@azure/identity 4.14.0-beta.2 → 4.14.0-beta.3

package/dist/commonjs/credentials/clientCertificateCredentialOptions.js.map

@@ -1 +1,7 @@
-{"version":3,"file":"clientCertificateCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/clientCertificateCredentialOptions.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Optional parameters for the {@link ClientCertificateCredential} class.\n */\nexport interface ClientCertificateCredentialOptions\n  extends\n    MultiTenantTokenCredentialOptions,\n    CredentialPersistenceOptions,\n    AuthorityValidationOptions {\n  /**\n   * Option to include x5c header for SubjectName and Issuer name authorization.\n   * Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim\n   */\n  sendCertificateChain?: boolean;\n  // TODO: Export again once we're ready to release this feature.\n  // /**\n  //  * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n  //  * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n  //  * If the property is not specified, the credential uses the global authority endpoint.\n  //  */\n  // regionalAuthority?: string;\n}\n"]}
+{
+  "version": 3,
+  "sources": ["../../../src/credentials/clientCertificateCredentialOptions.ts"],
+  "sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Optional parameters for the {@link ClientCertificateCredential} class.\n */\nexport interface ClientCertificateCredentialOptions\n  extends\n    MultiTenantTokenCredentialOptions,\n    CredentialPersistenceOptions,\n    AuthorityValidationOptions {\n  /**\n   * Option to include x5c header for SubjectName and Issuer name authorization.\n   * Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim\n   */\n  sendCertificateChain?: boolean;\n  // TODO: Export again once we're ready to release this feature.\n  // /**\n  //  * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n  //  * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n  //  * If the property is not specified, the credential uses the global authority endpoint.\n  //  */\n  // regionalAuthority?: string;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
+  "names": []
+}

