@azure/identity 4.14.0-beta.1 → 4.14.0-beta.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -40
- package/dist/browser/client/identityClient.d.ts +5 -4
- package/dist/browser/client/identityClient.d.ts.map +1 -1
- package/dist/browser/client/identityClient.js +56 -18
- package/dist/browser/client/identityClient.js.map +1 -1
- package/dist/browser/constants.d.ts +1 -1
- package/dist/browser/constants.js +1 -1
- package/dist/browser/constants.js.map +1 -1
- package/dist/browser/credentials/authorizationCodeCredential.d.ts +3 -3
- package/dist/browser/credentials/authorizationCodeCredential.d.ts.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredential.js +2 -2
- package/dist/browser/credentials/authorizationCodeCredential.js.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/authorizationCodeCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/azureCliCredential.d.ts +5 -4
- package/dist/browser/credentials/azureCliCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azureCliCredential.js +3 -3
- package/dist/browser/credentials/azureCliCredential.js.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential.d.ts +5 -4
- package/dist/browser/credentials/azureDeveloperCliCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential.js +3 -3
- package/dist/browser/credentials/azureDeveloperCliCredential.js.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential.d.ts +5 -4
- package/dist/browser/credentials/azurePipelinesCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential.js +3 -3
- package/dist/browser/credentials/azurePipelinesCredential.js.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/azurePipelinesCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/azurePowerShellCredential.d.ts +5 -4
- package/dist/browser/credentials/azurePowerShellCredential.d.ts.map +1 -0
- package/dist/browser/credentials/azurePowerShellCredential.js +3 -3
- package/dist/browser/credentials/azurePowerShellCredential.js.map +1 -0
- package/dist/browser/credentials/brokerCredential.d.ts +2 -2
- package/dist/browser/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/browser/credentials/brokerCredential.js +0 -1
- package/dist/browser/credentials/brokerCredential.js.map +1 -1
- package/dist/browser/credentials/clientAssertionCredential.d.ts +5 -4
- package/dist/browser/credentials/clientAssertionCredential.d.ts.map +1 -0
- package/dist/browser/credentials/clientAssertionCredential.js +3 -3
- package/dist/browser/credentials/clientAssertionCredential.js.map +1 -0
- package/dist/browser/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/clientAssertionCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/clientCertificateCredential.d.ts +6 -4
- package/dist/browser/credentials/clientCertificateCredential.d.ts.map +1 -0
- package/dist/browser/credentials/clientCertificateCredential.js +3 -3
- package/dist/browser/credentials/clientCertificateCredential.js.map +1 -0
- package/dist/browser/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/clientCertificateCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/clientSecretCredential.d.ts +1 -1
- package/dist/browser/credentials/clientSecretCredential.d.ts.map +1 -0
- package/dist/browser/credentials/clientSecretCredential.js +1 -1
- package/dist/browser/credentials/clientSecretCredential.js.map +1 -0
- package/dist/browser/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/clientSecretCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/defaultAzureCredential.d.ts +3 -3
- package/dist/browser/credentials/defaultAzureCredential.d.ts.map +1 -0
- package/dist/browser/credentials/defaultAzureCredential.js +2 -2
- package/dist/browser/credentials/defaultAzureCredential.js.map +1 -0
- package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/defaultAzureCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/deviceCodeCredential.d.ts +5 -4
- package/dist/browser/credentials/deviceCodeCredential.d.ts.map +1 -0
- package/dist/browser/credentials/deviceCodeCredential.js +3 -3
- package/dist/browser/credentials/deviceCodeCredential.js.map +1 -0
- package/dist/browser/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/deviceCodeCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/environmentCredential.d.ts +5 -4
- package/dist/browser/credentials/environmentCredential.d.ts.map +1 -0
- package/dist/browser/credentials/environmentCredential.js +3 -3
- package/dist/browser/credentials/environmentCredential.js.map +1 -0
- package/dist/browser/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/environmentCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/interactiveBrowserCredential.d.ts +1 -1
- package/dist/browser/credentials/interactiveBrowserCredential.d.ts.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredential.js +1 -1
- package/dist/browser/credentials/interactiveBrowserCredential.js.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/interactiveCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/managedIdentityCredential/index.d.ts +9 -4
- package/dist/browser/credentials/managedIdentityCredential/index.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/index.js +3 -3
- package/dist/browser/credentials/managedIdentityCredential/index.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist/browser/credentials/onBehalfOfCredential.d.ts +5 -4
- package/dist/browser/credentials/onBehalfOfCredential.d.ts.map +1 -0
- package/dist/browser/credentials/onBehalfOfCredential.js +3 -3
- package/dist/browser/credentials/onBehalfOfCredential.js.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential.d.ts +1 -1
- package/dist/browser/credentials/usernamePasswordCredential.d.ts.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential.js +1 -1
- package/dist/browser/credentials/usernamePasswordCredential.js.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/usernamePasswordCredentialOptions.js.map +1 -1
- package/dist/browser/credentials/visualStudioCodeCredential.d.ts +5 -4
- package/dist/browser/credentials/visualStudioCodeCredential.d.ts.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredential.js +3 -3
- package/dist/browser/credentials/visualStudioCodeCredential.js.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential.d.ts +5 -4
- package/dist/browser/credentials/workloadIdentityCredential.d.ts.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential.js +3 -3
- package/dist/browser/credentials/workloadIdentityCredential.js.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/browser/credentials/workloadIdentityCredentialOptions.js.map +1 -1
- package/dist/browser/index.d.ts +33 -33
- package/dist/browser/index.d.ts.map +1 -1
- package/dist/browser/index.js.map +1 -1
- package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/browser/msal/browserFlows/msalBrowserCommon.js +2 -3
- package/dist/browser/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist/browser/msal/msal.d.ts +2 -3
- package/dist/browser/msal/msal.d.ts.map +1 -0
- package/dist/browser/msal/msal.js +2 -3
- package/dist/browser/msal/msal.js.map +1 -0
- package/dist/browser/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/browser/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/browser/msal/nodeFlows/msalClient.js +6 -6
- package/dist/browser/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist/browser/msal/utils.d.ts +5 -13
- package/dist/browser/msal/utils.d.ts.map +1 -1
- package/dist/browser/msal/utils.js +12 -25
- package/dist/browser/msal/utils.js.map +1 -1
- package/dist/browser/plugins/consumer.d.ts +1 -1
- package/dist/browser/plugins/consumer.d.ts.map +1 -0
- package/dist/browser/plugins/consumer.js +1 -1
- package/dist/browser/plugins/consumer.js.map +1 -0
- package/dist/browser/util/authorityHost.d.ts +10 -0
- package/dist/browser/util/authorityHost.d.ts.map +1 -0
- package/dist/browser/util/authorityHost.js +18 -0
- package/dist/browser/util/authorityHost.js.map +1 -0
- package/dist/browser/util/processMultiTenantRequest.d.ts +3 -2
- package/dist/browser/util/processMultiTenantRequest.d.ts.map +1 -0
- package/dist/browser/util/processMultiTenantRequest.js +2 -2
- package/dist/browser/util/processMultiTenantRequest.js.map +1 -0
- package/dist/commonjs/client/identityClient.d.ts +5 -4
- package/dist/commonjs/client/identityClient.d.ts.map +1 -1
- package/dist/commonjs/client/identityClient.js +295 -252
- package/dist/commonjs/client/identityClient.js.map +7 -1
- package/dist/commonjs/constants.d.ts +1 -1
- package/dist/commonjs/constants.js +61 -78
- package/dist/commonjs/constants.js.map +7 -1
- package/dist/commonjs/credentials/authorityValidationOptions.js +16 -5
- package/dist/commonjs/credentials/authorityValidationOptions.js.map +7 -1
- package/dist/commonjs/credentials/authorizationCodeCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/authorizationCodeCredential.js +98 -75
- package/dist/commonjs/credentials/authorizationCodeCredential.js.map +7 -1
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azureCliCredential.js +245 -214
- package/dist/commonjs/credentials/azureCliCredential.js.map +7 -1
- package/dist/commonjs/credentials/azureCliCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azureCliCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts +10 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/azureDeveloperCliCredential.js +237 -202
- package/dist/commonjs/credentials/azureDeveloperCliCredential.js.map +7 -1
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azurePipelinesCredential.js +173 -135
- package/dist/commonjs/credentials/azurePipelinesCredential.js.map +7 -1
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/azurePowerShellCredential.js +201 -205
- package/dist/commonjs/credentials/azurePowerShellCredential.js.map +7 -1
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/brokerAuthOptions.js +16 -3
- package/dist/commonjs/credentials/brokerAuthOptions.js.map +7 -1
- package/dist/commonjs/credentials/brokerCredential.d.ts +2 -2
- package/dist/commonjs/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/brokerCredential.js +103 -71
- package/dist/commonjs/credentials/brokerCredential.js.map +7 -1
- package/dist/commonjs/credentials/browserCustomizationOptions.js +16 -5
- package/dist/commonjs/credentials/browserCustomizationOptions.js.map +7 -1
- package/dist/commonjs/credentials/chainedTokenCredential.js +113 -93
- package/dist/commonjs/credentials/chainedTokenCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientAssertionCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientAssertionCredential.js +101 -64
- package/dist/commonjs/credentials/clientAssertionCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/clientCertificateCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientCertificateCredential.js +129 -124
- package/dist/commonjs/credentials/clientCertificateCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientCertificateCredentialModels.js +16 -5
- package/dist/commonjs/credentials/clientCertificateCredentialModels.js.map +7 -1
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/clientSecretCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientSecretCredential.js +96 -68
- package/dist/commonjs/credentials/clientSecretCredential.js.map +7 -1
- package/dist/commonjs/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/clientSecretCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/clientSecretCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/credentialPersistenceOptions.js +16 -5
- package/dist/commonjs/credentials/credentialPersistenceOptions.js.map +7 -1
- package/dist/commonjs/credentials/defaultAzureCredential.js +121 -159
- package/dist/commonjs/credentials/defaultAzureCredential.js.map +7 -1
- package/dist/commonjs/credentials/defaultAzureCredentialFunctions.js +110 -140
- package/dist/commonjs/credentials/defaultAzureCredentialFunctions.js.map +7 -1
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/deviceCodeCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/deviceCodeCredential.js +132 -104
- package/dist/commonjs/credentials/deviceCodeCredential.js.map +7 -1
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/environmentCredential.js +157 -123
- package/dist/commonjs/credentials/environmentCredential.js.map +7 -1
