npm - @azure/identity - Versions diffs - 4.14.0-beta.1 → 4.14.0-beta.3 - Mend

@azure/identity 4.14.0-beta.1 → 4.14.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (571) hide show

package/dist/commonjs/credentials/defaultAzureCredential.js CHANGED Viewed

@@ -1,167 +1,129 @@
-"use strict";
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DefaultAzureCredential = exports.UnavailableDefaultCredential = void 0;
-const chainedTokenCredential_js_1 = require("./chainedTokenCredential.js");
-const logging_js_1 = require("../util/logging.js");
-const defaultAzureCredentialFunctions_js_1 = require("./defaultAzureCredentialFunctions.js");
-const logger = (0, logging_js_1.credentialLogger)("DefaultAzureCredential");
-/**
- * A no-op credential that logs the reason it was skipped if getToken is called.
- * @internal
- */
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var defaultAzureCredential_exports = {};
+__export(defaultAzureCredential_exports, {
+  DefaultAzureCredential: () => DefaultAzureCredential,
+  UnavailableDefaultCredential: () => UnavailableDefaultCredential
+});
+module.exports = __toCommonJS(defaultAzureCredential_exports);
+var import_chainedTokenCredential = require("./chainedTokenCredential.js");
+var import_logging = require("../util/logging.js");
+var import_defaultAzureCredentialFunctions = require("./defaultAzureCredentialFunctions.js");
+const logger = (0, import_logging.credentialLogger)("DefaultAzureCredential");
 class UnavailableDefaultCredential {
-    credentialUnavailableErrorMessage;
-    credentialName;
-    constructor(credentialName, message) {
-        this.credentialName = credentialName;
-        this.credentialUnavailableErrorMessage = message;
-    }
-    getToken() {
-        logger.getToken.info(`Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`);
-        return Promise.resolve(null);
-    }
+  credentialUnavailableErrorMessage;
+  credentialName;
+  constructor(credentialName, message) {
+    this.credentialName = credentialName;
+    this.credentialUnavailableErrorMessage = message;
+  }
+  getToken() {
+    logger.getToken.info(
+      `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`
+    );
+    return Promise.resolve(null);
+  }
 }
-exports.UnavailableDefaultCredential = UnavailableDefaultCredential;
-/**
- * Provides a default {@link ChainedTokenCredential} configuration that works for most
- * applications that use Azure SDK client libraries. For more information, see
- * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#defaultazurecredential-overview).
- *
- * The following credential types will be tried, in order:
- *
- * - {@link EnvironmentCredential}
- * - {@link WorkloadIdentityCredential}
- * - {@link ManagedIdentityCredential}
- * - {@link VisualStudioCodeCredential}
- * - {@link AzureCliCredential}
- * - {@link AzurePowerShellCredential}
- * - {@link AzureDeveloperCliCredential}
- * - BrokerCredential (a broker-enabled credential that requires \@azure/identity-broker is installed)
- *
- * Consult the documentation of these credential types for more information
- * on how they attempt authentication.
- *
- * The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.
- * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.
- * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.
- * ```ts snippet:defaultazurecredential_requiredEnvVars
- * import { DefaultAzureCredential } from "@azure/identity";
- *
- * const credential = new DefaultAzureCredential({
- *   requiredEnvVars: [
- *     "AZURE_CLIENT_ID",
- *     "AZURE_TENANT_ID",
- *     "AZURE_CLIENT_SECRET",
- *     "AZURE_TOKEN_CREDENTIALS",
- *   ],
- * });
- * ```
- */
-class DefaultAzureCredential extends chainedTokenCredential_js_1.ChainedTokenCredential {
-    constructor(options) {
-        validateRequiredEnvVars(options);
-        // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.
-        const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS
-            ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()
-            : undefined;
-        const devCredentialFunctions = [
-            defaultAzureCredentialFunctions_js_1.createDefaultVisualStudioCodeCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultAzureCliCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultAzurePowershellCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultAzureDeveloperCliCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultBrokerCredential,
-        ];
-        const prodCredentialFunctions = [
-            defaultAzureCredentialFunctions_js_1.createDefaultEnvironmentCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultWorkloadIdentityCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultManagedIdentityCredential,
-        ];
-        let credentialFunctions = [];
-        const validCredentialNames = "EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential";
-        // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.
-        // The value of AZURE_TOKEN_CREDENTIALS should be either "dev" or "prod" or any one of these credentials - {validCredentialNames}.
-        if (azureTokenCredentials) {
-            switch (azureTokenCredentials) {
-                case "dev":
-                    credentialFunctions = devCredentialFunctions;
-                    break;
-                case "prod":
-                    credentialFunctions = prodCredentialFunctions;
-                    break;
-                case "environmentcredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultEnvironmentCredential];
-                    break;
-                case "workloadidentitycredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultWorkloadIdentityCredential];
-                    break;
-                case "managedidentitycredential":
-                    // Setting `sendProbeRequest` to false to ensure ManagedIdentityCredential behavior
-                    // is consistent when used standalone in DAC chain or used directly.
-                    credentialFunctions = [
-                        () => (0, defaultAzureCredentialFunctions_js_1.createDefaultManagedIdentityCredential)({ sendProbeRequest: false }),
-                    ];
-                    break;
-                case "visualstudiocodecredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultVisualStudioCodeCredential];
-                    break;
-                case "azureclicredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultAzureCliCredential];
-                    break;
-                case "azurepowershellcredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultAzurePowershellCredential];
-                    break;
-                case "azuredeveloperclicredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultAzureDeveloperCliCredential];
-                    break;
-                default: {
-                    // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.
-                    // This will prevent the creation of the DefaultAzureCredential.