package/dist/commonjs/credentials/clientSecretCredential.js

@@ -1,71 +1,100 @@
-"use strict";
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ClientSecretCredential = void 0;
-const msalClient_js_1 = require("../msal/nodeFlows/msalClient.js");
-const tenantIdUtils_js_1 = require("../util/tenantIdUtils.js");
-const errors_js_1 = require("../errors.js");
-const logging_js_1 = require("../util/logging.js");
-const scopeUtils_js_1 = require("../util/scopeUtils.js");
-const tracing_js_1 = require("../util/tracing.js");
-const logger = (0, logging_js_1.credentialLogger)("ClientSecretCredential");
-/**
- * Enables authentication to Microsoft Entra ID using a client secret
- * that was generated for an App Registration. More information on how
- * to configure a client secret can be found here:
- *
- * https://learn.microsoft.com/entra/identity-platform/quickstart-configure-app-access-web-apis#add-credentials-to-your-web-application
- *
- */
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var clientSecretCredential_exports = {};
+__export(clientSecretCredential_exports, {
+  ClientSecretCredential: () => ClientSecretCredential
+});
+module.exports = __toCommonJS(clientSecretCredential_exports);
+var import_msalClient = require("../msal/nodeFlows/msalClient.js");
+var import_tenantIdUtils = require("../util/tenantIdUtils.js");
+var import_errors = require("../errors.js");
+var import_logging = require("../util/logging.js");
+var import_scopeUtils = require("../util/scopeUtils.js");
+var import_tracing = require("../util/tracing.js");
+const logger = (0, import_logging.credentialLogger)("ClientSecretCredential");
 class ClientSecretCredential {
-    tenantId;
-    additionallyAllowedTenantIds;
-    msalClient;
-    clientSecret;
-    /**
-     * Creates an instance of the ClientSecretCredential with the details
-     * needed to authenticate against Microsoft Entra ID with a client
-     * secret.
-     *
-     * @param tenantId - The Microsoft Entra tenant (directory) ID.
-     * @param clientId - The client (application) ID of an App Registration in the tenant.
-     * @param clientSecret - A client secret that was generated for the App Registration.
-     * @param options - Options for configuring the client which makes the authentication request.
-     */
-    constructor(tenantId, clientId, clientSecret, options = {}) {
-        if (!tenantId) {
-            throw new errors_js_1.CredentialUnavailableError("ClientSecretCredential: tenantId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.");
-        }
-        if (!clientId) {
-            throw new errors_js_1.CredentialUnavailableError("ClientSecretCredential: clientId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.");
-        }
-        if (!clientSecret) {
-            throw new errors_js_1.CredentialUnavailableError("ClientSecretCredential: clientSecret is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.");
-        }
-        this.clientSecret = clientSecret;
-        this.tenantId = tenantId;
-        this.additionallyAllowedTenantIds = (0, tenantIdUtils_js_1.resolveAdditionallyAllowedTenantIds)(options?.additionallyAllowedTenants);
-        this.msalClient = (0, msalClient_js_1.createMsalClient)(clientId, tenantId, {
-            ...options,
-            logger,
-        });
+  tenantId;
+  additionallyAllowedTenantIds;
+  msalClient;
+  clientSecret;
+  /**
+   * Creates an instance of the ClientSecretCredential with the details
+   * needed to authenticate against Microsoft Entra ID with a client
+   * secret.
+   *
+   * @param tenantId - The Microsoft Entra tenant (directory) ID.
+   * @param clientId - The client (application) ID of an App Registration in the tenant.
+   * @param clientSecret - A client secret that was generated for the App Registration.
+   * @param options - Options for configuring the client which makes the authentication request.
+   */
+  constructor(tenantId, clientId, clientSecret, options = {}) {
+    if (!tenantId) {
+      throw new import_errors.CredentialUnavailableError(
+        "ClientSecretCredential: tenantId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot."
+      );
     }
-    /**
-     * Authenticates with Microsoft Entra ID and returns an access token if successful.
-     * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
-     *
-     * @param scopes - The list of scopes for which the token will have access.
-     * @param options - The options used to configure any requests this
-     *                TokenCredential implementation might make.
-     */
-    async getToken(scopes, options = {}) {
-        return tracing_js_1.tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async (newOptions) => {
-            newOptions.tenantId = (0, tenantIdUtils_js_1.processMultiTenantRequest)(this.tenantId, newOptions, this.additionallyAllowedTenantIds, logger);
-            const arrayScopes = (0, scopeUtils_js_1.ensureScopes)(scopes);
-            return this.msalClient.getTokenByClientSecret(arrayScopes, this.clientSecret, newOptions);
-        });
+    if (!clientId) {
+      throw new import_errors.CredentialUnavailableError(
+        "ClientSecretCredential: clientId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot."
+      );
     }
+    if (!clientSecret) {
+      throw new import_errors.CredentialUnavailableError(
+        "ClientSecretCredential: clientSecret is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot."
+      );
+    }
+    this.clientSecret = clientSecret;
+    this.tenantId = tenantId;
+    this.additionallyAllowedTenantIds = (0, import_tenantIdUtils.resolveAdditionallyAllowedTenantIds)(
+      options?.additionallyAllowedTenants
+    );
+    this.msalClient = (0, import_msalClient.createMsalClient)(clientId, tenantId, {
+      ...options,
+      logger
+    });
+  }
+  /**
+   * Authenticates with Microsoft Entra ID and returns an access token if successful.
+   * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
+   *
+   * @param scopes - The list of scopes for which the token will have access.
+   * @param options - The options used to configure any requests this
+   *                TokenCredential implementation might make.
+   */
+  async getToken(scopes, options = {}) {
+    return import_tracing.tracingClient.withSpan(
+      `${this.constructor.name}.getToken`,
+      options,
+      async (newOptions) => {
+        newOptions.tenantId = (0, import_tenantIdUtils.processMultiTenantRequest)(
+          this.tenantId,
+          newOptions,
+          this.additionallyAllowedTenantIds,
+          logger
+        );
+        const arrayScopes = (0, import_scopeUtils.ensureScopes)(scopes);
+        return this.msalClient.getTokenByClientSecret(arrayScopes, this.clientSecret, newOptions);
+      }
+    );
+  }
 }
-exports.ClientSecretCredential = ClientSecretCredential;
-//# sourceMappingURL=clientSecretCredential.js.map
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ClientSecretCredential
+});
+//# sourceMappingURL=clientSecretCredential.js.map