- package/dist/commonjs/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/environmentCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/environmentCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/interactiveBrowserCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/interactiveBrowserCredential.js +144 -108
- package/dist/commonjs/credentials/interactiveBrowserCredential.js.map +7 -1
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/interactiveCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/interactiveCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js +92 -91
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js +51 -44
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/index.js +256 -242
- package/dist/commonjs/credentials/managedIdentityCredential/index.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/models.js +16 -5
- package/dist/commonjs/credentials/managedIdentityCredential/models.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/options.js +16 -5
- package/dist/commonjs/credentials/managedIdentityCredential/options.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js +56 -39
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +7 -1
- package/dist/commonjs/credentials/managedIdentityCredential/utils.js +79 -75
- package/dist/commonjs/credentials/managedIdentityCredential/utils.js.map +7 -1
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/onBehalfOfCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/onBehalfOfCredential.js +168 -127
- package/dist/commonjs/credentials/onBehalfOfCredential.js.map +7 -1
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/usernamePasswordCredential.d.ts.map +1 -1
- package/dist/commonjs/credentials/usernamePasswordCredential.js +112 -76
- package/dist/commonjs/credentials/usernamePasswordCredential.js.map +7 -1
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/visualStudioCodeCredential.js +144 -132
- package/dist/commonjs/credentials/visualStudioCodeCredential.js.map +7 -1
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js.map +7 -1
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js +16 -5
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js.map +7 -1
- package/dist/commonjs/credentials/workloadIdentityCredential.js +284 -274
- package/dist/commonjs/credentials/workloadIdentityCredential.js.map +7 -1
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js +16 -5
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js.map +7 -1
- package/dist/commonjs/errors.js +131 -132
- package/dist/commonjs/errors.js.map +7 -1
- package/dist/commonjs/index.d.ts +33 -33
- package/dist/commonjs/index.d.ts.map +1 -1
- package/dist/commonjs/index.js +115 -67
- package/dist/commonjs/index.js.map +7 -1
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js +226 -249
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js.map +7 -1
- package/dist/commonjs/msal/browserFlows/msalBrowserOptions.js +16 -5
- package/dist/commonjs/msal/browserFlows/msalBrowserOptions.js.map +7 -1
- package/dist/commonjs/msal/credentials.js +16 -5
- package/dist/commonjs/msal/credentials.js.map +7 -1
- package/dist/commonjs/msal/msal.d.ts +1 -2
- package/dist/commonjs/msal/msal.d.ts.map +1 -1
- package/dist/commonjs/msal/msal.js +30 -9
- package/dist/commonjs/msal/msal.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/brokerOptions.js +16 -3
- package/dist/commonjs/msal/nodeFlows/brokerOptions.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/commonjs/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/commonjs/msal/nodeFlows/msalClient.js +450 -478
- package/dist/commonjs/msal/nodeFlows/msalClient.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/msalPlugins.js +140 -147
- package/dist/commonjs/msal/nodeFlows/msalPlugins.js.map +7 -1
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js +16 -5
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js.map +7 -1
- package/dist/commonjs/msal/types.js +16 -5
- package/dist/commonjs/msal/types.js.map +7 -1
- package/dist/commonjs/msal/utils.d.ts +5 -13
- package/dist/commonjs/msal/utils.d.ts.map +1 -1
- package/dist/commonjs/msal/utils.js +172 -226
- package/dist/commonjs/msal/utils.js.map +7 -1
- package/dist/commonjs/plugins/consumer.js +32 -40
- package/dist/commonjs/plugins/consumer.js.map +7 -1
- package/dist/commonjs/plugins/provider.js +16 -5
- package/dist/commonjs/plugins/provider.js.map +7 -1
- package/dist/commonjs/regionalAuthority.js +93 -141
- package/dist/commonjs/regionalAuthority.js.map +7 -1
- package/dist/commonjs/tokenCredentialOptions.js +16 -5
- package/dist/commonjs/tokenCredentialOptions.js.map +7 -1
- package/dist/commonjs/tokenProvider.js +52 -52
- package/dist/commonjs/tokenProvider.js.map +7 -1
- package/dist/commonjs/tsdoc-metadata.json +1 -1
- package/dist/commonjs/util/authorityHost.d.ts +10 -0
- package/dist/commonjs/util/authorityHost.d.ts.map +1 -0
- package/dist/commonjs/util/authorityHost.js +36 -0
- package/dist/commonjs/util/authorityHost.js.map +7 -0
- package/dist/commonjs/util/certificatesUtils.js +54 -45
- package/dist/commonjs/util/certificatesUtils.js.map +7 -1
- package/dist/commonjs/util/identityTokenEndpoint.js +32 -12
- package/dist/commonjs/util/identityTokenEndpoint.js.map +7 -1
- package/dist/commonjs/util/logging.js +91 -97
- package/dist/commonjs/util/logging.js.map +7 -1
- package/dist/commonjs/util/processMultiTenantRequest.js +43 -33
- package/dist/commonjs/util/processMultiTenantRequest.js.map +7 -1
- package/dist/commonjs/util/processUtils.js +60 -35
- package/dist/commonjs/util/processUtils.js.map +7 -1
- package/dist/commonjs/util/scopeUtils.js +39 -28
- package/dist/commonjs/util/scopeUtils.js.map +7 -1
- package/dist/commonjs/util/subscriptionUtils.js +35 -17
- package/dist/commonjs/util/subscriptionUtils.js.map +7 -1
- package/dist/commonjs/util/tenantIdUtils.js +61 -45
- package/dist/commonjs/util/tenantIdUtils.js.map +7 -1
- package/dist/commonjs/util/tracing.js +33 -16
- package/dist/commonjs/util/tracing.js.map +7 -1
- package/dist/esm/client/identityClient.d.ts +5 -4
- package/dist/esm/client/identityClient.d.ts.map +1 -1
- package/dist/esm/client/identityClient.js +56 -18
- package/dist/esm/client/identityClient.js.map +1 -1
- package/dist/esm/constants.d.ts +1 -1
- package/dist/esm/constants.js +1 -1
- package/dist/esm/constants.js.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredential.d.ts.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredential.js +0 -1
- package/dist/esm/credentials/authorizationCodeCredential.js.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/authorizationCodeCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/azureDeveloperCliCredential.d.ts +10 -0
- package/dist/esm/credentials/azureDeveloperCliCredential.d.ts.map +1 -1
- package/dist/esm/credentials/azureDeveloperCliCredential.js +24 -1
- package/dist/esm/credentials/azureDeveloperCliCredential.js.map +1 -1
- package/dist/esm/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/azurePipelinesCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/brokerCredential.d.ts +2 -2
- package/dist/esm/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/esm/credentials/brokerCredential.js +0 -1
- package/dist/esm/credentials/brokerCredential.js.map +1 -1
- package/dist/esm/credentials/clientAssertionCredential.d.ts.map +1 -1
- package/dist/esm/credentials/clientAssertionCredential.js +1 -2
- package/dist/esm/credentials/clientAssertionCredential.js.map +1 -1
- package/dist/esm/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/clientAssertionCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/clientCertificateCredential.d.ts.map +1 -1
- package/dist/esm/credentials/clientCertificateCredential.js +0 -1
- package/dist/esm/credentials/clientCertificateCredential.js.map +1 -1
- package/dist/esm/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/clientCertificateCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/clientSecretCredential.d.ts.map +1 -1
- package/dist/esm/credentials/clientSecretCredential.js +0 -1
- package/dist/esm/credentials/clientSecretCredential.js.map +1 -1
- package/dist/esm/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/clientSecretCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/defaultAzureCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/deviceCodeCredential.d.ts.map +1 -1
- package/dist/esm/credentials/deviceCodeCredential.js +0 -1
- package/dist/esm/credentials/deviceCodeCredential.js.map +1 -1
- package/dist/esm/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/deviceCodeCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/environmentCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredential.d.ts.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredential.js +0 -1
- package/dist/esm/credentials/interactiveBrowserCredential.js.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/interactiveCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist/esm/credentials/onBehalfOfCredential.d.ts.map +1 -1
- package/dist/esm/credentials/onBehalfOfCredential.js +0 -1
- package/dist/esm/credentials/onBehalfOfCredential.js.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredential.d.ts.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredential.js +0 -1
- package/dist/esm/credentials/usernamePasswordCredential.js.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/usernamePasswordCredentialOptions.js.map +1 -1
- package/dist/esm/credentials/visualStudioCodeCredential.js.map +1 -1
- package/dist/esm/credentials/workloadIdentityCredential.js +3 -3
- package/dist/esm/credentials/workloadIdentityCredential.js.map +1 -1
- package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/esm/credentials/workloadIdentityCredentialOptions.js.map +1 -1
- package/dist/esm/index.d.ts +33 -33
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/esm/msal/browserFlows/msalBrowserCommon.js +2 -3
- package/dist/esm/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist/esm/msal/msal.d.ts +1 -2
- package/dist/esm/msal/msal.d.ts.map +1 -1
- package/dist/esm/msal/msal.js +1 -2
- package/dist/esm/msal/msal.js.map +1 -1
- package/dist/esm/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/esm/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/esm/msal/nodeFlows/msalClient.js +6 -6
- package/dist/esm/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist/esm/msal/utils.d.ts +5 -13
- package/dist/esm/msal/utils.d.ts.map +1 -1
- package/dist/esm/msal/utils.js +12 -25
- package/dist/esm/msal/utils.js.map +1 -1
- package/dist/esm/util/authorityHost.d.ts +10 -0
- package/dist/esm/util/authorityHost.d.ts.map +1 -0
- package/dist/esm/util/authorityHost.js +18 -0
- package/dist/esm/util/authorityHost.js.map +1 -0
- package/dist/workerd/client/identityClient.d.ts +5 -4
- package/dist/workerd/client/identityClient.d.ts.map +1 -1
- package/dist/workerd/client/identityClient.js +56 -18
- package/dist/workerd/client/identityClient.js.map +1 -1
- package/dist/workerd/constants.d.ts +1 -1
- package/dist/workerd/constants.js +1 -1
- package/dist/workerd/constants.js.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredential.js +0 -1
- package/dist/workerd/credentials/authorizationCodeCredential.js.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/authorizationCodeCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/azureDeveloperCliCredential.d.ts +10 -0
- package/dist/workerd/credentials/azureDeveloperCliCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/azureDeveloperCliCredential.js +24 -1
- package/dist/workerd/credentials/azureDeveloperCliCredential.js.map +1 -1
- package/dist/workerd/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/azurePipelinesCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/brokerCredential.d.ts +2 -2
- package/dist/workerd/credentials/brokerCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/brokerCredential.js +0 -1
- package/dist/workerd/credentials/brokerCredential.js.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredential.js +1 -2
- package/dist/workerd/credentials/clientAssertionCredential.js.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/clientAssertionCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredential.js +0 -1
