@azure/identity 4.14.0-beta.2 → 4.14.0-beta.4

package/dist/browser/credentials/managedIdentityCredential/imdsMsi.js

@@ -1,97 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { createHttpHeaders, createPipelineRequest } from "@azure/core-rest-pipeline";
-import { isError } from "@azure/core-util";
-import { credentialLogger } from "../../util/logging.js";
-import { mapScopesToResource } from "./utils.js";
-import { tracingClient } from "../../util/tracing.js";
-const msiName = "ManagedIdentityCredential - IMDS";
-const logger = credentialLogger(msiName);
-const imdsHost = "http://169.254.169.254";
-const imdsEndpointPath = "/metadata/identity/oauth2/token";
-/**
- * Generates an invalid request options to get a response quickly from IMDS endpoint.
- * The response indicates the availability of IMSD service; otherwise the request would time out.
- */
-function prepareInvalidRequestOptions(scopes) {
-    const resource = mapScopesToResource(scopes);
-    if (!resource) {
-        throw new Error(`${msiName}: Multiple scopes are not supported.`);
-    }
-    // Pod Identity will try to process this request even if the Metadata header is missing.
-    // We can exclude the request query to ensure no IMDS endpoint tries to process the ping request.
-    const url = new URL(imdsEndpointPath, process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST ?? imdsHost);
-    const rawHeaders = {
-        Accept: "application/json",
-        // intentionally leave out the Metadata header to invoke an error from IMDS endpoint.
-    };
-    return {
-        // intentionally not including any query
-        url: `${url}`,
-        method: "GET",
-        headers: createHttpHeaders(rawHeaders),
-    };
-}
-/**
- * Defines how to determine whether the Azure IMDS MSI is available.
- *
- * Actually getting the token once we determine IMDS is available is handled by MSAL.
- */
-export const imdsMsi = {
-    name: "imdsMsi",
-    async isAvailable(options) {
-        const { scopes, identityClient, getTokenOptions } = options;
-        const resource = mapScopesToResource(scopes);
-        if (!resource) {
-            logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
-            return false;
-        }
-        // if the PodIdentityEndpoint environment variable was set no need to probe the endpoint, it can be assumed to exist
-        if (process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) {
-            return true;
-        }
-        if (!identityClient) {
-            throw new Error("Missing IdentityClient");
-        }
-        const requestOptions = prepareInvalidRequestOptions(resource);
-        return tracingClient.withSpan("ManagedIdentityCredential-pingImdsEndpoint", getTokenOptions ?? {}, async (updatedOptions) => {
-            requestOptions.tracingOptions = updatedOptions.tracingOptions;
-            // Create a request with a timeout since we expect that
-            // not having a "Metadata" header should cause an error to be
-            // returned quickly from the endpoint, proving its availability.
-            const request = createPipelineRequest(requestOptions);
-            // Default to 1000 if the default of 0 is used.
-            // Negative values can still be used to disable the timeout.
-            request.timeout = updatedOptions.requestOptions?.timeout || 1000;
-            // This MSI uses the imdsEndpoint to get the token, which only uses http://
-            request.allowInsecureConnection = true;
-            let response;
-            try {
-                logger.info(`${msiName}: Pinging the Azure IMDS endpoint`);
-                response = await identityClient.sendRequest(request);
-            }
-            catch (err) {
-                // If the request failed, or Node.js was unable to establish a connection,
-                // or the host was down, we'll assume the IMDS endpoint isn't available.
-                if (isError(err)) {
-                    logger.verbose(`${msiName}: Caught error ${err.name}: ${err.message}`);
-                }
-                // This is a special case for Docker Desktop which responds with a 403 with a message that contains "A socket operation was attempted to an unreachable network" or "A socket operation was attempted to an unreachable host"
-                // rather than just timing out, as expected.
-                logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);
-                return false;
-            }
-            if (response.status === 403) {
-                if (response.bodyAsText?.includes("unreachable")) {
-                    logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);
-                    logger.info(`${msiName}: ${response.bodyAsText}`);
-                    return false;
-                }
-            }
-            // If we received any response, the endpoint is available
-            logger.info(`${msiName}: The Azure IMDS endpoint is available`);
-            return true;
-        });
-    },
-};
-//# sourceMappingURL=imdsMsi.js.map