package/dist/commonjs/credentials/clientSecretCredential.js.map

@@ -1 +1,7 @@
-{"version":3,"file":"clientSecretCredential.js","sourceRoot":"","sources":["../../../src/credentials/clientSecretCredential.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC;;;AAIlC,mEAAmE;AACnE,+DAGkC;AAGlC,4CAA0D;AAC1D,mDAAsD;AACtD,yDAAqD;AACrD,mDAAmD;AAEnD,MAAM,MAAM,GAAG,IAAA,6BAAgB,EAAC,wBAAwB,CAAC,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAa,sBAAsB;IACzB,QAAQ,CAAS;IACjB,4BAA4B,CAAW;IACvC,UAAU,CAAa;IACvB,YAAY,CAAS;IAE7B;;;;;;;;;OASG;IACH,YACE,QAAgB,EAChB,QAAgB,EAChB,YAAoB,EACpB,UAAyC,EAAE;QAE3C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,sCAA0B,CAClC,gKAAgK,CACjK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,sCAA0B,CAClC,gKAAgK,CACjK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,sCAA0B,CAClC,oKAAoK,CACrK,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,4BAA4B,GAAG,IAAA,sDAAmC,EACrE,OAAO,EAAE,0BAA0B,CACpC,CAAC;QAEF,IAAI,CAAC,UAAU,GAAG,IAAA,gCAAgB,EAAC,QAAQ,EAAE,QAAQ,EAAE;YACrD,GAAG,OAAO;YACV,MAAM;SACP,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,QAAQ,CAAC,MAAyB,EAAE,UAA2B,EAAE;QACrE,OAAO,0BAAa,CAAC,QAAQ,CAC3B,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,WAAW,EACnC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,UAAU,CAAC,QAAQ,GAAG,IAAA,4CAAyB,EAC7C,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,EACjC,MAAM,CACP,CAAC;YAEF,MAAM,WAAW,GAAG,IAAA,4BAAY,EAAC,MAAM,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QAC5F,CAAC,CACF,CAAC;IACJ,CAAC;CACF;AA7ED,wDA6EC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport type { MsalClient } from \"../msal/nodeFlows/msalClient.js\";\nimport { createMsalClient } from \"../msal/nodeFlows/msalClient.js\";\nimport {\n  processMultiTenantRequest,\n  resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\n\nimport type { ClientSecretCredentialOptions } from \"./clientSecretCredentialOptions.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport { ensureScopes } from \"../util/scopeUtils.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"ClientSecretCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID using a client secret\n * that was generated for an App Registration. More information on how\n * to configure a client secret can be found here:\n *\n * https://learn.microsoft.com/entra/identity-platform/quickstart-configure-app-access-web-apis#add-credentials-to-your-web-application\n *\n */\nexport class ClientSecretCredential implements TokenCredential {\n  private tenantId: string;\n  private additionallyAllowedTenantIds: string[];\n  private msalClient: MsalClient;\n  private clientSecret: string;\n\n  /**\n   * Creates an instance of the ClientSecretCredential with the details\n   * needed to authenticate against Microsoft Entra ID with a client\n   * secret.\n   *\n   * @param tenantId - The Microsoft Entra tenant (directory) ID.\n   * @param clientId - The client (application) ID of an App Registration in the tenant.\n   * @param clientSecret - A client secret that was generated for the App Registration.\n   * @param options - Options for configuring the client which makes the authentication request.\n   */\n  constructor(\n    tenantId: string,\n    clientId: string,\n    clientSecret: string,\n    options: ClientSecretCredentialOptions = {},\n  ) {\n    if (!tenantId) {\n      throw new CredentialUnavailableError(\n        \"ClientSecretCredential: tenantId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n      );\n    }\n\n    if (!clientId) {\n      throw new CredentialUnavailableError(\n        \"ClientSecretCredential: clientId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n      );\n    }\n\n    if (!clientSecret) {\n      throw new CredentialUnavailableError(\n        \"ClientSecretCredential: clientSecret is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n      );\n    }\n\n    this.clientSecret = clientSecret;\n    this.tenantId = tenantId;\n    this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n      options?.additionallyAllowedTenants,\n    );\n\n    this.msalClient = createMsalClient(clientId, tenantId, {\n      ...options,\n      logger,\n    });\n  }\n\n  /**\n   * Authenticates with Microsoft Entra ID and returns an access token if successful.\n   * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n   *\n   * @param scopes - The list of scopes for which the token will have access.\n   * @param options - The options used to configure any requests this\n   *                TokenCredential implementation might make.\n   */\n  async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n    return tracingClient.withSpan(\n      `${this.constructor.name}.getToken`,\n      options,\n      async (newOptions) => {\n        newOptions.tenantId = processMultiTenantRequest(\n          this.tenantId,\n          newOptions,\n          this.additionallyAllowedTenantIds,\n          logger,\n        );\n\n        const arrayScopes = ensureScopes(scopes);\n        return this.msalClient.getTokenByClientSecret(arrayScopes, this.clientSecret, newOptions);\n      },\n    );\n  }\n}\n"]}