- package/dist/workerd/credentials/clientCertificateCredential.js.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/clientCertificateCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/clientSecretCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/clientSecretCredential.js +0 -1
- package/dist/workerd/credentials/clientSecretCredential.js.map +1 -1
- package/dist/workerd/credentials/clientSecretCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/clientSecretCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/defaultAzureCredentialOptions.d.ts +2 -2
- package/dist/workerd/credentials/defaultAzureCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/defaultAzureCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredential.js +0 -1
- package/dist/workerd/credentials/deviceCodeCredential.js.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/deviceCodeCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/environmentCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/environmentCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredential.js +0 -1
- package/dist/workerd/credentials/interactiveBrowserCredential.js.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/interactiveCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/interactiveCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
- package/dist/workerd/credentials/onBehalfOfCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/onBehalfOfCredential.js +0 -1
- package/dist/workerd/credentials/onBehalfOfCredential.js.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredential.d.ts.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredential.js +0 -1
- package/dist/workerd/credentials/usernamePasswordCredential.js.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/usernamePasswordCredentialOptions.js.map +1 -1
- package/dist/workerd/credentials/visualStudioCodeCredential.js.map +1 -1
- package/dist/workerd/credentials/workloadIdentityCredential.js +3 -3
- package/dist/workerd/credentials/workloadIdentityCredential.js.map +1 -1
- package/dist/workerd/credentials/workloadIdentityCredentialOptions.d.ts +2 -2
- package/dist/workerd/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -1
- package/dist/workerd/credentials/workloadIdentityCredentialOptions.js.map +1 -1
- package/dist/workerd/index.d.ts +33 -33
- package/dist/workerd/index.d.ts.map +1 -1
- package/dist/workerd/index.js.map +1 -1
- package/dist/workerd/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -1
- package/dist/workerd/msal/browserFlows/msalBrowserCommon.js +2 -3
- package/dist/workerd/msal/browserFlows/msalBrowserCommon.js.map +1 -1
- package/dist/workerd/msal/msal.d.ts +1 -2
- package/dist/workerd/msal/msal.d.ts.map +1 -1
- package/dist/workerd/msal/msal.js +1 -2
- package/dist/workerd/msal/msal.js.map +1 -1
- package/dist/workerd/msal/nodeFlows/msalClient.d.ts +14 -8
- package/dist/workerd/msal/nodeFlows/msalClient.d.ts.map +1 -1
- package/dist/workerd/msal/nodeFlows/msalClient.js +6 -6
- package/dist/workerd/msal/nodeFlows/msalClient.js.map +1 -1
- package/dist/workerd/msal/utils.d.ts +5 -13
- package/dist/workerd/msal/utils.d.ts.map +1 -1
- package/dist/workerd/msal/utils.js +12 -25
- package/dist/workerd/msal/utils.js.map +1 -1
- package/dist/workerd/util/authorityHost.d.ts +10 -0
- package/dist/workerd/util/authorityHost.d.ts.map +1 -0
- package/dist/workerd/util/authorityHost.js +18 -0
- package/dist/workerd/util/authorityHost.js.map +1 -0
- package/package.json +17 -34
- package/dist/browser/credentials/authorizationCodeCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/authorizationCodeCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azureCliCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azureCliCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azureDeveloperCliCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azureDeveloperCliCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azurePipelinesCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azurePipelinesCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/azurePowerShellCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/azurePowerShellCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/clientAssertionCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/clientAssertionCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/clientCertificateCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/clientCertificateCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/clientSecretCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/clientSecretCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/defaultAzureCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/defaultAzureCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/deviceCodeCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/deviceCodeCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/environmentCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/environmentCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/interactiveBrowserCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/interactiveBrowserCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/managedIdentityCredential/index-browser.d.mts.map +0 -1
- package/dist/browser/credentials/managedIdentityCredential/index-browser.mjs.map +0 -1
- package/dist/browser/credentials/onBehalfOfCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/onBehalfOfCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/usernamePasswordCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/usernamePasswordCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/visualStudioCodeCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/visualStudioCodeCredential-browser.mjs.map +0 -1
- package/dist/browser/credentials/workloadIdentityCredential-browser.d.mts.map +0 -1
- package/dist/browser/credentials/workloadIdentityCredential-browser.mjs.map +0 -1
- package/dist/browser/msal/msal-browser.d.mts.map +0 -1
- package/dist/browser/msal/msal-browser.mjs.map +0 -1
- package/dist/browser/plugins/consumer-browser.d.mts.map +0 -1
- package/dist/browser/plugins/consumer-browser.mjs.map +0 -1
- package/dist/browser/util/authHostEnv-browser.d.mts +0 -4
- package/dist/browser/util/authHostEnv-browser.d.mts.map +0 -1
- package/dist/browser/util/authHostEnv-browser.mjs +0 -7
- package/dist/browser/util/authHostEnv-browser.mjs.map +0 -1
- package/dist/browser/util/processMultiTenantRequest-browser.d.mts.map +0 -1
- package/dist/browser/util/processMultiTenantRequest-browser.mjs.map +0 -1
- package/dist/esm/util/authHostEnv-browser.d.mts +0 -4
- package/dist/esm/util/authHostEnv-browser.d.mts.map +0 -1
- package/dist/esm/util/authHostEnv-browser.mjs +0 -7
- package/dist/esm/util/authHostEnv-browser.mjs.map +0 -1
- package/dist/workerd/util/authHostEnv-browser.d.mts +0 -4
- package/dist/workerd/util/authHostEnv-browser.d.mts.map +0 -1
- package/dist/workerd/util/authHostEnv-browser.mjs +0 -7
- package/dist/workerd/util/authHostEnv-browser.mjs.map +0 -1
|
@@ -1 +1,7 @@
|
|
|
1
|
-
{
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../../src/msal/nodeFlows/tokenCachePersistenceOptions.ts"],
|
|
4
|
+
"sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Parameters that enable token cache persistence in the Identity credentials.\n */\nexport interface TokenCachePersistenceOptions {\n /**\n * If set to true, persistent token caching will be enabled for this credential instance.\n */\n enabled: boolean;\n /**\n * Unique identifier for the persistent token cache.\n *\n * Based on this identifier, the persistence file will be located in any of the following places:\n * - Darwin: '/Users/user/.IdentityService/<name>'\n * - Windows 8+: 'C:\\\\Users\\\\user\\\\AppData\\\\Local\\\\.IdentityService\\\\<name>'\n * - Linux: '/home/user/.IdentityService/<name>'\n */\n name?: string;\n /**\n * If set to true, the cache will be stored without encryption if no OS level user encryption is available.\n * When set to false, the PersistentTokenCache will throw an error if no OS level user encryption is available.\n */\n unsafeAllowUnencryptedStorage?: boolean;\n}\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -1,5 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
1
|
+
var __defProp = Object.defineProperty;
|
|
2
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
3
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
4
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
5
|
+
var __copyProps = (to, from, except, desc) => {
|
|
6
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
7
|
+
for (let key of __getOwnPropNames(from))
|
|
8
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
9
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
10
|
+
}
|
|
11
|
+
return to;
|
|
12
|
+
};
|
|
13
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
14
|
+
var types_exports = {};
|
|
15
|
+
module.exports = __toCommonJS(types_exports);
|
|
16
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -1 +1,7 @@
|
|
|
1
|
-
{
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../src/msal/types.ts"],
|
|
4
|
+
"sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * @internal\n */\nexport type AppType = \"public\" | \"confidential\" | \"publicFirst\" | \"confidentialFirst\";\n\n/**\n * The shape we use return the token (and the expiration date).\n * @internal\n */\nexport interface MsalToken {\n accessToken?: string;\n expiresOn: Date | null;\n}\n\n/**\n * Represents a valid (i.e. complete) MSAL token.\n */\nexport type ValidMsalToken = { [P in keyof MsalToken]-?: NonNullable<MsalToken[P]> };\n\n/**\n * Internal representation of MSAL's Account information.\n * Helps us to disambiguate the MSAL classes accross environments.\n * @internal\n */\nexport interface MsalAccountInfo {\n homeAccountId: string;\n environment?: string;\n tenantId: string;\n username: string;\n localAccountId: string;\n name?: string;\n // Leaving idTokenClaims as object since that's how MSAL has this assigned.\n idTokenClaims?: object;\n}\n\n/**\n * Represents the common properties of any of the MSAL responses.\n * @internal\n */\nexport interface MsalResult {\n authority?: string;\n account: MsalAccountInfo | null;\n accessToken: string;\n expiresOn: Date | null;\n refreshOn?: Date | null;\n}\n\n/**\n * The record to use to find the cached tokens in the cache.\n */\nexport interface AuthenticationRecord {\n /**\n * Entity which issued the token represented by the domain of the issuer (e.g. login.microsoftonline.com)\n */\n authority: string;\n /**\n * The home account Id.\n */\n homeAccountId: string;\n /**\n * The associated client ID.\n */\n clientId: string;\n /**\n * The associated tenant ID.\n */\n tenantId: string;\n /**\n * The username of the logged in account.\n */\n username: string;\n}\n\n/**\n * Represents a parsed certificate\n * @internal\n */\nexport interface CertificateParts {\n /**\n * Hex encoded X.509 SHA-256 thumbprint of the certificate.\n */\n thumbprintSha256: string;\n /**\n * Hex encoded X.509 SHA-1 thumbprint of the certificate.\n * @deprecated Use thumbprintSha256 property instead. Thumbprint needs to be computed with SHA-256 algorithm.\n * SHA-1 is only needed for backwards compatibility with older versions of ADFS.\n */\n thumbprint: string;\n /**\n * The PEM encoded private key.\n */\n privateKey: string;\n /**\n * x5c header.\n */\n x5c?: string;\n}\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
|
|
6
|
+
"names": []
|
|
7
|
+
}
|
|
@@ -2,24 +2,16 @@ import type { AuthenticationRecord, MsalAccountInfo, MsalToken, ValidMsalToken }
|
|
|
2
2
|
import type { CredentialLogger } from "../util/logging.js";
|
|
3
3
|
import type { AzureLogLevel } from "@azure/logger";
|
|
4
4
|
import type { GetTokenOptions } from "@azure/core-auth";
|
|
5
|
-
import {
|
|
5
|
+
import type { AccountInfo } from "./msal.js";
|
|
6
|
+
import { LogLevel } from "./msal.js";
|
|
6
7
|
export interface ILoggerCallback {
|
|
7
|
-
(level:
|
|
8
|
+
(level: LogLevel, message: string, containsPii: boolean): void;
|
|
8
9
|
}
|
|
9
10
|
/**
|
|
10
11
|
* Ensures the validity of the MSAL token
|
|
11
12
|
* @internal
|
|
12
13
|
*/
|
|
13
14
|
export declare function ensureValidMsalToken(scopes: string | string[], msalToken?: MsalToken | null, getTokenOptions?: GetTokenOptions): asserts msalToken is ValidMsalToken;
|
|
14
|
-
/**
|
|
15
|
-
* Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable.
