell. Received output: ${result}`);\n }\n }\n throw new Error(`No access token found in the output. Received output: ${result}`);\n}\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,2BAIO;AACP,qBAA6D;AAC7D,wBAAkE;AAGlE,oBAA2C;AAC3C,0BAA6B;AAC7B,qBAA8B;AAE9B,MAAM,aAAS,iCAAiB,2BAA2B;AAE3D,MAAM,YAAY,QAAQ,aAAa;AAOhC,SAAS,cAAc,aAA6B;AACzD,MAAI,WAAW;AACb,WAAO,GAAG,WAAW;AAAA,EACvB,OAAO;AACL,WAAO;AAAA,EACT;AACF;AAOA,eAAe,YAAY,UAAsB,SAAqC;AACpF,QAAM,UAAoB,CAAC;AAE3B,aAAW,WAAW,UAAU;AAC9B,UAAM,CAAC,MAAM,GAAG,UAAU,IAAI;AAC9B,UAAM,SAAU,MAAM,iCAAa,SAAS,MAAM,YAAY;AAAA,MAC5D,UAAU;AAAA,MACV;AAAA,IACF,CAAC;AAED,YAAQ,KAAK,MAAM;AAAA,EACrB;AAEA,SAAO;AACT;AAMO,MAAM,mBAAmB;AAAA,EAC9B,OAAO;AAAA,EACP,WACE;AACJ;AAMO,MAAM,gCAAgC;AAAA,EAC3C,OACE;AAAA,EACF,WAAW;AAAA,EACX,OACE;AAAA,EACF,cAAc;AAChB;AAGA,MAAM,eAAwD,CAAC,QAC7D,IAAI,QAAQ,MAAM,OAAO,iBAAiB,KAAK,MAAM;AAGvD,MAAM,sBAA+D,CAAC,QACpE,IAAI,QAAQ,MAAM,iBAAiB,SAAS;AAOvC,MAAM,eAAe,CAAC,cAAc,MAAM,CAAC;AAElD,IAAI,WAAW;AACb,eAAa,KAAK,cAAc,YAAY,CAAC;AAC/C;AAOO,MAAM,0BAAqD;AAAA,EACxD;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaR,YAAY,SAA4C;AACtD,QAAI,SAAS,UAAU;AACrB,8CAAc,QAAQ,SAAS,QAAQ;AACvC,WAAK,WAAW,SAAS;AAAA,IAC3B;AACA,SAAK,mCAA+B;AAAA,MAClC,SAAS;AAAA,IACX;AACA,SAAK,UAAU,SAAS;AAAA,EAC1B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAc,8BACZ,UACA,UACA,SAC+C;AAE/C,eAAW,qBAAqB,CAAC,GAAG,YAAY,GAAG;AACjD,UAAI;AACF,cAAM,YAAY,CAAC,CAAC,mBAAmB,IAAI,CAAC,GAAG,OAAO;AAAA,MACxD,SAAS,GAAQ;AAEf,qBAAa,MAAM;AACnB;AAAA,MACF;AAEA,YAAM,UAAU,MAAM,YAAY;AAAA,QAChC;AAAA,UACE;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,yBACe,YAAY,EAAE;AAAA;AAAA;AAAA;AAAA;AAAA,6BAKV,QAAQ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,QAoC7B;AAAA,MACF,CAAC;AAED,YAAM,SAAS,QAAQ,CAAC;AACxB,aAAO,eAAe,MAAM;AAAA,IAC9B;AACA,UAAM,IAAI,MAAM,0EAA0E;AAAA,EAC5F;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAa,SACX,QACA,UAA2B,CAAC,GACN;AACtB,WAAO,6BAAc,SAAS,GAAG,KAAK,YAAY,IAAI,aAAa,SAAS,YAAY;AACtF,YAAM,QAAQ,OAAO,WAAW,WAAW,SAAS,OAAO,CAAC;AAE5D,YAAM,cAAc,QAAQ;AAC5B,UAAI,eAAe,YAAY,KAAK,GAAG;AACrC,cAAM,gBAAgB,KAAK,WAAW;AACtC,YAAI,WAAW,sCAAsC,aAAa;AAElE,cAAM,sBAAsB,QAAQ;AACpC,YAAI,qBAAqB;AACvB,sBAAY,YAAY,mBAAmB;AAAA,QAC7C;AACA,cAAM,QAAQ,IAAI;AAAA,UAChB,GAAG,8BAA8B,KAAK,IAAI,QAAQ;AAAA,QACpD;AAEA,eAAO,SAAS,SAAK,4BAAY,OAAO,KAAK,CAAC;AAC9C,cAAM;AAAA,MACR;AAEA,YAAM,eAAW;AAAA,QACf,KAAK;AAAA,QACL;AAAA,QACA,KAAK;AAAA,MACP;AACA,UAAI,UAAU;AACZ,gDAAc,QAAQ,QAAQ;AAAA,MAChC;AACA,UAAI;AACF,+DAAgC,OAAO,MAAM;AAC7C,eAAO,SAAS,KAAK,mBAAmB,KAAK,EAAE;AAC/C,cAAM,eAAW,oCAAiB,KAAK;AACvC,cAAM,WAAW,MAAM,KAAK,8BAA8B,UAAU,UAAU,KAAK,OAAO;AAC1F,eAAO,SAAS,SAAK,8BAAc,MAAM,CAAC;AAC1C,eAAO;AAAA,UACL,OAAO,SAAS;AAAA,UAChB,oBAAoB,IAAI,KAAK,SAAS,SAAS,EAAE,QAAQ;AAAA,UACzD,WAAW;AAAA,QACb;AAAA,MACF,SAAS,KAAU;AACjB,YAAI,oBAAoB,GAAG,GAAG;AAC5B,gBAAMA,SAAQ,IAAI,yCAA2B,8BAA8B,SAAS;AACpF,iBAAO,SAAS,SAAK,4BAAY,OAAOA,MAAK,CAAC;AAC9C,gBAAMA;AAAA,QACR,WAAW,aAAa,GAAG,GAAG;AAC5B,gBAAMA,SAAQ,IAAI,yCAA2B,8BAA8B,KAAK;AAChF,iBAAO,SAAS,SAAK,4BAAY,OAAOA,MAAK,CAAC;AAC9C,gBAAMA;AAAA,QACR;AACA,cAAM,QAAQ,IAAI;AAAA,UAChB,GAAG,GAAG,KAAK,8BAA8B,YAAY;AAAA,QACvD;AACA,eAAO,SAAS,SAAK,4BAAY,OAAO,KAAK,CAAC;AAC9C,cAAM;AAAA,MACR;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAMA,eAAsB,eACpB,QAC+C;AAC/C,QAAM,YAAY;AAClB,QAAM,UAAU,OAAO,MAAM,SAAS;AACtC,MAAI,qBAAqB;AACzB,MAAI,SAAS;AACX,QAAI;AACF,iBAAW,QAAQ,SAAS;AAC1B,YAAI;AACF,gBAAM,cAAc,KAAK,MAAM,IAAI;AACnC,cAAI,aAAa,OAAO;AACtB,iCAAqB,mBAAmB,QAAQ,MAAM,EAAE;AACxD,gBAAI,oBAAoB;AACtB,qBAAO,SAAS,QAAQ,kBAAkB;AAAA,YAC5C;AACA,mBAAO;AAAA,UACT;AAAA,QACF,SAAS,GAAG;AACV;AAAA,QACF;AAAA,MACF;AAAA,IACF,SAAS,GAAQ;AACf,YAAM,IAAI,MAAM,8DAA8D,MAAM,EAAE;AAAA,IACxF;AAAA,EACF;AACA,QAAM,IAAI,MAAM,yDAAyD,MAAM,EAAE;AACnF;",
|
|
6
|
+
"names": ["error"]
|
|
7
|
+
}
|
|
@@ -1,5 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
1
|
+
var __defProp = Object.defineProperty;
|
|
2
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
3
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
4
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
5
|
+
var __copyProps = (to, from, except, desc) => {
|
|
6
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
7
|
+
for (let key of __getOwnPropNames(from))
|
|
8
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
9
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
10
|
+
}
|
|
11
|
+
return to;
|
|
12
|
+
};
|
|
13
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
14
|
+
var azurePowerShellCredentialOptions_exports = {};
|
|
15
|
+
module.exports = __toCommonJS(azurePowerShellCredentialOptions_exports);
|
|
16
|
+
//# sourceMappingURL=azurePowerShellCredentialOptions.js.map
|
|
@@ -1 +1,7 @@
|
|
|
1
|
-
{
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../src/credentials/azurePowerShellCredentialOptions.ts"],
|
|
4
|
+
"sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Options for the {@link AzurePowerShellCredential}\n */\nexport interface AzurePowerShellCredentialOptions extends MultiTenantTokenCredentialOptions {\n /**\n * Allows specifying a tenant ID\n */\n tenantId?: string;\n /**\n * Process timeout configurable for making token requests, provided in milliseconds\n */\n processTimeoutInMs?: number;\n}\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -1,3 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
1
|
+
var __defProp = Object.defineProperty;
|
|
2
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
3