+{
+  "version": 3,
+  "sources": ["../../../src/credentials/clientSecretCredential.ts"],
+  "sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport type { MsalClient } from \"../msal/nodeFlows/msalClient.js\";\nimport { createMsalClient } from \"../msal/nodeFlows/msalClient.js\";\nimport {\n  processMultiTenantRequest,\n  resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\n\nimport type { ClientSecretCredentialOptions } from \"./clientSecretCredentialOptions.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport { credentialLogger } from \"../util/logging.js\";\nimport { ensureScopes } from \"../util/scopeUtils.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"ClientSecretCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID using a client secret\n * that was generated for an App Registration. More information on how\n * to configure a client secret can be found here:\n *\n * https://learn.microsoft.com/entra/identity-platform/quickstart-configure-app-access-web-apis#add-credentials-to-your-web-application\n *\n */\nexport class ClientSecretCredential implements TokenCredential {\n  private tenantId: string;\n  private additionallyAllowedTenantIds: string[];\n  private msalClient: MsalClient;\n  private clientSecret: string;\n\n  /**\n   * Creates an instance of the ClientSecretCredential with the details\n   * needed to authenticate against Microsoft Entra ID with a client\n   * secret.\n   *\n   * @param tenantId - The Microsoft Entra tenant (directory) ID.\n   * @param clientId - The client (application) ID of an App Registration in the tenant.\n   * @param clientSecret - A client secret that was generated for the App Registration.\n   * @param options - Options for configuring the client which makes the authentication request.\n   */\n  constructor(\n    tenantId: string,\n    clientId: string,\n    clientSecret: string,\n    options: ClientSecretCredentialOptions = {},\n  ) {\n    if (!tenantId) {\n      throw new CredentialUnavailableError(\n        \"ClientSecretCredential: tenantId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n      );\n    }\n\n    if (!clientId) {\n      throw new CredentialUnavailableError(\n        \"ClientSecretCredential: clientId is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n      );\n    }\n\n    if (!clientSecret) {\n      throw new CredentialUnavailableError(\n        \"ClientSecretCredential: clientSecret is a required parameter. To troubleshoot, visit https://aka.ms/azsdk/js/identity/serviceprincipalauthentication/troubleshoot.\",\n      );\n    }\n\n    this.clientSecret = clientSecret;\n    this.tenantId = tenantId;\n    this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n      options?.additionallyAllowedTenants,\n    );\n\n    this.msalClient = createMsalClient(clientId, tenantId, {\n      ...options,\n      logger,\n    });\n  }\n\n  /**\n   * Authenticates with Microsoft Entra ID and returns an access token if successful.\n   * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n   *\n   * @param scopes - The list of scopes for which the token will have access.\n   * @param options - The options used to configure any requests this\n   *                TokenCredential implementation might make.\n   */\n  async getToken(scopes: string | string[], options: GetTokenOptions = {}): Promise<AccessToken> {\n    return tracingClient.withSpan(\n      `${this.constructor.name}.getToken`,\n      options,\n      async (newOptions) => {\n        newOptions.tenantId = processMultiTenantRequest(\n          this.tenantId,\n          newOptions,\n          this.additionallyAllowedTenantIds,\n          logger,\n        );\n\n        const arrayScopes = ensureScopes(scopes);\n        return this.msalClient.getTokenByClientSecret(arrayScopes, this.clientSecret, newOptions);\n      },\n    );\n  }\n}\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAKA,wBAAiC;AACjC,2BAGO;AAGP,oBAA2C;AAC3C,qBAAiC;AACjC,wBAA6B;AAC7B,qBAA8B;AAE9B,MAAM,aAAS,iCAAiB,wBAAwB;AAUjD,MAAM,uBAAkD;AAAA,EACrD;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYR,YACE,UACA,UACA,cACA,UAAyC,CAAC,GAC1C;AACA,QAAI,CAAC,UAAU;AACb,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,UAAU;AACb,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,QAAI,CAAC,cAAc;AACjB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,SAAK,eAAe;AACpB,SAAK,WAAW;AAChB,SAAK,mCAA+B;AAAA,MAClC,SAAS;AAAA,IACX;AAEA,SAAK,iBAAa,oCAAiB,UAAU,UAAU;AAAA,MACrD,GAAG;AAAA,MACH;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,SAAS,QAA2B,UAA2B,CAAC,GAAyB;AAC7F,WAAO,6BAAc;AAAA,MACnB,GAAG,KAAK,YAAY,IAAI;AAAA,MACxB;AAAA,MACA,OAAO,eAAe;AACpB,mBAAW,eAAW;AAAA,UACpB,KAAK;AAAA,UACL;AAAA,UACA,KAAK;AAAA,UACL;AAAA,QACF;AAEA,cAAM,kBAAc,gCAAa,MAAM;AACvC,eAAO,KAAK,WAAW,uBAAuB,aAAa,KAAK,cAAc,UAAU;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/commonjs/credentials/clientSecretCredentialOptions.js