|
|
16
|
-
*
|
|
17
|
-
* Defaults to {@link DefaultAuthorityHost}.
|
|
18
|
-
* @internal
|
|
19
|
-
*/
|
|
20
|
-
export declare function getAuthorityHost(options?: {
|
|
21
|
-
authorityHost?: string;
|
|
22
|
-
}): string;
|
|
23
15
|
/**
|
|
24
16
|
* Generates a valid authority by combining a host with a tenantId.
|
|
25
17
|
* @internal
|
|
@@ -42,7 +34,7 @@ export declare const defaultLoggerCallback: (logger: CredentialLogger, platform?
|
|
|
42
34
|
/**
|
|
43
35
|
* @internal
|
|
44
36
|
*/
|
|
45
|
-
export declare function getMSALLogLevel(logLevel: AzureLogLevel | undefined):
|
|
37
|
+
export declare function getMSALLogLevel(logLevel: AzureLogLevel | undefined): LogLevel;
|
|
46
38
|
/**
|
|
47
39
|
* Wraps core-util's randomUUID in order to allow for mocking in tests.
|
|
48
40
|
* This prepares the library for the upcoming core-util update to ESM.
|
|
@@ -55,7 +47,7 @@ export declare function randomUUID(): string;
|
|
|
55
47
|
* Handles MSAL errors.
|
|
56
48
|
*/
|
|
57
49
|
export declare function handleMsalError(scopes: string[], error: Error, getTokenOptions?: GetTokenOptions): Error;
|
|
58
|
-
export declare function publicToMsal(account: AuthenticationRecord):
|
|
50
|
+
export declare function publicToMsal(account: AuthenticationRecord): AccountInfo;
|
|
59
51
|
export declare function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord;
|
|
60
52
|
/**
|
|
61
53
|
* Serializes an `AuthenticationRecord` into a string.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,oBAAoB,EAAE,eAAe,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEnG,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAM3D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,oBAAoB,EAAE,eAAe,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEnG,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAM3D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,KAAK,EAAE,WAAW,EAAa,MAAM,WAAW,CAAC;AACxD,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAErC,MAAM,WAAW,eAAe;IAC9B,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,GAAG,IAAI,CAAC;CAChE;AASD;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,SAAS,CAAC,EAAE,SAAS,GAAG,IAAI,EAC5B,eAAe,CAAC,EAAE,eAAe,GAChC,OAAO,CAAC,SAAS,IAAI,cAAc,CAkBrC;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAYpE;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EACrB,wBAAwB,CAAC,EAAE,OAAO,GACjC,MAAM,EAAE,CAKV;AAED;;;;GAIG;AACH,eAAO,MAAM,qBAAqB,EAAE,CAClC,MAAM,EAAE,gBAAgB,EACxB,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,KAC1B,eAoBF,CAAC;AAEJ;;GAEG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,aAAa,GAAG,SAAS,GAAG,QAAQ,CAc7E;AAED;;;;;;GAMG;AACH,wBAAgB,UAAU,IAAI,MAAM,CAEnC;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,MAAM,EAAE,EAChB,KAAK,EAAE,KAAK,EACZ,eAAe,CAAC,EAAE,eAAe,GAChC,KAAK,CA6CP;AAGD,wBAAgB,YAAY,CAAC,OAAO,EAAE,oBAAoB,GAAG,WAAW,CAQvE;AAED,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,oBAAoB,CAU7F;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,6BAA6B,CAAC,MAAM,EAAE,oBAAoB,GAAG,MAAM,CAElF;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,+BAA+B,CAAC,gBAAgB,EAAE,MAAM,GAAG,oBAAoB,CAQ9F"}
|
|
@@ -1,248 +1,194 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
1
|
+
var __defProp = Object.defineProperty;
|
|
2
|
+
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
|
|
3
|
+
var __getOwnPropNames = Object.getOwnPropertyNames;
|
|
4
|
+
var __hasOwnProp = Object.prototype.hasOwnProperty;
|
|
5
|
+
var __export = (target, all) => {
|
|
6
|
+
for (var name in all)
|
|
7
|
+
__defProp(target, name, { get: all[name], enumerable: true });
|
|
8
|
+
};
|
|
9
|
+
var __copyProps = (to, from, except, desc) => {
|
|
10
|
+
if (from && typeof from === "object" || typeof from === "function") {
|
|
11
|
+
for (let key of __getOwnPropNames(from))
|
|
12
|
+
if (!__hasOwnProp.call(to, key) && key !== except)
|
|
13
|
+
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
|
|
14
|
+
}
|
|
15
|
+
return to;
|
|
16
|
+
};
|
|
17
|
+
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
18
|
+
var utils_exports = {};
|
|
19
|
+
__export(utils_exports, {
|
|
20
|
+
defaultLoggerCallback: () => defaultLoggerCallback,
|
|
21
|
+
deserializeAuthenticationRecord: () => deserializeAuthenticationRecord,
|
|
22
|
+
ensureValidMsalToken: () => ensureValidMsalToken,
|
|
23
|
+
getAuthority: () => getAuthority,
|
|
24
|
+
getKnownAuthorities: () => getKnownAuthorities,
|
|
25
|
+
getMSALLogLevel: () => getMSALLogLevel,
|
|
26
|
+
handleMsalError: () => handleMsalError,
|
|
27
|
+
msalToPublic: () => msalToPublic,
|
|
28
|
+
publicToMsal: () => publicToMsal,
|
|
29
|
+
randomUUID: () => randomUUID,
|
|
30
|
+
serializeAuthenticationRecord: () => serializeAuthenticationRecord
|
|
31
|
+
});
|
|
32
|
+
module.exports = __toCommonJS(utils_exports);
|
|
33
|
+
var import_errors = require("../errors.js");
|
|
34
|
+
var import_logging = require("../util/logging.js");
|
|
35
|
+
var import_constants = require("../constants.js");
|
|
36
|
+
var import_core_util = require("@azure/core-util");
|
|
37
|
+
var import_abort_controller = require("@azure/abort-controller");
|
|
38
|
+
var import_msal = require("./msal.js");
|
|
39
|
+
const logger = (0, import_logging.credentialLogger)("IdentityUtils");
|
|
27
40
|
const LatestAuthenticationRecordVersion = "1.0";
|
|
28
|
-
/**
|
|
29
|
-
* Ensures the validity of the MSAL token
|
|
30
|
-
* @internal
|
|
31
|
-
*/
|
|
32
41
|
function ensureValidMsalToken(scopes, msalToken, getTokenOptions) {
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
42
|
+
const error = (message) => {
|
|
43
|
+
logger.getToken.info(message);
|
|
44
|
+
return new import_errors.AuthenticationRequiredError({
|
|
45
|
+
scopes: Array.isArray(scopes) ? scopes : [scopes],
|
|
46
|
+
getTokenOptions,
|
|
47
|
+
message
|
|
48
|
+
});
|
|
49
|
+
};
|
|
50
|
+
if (!msalToken) {
|
|
51
|
+
throw error("No response");
|
|
52
|
+
}
|
|
53
|
+
if (!msalToken.expiresOn) {
|
|
54
|
+
throw error(`Response had no "expiresOn" property.`);
|
|
55
|
+
}
|
|
56
|
+
if (!msalToken.accessToken) {
|
|
57
|
+
throw error(`Response had no "accessToken" property.`);
|
|
58
|
+
}
|
|
50
59
|
}
|
|
51
|
-
/**
|
|
52
|
-
* Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable.