-                    const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;
-                    logger.warning(errorMessage);
-                    throw new Error(errorMessage);
-                }
-            }
+class DefaultAzureCredential extends import_chainedTokenCredential.ChainedTokenCredential {
+  constructor(options) {
+    validateRequiredEnvVars(options);
+    const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase() : void 0;
+    const devCredentialFunctions = [
+      import_defaultAzureCredentialFunctions.createDefaultVisualStudioCodeCredential,
+      import_defaultAzureCredentialFunctions.createDefaultAzureCliCredential,
+      import_defaultAzureCredentialFunctions.createDefaultAzurePowershellCredential,
+      import_defaultAzureCredentialFunctions.createDefaultAzureDeveloperCliCredential,
+      import_defaultAzureCredentialFunctions.createDefaultBrokerCredential
+    ];
+    const prodCredentialFunctions = [
+      import_defaultAzureCredentialFunctions.createDefaultEnvironmentCredential,
+      import_defaultAzureCredentialFunctions.createDefaultWorkloadIdentityCredential,
+      import_defaultAzureCredentialFunctions.createDefaultManagedIdentityCredential
+    ];
+    let credentialFunctions = [];
+    const validCredentialNames = "EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential";
+    if (azureTokenCredentials) {
+      switch (azureTokenCredentials) {
+        case "dev":
+          credentialFunctions = devCredentialFunctions;
+          break;
+        case "prod":
+          credentialFunctions = prodCredentialFunctions;
+          break;
+        case "environmentcredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultEnvironmentCredential];
+          break;
+        case "workloadidentitycredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultWorkloadIdentityCredential];
+          break;
+        case "managedidentitycredential":
+          credentialFunctions = [
+            () => (0, import_defaultAzureCredentialFunctions.createDefaultManagedIdentityCredential)({ sendProbeRequest: false })
+          ];
+          break;
+        case "visualstudiocodecredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultVisualStudioCodeCredential];
+          break;
+        case "azureclicredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultAzureCliCredential];
+          break;
+        case "azurepowershellcredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultAzurePowershellCredential];
+          break;
+        case "azuredeveloperclicredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultAzureDeveloperCliCredential];
+          break;
+        default: {
+          const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;
+          logger.warning(errorMessage);
+          throw new Error(errorMessage);
         }
-        else {
-            // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.
-            credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];
-        }
-        // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.
-        // When adding new credentials to the default chain, consider:
-        // 1. Making the constructor parameters required and explicit
-        // 2. Validating any required parameters in the factory function
-        // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason
-        const credentials = credentialFunctions.map((createCredentialFn) => {
-            try {
-                return createCredentialFn(options ?? {});
-            }
-            catch (err) {
-                logger.warning(`Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`);
-                return new UnavailableDefaultCredential(createCredentialFn.name, err.message);
-            }
-        });
-        super(...credentials);
+      }
+    } else {
+      credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];
     }
+    const credentials = credentialFunctions.map((createCredentialFn) => {
+      try {
+        return createCredentialFn(options ?? {});
+      } catch (err) {
+        logger.warning(
+          `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`
+        );
+        return new UnavailableDefaultCredential(createCredentialFn.name, err.message);
+      }
+    });
+    super(...credentials);
+  }
 }
-exports.DefaultAzureCredential = DefaultAzureCredential;
-/**
- * This function checks that all environment variables in `options.requiredEnvVars` are set and non-empty.
- * If any are missing or empty, it throws an error.
- */
 function validateRequiredEnvVars(options) {
-    if (options?.requiredEnvVars) {
-        const requiredVars = Array.isArray(options.requiredEnvVars)
-            ? options.requiredEnvVars
-            : [options.requiredEnvVars];
-        const missing = requiredVars.filter((envVar) => !process.env[envVar]);
-        if (missing.length > 0) {
-            const errorMessage = `Required environment ${missing.length === 1 ? "variable" : "variables"} '${missing.join(", ")}' for DefaultAzureCredential ${missing.length === 1 ? "is" : "are"} not set or empty.`;
-            logger.warning(errorMessage);
-            throw new Error(errorMessage);
-        }
+  if (options?.requiredEnvVars) {
+    const requiredVars = Array.isArray(options.requiredEnvVars) ? options.requiredEnvVars : [options.requiredEnvVars];
+    const missing = requiredVars.filter((envVar) => !process.env[envVar]);
+    if (missing.length > 0) {
+      const errorMessage = `Required environment ${missing.length === 1 ? "variable" : "variables"} '${missing.join(", ")}' for DefaultAzureCredential ${missing.length === 1 ? "is" : "are"} not set or empty.`;