@@ -1,5 +1,16 @@
-"use strict";
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=clientSecretCredentialOptions.js.map
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var clientSecretCredentialOptions_exports = {};
+module.exports = __toCommonJS(clientSecretCredentialOptions_exports);
+//# sourceMappingURL=clientSecretCredentialOptions.js.map

package/dist/commonjs/credentials/clientSecretCredentialOptions.js.map

@@ -1 +1,7 @@
-{"version":3,"file":"clientSecretCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/clientSecretCredentialOptions.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Optional parameters for the {@link ClientSecretCredential} class.\n */\nexport interface ClientSecretCredentialOptions\n  extends\n    MultiTenantTokenCredentialOptions,\n    CredentialPersistenceOptions,\n    AuthorityValidationOptions {\n  // TODO: Export again once we're ready to release this feature.\n  // /**\n  //  * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n  //  * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n  //  * If the property is not specified, the credential uses the global authority endpoint.\n  //  */\n  // regionalAuthority?: string;\n}\n"]}
+{
+  "version": 3,
+  "sources": ["../../../src/credentials/clientSecretCredentialOptions.ts"],
+  "sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Optional parameters for the {@link ClientSecretCredential} class.\n */\nexport interface ClientSecretCredentialOptions\n  extends\n    MultiTenantTokenCredentialOptions,\n    CredentialPersistenceOptions,\n    AuthorityValidationOptions {\n  // TODO: Export again once we're ready to release this feature.\n  // /**\n  //  * Specifies a regional authority. Please refer to the {@link RegionalAuthority} type for the accepted values.\n  //  * If {@link RegionalAuthority.AutoDiscoverRegion} is specified, we will try to discover the regional authority endpoint.\n  //  * If the property is not specified, the credential uses the global authority endpoint.\n  //  */\n  // regionalAuthority?: string;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
+  "names": []
+}

package/dist/commonjs/credentials/credentialPersistenceOptions.js

@@ -1,5 +1,16 @@
-"use strict";
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-Object.defineProperty(exports, "__esModule", { value: true });
-//# sourceMappingURL=credentialPersistenceOptions.js.map
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var credentialPersistenceOptions_exports = {};
+module.exports = __toCommonJS(credentialPersistenceOptions_exports);
+//# sourceMappingURL=credentialPersistenceOptions.js.map

package/dist/commonjs/credentials/credentialPersistenceOptions.js.map

@@ -1 +1,7 @@
-{"version":3,"file":"credentialPersistenceOptions.js","sourceRoot":"","sources":["../../../src/credentials/credentialPersistenceOptions.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCachePersistenceOptions } from \"../msal/nodeFlows/tokenCachePersistenceOptions.js\";\n\n/**\n * Shared configuration options for credentials that support persistent token\n * caching.\n */\nexport interface CredentialPersistenceOptions {\n  /**\n   * Options to provide to the persistence layer (if one is available) when\n   * storing credentials.\n   *\n   * You must first register a persistence provider plugin. See the\n   * `@azure/identity-cache-persistence` package on NPM.\n   *\n   * Example:\n   *\n   * ```ts snippet:credential_persistence_options_example\n   * import { useIdentityPlugin, DeviceCodeCredential } from \"@azure/identity\";\n   *\n   * useIdentityPlugin(cachePersistencePlugin);\n   *\n   * const credential = new DeviceCodeCredential({\n   *   tokenCachePersistenceOptions: {\n   *     enabled: true,\n   *   },\n   * });\n   * ```\n   */\n\n  tokenCachePersistenceOptions?: TokenCachePersistenceOptions;\n}\n"]}
+{
+  "version": 3,
+  "sources": ["../../../src/credentials/credentialPersistenceOptions.ts"],
+  "sourcesContent": ["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCachePersistenceOptions } from \"../msal/nodeFlows/tokenCachePersistenceOptions.js\";\n\n/**\n * Shared configuration options for credentials that support persistent token\n * caching.\n */\nexport interface CredentialPersistenceOptions {\n  /**\n   * Options to provide to the persistence layer (if one is available) when\n   * storing credentials.\n   *\n   * You must first register a persistence provider plugin. See the\n   * `@azure/identity-cache-persistence` package on NPM.\n   *\n   * Example:\n   *\n   * ```ts snippet:credential_persistence_options_example\n   * import { useIdentityPlugin, DeviceCodeCredential } from \"@azure/identity\";\n   *\n   * useIdentityPlugin(cachePersistencePlugin);\n   *\n   * const credential = new DeviceCodeCredential({\n   *   tokenCachePersistenceOptions: {\n   *     enabled: true,\n   *   },\n   * });\n   * ```\n   */\n\n  tokenCachePersistenceOptions?: TokenCachePersistenceOptions;\n}\n"],
+  "mappings": ";;;;;;;;;;;;;AAAA;AAAA;",
+  "names": []
+}