|
|
53
|
-
*
|
|
54
|
-
* Defaults to {@link DefaultAuthorityHost}.
|
|
55
|
-
* @internal
|
|
56
|
-
*/
|
|
57
|
-
function getAuthorityHost(options) {
|
|
58
|
-
let authorityHost = options?.authorityHost;
|
|
59
|
-
if (!authorityHost && core_util_1.isNodeLike) {
|
|
60
|
-
authorityHost = process.env.AZURE_AUTHORITY_HOST;
|
|
61
|
-
}
|
|
62
|
-
return authorityHost ?? constants_js_1.DefaultAuthorityHost;
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* Generates a valid authority by combining a host with a tenantId.
|
|
66
|
-
* @internal
|
|
67
|
-
*/
|
|
68
60
|
function getAuthority(tenantId, host) {
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
}
|
|
61
|
+
if (!host) {
|
|
62
|
+
host = import_constants.DefaultAuthorityHost;
|
|
63
|
+
}
|
|
64
|
+
if (new RegExp(`${tenantId}/?$`).test(host)) {
|
|
65
|
+
return host;
|
|
66
|
+
}
|
|
67
|
+
if (host.endsWith("/")) {
|
|
68
|
+
return host + tenantId;
|
|
69
|
+
} else {
|
|
70
|
+
return `${host}/${tenantId}`;
|
|
71
|
+
}
|
|
81
72
|
}
|
|
82
|
-
/**
|
|
83
|
-
* Generates the known authorities.
|
|
84
|
-
* If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.
|
|
85
|
-
* For that reason, we have to force MSAL to disable validating the authority
|
|
86
|
-
* by sending it within the known authorities in the MSAL configuration.
|
|
87
|
-
* @internal
|
|
88
|
-
*/
|
|
89
73
|
function getKnownAuthorities(tenantId, authorityHost, disableInstanceDiscovery) {
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
74
|
+
if (tenantId === "adfs" && authorityHost || disableInstanceDiscovery) {
|
|
75
|
+
return [authorityHost];
|
|
76
|
+
}
|
|
77
|
+
return [];
|
|
94
78
|
}
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
return;
|
|
114
|
-
case msal_js_1.msalCommon.LogLevel.Warning:
|
|
115
|
-
credLogger.info(`MSAL ${platform} V2 warning: ${message}`);
|
|
116
|
-
return;
|
|
117
|
-
}
|
|
79
|
+
const defaultLoggerCallback = (credLogger, platform = import_core_util.isNodeLike ? "Node" : "Browser") => (level, message, containsPii) => {
|
|
80
|
+
if (containsPii) {
|
|
81
|
+
return;
|
|
82
|
+
}
|
|
83
|
+
switch (level) {
|
|
84
|
+
case import_msal.LogLevel.Error:
|
|
85
|
+
credLogger.info(`MSAL ${platform} V2 error: ${message}`);
|
|
86
|
+
return;
|
|
87
|
+
case import_msal.LogLevel.Info:
|
|
88
|
+
credLogger.info(`MSAL ${platform} V2 info message: ${message}`);
|
|
89
|
+
return;
|
|
90
|
+
case import_msal.LogLevel.Verbose:
|
|
91
|
+
credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);
|
|
92
|
+
return;
|
|
93
|
+
case import_msal.LogLevel.Warning:
|
|
94
|
+
credLogger.info(`MSAL ${platform} V2 warning: ${message}`);
|
|
95
|
+
return;
|
|
96
|
+
}
|
|
118
97
|
};
|
|
119
|
-
exports.defaultLoggerCallback = defaultLoggerCallback;
|
|
120
|
-
/**
|
|
121
|
-
* @internal
|
|
122
|
-
*/
|
|
123
98
|
function getMSALLogLevel(logLevel) {
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
}
|
|
99
|
+
switch (logLevel) {
|
|
100
|
+
case "error":
|
|
101
|
+
return import_msal.LogLevel.Error;
|
|
102
|
+
case "info":
|
|
103
|
+
return import_msal.LogLevel.Info;
|
|
104
|
+
case "verbose":
|
|
105
|
+
return import_msal.LogLevel.Verbose;
|
|
106
|
+
case "warning":
|
|
107
|
+
return import_msal.LogLevel.Warning;
|
|
108
|
+
default:
|
|
109
|
+
return import_msal.LogLevel.Info;
|
|
110
|
+
}
|
|
137
111
|
}
|
|
138
|
-
/**
|
|
139
|
-
* Wraps core-util's randomUUID in order to allow for mocking in tests.
|
|
140
|
-
* This prepares the library for the upcoming core-util update to ESM.
|
|
141
|
-
*
|
|
142
|
-
* @internal
|
|
143
|
-
* @returns A string containing a random UUID
|
|
144
|
-
*/
|
|
145
112
|
function randomUUID() {
|
|
146
|
-
|
|
113
|
+
return (0, import_core_util.randomUUID)();
|
|
147
114
|
}
|
|
148
|
-
/**
|
|
149
|
-
* Handles MSAL errors.
|
|
150
|
-
*/
|
|
151
115
|
function handleMsalError(scopes, error, getTokenOptions) {
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
168
|
-
|
|
169
|
-
|
|
170
|
-
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
174
|
-
|
|
175
|
-
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
return
|
|
116
|
+
if (error.name === "AuthError" || error.name === "ClientAuthError" || error.name === "BrowserAuthError") {
|
|
117
|
+
const msalError = error;
|
|
118
|
+
switch (msalError.errorCode) {
|
|
119
|
+
case "endpoints_resolution_error":
|
|
120
|
+
logger.info((0, import_logging.formatError)(scopes, error.message));
|
|
121
|
+
return new import_errors.CredentialUnavailableError(error.message);
|
|
122
|
+
case "device_code_polling_cancelled":
|
|
123
|
+
return new import_abort_controller.AbortError("The authentication has been aborted by the caller.");
|
|
124
|
+
case "consent_required":
|
|
125
|
+
case "interaction_required":
|
|
126
|
+
case "login_required":
|
|
127
|
+
logger.info(
|
|
128
|
+
(0, import_logging.formatError)(scopes, `Authentication returned errorCode ${msalError.errorCode}`)
|
|
129
|
+
);
|
|
130
|
+
break;
|
|
131
|
+
default:
|
|
132
|
+
logger.info((0, import_logging.formatError)(scopes, `Failed to acquire token: ${error.message}`));
|
|
133
|
+
break;
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
if (error.name === "ClientConfigurationError" || error.name === "BrowserConfigurationAuthError" || error.name === "AbortError" || error.name === "AuthenticationError") {
|
|
137
|
+
return error;
|
|
138
|
+
}
|
|
139
|
+
if (error.name === "NativeAuthError") {
|
|
140
|
+
logger.info(
|
|
141
|
+
(0, import_logging.formatError)(
|
|
142
|
+
scopes,
|
|
143
|
+
`Error from the native broker: ${error.message} with status code: ${error.statusCode}`
|
|
144
|
+
)
|
|
145
|
+
);
|
|
146
|
+
return error;
|
|
147
|
+
}
|
|
148
|
+
return new import_errors.AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });
|
|
183
149
|
}
|
|
184
|
-
// transformations
|
|
185
150
|
function publicToMsal(account) {
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
151
|
+
return {
|
|
152
|
+
localAccountId: account.homeAccountId,
|
|
153
|
+
environment: account.authority,
|
|
154
|
+
username: account.username,
|
|
155
|
+
homeAccountId: account.homeAccountId,
|
|
156
|
+
tenantId: account.tenantId
|
|
157
|
+
};
|
|
193
158
|
}
|
|
194
159
|
function msalToPublic(clientId, account) {
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
160
|
+
const record = {
|
|
161
|
+
authority: account.environment ?? import_constants.DefaultAuthority,
|
|
162
|
+
homeAccountId: account.homeAccountId,
|
|
163
|
+
tenantId: account.tenantId || import_constants.DefaultTenantId,
|
|
164
|
+
username: account.username,
|
|
165
|
+
clientId,
|
|
166
|
+
version: LatestAuthenticationRecordVersion
|
|
167
|
+
};
|
|
168
|
+
return record;
|
|
204
169
|
}
|
|
205
|
-
/**
|
|
206
|
-
* Serializes an `AuthenticationRecord` into a string.
|
|
207
|
-
*
|
|
208
|
-
* The output of a serialized authentication record will contain the following properties:
|
|
209
|
-
*
|
|
210
|
-
* - "authority"
|
|
211
|
-
* - "homeAccountId"
|
|
212
|
-
* - "clientId"
|
|
213
|
-
* - "tenantId"
|
|
214
|
-
* - "username"
|
|
215
|
-
* - "version"
|
|
216
|
-
*
|
|
217
|
-
* To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.
|
|
218
|
-
*/
|
|
219
170
|
function serializeAuthenticationRecord(record) {
|
|
220
|
-
|
|
171
|
+
return JSON.stringify(record);
|
|
221
172
|
}
|
|
222
|
-
/**
|
|
223
|
-
* Deserializes a previously serialized authentication record from a string into an object.
|
|
224
|
-
*
|
|
225
|
-
* The input string must contain the following properties:
|
|
226
|
-
*
|
|
227
|
-
* - "authority"
|
|
228
|
-
* - "homeAccountId"
|
|
229
|
-
* - "clientId"
|
|
230
|
-
* - "tenantId"
|
|
231
|
-
* - "username"
|
|
232
|
-
* - "version"
|
|
233
|
-
*
|
|
234
|
-
* If the version we receive is unsupported, an error will be thrown.
|
|
235
|
-
*
|
|
236
|
-
* At the moment, the only available version is: "1.0", which is always set when the authentication record is serialized.