+      logger.warning(errorMessage);
+      throw new Error(errorMessage);
     }
+  }
 }
-//# sourceMappingURL=defaultAzureCredential.js.map
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DefaultAzureCredential,
+  UnavailableDefaultCredential
+});
+//# sourceMappingURL=defaultAzureCredential.js.map

package/dist/commonjs/credentials/defaultAzureCredential.js.map CHANGED Viewed

@@ -1 +1,7 @@
-{"version":3,"file":"defaultAzureCredential.js","sourceRoot":"","sources":["../../../src/credentials/defaultAzureCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAalC,2EAAqE;AAIrE,mDAAsD;AACtD,6FAS8C;AAE9C,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,wBAAwB,CAAC,CAAC;AAE1D;;;GAGG;AACH,MAAa,4BAA4B;IACvC,iCAAiC,CAAS;IAC1C,cAAc,CAAS;IAEvB,YAAY,cAAsB,EAAE,OAAe;QACjD,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;QACrC,IAAI,CAAC,iCAAiC,GAAG,OAAO,CAAC;IACnD,CAAC;IAED,QAAQ;QACN,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,YAAY,IAAI,CAAC,cAAc,aAAa,IAAI,CAAC,iCAAiC,EAAE,CACrF,CAAC;QACF,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,CAAC;CACF;AAfD,oEAeC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,MAAa,sBAAuB,SAAQ,kDAAsB;IAsBhE,YAAY,OAAuC;QACjD,uBAAuB,CAAC,OAAO,CAAC,CAAC;QACjC,2EAA2E;QAC3E,MAAM,qBAAqB,GAAG,OAAO,CAAC,GAAG,CAAC,uBAAuB;YAC/D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;YAC1D,CAAC,CAAC,SAAS,CAAC;QACd,MAAM,sBAAsB,GAAG;YAC7B,4EAAuC;YACvC,oEAA+B;YAC/B,2EAAsC;YACtC,6EAAwC;YACxC,kEAA6B;SAC9B,CAAC;QACF,MAAM,uBAAuB,GAAG;YAC9B,uEAAkC;YAClC,4EAAuC;YACvC,2EAAsC;SACvC,CAAC;QACF,IAAI,mBAAmB,GAAG,EAAE,CAAC;QAC7B,MAAM,oBAAoB,GACxB,sLAAsL,CAAC;QACzL,mFAAmF;QACnF,kIAAkI;QAClI,IAAI,qBAAqB,EAAE,CAAC;YAC1B,QAAQ,qBAAqB,EAAE,CAAC;gBAC9B,KAAK,KAAK;oBACR,mBAAmB,GAAG,sBAAsB,CAAC;oBAC7C,MAAM;gBACR,KAAK,MAAM;oBACT,mBAAmB,GAAG,uBAAuB,CAAC;oBAC9C,MAAM;gBACR,KAAK,uBAAuB;oBAC1B,mBAAmB,GAAG,CAAC,uEAAkC,CAAC,CAAC;oBAC3D,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,4EAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mFAAmF;oBACnF,oEAAoE;oBACpE,mBAAmB,GAAG;wBACpB,GAAG,EAAE,CAAC,IAAA,2EAAsC,EAAC,EAAE,gBAAgB,EAAE,KAAK,EAAE,CAAC;qBAC1E,CAAC;oBACF,MAAM;gBACR,KAAK,4BAA4B;oBAC/B,mBAAmB,GAAG,CAAC,4EAAuC,CAAC,CAAC;oBAChE,MAAM;gBACR,KAAK,oBAAoB;oBACvB,mBAAmB,GAAG,CAAC,oEAA+B,CAAC,CAAC;oBACxD,MAAM;gBACR,KAAK,2BAA2B;oBAC9B,mBAAmB,GAAG,CAAC,2EAAsC,CAAC,CAAC;oBAC/D,MAAM;gBACR,KAAK,6BAA6B;oBAChC,mBAAmB,GAAG,CAAC,6EAAwC,CAAC,CAAC;oBACjE,MAAM;gBACR,OAAO,CAAC,CAAC,CAAC;oBACR,6EAA6E;oBAC7E,gEAAgE;oBAChE,MAAM,YAAY,GAAG,+CAA+C,OAAO,CAAC,GAAG,CAAC,uBAAuB,oEAAoE,oBAAoB,GAAG,CAAC;oBACnM,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,2EAA2E;YAC3E,mBAAmB,GAAG,CAAC,GAAG,uBAAuB,EAAE,GAAG,sBAAsB,CAAC,CAAC;QAChF,CAAC;QAED,gLAAgL;QAChL,8DAA8D;QAC9D,6DAA6D;QAC7D,gEAAgE;QAChE,sHAAsH;QACtH,MAAM,WAAW,GAAsB,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YACpF,IAAI,CAAC;gBACH,OAAO,kBAAkB,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;YAC3C,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,OAAO,CACZ,WAAW,kBAAkB,CAAC,IAAI,iDAAiD,GAAG,EAAE,CACzF,CAAC;gBACF,OAAO,IAAI,4BAA4B,CAAC,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YAChF,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,GAAG,WAAW,CAAC,CAAC;IACxB,CAAC;CACF;AA7GD,wDA6GC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAAC,OAAuC;IACtE,IAAI,OAAO,EAAE,eAAe,EAAE,CAAC;QAC7B,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC;YACzD,CAAC,CAAC,OAAO,CAAC,eAAe;YACzB,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;QACtE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,YAAY,GAAG,wBAAwB,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,gCAAgC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,oBAAoB,CAAC;YAC3M,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n  DefaultAzureCredentialClientIdOptions,\n  DefaultAzureCredentialOptions,\n  DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\n\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport {\n  createDefaultAzureCliCredential,\n  createDefaultAzureDeveloperCliCredential,\n  createDefaultAzurePowershellCredential,\n  createDefaultBrokerCredential,\n  createDefaultManagedIdentityCredential,\n  createDefaultVisualStudioCodeCredential,\n  createDefaultWorkloadIdentityCredential,\n  createDefaultEnvironmentCredential,\n} from \"./defaultAzureCredentialFunctions.js\";\n\nconst logger = credentialLogger(\"DefaultAzureCredential\");\n\n/**\n * A no-op credential that logs the reason it was skipped if getToken is called.\n * @internal\n */\nexport class UnavailableDefaultCredential implements TokenCredential {\n  credentialUnavailableErrorMessage: string;\n  credentialName: string;\n\n  constructor(credentialName: string, message: string) {\n    this.credentialName = credentialName;\n    this.credentialUnavailableErrorMessage = message;\n  }\n\n  getToken(): Promise<null> {\n    logger.getToken.info(\n      `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`,\n    );\n    return Promise.resolve(null);\n  }\n}\n\n/**\n * Provides a default {@link ChainedTokenCredential} configuration that works for most\n * applications that use Azure SDK client libraries. For more information, see\n * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#defaultazurecredential-overview).