package/dist/commonjs/credentials/defaultAzureCredential.js

@@ -1,167 +1,129 @@
-"use strict";
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DefaultAzureCredential = exports.UnavailableDefaultCredential = void 0;
-const chainedTokenCredential_js_1 = require("./chainedTokenCredential.js");
-const logging_js_1 = require("../util/logging.js");
-const defaultAzureCredentialFunctions_js_1 = require("./defaultAzureCredentialFunctions.js");
-const logger = (0, logging_js_1.credentialLogger)("DefaultAzureCredential");
-/**
- * A no-op credential that logs the reason it was skipped if getToken is called.
- * @internal
- */
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var defaultAzureCredential_exports = {};
+__export(defaultAzureCredential_exports, {
+  DefaultAzureCredential: () => DefaultAzureCredential,
+  UnavailableDefaultCredential: () => UnavailableDefaultCredential
+});
+module.exports = __toCommonJS(defaultAzureCredential_exports);
+var import_chainedTokenCredential = require("./chainedTokenCredential.js");
+var import_logging = require("../util/logging.js");
+var import_defaultAzureCredentialFunctions = require("./defaultAzureCredentialFunctions.js");
+const logger = (0, import_logging.credentialLogger)("DefaultAzureCredential");
 class UnavailableDefaultCredential {
-    credentialUnavailableErrorMessage;
-    credentialName;
-    constructor(credentialName, message) {
-        this.credentialName = credentialName;
-        this.credentialUnavailableErrorMessage = message;
-    }
-    getToken() {
-        logger.getToken.info(`Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`);
-        return Promise.resolve(null);
-    }
+  credentialUnavailableErrorMessage;
+  credentialName;
+  constructor(credentialName, message) {
+    this.credentialName = credentialName;
+    this.credentialUnavailableErrorMessage = message;
+  }
+  getToken() {
+    logger.getToken.info(
+      `Skipping ${this.credentialName}, reason: ${this.credentialUnavailableErrorMessage}`
+    );
+    return Promise.resolve(null);
+  }
 }
-exports.UnavailableDefaultCredential = UnavailableDefaultCredential;
-/**
- * Provides a default {@link ChainedTokenCredential} configuration that works for most
- * applications that use Azure SDK client libraries. For more information, see
- * [DefaultAzureCredential overview](https://aka.ms/azsdk/js/identity/credential-chains#defaultazurecredential-overview).
- *
- * The following credential types will be tried, in order:
- *
- * - {@link EnvironmentCredential}
- * - {@link WorkloadIdentityCredential}
- * - {@link ManagedIdentityCredential}
- * - {@link VisualStudioCodeCredential}
- * - {@link AzureCliCredential}
- * - {@link AzurePowerShellCredential}
- * - {@link AzureDeveloperCliCredential}
- * - BrokerCredential (a broker-enabled credential that requires \@azure/identity-broker is installed)
- *
- * Consult the documentation of these credential types for more information
- * on how they attempt authentication.
- *
- * The following example demonstrates how to use the `requiredEnvVars` option to ensure that certain environment variables are set before the `DefaultAzureCredential` is instantiated.
- * If any of the specified environment variables are missing or empty, an error will be thrown, preventing the application from continuing execution without the necessary configuration.
- * It also demonstrates how to set the `AZURE_TOKEN_CREDENTIALS` environment variable to control which credentials are included in the chain.
- 
- * ```ts snippet:defaultazurecredential_requiredEnvVars
- * import { DefaultAzureCredential } from "@azure/identity";
- *
- * const credential = new DefaultAzureCredential({
- *   requiredEnvVars: [
- *     "AZURE_CLIENT_ID",
- *     "AZURE_TENANT_ID",
- *     "AZURE_CLIENT_SECRET",
- *     "AZURE_TOKEN_CREDENTIALS",
- *   ],
- * });
- * ```
- */
-class DefaultAzureCredential extends chainedTokenCredential_js_1.ChainedTokenCredential {
-    constructor(options) {
-        validateRequiredEnvVars(options);
-        // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.
-        const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS
-            ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase()
-            : undefined;
-        const devCredentialFunctions = [
-            defaultAzureCredentialFunctions_js_1.createDefaultVisualStudioCodeCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultAzureCliCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultAzurePowershellCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultAzureDeveloperCliCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultBrokerCredential,