|
|
237
|
-
*
|
|
238
|
-
* @param serializedRecord - Authentication record previously serialized into string.
|
|
239
|
-
* @returns AuthenticationRecord.
|
|
240
|
-
*/
|
|
241
173
|
function deserializeAuthenticationRecord(serializedRecord) {
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
174
|
+
const parsed = JSON.parse(serializedRecord);
|
|
175
|
+
if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {
|
|
176
|
+
throw Error("Unsupported AuthenticationRecord version");
|
|
177
|
+
}
|
|
178
|
+
return parsed;
|
|
247
179
|
}
|
|
248
|
-
|
|
180
|
+
// Annotate the CommonJS export names for ESM import in node:
|
|
181
|
+
0 && (module.exports = {
|
|
182
|
+
defaultLoggerCallback,
|
|
183
|
+
deserializeAuthenticationRecord,
|
|
184
|
+
ensureValidMsalToken,
|
|
185
|
+
getAuthority,
|
|
186
|
+
getKnownAuthorities,
|
|
187
|
+
getMSALLogLevel,
|
|
188
|
+
handleMsalError,
|
|
189
|
+
msalToPublic,
|
|
190
|
+
publicToMsal,
|
|
191
|
+
randomUUID,
|
|
192
|
+
serializeAuthenticationRecord
|
|
193
|
+
});
|
|
194
|
+
//# sourceMappingURL=utils.js.map
|
|
@@ -1 +1,7 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AA6BlC,oDAsBC;AAQD,4CAQC;AAMD,oCAYC;AASD,kDASC;AAmCD,0CAcC;AASD,gCAEC;AAKD,0CAiDC;AAGD,oCAQC;AAED,oCAUC;AAgBD,sEAEC;AAqBD,0EAQC;AA5RD,4CAAuF;AAEvF,mDAAmE;AACnE,kDAA0F;AAC1F,gDAAoF;AAEpF,8DAAqD;AAGrD,uCAAuC;AAMvC,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,eAAe,CAAC,CAAC;AAEjD;;GAEG;AACH,MAAM,iCAAiC,GAAG,KAAK,CAAC;AAEhD;;;GAGG;AACH,SAAgB,oBAAoB,CAClC,MAAyB,EACzB,SAA4B,EAC5B,eAAiC;IAEjC,MAAM,KAAK,GAAG,CAAC,OAAe,EAAS,EAAE;QACvC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,IAAI,uCAA2B,CAAC;YACrC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACjD,eAAe;YACf,OAAO;SACR,CAAC,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;QACzB,MAAM,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAAC,OAAoC;IACnE,IAAI,aAAa,GAAG,OAAO,EAAE,aAAa,CAAC;IAE3C,IAAI,CAAC,aAAa,IAAI,sBAAU,EAAE,CAAC;QACjC,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;IACnD,CAAC;IAED,OAAO,aAAa,IAAI,mCAAoB,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,SAAgB,YAAY,CAAC,QAAgB,EAAE,IAAa;IAC1D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,IAAI,GAAG,mCAAoB,CAAC;IAC9B,CAAC;IACD,IAAI,IAAI,MAAM,CAAC,GAAG,QAAQ,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,GAAG,QAAQ,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,mBAAmB,CACjC,QAAgB,EAChB,aAAqB,EACrB,wBAAkC;IAElC,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,aAAa,CAAC,IAAI,wBAAwB,EAAE,CAAC;QACvE,OAAO,CAAC,aAAa,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACI,MAAM,qBAAqB,GAIhC,CAAC,UAA4B,EAAE,WAA+B,kBAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAE,EAAE,CAC7F,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAQ,EAAE;IACpC,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,oBAAU,CAAC,QAAQ,CAAC,KAAK;YAC5B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,cAAc,OAAO,EAAE,CAAC,CAAC;YACzD,OAAO;QACT,KAAK,oBAAU,CAAC,QAAQ,CAAC,IAAI;YAC3B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,qBAAqB,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,KAAK,oBAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,wBAAwB,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;QACT,KAAK,oBAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,gBAAgB,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO;IACX,CAAC;AACH,CAAC,CAAC;AAvBS,QAAA,qBAAqB,yBAuB9B;AAEJ;;GAEG;AACH,SAAgB,eAAe,CAAC,QAAmC;IACjE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,oBAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,oBAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,oBAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC,KAAK,SAAS;YACZ,OAAO,oBAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC;YACE,4CAA4C;YAC5C,OAAO,oBAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;IACpC,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU;IACxB,OAAO,IAAA,sBAAc,GAAE,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,MAAgB,EAChB,KAAY,EACZ,eAAiC;IAEjC,IACE,KAAK,CAAC,IAAI,KAAK,WAAW;QAC1B,KAAK,CAAC,IAAI,KAAK,iBAAiB;QAChC,KAAK,CAAC,IAAI,KAAK,kBAAkB,EACjC,CAAC;QACD,MAAM,SAAS,GAAG,KAA6B,CAAC;QAChD,QAAQ,SAAS,CAAC,SAAS,EAAE,CAAC;YAC5B,KAAK,4BAA4B;gBAC/B,MAAM,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChD,OAAO,IAAI,sCAA0B,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,KAAK,+BAA+B;gBAClC,OAAO,IAAI,6BAAU,CAAC,oDAAoD,CAAC,CAAC;YAC9E,KAAK,kBAAkB,CAAC;YACxB,KAAK,sBAAsB,CAAC;YAC5B,KAAK,gBAAgB;gBACnB,MAAM,CAAC,IAAI,CACT,IAAA,wBAAW,EAAC,MAAM,EAAE,qCAAqC,SAAS,CAAC,SAAS,EAAE,CAAC,CAChF,CAAC;gBACF,MAAM;YACR;gBACE,MAAM,CAAC,IAAI,CAAC,IAAA,wBAAW,EAAC,MAAM,EAAE,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC9E,MAAM;QACV,CAAC;IACH,CAAC;IACD,IACE,KAAK,CAAC,IAAI,KAAK,0BAA0B;QACzC,KAAK,CAAC,IAAI,KAAK,+BAA+B;QAC9C,KAAK,CAAC,IAAI,KAAK,YAAY;QAC3B,KAAK,CAAC,IAAI,KAAK,qBAAqB,EACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CACT,IAAA,wBAAW,EACT,MAAM,EACN,iCAAiC,KAAK,CAAC,OAAO,sBAC3C,KAAa,CAAC,UACjB,EAAE,CACH,CACF,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,uCAA2B,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;AAC9F,CAAC;AAED,kBAAkB;AAClB,SAAgB,YAAY,CAAC,OAA6B;IACxD,OAAO;QACL,cAAc,EAAE,OAAO,CAAC,aAAa;QACrC,WAAW,EAAE,OAAO,CAAC,SAAS;QAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC;AACJ,CAAC;AAED,SAAgB,YAAY,CAAC,QAAgB,EAAE,OAAwB;IACrE,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,OAAO,CAAC,WAAW,IAAI,+BAAgB;QAClD,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,8BAAe;QAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ;QACR,OAAO,EAAE,iCAAiC;KAC3C,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,SAAgB,6BAA6B,CAAC,MAA4B;IACxE,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,SAAgB,+BAA+B,CAAC,gBAAwB;IACtE,MAAM,MAAM,GAAgD,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAEzF,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,KAAK,iCAAiC,EAAE,CAAC;QAC3E,MAAM,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthenticationRecord, MsalAccountInfo, MsalToken, ValidMsalToken } from \"./types.js\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../errors.js\";\nimport type { CredentialLogger } from \"../util/logging.js\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\nimport { DefaultAuthority, DefaultAuthorityHost, DefaultTenantId } from \"../constants.js\";\nimport { randomUUID as coreRandomUUID, isNode, isNodeLike } from \"@azure/core-util\";\n\nimport { AbortError } from \"@azure/abort-controller\";\nimport type { AzureLogLevel } from \"@azure/logger\";\nimport type { GetTokenOptions } from \"@azure/core-auth\";\nimport { msalCommon } from \"./msal.js\";\n\nexport interface ILoggerCallback {\n (level: msalCommon.LogLevel, message: string, containsPii: boolean): void;\n}\n\nconst logger = credentialLogger(\"IdentityUtils\");\n\n/**\n * Latest AuthenticationRecord version\n */\nconst LatestAuthenticationRecordVersion = \"1.0\";\n\n/**\n * Ensures the validity of the MSAL token\n * @internal\n */\nexport function ensureValidMsalToken(\n scopes: string | string[],\n msalToken?: MsalToken | null,\n getTokenOptions?: GetTokenOptions,\n): asserts msalToken is ValidMsalToken {\n const error = (message: string): Error => {\n logger.getToken.info(message);\n return new AuthenticationRequiredError({\n scopes: Array.isArray(scopes) ? scopes : [scopes],\n getTokenOptions,\n message,\n });\n };\n if (!msalToken) {\n throw error(\"No response\");\n }\n if (!msalToken.expiresOn) {\n throw error(`Response had no \"expiresOn\" property.`);\n }\n if (!msalToken.accessToken) {\n throw error(`Response had no \"accessToken\" property.`);\n }\n}\n\n/**\n * Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable.\n *\n * Defaults to {@link DefaultAuthorityHost}.\n * @internal\n */\nexport function getAuthorityHost(options?: { authorityHost?: string }): string {\n let authorityHost = options?.authorityHost;\n\n if (!authorityHost && isNodeLike) {\n authorityHost = process.env.AZURE_AUTHORITY_HOST;\n }\n\n return authorityHost ?? DefaultAuthorityHost;\n}\n\n/**\n * Generates a valid authority by combining a host with a tenantId.