\n *\n * The following credential types will be tried, in order:\n *\n * - {@link EnvironmentCredential}\n * - {@link WorkloadIdentityCredential}\n * - {@link ManagedIdentityCredential}\n * - {@link VisualStudioCodeCredential}\n * - {@link AzureCliCredential}\n * - {@link AzurePowerShellCredential}\n * - {@link AzureDeveloperCliCredential}\n * - BrokerCredential (a broker-enabled credential that requires \\@azure/identity-broker is installed)\n *\n * Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n *\n * The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.\n * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.\n * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.\n \n * ```ts snippet:defaultazurecredential_requiredEnvVars\n * import { DefaultAzureCredential } from \"@azure/identity\";\n *\n * const credential = new DefaultAzureCredential({\n *   requiredEnvVars: [\n *     \"AZURE_CLIENT_ID\",\n *     \"AZURE_TENANT_ID\",\n *     \"AZURE_CLIENT_SECRET\",\n *     \"AZURE_TOKEN_CREDENTIALS\",\n *   ],\n * });\n * ```\n */\nexport class DefaultAzureCredential extends ChainedTokenCredential {\n  /**\n   * Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialClientIdOptions}.\n   *\n   * @param options - Optional parameters. See {@link DefaultAzureCredentialClientIdOptions}.\n   */\n  constructor(options?: DefaultAzureCredentialClientIdOptions);\n\n  /**\n   * Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialResourceIdOptions}.\n   *\n   * @param options - Optional parameters. See {@link DefaultAzureCredentialResourceIdOptions}.\n   */\n  constructor(options?: DefaultAzureCredentialResourceIdOptions);\n\n  /**\n   * Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialOptions}.\n   *\n   * @param options - Optional parameters. See {@link DefaultAzureCredentialOptions}.\n   */\n  constructor(options?: DefaultAzureCredentialOptions);\n\n  constructor(options?: DefaultAzureCredentialOptions) {\n    validateRequiredEnvVars(options);\n    // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n    const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS\n      ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()\n      : undefined;\n    const devCredentialFunctions = [\n      createDefaultVisualStudioCodeCredential,\n      createDefaultAzureCliCredential,\n      createDefaultAzurePowershellCredential,\n      createDefaultAzureDeveloperCliCredential,\n      createDefaultBrokerCredential,\n    ];\n    const prodCredentialFunctions = [\n      createDefaultEnvironmentCredential,\n      createDefaultWorkloadIdentityCredential,\n      createDefaultManagedIdentityCredential,\n    ];\n    let credentialFunctions = [];\n    const validCredentialNames =\n      \"EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential\";\n    // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.\n    // The value of AZURE_TOKEN_CREDENTIALS should be either \"dev\" or \"prod\" or any one of these credentials - {validCredentialNames}.\n    if (azureTokenCredentials) {\n      switch (azureTokenCredentials) {\n        case \"dev\":\n          credentialFunctions = devCredentialFunctions;\n          break;\n        case \"prod\":\n          credentialFunctions = prodCredentialFunctions;\n          break;\n        case \"environmentcredential\":\n          credentialFunctions = [createDefaultEnvironmentCredential];\n          break;\n        case \"workloadidentitycredential\":\n          credentialFunctions = [createDefaultWorkloadIdentityCredential];\n          break;\n        case \"managedidentitycredential\":\n          // Setting `sendProbeRequest` to false to ensure ManagedIdentityCredential behavior\n          // is consistent when used standalone in DAC chain or used directly.\n          credentialFunctions = [\n            () => createDefaultManagedIdentityCredential({ sendProbeRequest: false }),\n          ];\n          break;\n        case \"visualstudiocodecredential\":\n          credentialFunctions = [createDefaultVisualStudioCodeCredential];\n          break;\n        case \"azureclicredential\":\n          credentialFunctions = [createDefaultAzureCliCredential];\n          break;\n        case \"azurepowershellcredential\":\n          credentialFunctions = [createDefaultAzurePowershellCredential];\n          break;\n        case \"azuredeveloperclicredential\":\n          credentialFunctions = [createDefaultAzureDeveloperCliCredential];\n          break;\n        default: {\n          // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.\n          // This will prevent the creation of the DefaultAzureCredential.\n          const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;\n          logger.warning(errorMessage);\n          throw new Error(errorMessage);\n        }\n      }\n    } else {\n      // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n      credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];\n    }\n\n    // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.\n    // When adding new credentials to the default chain, consider:\n    // 1. Making the constructor parameters required and explicit\n    // 2. Validating any required parameters in the factory function\n    // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason\n    const credentials: TokenCredential[] = credentialFunctions.map((createCredentialFn) => {\n      try {\n        return createCredentialFn(options ?? {});\n      } catch (err: any) {\n        logger.warning(\n          `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`,\n        );\n        return new UnavailableDefaultCredential(createCredentialFn.name, err.message);\n      }\n    });\n\n    super(...credentials);\n  }\n}\n\n/**\n * This function checks that all environment variables in `options.requiredEnvVars` are set and non-empty.\n * If any are missing or empty, it throws an error.\n */\nfunction validateRequiredEnvVars(options?: DefaultAzureCredentialOptions) {\n  if (options?.requiredEnvVars) {\n    const requiredVars = Array.isArray(options.requiredEnvVars)\n      ? options.requiredEnvVars\n      : [options.requiredEnvVars];\n    const missing = requiredVars.filter((envVar) => !process.env[envVar]);\n    if (missing.length > 0) {\n      const errorMessage = `Required environment ${missing.length === 1 ? \"variable\" : \"variables\"} '${missing.join(\", \")}' for DefaultAzureCredential ${missing.length === 1 ? \"is\" : \"are\"} not set or empty.`;\n      logger.warning(errorMessage);\n      throw new Error(errorMessage);\n    }\n  }\n}\n"]}