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
4
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
5
|
+
var __copyProps = (to, from, except, desc) => {
|
|
6
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
7
|
+
for (let key of __getOwnPropNames(from))
|
|
8
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
9
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
10
|
+
}
|
|
11
|
+
return to;
|
|
12
|
+
};
|
|
13
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
14
|
+
var brokerAuthOptions_exports = {};
|
|
15
|
+
module.exports = __toCommonJS(brokerAuthOptions_exports);
|
|
16
|
+
//# sourceMappingURL=brokerAuthOptions.js.map
|
|
@@ -1 +1,7 @@
|
|
|
1
|
-
{
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../src/credentials/brokerAuthOptions.ts"],
|
|
4
|
+
"sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\nimport type { BrokerOptions } from \"../msal/nodeFlows/brokerOptions.js\";\n\n/**\n * Configuration options for InteractiveBrowserCredential\n * to support WAM Broker Authentication.\n */\n\nexport interface BrokerAuthOptions {\n /**\n * Options to allow broker authentication when using InteractiveBrowserCredential\n *\n */\n brokerOptions?: BrokerOptions;\n}\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { AccessToken, GetTokenOptions, TokenCredential } from "@azure/core-auth";
|
|
2
|
-
import { TokenCredentialOptions } from "../tokenCredentialOptions.js";
|
|
3
|
-
import { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
|
|
2
|
+
import type { TokenCredentialOptions } from "../tokenCredentialOptions.js";
|
|
3
|
+
import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
|
|
4
4
|
/**
|
|
5
5
|
* Enables authentication to Microsoft Entra ID using WAM (Web Account Manager) broker.
|
|
6
6
|
* This credential uses the default account logged into the OS via a broker.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brokerCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/brokerCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAatF,OAAO,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"brokerCredential.d.ts","sourceRoot":"","sources":["../../../src/credentials/brokerCredential.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAatF,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAC3E,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAKhG;;;GAGG;AACH,qBAAa,gBAAiB,YAAW,eAAe;IACtD,OAAO,CAAC,gBAAgB,CAAa;IACrC,OAAO,CAAC,cAAc,CAAC,CAAS;IAChC,OAAO,CAAC,kCAAkC,CAAW;IAErD;;;;;;;OAOG;gBAED,OAAO,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,sBAAsB,GAAG,iCAAiC;IAuB7F;;;;;;;;;OASG;IACG,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,OAAO,GAAE,eAAoB,GAAG,OAAO,CAAC,WAAW,CAAC;CA4B/F"}
|