-        ];
-        const prodCredentialFunctions = [
-            defaultAzureCredentialFunctions_js_1.createDefaultEnvironmentCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultWorkloadIdentityCredential,
-            defaultAzureCredentialFunctions_js_1.createDefaultManagedIdentityCredential,
-        ];
-        let credentialFunctions = [];
-        const validCredentialNames = "EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential";
-        // If AZURE_TOKEN_CREDENTIALS is set, use it to determine which credentials to use.
-        // The value of AZURE_TOKEN_CREDENTIALS should be either "dev" or "prod" or any one of these credentials - {validCredentialNames}.
-        if (azureTokenCredentials) {
-            switch (azureTokenCredentials) {
-                case "dev":
-                    credentialFunctions = devCredentialFunctions;
-                    break;
-                case "prod":
-                    credentialFunctions = prodCredentialFunctions;
-                    break;
-                case "environmentcredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultEnvironmentCredential];
-                    break;
-                case "workloadidentitycredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultWorkloadIdentityCredential];
-                    break;
-                case "managedidentitycredential":
-                    // Setting `sendProbeRequest` to false to ensure ManagedIdentityCredential behavior
-                    // is consistent when used standalone in DAC chain or used directly.
-                    credentialFunctions = [
-                        () => (0, defaultAzureCredentialFunctions_js_1.createDefaultManagedIdentityCredential)({ sendProbeRequest: false }),
-                    ];
-                    break;
-                case "visualstudiocodecredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultVisualStudioCodeCredential];
-                    break;
-                case "azureclicredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultAzureCliCredential];
-                    break;
-                case "azurepowershellcredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultAzurePowershellCredential];
-                    break;
-                case "azuredeveloperclicredential":
-                    credentialFunctions = [defaultAzureCredentialFunctions_js_1.createDefaultAzureDeveloperCliCredential];
-                    break;
-                default: {
-                    // If AZURE_TOKEN_CREDENTIALS is set to an unsupported value, throw an error.
-                    // This will prevent the creation of the DefaultAzureCredential.
-                    const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;
-                    logger.warning(errorMessage);
-                    throw new Error(errorMessage);
-                }
-            }
+class DefaultAzureCredential extends import_chainedTokenCredential.ChainedTokenCredential {
+  constructor(options) {
+    validateRequiredEnvVars(options);
+    const azureTokenCredentials = process.env.AZURE_TOKEN_CREDENTIALS ? process.env.AZURE_TOKEN_CREDENTIALS.trim().toLowerCase() : void 0;
+    const devCredentialFunctions = [
+      import_defaultAzureCredentialFunctions.createDefaultVisualStudioCodeCredential,
+      import_defaultAzureCredentialFunctions.createDefaultAzureCliCredential,
+      import_defaultAzureCredentialFunctions.createDefaultAzurePowershellCredential,
+      import_defaultAzureCredentialFunctions.createDefaultAzureDeveloperCliCredential,
+      import_defaultAzureCredentialFunctions.createDefaultBrokerCredential
+    ];
+    const prodCredentialFunctions = [
+      import_defaultAzureCredentialFunctions.createDefaultEnvironmentCredential,
+      import_defaultAzureCredentialFunctions.createDefaultWorkloadIdentityCredential,
+      import_defaultAzureCredentialFunctions.createDefaultManagedIdentityCredential
+    ];
+    let credentialFunctions = [];
+    const validCredentialNames = "EnvironmentCredential, WorkloadIdentityCredential, ManagedIdentityCredential, VisualStudioCodeCredential, AzureCliCredential, AzurePowerShellCredential, AzureDeveloperCliCredential";
+    if (azureTokenCredentials) {
+      switch (azureTokenCredentials) {
+        case "dev":
+          credentialFunctions = devCredentialFunctions;
+          break;
+        case "prod":
+          credentialFunctions = prodCredentialFunctions;
+          break;
+        case "environmentcredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultEnvironmentCredential];
+          break;