+{
+  "version": 3,
+  "sources": ["../../../src/credentials/defaultAzureCredential.ts"],
+  "sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type {\n  DefaultAzureCredentialClientIdOptions,\n  DefaultAzureCredentialOptions,\n  DefaultAzureCredentialResourceIdOptions,\n} from \"./defaultAzureCredentialOptions.js\";\n\nimport { ManagedIdentityCredential } from \"./managedIdentityCredential/index.js\";\nimport { VisualStudioCodeCredential } from \"./visualStudioCodeCredential.js\";\nimport { AzureCliCredential } from \"./azureCliCredential.js\";\nimport { AzureDeveloperCliCredential } from \"./azureDeveloperCliCredential.js\";\nimport { AzurePowerShellCredential } from \"./azurePowerShellCredential.js\";\nimport { ChainedTokenCredential } from \"./chainedTokenCredential.js\";\nimport { EnvironmentCredential } from \"./environmentCredential.js\";\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { WorkloadIdentityCredential } from \"./workloadIdentityCredential.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport {\n  createDefaultAzureCliCredential,\n  createDefaultAzureDeveloperCliCredential,\n  createDefaultAzurePowershellCredential,\n  createDefaultBrokerCredential,\n  createDefaultManagedIdentityCredential,\n  createDefaultVisualStudioCodeCredential,\n  createDefaultWorkloadIdentityCredential,\n  createDefaultEnvironmentCredential,\n} from \"./defaultAzureCredentialFunctions.js\";\n\nconst logger = credentialLogger(\"DefaultAzureCredential\");\n\n/**\n * A no-op credential that logs the reason it was skipped if getToken is called.\n * @internal\n */\nexport class UnavailableDefaultCredential implements TokenCredential {\n  credentialUnavailableErrorMessage: string;\n  credentialName: string;\n\n  constructor(credentialName: string, message: string) {\n    this.credentialName = credentialName;\n    this.credentialUnavailableErrorMessage = message;\n  }\n\n  getToken(): Promise<null> {\n    logger.getToken.info(\n      `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`,\n    );\n    return Promise.resolve(null);\n  }\n}\n\n/**\n * Provides a default {@link ChainedTokenCredential} configuration that works for most\n * applications that use Azure SDK client libraries. For more information, see\n * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#defaultazurecredential-overview).\n *\n * The following credential types will be tried, in order:\n *\n * - {@link EnvironmentCredential}\n * - {@link WorkloadIdentityCredential}\n * - {@link ManagedIdentityCredential}\n * - {@link VisualStudioCodeCredential}\n * - {@link AzureCliCredential}\n * - {@link AzurePowerShellCredential}\n * - {@link AzureDeveloperCliCredential}\n * - BrokerCredential (a broker-enabled credential that requires \\@azure/identity-broker is installed)\n *\n * Consult the documentation of these credential types for more information\n * on how they attempt authentication.\n *\n * The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.\n * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.\n * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.\n \n * ```ts snippet:defaultazurecredential_requiredEnvVars\n * import { DefaultAzureCredential } from \"@azure/identity\";\n *\n * const credential = new DefaultAzureCredential({\n *   requiredEnvVars: [\n *     \"AZURE_CLIENT_ID\",\n *     \"AZURE_TENANT_ID\",\n *     \"AZURE_CLIENT_SECRET\",\n *     \"AZURE_TOKEN_CREDENTIALS\",\n *   ],\n * });\n * ```\n */\nexport class DefaultAzureCredential extends ChainedTokenCredential {\n  /**\n   * Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialClientIdOptions}.\n   *\n   * @param options - Optional parameters. See {@link DefaultAzureCredentialClientIdOptions}.\n   */\n  constructor(options?: DefaultAzureCredentialClientIdOptions);\n\n  /**\n   * Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialResourceIdOptions}.\n   *\n   * @param options - Optional parameters. See {@link DefaultAzureCredentialResourceIdOptions}.\n   */\n  constructor(options?: DefaultAzureCredentialResourceIdOptions);\n\n  /**\n   * Creates an instance of the DefaultAzureCredential class with {@link DefaultAzureCredentialOptions}.\n   *\n   * @param options - Optional parameters. See {@link DefaultAzureCredentialOptions}.\n   */\n  constructor(options?: DefaultAzureCredentialOptions);\n\n  constructor(options?: DefaultAzureCredentialOptions) {\n    validateRequiredEnvVars(options);\n    // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n    const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS\n      ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()\n      : undefined;\n    const devCredentialFunctions = [\n      createDefaultVisualStudioCodeCredential,\n      createDefaultAzureCliCredential,\n      createDefaultAzurePowershellCredential,\n      createDefaultAzureDeveloperCliCredential,\n      createDefaultBrokerCredential,\n    ];\n    const prodCredentialFunctions = [\n      createDefaultEnvironmentCredential,\n      createDefaultWorkloadIdentityCredential,\n      createDefaultManagedIdentityCredential,\n    ];\n    let credentialFunctions = [];\n    const validCredentialNames =\n      \"EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential\";\n    // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.