\n * @internal\n */\nexport function getAuthority(tenantId: string, host?: string): string {\n if (!host) {\n host = DefaultAuthorityHost;\n }\n if (new RegExp(`${tenantId}/?$`).test(host)) {\n return host;\n }\n if (host.endsWith(\"/\")) {\n return host + tenantId;\n } else {\n return `${host}/${tenantId}`;\n }\n}\n\n/**\n * Generates the known authorities.\n * If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.\n * For that reason, we have to force MSAL to disable validating the authority\n * by sending it within the known authorities in the MSAL configuration.\n * @internal\n */\nexport function getKnownAuthorities(\n tenantId: string,\n authorityHost: string,\n disableInstanceDiscovery?: boolean,\n): string[] {\n if ((tenantId === \"adfs\" && authorityHost) || disableInstanceDiscovery) {\n return [authorityHost];\n }\n return [];\n}\n\n/**\n * Generates a logger that can be passed to the MSAL clients.\n * @param credLogger - The logger of the credential.\n * @internal\n */\nexport const defaultLoggerCallback: (\n logger: CredentialLogger,\n platform?: \"Node\" | \"Browser\",\n) => ILoggerCallback =\n (credLogger: CredentialLogger, platform: \"Node\" | \"Browser\" = isNode ? \"Node\" : \"Browser\") =>\n (level, message, containsPii): void => {\n if (containsPii) {\n return;\n }\n switch (level) {\n case msalCommon.LogLevel.Error:\n credLogger.info(`MSAL ${platform} V2 error: ${message}`);\n return;\n case msalCommon.LogLevel.Info:\n credLogger.info(`MSAL ${platform} V2 info message: ${message}`);\n return;\n case msalCommon.LogLevel.Verbose:\n credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);\n return;\n case msalCommon.LogLevel.Warning:\n credLogger.info(`MSAL ${platform} V2 warning: ${message}`);\n return;\n }\n };\n\n/**\n * @internal\n */\nexport function getMSALLogLevel(logLevel: AzureLogLevel | undefined): msalCommon.LogLevel {\n switch (logLevel) {\n case \"error\":\n return msalCommon.LogLevel.Error;\n case \"info\":\n return msalCommon.LogLevel.Info;\n case \"verbose\":\n return msalCommon.LogLevel.Verbose;\n case \"warning\":\n return msalCommon.LogLevel.Warning;\n default:\n // default msal logging level should be Info\n return msalCommon.LogLevel.Info;\n }\n}\n\n/**\n * Wraps core-util's randomUUID in order to allow for mocking in tests.\n * This prepares the library for the upcoming core-util update to ESM.\n *\n * @internal\n * @returns A string containing a random UUID\n */\nexport function randomUUID(): string {\n return coreRandomUUID();\n}\n\n/**\n * Handles MSAL errors.\n */\nexport function handleMsalError(\n scopes: string[],\n error: Error,\n getTokenOptions?: GetTokenOptions,\n): Error {\n if (\n error.name === \"AuthError\" ||\n error.name === \"ClientAuthError\" ||\n error.name === \"BrowserAuthError\"\n ) {\n const msalError = error as msalCommon.AuthError;\n switch (msalError.errorCode) {\n case \"endpoints_resolution_error\":\n logger.info(formatError(scopes, error.message));\n return new CredentialUnavailableError(error.message);\n case \"device_code_polling_cancelled\":\n return new AbortError(\"The authentication has been aborted by the caller.\");\n case \"consent_required\":\n case \"interaction_required\":\n case \"login_required\":\n logger.info(\n formatError(scopes, `Authentication returned errorCode ${msalError.errorCode}`),\n );\n break;\n default:\n logger.info(formatError(scopes, `Failed to acquire token: ${error.message}`));\n break;\n }\n }\n if (\n error.name === \"ClientConfigurationError\" ||\n error.name === \"BrowserConfigurationAuthError\" ||\n error.name === \"AbortError\" ||\n error.name === \"AuthenticationError\"\n ) {\n return error;\n }\n if (error.name === \"NativeAuthError\") {\n logger.info(\n formatError(\n scopes,\n `Error from the native broker: ${error.message} with status code: ${\n (error as any).statusCode\n }`,\n ),\n );\n return error;\n }\n return new AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });\n}\n\n// transformations\nexport function publicToMsal(account: AuthenticationRecord): msalCommon.AccountInfo {\n return {\n localAccountId: account.homeAccountId,\n environment: account.authority,\n username: account.username,\n homeAccountId: account.homeAccountId,\n tenantId: account.tenantId,\n };\n}\n\nexport function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord {\n const record = {\n authority: account.environment ?? DefaultAuthority,\n homeAccountId: account.homeAccountId,\n tenantId: account.tenantId || DefaultTenantId,\n username: account.username,\n clientId,\n version: LatestAuthenticationRecordVersion,\n };\n return record;\n}\n\n/**\n * Serializes an `AuthenticationRecord` into a string.\n *\n * The output of a serialized authentication record will contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.\n */\nexport function serializeAuthenticationRecord(record: AuthenticationRecord): string {\n return JSON.stringify(record);\n}\n\n/**\n * Deserializes a previously serialized authentication record from a string into an object.\n *\n * The input string must contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * If the version we receive is unsupported, an error will be thrown.\n *\n * At the moment, the only available version is: \"1.0\", which is always set when the authentication record is serialized.\n *\n * @param serializedRecord - Authentication record previously serialized into string.\n * @returns AuthenticationRecord.\n */\nexport function deserializeAuthenticationRecord(serializedRecord: string): AuthenticationRecord {\n const parsed: AuthenticationRecord & { version?: string } = JSON.parse(serializedRecord);\n\n if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {\n throw Error(\"Unsupported AuthenticationRecord version\");\n }\n\n return parsed;\n}\n"]}
|
|
1
|
+
{
|
|
2
|
+
"version": 3,
|
|
3
|
+
"sources": ["../../../src/msal/utils.ts"],
|
|
4
|
+
"sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthenticationRecord, MsalAccountInfo, MsalToken, ValidMsalToken } from \"./types.js\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../errors.js\";\nimport type { CredentialLogger } from \"../util/logging.js\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\nimport { DefaultAuthority, DefaultAuthorityHost, DefaultTenantId } from \"../constants.js\";\nimport { randomUUID as coreRandomUUID, isNodeLike } from \"@azure/core-util\";\n\nimport { AbortError } from \"@azure/abort-controller\";\nimport type { AzureLogLevel } from \"@azure/logger\";\nimport type { GetTokenOptions } from \"@azure/core-auth\";\nimport type { AccountInfo, AuthError } from \"./msal.js\";\nimport { LogLevel } from \"./msal.js\";\n\nexport interface ILoggerCallback {\n (level: LogLevel, message: string, containsPii: boolean): void;\n}\n\nconst logger = credentialLogger(\"IdentityUtils\");\n\n/**\n * Latest AuthenticationRecord version\n */\nconst LatestAuthenticationRecordVersion = \"1.0\";\n\n/**\n * Ensures the validity of the MSAL token\n * @internal\n */\nexport function ensureValidMsalToken(\n scopes: string | string[],\n msalToken?: MsalToken | null,\n getTokenOptions?: GetTokenOptions,\n): asserts msalToken is ValidMsalToken {\n const error = (message: string): Error => {\n logger.getToken.info(message);\n return new AuthenticationRequiredError({\n scopes: Array.isArray(scopes) ? scopes : [scopes],\n getTokenOptions,\n message,\n });\n };\n if (!msalToken) {\n throw error(\"No response\");\n }\n if (!msalToken.expiresOn) {\n throw error(`Response had no \"expiresOn\" property.`);\n }\n if (!msalToken.accessToken) {\n throw error(`Response had no \"accessToken\" property.`);\n }\n}\n\n/**\n * Generates a valid authority by combining a host with a tenantId.\n * @internal\n */\nexport function getAuthority(tenantId: string, host?: string): string {\n if (!host) {\n host = DefaultAuthorityHost;\n }\n if (new RegExp(`${tenantId}/?$`).test(host)) {\n return host;\n }\n if (host.endsWith(\"/\")) {\n return host + tenantId;\n } else {\n return `${host}/${tenantId}`;\n }\n}\n\n/**\n * Generates the known authorities.\n * If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.\n * For that reason, we have to force MSAL to disable validating the authority\n * by sending it within the known authorities in the MSAL configuration.