+        case "workloadidentitycredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultWorkloadIdentityCredential];
+          break;
+        case "managedidentitycredential":
+          credentialFunctions = [
+            () => (0, import_defaultAzureCredentialFunctions.createDefaultManagedIdentityCredential)({ sendProbeRequest: false })
+          ];
+          break;
+        case "visualstudiocodecredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultVisualStudioCodeCredential];
+          break;
+        case "azureclicredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultAzureCliCredential];
+          break;
+        case "azurepowershellcredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultAzurePowershellCredential];
+          break;
+        case "azuredeveloperclicredential":
+          credentialFunctions = [import_defaultAzureCredentialFunctions.createDefaultAzureDeveloperCliCredential];
+          break;
+        default: {
+          const errorMessage = `Invalid value for AZURE_TOKEN_CREDENTIALS = ${process.env.AZURE_TOKEN_CREDENTIALS}. Valid values are 'prod' or 'dev' or any of these credentials - ${validCredentialNames}.`;
+          logger.warning(errorMessage);
+          throw new Error(errorMessage);
         }
-        else {
-            // If AZURE_TOKEN_CREDENTIALS is not set, use the default credential chain.
-            credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];
-        }
-        // Errors from individual credentials should not be thrown in the DefaultAzureCredential constructor, instead throwing on getToken() which is handled by ChainedTokenCredential.
-        // When adding new credentials to the default chain, consider:
-        // 1. Making the constructor parameters required and explicit
-        // 2. Validating any required parameters in the factory function
-        // 3. Returning a UnavailableDefaultCredential from the factory function if a credential is unavailable for any reason
-        const credentials = credentialFunctions.map((createCredentialFn) => {
-            try {
-                return createCredentialFn(options ?? {});
-            }
-            catch (err) {
-                logger.warning(`Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`);
-                return new UnavailableDefaultCredential(createCredentialFn.name, err.message);
-            }
-        });
-        super(...credentials);
+      }
+    } else {
+      credentialFunctions = [...prodCredentialFunctions, ...devCredentialFunctions];
     }
+    const credentials = credentialFunctions.map((createCredentialFn) => {
+      try {
+        return createCredentialFn(options ?? {});
+      } catch (err) {
+        logger.warning(
+          `Skipped ${createCredentialFn.name} because of an error creating the credential: ${err}`
+        );
+        return new UnavailableDefaultCredential(createCredentialFn.name, err.message);
+      }
+    });
+    super(...credentials);
+  }
 }
-exports.DefaultAzureCredential = DefaultAzureCredential;
-/**
- * This function checks that all environment variables in `options.requiredEnvVars` are set and non-empty.
- * If any are missing or empty, it throws an error.
- */
 function validateRequiredEnvVars(options) {
-    if (options?.requiredEnvVars) {
-        const requiredVars = Array.isArray(options.requiredEnvVars)
-            ? options.requiredEnvVars
-            : [options.requiredEnvVars];
-        const missing = requiredVars.filter((envVar) => !process.env[envVar]);
-        if (missing.length > 0) {
-            const errorMessage = `Required environment ${missing.length === 1 ? "variable" : "variables"} '${missing.join(", ")}' for DefaultAzureCredential ${missing.length === 1 ? "is" : "are"} not set or empty.`;
-            logger.warning(errorMessage);
-            throw new Error(errorMessage);
-        }
+  if (options?.requiredEnvVars) {
+    const requiredVars = Array.isArray(options.requiredEnvVars) ? options.requiredEnvVars : [options.requiredEnvVars];
+    const missing = requiredVars.filter((envVar) => !process.env[envVar]);
+    if (missing.length > 0) {
+      const errorMessage = `Required environment ${missing.length === 1 ? "variable" : "variables"} '${missing.join(", ")}' for DefaultAzureCredential ${missing.length === 1 ? "is" : "are"} not set or empty.`;
+      logger.warning(errorMessage);
+      throw new Error(errorMessage);
     }
+  }
 }
-//# sourceMappingURL=defaultAzureCredential.js.map
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  DefaultAzureCredential,
+  UnavailableDefaultCredential
+});
+//# sourceMappingURL=defaultAzureCredential.js.map