\n    // The value of AZURE_TOKEN_CREDENTIALS should be either \"dev\" or \"prod\" or any one of these credentials - {validCredentialNames}.\n    if (azureTokenCredentials) {\n      switch (azureTokenCredentials) {\n        case \"dev\":\n          credentialFunctions = devCredentialFunctions;\n          break;\n        case \"prod\":\n          credentialFunctions = prodCredentialFunctions;\n          break;\n        case \"environmentcredential\":\n          credentialFunctions = [createDefaultEnvironmentCredential];\n          break;\n        case \"workloadidentitycredential\":\n          credentialFunctions = [createDefaultWorkloadIdentityCredential];\n          break;\n        case \"managedidentitycredential\":\n          // Setting `sendProbeRequest` to false to ensure ManagedIdentityCredential behavior\n          // is consistent when used standalone in DAC chain or used directly.\n          credentialFunctions = [\n            () => createDefaultManagedIdentityCredential({ sendProbeRequest: false }),\n          ];\n          break;\n        case \"visualstudiocodecredential\":\n          credentialFunctions = [createDefaultVisualStudioCodeCredential];\n          break;\n        case \"azureclicredential\":\n          credentialFunctions = [createDefaultAzureCliCredential];\n          break;\n        case \"azurepowershellcredential\":\n          credentialFunctions = [createDefaultAzurePowershellCredential];\n          break;\n        case \"azuredeveloperclicredential\":\n          credentialFunctions = [createDefaultAzureDeveloperCliCredential];\n          break;\n        default: {\n          // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.\n          // This will prevent the creation of the DefaultAzureCredential.\n          const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;\n          logger.warning(errorMessage);\n          throw new Error(errorMessage);\n        }\n      }\n    } else {\n      // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.\n      credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];\n    }\n\n    // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.\n    // When adding new credentials to the default chain, consider:\n    // 1. Making the constructor parameters required and explicit\n    // 2. Validating any required parameters in the factory function\n    // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason\n    const credentials: TokenCredential[] = credentialFunctions.map((createCredentialFn) => {\n      try {\n        return createCredentialFn(options ?? {});\n      } catch (err: any) {\n        logger.warning(\n          `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`,\n        );\n        return new UnavailableDefaultCredential(createCredentialFn.name, err.message);\n      }\n    });\n\n    super(...credentials);\n  }\n}\n\n/**\n * This function checks that all environment variables in `options.requiredEnvVars` are set and non-empty.\n * If any are missing or empty, it throws an error.\n */\nfunction validateRequiredEnvVars(options?: DefaultAzureCredentialOptions) {\n  if (options?.requiredEnvVars) {\n    const requiredVars = Array.isArray(options.requiredEnvVars)\n      ? options.requiredEnvVars\n      : [options.requiredEnvVars];\n    const missing = requiredVars.filter((envVar) => !process.env[envVar]);\n    if (missing.length > 0) {\n      const errorMessage = `Required environment ${missing.length === 1 ? \"variable\" : \"variables\"} '${missing.join(\", \")}' for DefaultAzureCredential ${missing.length === 1 ? \"is\" : \"are\"} not set or empty.`;\n      logger.warning(errorMessage);\n      throw new Error(errorMessage);\n    }\n  }\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAcA,oCAAuC;AAIvC,qBAAiC;AACjC,6CASO;AAEP,MAAM,aAAS,iCAAiB,wBAAwB;AAMjD,MAAM,6BAAwD;AAAA,EACnE;AAAA,EACA;AAAA,EAEA,YAAY,gBAAwB,SAAiB;AACnD,SAAK,iBAAiB;AACtB,SAAK,oCAAoC;AAAA,EAC3C;AAAA,EAEA,WAA0B;AACxB,WAAO,SAAS;AAAA,MACd,YAAY,KAAK,cAAc,aAAa,KAAK,iCAAiC;AAAA,IACpF;AACA,WAAO,QAAQ,QAAQ,IAAI;AAAA,EAC7B;AACF;AAsCO,MAAM,+BAA+B,qDAAuB;AAAA,EAsBjE,YAAY,SAAyC;AACnD,4BAAwB,OAAO;AAE/B,UAAM,wBAAwB,QAAQ,IAAI,0BACtC,QAAQ,IAAI,wBAAwB,KAAK,EAAE,YAAY,IACvD;AACJ,UAAM,yBAAyB;AAAA,MAC7B;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,UAAM,0BAA0B;AAAA,MAC9B;AAAA,MACA;AAAA,MACA;AAAA,IACF;AACA,QAAI,sBAAsB,CAAC;AAC3B,UAAM,uBACJ;AAGF,QAAI,uBAAuB;AACzB,cAAQ,uBAAuB;AAAA,QAC7B,KAAK;AACH,gCAAsB;AACtB;AAAA,QACF,KAAK;AACH,gCAAsB;AACtB;AAAA,QACF,KAAK;AACH,gCAAsB,CAAC,yEAAkC;AACzD;AAAA,QACF,KAAK;AACH,gCAAsB,CAAC,8EAAuC;AAC9D;AAAA,QACF,KAAK;AAGH,gCAAsB;AAAA,YACpB,UAAM,+EAAuC,EAAE,kBAAkB,MAAM,CAAC;AAAA,UAC1E;AACA;AAAA,QACF,KAAK;AACH,gCAAsB,CAAC,8EAAuC;AAC9D;AAAA,QACF,KAAK;AACH,gCAAsB,CAAC,sEAA+B;AACtD;AAAA,QACF,KAAK;AACH,gCAAsB,CAAC,6EAAsC;AAC7D;AAAA,QACF,KAAK;AACH,gCAAsB,CAAC,+EAAwC;AAC/D;AAAA,QACF,SAAS;AAGP,gBAAM,eAAe,+CAA+C,QAAQ,IAAI,uBAAuB,oEAAoE,oBAAoB;AAC/L,iBAAO,QAAQ,YAAY;AAC3B,gBAAM,IAAI,MAAM,YAAY;AAAA,QAC9B;AAAA,MACF;AAAA,IACF,OAAO;AAEL,4BAAsB,CAAC,GAAG,yBAAyB,GAAG,sBAAsB;AAAA,IAC9E;AAOA,UAAM,cAAiC,oBAAoB,IAAI,CAAC,uBAAuB;AACrF,UAAI;AACF,eAAO,mBAAmB,WAAW,CAAC,CAAC;AAAA,MACzC,SAAS,KAAU;AACjB,eAAO;AAAA,UACL,WAAW,mBAAmB,IAAI,iDAAiD,GAAG;AAAA,QACxF;AACA,eAAO,IAAI,6BAA6B,mBAAmB,MAAM,IAAI,OAAO;AAAA,MAC9E;AAAA,IACF,CAAC;AAED,UAAM,GAAG,WAAW;AAAA,EACtB;AACF;AAMA,SAAS,wBAAwB,SAAyC;AACxE,MAAI,SAAS,iBAAiB;AAC5B,UAAM,eAAe,MAAM,QAAQ,QAAQ,eAAe,IACtD,QAAQ,kBACR,CAAC,QAAQ,eAAe;AAC5B,UAAM,UAAU,aAAa,OAAO,CAAC,WAAW,CAAC,QAAQ,IAAI,MAAM,CAAC;AACpE,QAAI,QAAQ,SAAS,GAAG;AACtB,YAAM,eAAe,wBAAwB,QAAQ,WAAW,IAAI,aAAa,WAAW,KAAK,QAAQ,KAAK,IAAI,CAAC,gCAAgC,QAAQ,WAAW,IAAI,OAAO,KAAK;AACtL,aAAO,QAAQ,YAAY;AAC3B,YAAM,IAAI,MAAM,YAAY;AAAA,IAC9B;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/commonjs/credentials/defaultAzureCredentialFunctions.js CHANGED Viewed