\n * @internal\n */\nexport function getKnownAuthorities(\n tenantId: string,\n authorityHost: string,\n disableInstanceDiscovery?: boolean,\n): string[] {\n if ((tenantId === \"adfs\" && authorityHost) || disableInstanceDiscovery) {\n return [authorityHost];\n }\n return [];\n}\n\n/**\n * Generates a logger that can be passed to the MSAL clients.\n * @param credLogger - The logger of the credential.\n * @internal\n */\nexport const defaultLoggerCallback: (\n logger: CredentialLogger,\n platform?: \"Node\" | \"Browser\",\n) => ILoggerCallback =\n (credLogger: CredentialLogger, platform: \"Node\" | \"Browser\" = isNodeLike ? \"Node\" : \"Browser\") =>\n (level, message, containsPii): void => {\n if (containsPii) {\n return;\n }\n switch (level) {\n case LogLevel.Error:\n credLogger.info(`MSAL ${platform} V2 error: ${message}`);\n return;\n case LogLevel.Info:\n credLogger.info(`MSAL ${platform} V2 info message: ${message}`);\n return;\n case LogLevel.Verbose:\n credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);\n return;\n case LogLevel.Warning:\n credLogger.info(`MSAL ${platform} V2 warning: ${message}`);\n return;\n }\n };\n\n/**\n * @internal\n */\nexport function getMSALLogLevel(logLevel: AzureLogLevel | undefined): LogLevel {\n switch (logLevel) {\n case \"error\":\n return LogLevel.Error;\n case \"info\":\n return LogLevel.Info;\n case \"verbose\":\n return LogLevel.Verbose;\n case \"warning\":\n return LogLevel.Warning;\n default:\n // default msal logging level should be Info\n return LogLevel.Info;\n }\n}\n\n/**\n * Wraps core-util's randomUUID in order to allow for mocking in tests.\n * This prepares the library for the upcoming core-util update to ESM.\n *\n * @internal\n * @returns A string containing a random UUID\n */\nexport function randomUUID(): string {\n return coreRandomUUID();\n}\n\n/**\n * Handles MSAL errors.\n */\nexport function handleMsalError(\n scopes: string[],\n error: Error,\n getTokenOptions?: GetTokenOptions,\n): Error {\n if (\n error.name === \"AuthError\" ||\n error.name === \"ClientAuthError\" ||\n error.name === \"BrowserAuthError\"\n ) {\n const msalError = error as AuthError;\n switch (msalError.errorCode) {\n case \"endpoints_resolution_error\":\n logger.info(formatError(scopes, error.message));\n return new CredentialUnavailableError(error.message);\n case \"device_code_polling_cancelled\":\n return new AbortError(\"The authentication has been aborted by the caller.\");\n case \"consent_required\":\n case \"interaction_required\":\n case \"login_required\":\n logger.info(\n formatError(scopes, `Authentication returned errorCode ${msalError.errorCode}`),\n );\n break;\n default:\n logger.info(formatError(scopes, `Failed to acquire token: ${error.message}`));\n break;\n }\n }\n if (\n error.name === \"ClientConfigurationError\" ||\n error.name === \"BrowserConfigurationAuthError\" ||\n error.name === \"AbortError\" ||\n error.name === \"AuthenticationError\"\n ) {\n return error;\n }\n if (error.name === \"NativeAuthError\") {\n logger.info(\n formatError(\n scopes,\n `Error from the native broker: ${error.message} with status code: ${\n (error as any).statusCode\n }`,\n ),\n );\n return error;\n }\n return new AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });\n}\n\n// transformations\nexport function publicToMsal(account: AuthenticationRecord): AccountInfo {\n return {\n localAccountId: account.homeAccountId,\n environment: account.authority,\n username: account.username,\n homeAccountId: account.homeAccountId,\n tenantId: account.tenantId,\n };\n}\n\nexport function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord {\n const record = {\n authority: account.environment ?? DefaultAuthority,\n homeAccountId: account.homeAccountId,\n tenantId: account.tenantId || DefaultTenantId,\n username: account.username,\n clientId,\n version: LatestAuthenticationRecordVersion,\n };\n return record;\n}\n\n/**\n * Serializes an `AuthenticationRecord` into a string.\n *\n * The output of a serialized authentication record will contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.\n */\nexport function serializeAuthenticationRecord(record: AuthenticationRecord): string {\n return JSON.stringify(record);\n}\n\n/**\n * Deserializes a previously serialized authentication record from a string into an object.\n *\n * The input string must contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * If the version we receive is unsupported, an error will be thrown.\n *\n * At the moment, the only available version is: \"1.0\", which is always set when the authentication record is serialized.\n *\n * @param serializedRecord - Authentication record previously serialized into string.\n * @returns AuthenticationRecord.\n */\nexport function deserializeAuthenticationRecord(serializedRecord: string): AuthenticationRecord {\n const parsed: AuthenticationRecord & { version?: string } = JSON.parse(serializedRecord);\n\n if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {\n throw Error(\"Unsupported AuthenticationRecord version\");\n }\n\n return parsed;\n}\n"],
|
|
5
|
+
"mappings": ";;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAIA,oBAAwE;AAExE,qBAA8C;AAC9C,uBAAwE;AACxE,uBAAyD;AAEzD,8BAA2B;AAI3B,kBAAyB;AAMzB,MAAM,aAAS,iCAAiB,eAAe;AAK/C,MAAM,oCAAoC;AAMnC,SAAS,qBACd,QACA,WACA,iBACqC;AACrC,QAAM,QAAQ,CAAC,YAA2B;AACxC,WAAO,SAAS,KAAK,OAAO;AAC5B,WAAO,IAAI,0CAA4B;AAAA,MACrC,QAAQ,MAAM,QAAQ,MAAM,IAAI,SAAS,CAAC,MAAM;AAAA,MAChD;AAAA,MACA;AAAA,IACF,CAAC;AAAA,EACH;AACA,MAAI,CAAC,WAAW;AACd,UAAM,MAAM,aAAa;AAAA,EAC3B;AACA,MAAI,CAAC,UAAU,WAAW;AACxB,UAAM,MAAM,uCAAuC;AAAA,EACrD;AACA,MAAI,CAAC,UAAU,aAAa;AAC1B,UAAM,MAAM,yCAAyC;AAAA,EACvD;AACF;AAMO,SAAS,aAAa,UAAkB,MAAuB;AACpE,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,EACT;AACA,MAAI,IAAI,OAAO,GAAG,QAAQ,KAAK,EAAE,KAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AACA,MAAI,KAAK,SAAS,GAAG,GAAG;AACtB,WAAO,OAAO;AAAA,EAChB,OAAO;AACL,WAAO,GAAG,IAAI,IAAI,QAAQ;AAAA,EAC5B;AACF;AASO,SAAS,oBACd,UACA,eACA,0BACU;AACV,MAAK,aAAa,UAAU,iBAAkB,0BAA0B;AACtE,WAAO,CAAC,aAAa;AAAA,EACvB;AACA,SAAO,CAAC;AACV;AAOO,MAAM,wBAIX,CAAC,YAA8B,WAA+B,8BAAa,SAAS,cACpF,CAAC,OAAO,SAAS,gBAAsB;AACrC,MAAI,aAAa;AACf;AAAA,EACF;AACA,UAAQ,OAAO;AAAA,IACb,KAAK,qBAAS;AACZ,iBAAW,KAAK,QAAQ,QAAQ,cAAc,OAAO,EAAE;AACvD;AAAA,IACF,KAAK,qBAAS;AACZ,iBAAW,KAAK,QAAQ,QAAQ,qBAAqB,OAAO,EAAE;AAC9D;AAAA,IACF,KAAK,qBAAS;AACZ,iBAAW,KAAK,QAAQ,QAAQ,wBAAwB,OAAO,EAAE;AACjE;AAAA,IACF,KAAK,qBAAS;AACZ,iBAAW,KAAK,QAAQ,QAAQ,gBAAgB,OAAO,EAAE;AACzD;AAAA,EACJ;AACF;AAKK,SAAS,gBAAgB,UAA+C;AAC7E,UAAQ,UAAU;AAAA,IAChB,KAAK;AACH,aAAO,qBAAS;AAAA,IAClB,KAAK;AACH,aAAO,qBAAS;AAAA,IAClB,KAAK;AACH,aAAO,qBAAS;AAAA,IAClB,KAAK;AACH,aAAO,qBAAS;AAAA,IAClB;AAEE,aAAO,qBAAS;AAAA,EACpB;AACF;AASO,SAAS,aAAqB;AACnC,aAAO,iBAAAA,YAAe;AACxB;AAKO,SAAS,gBACd,QACA,OACA,iBACO;AACP,MACE,MAAM,SAAS,eACf,MAAM,SAAS,qBACf,MAAM,SAAS,oBACf;AACA,UAAM,YAAY;AAClB,YAAQ,UAAU,WAAW;AAAA,MAC3B,KAAK;AACH,eAAO,SAAK,4BAAY,QAAQ,MAAM,OAAO,CAAC;AAC9C,eAAO,IAAI,yCAA2B,MAAM,OAAO;AAAA,MACrD,KAAK;AACH,eAAO,IAAI,mCAAW,oDAAoD;AAAA,MAC5E,KAAK;AAAA,MACL,KAAK;AAAA,MACL,KAAK;AACH,eAAO;AAAA,cACL,4BAAY,QAAQ,qCAAqC,UAAU,SAAS,EAAE;AAAA,QAChF;AACA;AAAA,MACF;AACE,eAAO,SAAK,4BAAY,QAAQ,4BAA4B,MAAM,OAAO,EAAE,CAAC;AAC5E;AAAA,IACJ;AAAA,EACF;AACA,MACE,MAAM,SAAS,8BACf,MAAM,SAAS,mCACf,MAAM,SAAS,gBACf,MAAM,SAAS,uBACf;AACA,WAAO;AAAA,EACT;AACA,MAAI,MAAM,SAAS,mBAAmB;AACpC,WAAO;AAAA,UACL;AAAA,QACE;AAAA,QACA,iCAAiC,MAAM,OAAO,sBAC3C,MAAc,UACjB;AAAA,MACF;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACA,SAAO,IAAI,0CAA4B,EAAE,QAAQ,iBAAiB,SAAS,MAAM,QAAQ,CAAC;AAC5F;AAGO,SAAS,aAAa,SAA4C;AACvE,SAAO;AAAA,IACL,gBAAgB,QAAQ;AAAA,IACxB,aAAa,QAAQ;AAAA,IACrB,UAAU,QAAQ;AAAA,IAClB,eAAe,QAAQ;AAAA,IACvB,UAAU,QAAQ;AAAA,EACpB;AACF;AAEO,SAAS,aAAa,UAAkB,SAAgD;AAC7F,QAAM,SAAS;AAAA,IACb,WAAW,QAAQ,eAAe;AAAA,IAClC,eAAe,QAAQ;AAAA,IACvB,UAAU,QAAQ,YAAY;AAAA,IAC9B,UAAU,QAAQ;AAAA,IAClB;AAAA,IACA,SAAS;AAAA,EACX;AACA,SAAO;AACT;AAgBO,SAAS,8BAA8B,QAAsC;AAClF,SAAO,KAAK,UAAU,MAAM;AAC9B;AAqBO,SAAS,gCAAgC,kBAAgD;AAC9F,QAAM,SAAsD,KAAK,MAAM,gBAAgB;AAEvF,MAAI,OAAO,WAAW,OAAO,YAAY,mCAAmC;AAC1E,UAAM,MAAM,0CAA0C;AAAA,EACxD;AAEA,SAAO;AACT;",
|
|
6
|
+
"names": ["coreRandomUUID"]
|
|
7
|
+
}
|