@@ -1,157 +1,127 @@
-"use strict";
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createDefaultBrokerCredential = createDefaultBrokerCredential;
-exports.createDefaultVisualStudioCodeCredential = createDefaultVisualStudioCodeCredential;
-exports.createDefaultManagedIdentityCredential = createDefaultManagedIdentityCredential;
-exports.createDefaultWorkloadIdentityCredential = createDefaultWorkloadIdentityCredential;
-exports.createDefaultAzureDeveloperCliCredential = createDefaultAzureDeveloperCliCredential;
-exports.createDefaultAzureCliCredential = createDefaultAzureCliCredential;
-exports.createDefaultAzurePowershellCredential = createDefaultAzurePowershellCredential;
-exports.createDefaultEnvironmentCredential = createDefaultEnvironmentCredential;
-const environmentCredential_js_1 = require("./environmentCredential.js");
-const index_js_1 = require("./managedIdentityCredential/index.js");
-const workloadIdentityCredential_js_1 = require("./workloadIdentityCredential.js");
-const azureDeveloperCliCredential_js_1 = require("./azureDeveloperCliCredential.js");
-const azureCliCredential_js_1 = require("./azureCliCredential.js");
-const azurePowerShellCredential_js_1 = require("./azurePowerShellCredential.js");
-const visualStudioCodeCredential_js_1 = require("./visualStudioCodeCredential.js");
-const brokerCredential_js_1 = require("./brokerCredential.js");
-/**
- * Creates a {@link BrokerCredential} instance with the provided options.
- * This credential uses the Windows Authentication Manager (WAM) broker for authentication.
- * It will only attempt to authenticate silently using the default broker account
- *
- * @param options - Options for configuring the credential.
- *
- * @internal
- */
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var defaultAzureCredentialFunctions_exports = {};
+__export(defaultAzureCredentialFunctions_exports, {
+  createDefaultAzureCliCredential: () => createDefaultAzureCliCredential,
+  createDefaultAzureDeveloperCliCredential: () => createDefaultAzureDeveloperCliCredential,
+  createDefaultAzurePowershellCredential: () => createDefaultAzurePowershellCredential,
+  createDefaultBrokerCredential: () => createDefaultBrokerCredential,
+  createDefaultEnvironmentCredential: () => createDefaultEnvironmentCredential,
+  createDefaultManagedIdentityCredential: () => createDefaultManagedIdentityCredential,
+  createDefaultVisualStudioCodeCredential: () => createDefaultVisualStudioCodeCredential,
+  createDefaultWorkloadIdentityCredential: () => createDefaultWorkloadIdentityCredential
+});
+module.exports = __toCommonJS(defaultAzureCredentialFunctions_exports);
+var import_environmentCredential = require("./environmentCredential.js");
+var import_managedIdentityCredential = require("./managedIdentityCredential/index.js");
+var import_workloadIdentityCredential = require("./workloadIdentityCredential.js");
+var import_azureDeveloperCliCredential = require("./azureDeveloperCliCredential.js");
+var import_azureCliCredential = require("./azureCliCredential.js");
+var import_azurePowerShellCredential = require("./azurePowerShellCredential.js");
+var import_visualStudioCodeCredential = require("./visualStudioCodeCredential.js");
+var import_brokerCredential = require("./brokerCredential.js");
 function createDefaultBrokerCredential(options = {}) {
-    return new brokerCredential_js_1.BrokerCredential(options);
+  return new import_brokerCredential.BrokerCredential(options);
 }
-/**
- * Creates a {@link VisualStudioCodeCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultVisualStudioCodeCredential(options = {}) {
-    return new visualStudioCodeCredential_js_1.VisualStudioCodeCredential(options);
+  return new import_visualStudioCodeCredential.VisualStudioCodeCredential(options);
 }
-/**
- * Creates a {@link ManagedIdentityCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultManagedIdentityCredential(options = {}) {
-    options.retryOptions ??= {
-        maxRetries: 5,
-        retryDelayInMs: 800,
+  options.retryOptions ??= {
+    maxRetries: 5,
+    retryDelayInMs: 800
+  };
+  options.sendProbeRequest ??= true;
+  const managedIdentityClientId = options?.managedIdentityClientId ?? process.env.AZURE_CLIENT_ID;
+  const workloadIdentityClientId = options?.workloadIdentityClientId ?? managedIdentityClientId;
+  const managedResourceId = options?.managedIdentityResourceId;
+  const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
+  const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
+  if (managedResourceId) {
+    const managedIdentityResourceIdOptions = {
+      ...options,
+      resourceId: managedResourceId
     };
-    // ManagedIdentityCredential inside DAC chain should send a probe request by default.
-    // This is different from standalone ManagedIdentityCredential behavior
-    // or when AZURE_TOKEN_CREDENTIALS is set to only ManagedIdentityCredential.
-    options.sendProbeRequest ??= true;
-    const managedIdentityClientId = options?.managedIdentityClientId ??
-        process.env.AZURE_CLIENT_ID;
-    const workloadIdentityClientId = options?.workloadIdentityClientId ??
-        managedIdentityClientId;
-    const managedResourceId = options
-        ?.managedIdentityResourceId;
-    const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
-    const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
-    if (managedResourceId) {
-        const managedIdentityResourceIdOptions = {
-            ...options,
-            resourceId: managedResourceId,
-        };
-        return new index_js_1.ManagedIdentityCredential(managedIdentityResourceIdOptions);
-    }
-    if (workloadFile && workloadIdentityClientId) {
-        const workloadIdentityCredentialOptions = {
-            ...options,
-            tenantId: tenantId,
-        };
-        return new index_js_1.ManagedIdentityCredential(workloadIdentityClientId, workloadIdentityCredentialOptions);
-    }
-    if (managedIdentityClientId) {
-        const managedIdentityClientOptions = {
-            ...options,
-            clientId: managedIdentityClientId,
-        };
-        return new index_js_1.ManagedIdentityCredential(managedIdentityClientOptions);
-    }
-    // We may be able to return a UnavailableCredential here, but that may be a breaking change
-    return new index_js_1.ManagedIdentityCredential(options);
+    return new import_managedIdentityCredential.ManagedIdentityCredential(managedIdentityResourceIdOptions);
+  }
+  if (workloadFile && workloadIdentityClientId) {
+    const workloadIdentityCredentialOptions = {
+      ...options,
+      tenantId
+    };
+    return new import_managedIdentityCredential.ManagedIdentityCredential(
+      workloadIdentityClientId,
+      workloadIdentityCredentialOptions
+    );
+  }
+  if (managedIdentityClientId) {
+    const managedIdentityClientOptions = {
+      ...options,
+      clientId: managedIdentityClientId
+    };
+    return new import_managedIdentityCredential.ManagedIdentityCredential(managedIdentityClientOptions);
+  }
+  return new import_managedIdentityCredential.ManagedIdentityCredential(options);
 }
-/**
- * Creates a {@link WorkloadIdentityCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultWorkloadIdentityCredential(options) {
-    const managedIdentityClientId = options?.managedIdentityClientId ??
-        process.env.AZURE_CLIENT_ID;
-    const workloadIdentityClientId = options?.workloadIdentityClientId ??
-        managedIdentityClientId;
-    const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
-    const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
-    if (workloadFile && workloadIdentityClientId) {
-        const workloadIdentityCredentialOptions = {
-            ...options,
-            tenantId,
-            clientId: workloadIdentityClientId,
-            tokenFilePath: workloadFile,
-        };
-        return new workloadIdentityCredential_js_1.WorkloadIdentityCredential(workloadIdentityCredentialOptions);
-    }
-    if (tenantId) {
-        const workloadIdentityClientTenantOptions = {
-            ...options,
-            tenantId,
-        };
-        return new workloadIdentityCredential_js_1.WorkloadIdentityCredential(workloadIdentityClientTenantOptions);
-    }
-    // We may be able to return a UnavailableCredential here, but that may be a breaking change
-    return new workloadIdentityCredential_js_1.WorkloadIdentityCredential(options);
+  const managedIdentityClientId = options?.managedIdentityClientId ?? process.env.AZURE_CLIENT_ID;
+  const workloadIdentityClientId = options?.workloadIdentityClientId ?? managedIdentityClientId;
+  const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
+  const tenantId = options?.tenantId ?? process.env.AZURE_TENANT_ID;
+  if (workloadFile && workloadIdentityClientId) {
+    const workloadIdentityCredentialOptions = {
+      ...options,
+      tenantId,
+      clientId: workloadIdentityClientId,
+      tokenFilePath: workloadFile
+    };
+    return new import_workloadIdentityCredential.WorkloadIdentityCredential(workloadIdentityCredentialOptions);
+  }
+  if (tenantId) {
+    const workloadIdentityClientTenantOptions = {
+      ...options,
+      tenantId
+    };
+    return new import_workloadIdentityCredential.WorkloadIdentityCredential(workloadIdentityClientTenantOptions);
+  }
+  return new import_workloadIdentityCredential.WorkloadIdentityCredential(options);
 }
-/**
- * Creates a {@link AzureDeveloperCliCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultAzureDeveloperCliCredential(options = {}) {
-    return new azureDeveloperCliCredential_js_1.AzureDeveloperCliCredential(options);
+  return new import_azureDeveloperCliCredential.AzureDeveloperCliCredential(options);
 }
-/**
- * Creates a {@link AzureCliCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultAzureCliCredential(options = {}) {
-    return new azureCliCredential_js_1.AzureCliCredential(options);
+  return new import_azureCliCredential.AzureCliCredential(options);
 }
-/**
- * Creates a {@link AzurePowerShellCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultAzurePowershellCredential(options = {}) {
-    return new azurePowerShellCredential_js_1.AzurePowerShellCredential(options);
+  return new import_azurePowerShellCredential.AzurePowerShellCredential(options);
 }
-/**
- * Creates an {@link EnvironmentCredential} from the provided options.
- * @param options - Options to configure the credential.
- *
- * @internal
- */
 function createDefaultEnvironmentCredential(options = {}) {
-    return new environmentCredential_js_1.EnvironmentCredential(options);
+  return new import_environmentCredential.EnvironmentCredential(options);
 }
-//# sourceMappingURL=defaultAzureCredentialFunctions.js.map
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createDefaultAzureCliCredential,
+  createDefaultAzureDeveloperCliCredential,
+  createDefaultAzurePowershellCredential,
+  createDefaultBrokerCredential,
+  createDefaultEnvironmentCredential,
+  createDefaultManagedIdentityCredential,
+  createDefaultVisualStudioCodeCredential,
+  createDefaultWorkloadIdentityCredential
+});
+//# sourceMappingURL=defaultAzureCredentialFunctions.js.map