package/dist/browser/credentials/managedIdentityCredential/imdsMsi.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"imdsMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AACrF,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAG3C,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAGtD,MAAM,OAAO,GAAG,kCAAkC,CAAC;AACnD,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC,MAAM,QAAQ,GAAG,wBAAwB,CAAC;AAC1C,MAAM,gBAAgB,GAAG,iCAAiC,CAAC;AAE3D;;;GAGG;AACH,SAAS,4BAA4B,CAAC,MAAyB;IAC7D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IAED,wFAAwF;IACxF,iGAAiG;IACjG,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,iCAAiC,IAAI,QAAQ,CAAC,CAAC;IAEjG,MAAM,UAAU,GAA2B;QACzC,MAAM,EAAE,kBAAkB;QAC1B,qFAAqF;KACtF,CAAC;IAEF,OAAO;QACL,wCAAwC;QACxC,GAAG,EAAE,GAAG,GAAG,EAAE;QACb,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,iBAAiB,CAAC,UAAU,CAAC;KACvC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,IAAI,EAAE,SAAS;IACf,KAAK,CAAC,WAAW,CAAC,OAMjB;QACC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GAAG,OAAO,CAAC;QAC5D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QAED,oHAAoH;QACpH,IAAI,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,CAAC;YAClD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,cAAc,GAAG,4BAA4B,CAAC,QAAQ,CAAC,CAAC;QAE9D,OAAO,aAAa,CAAC,QAAQ,CAC3B,4CAA4C,EAC5C,eAAe,IAAI,EAAE,EACrB,KAAK,EAAE,cAAc,EAAE,EAAE;YACvB,cAAc,CAAC,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC;YAE9D,uDAAuD;YACvD,6DAA6D;YAC7D,gEAAgE;YAChE,MAAM,OAAO,GAAG,qBAAqB,CAAC,cAAc,CAAC,CAAC;YAEtD,+CAA+C;YAC/C,4DAA4D;YAC5D,OAAO,CAAC,OAAO,GAAG,cAAc,CAAC,cAAc,EAAE,OAAO,IAAI,IAAI,CAAC;YAEjE,2EAA2E;YAC3E,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC;YACvC,IAAI,QAA0B,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mCAAmC,CAAC,CAAC;gBAC3D,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACvD,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,0EAA0E;gBAC1E,wEAAwE;gBACxE,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjB,MAAM,CAAC,OAAO,CAAC,GAAG,OAAO,kBAAkB,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBACzE,CAAC;gBACD,6NAA6N;gBAC7N,4CAA4C;gBAC5C,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,0CAA0C,CAAC,CAAC;gBAClE,OAAO,KAAK,CAAC;YACf,CAAC;YACD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,IAAI,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACjD,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,0CAA0C,CAAC,CAAC;oBAClE,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;oBAClD,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YACD,yDAAyD;YACzD,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,wCAAwC,CAAC,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC,CACF,CAAC;IACJ,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelineRequestOptions, PipelineResponse } from \"@azure/core-rest-pipeline\";\nimport { createHttpHeaders, createPipelineRequest } from \"@azure/core-rest-pipeline\";\nimport { isError } from \"@azure/core-util\";\n\nimport type { GetTokenOptions } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging.js\";\nimport { mapScopesToResource } from \"./utils.js\";\nimport { tracingClient } from \"../../util/tracing.js\";\nimport type { IdentityClient } from \"../../client/identityClient.js\";\n\nconst msiName = \"ManagedIdentityCredential - IMDS\";\nconst logger = credentialLogger(msiName);\n\nconst imdsHost = \"http://169.254.169.254\";\nconst imdsEndpointPath = \"/metadata/identity/oauth2/token\";\n\n/**\n * Generates an invalid request options to get a response quickly from IMDS endpoint.\n * The response indicates the availability of IMSD service; otherwise the request would time out.\n */\nfunction prepareInvalidRequestOptions(scopes: string | string[]): PipelineRequestOptions {\n  const resource = mapScopesToResource(scopes);\n  if (!resource) {\n    throw new Error(`${msiName}: Multiple scopes are not supported.`);\n  }\n\n  // Pod Identity will try to process this request even if the Metadata header is missing.\n  // We can exclude the request query to ensure no IMDS endpoint tries to process the ping request.\n  const url = new URL(imdsEndpointPath, process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST ?? imdsHost);\n\n  const rawHeaders: Record<string, string> = {\n    Accept: \"application/json\",\n    // intentionally leave out the Metadata header to invoke an error from IMDS endpoint.\n  };\n\n  return {\n    // intentionally not including any query\n    url: `${url}`,\n    method: \"GET\",\n    headers: createHttpHeaders(rawHeaders),\n  };\n}\n\n/**\n * Defines how to determine whether the Azure IMDS MSI is available.\n *\n * Actually getting the token once we determine IMDS is available is handled by MSAL.\n */\nexport const imdsMsi = {\n  name: \"imdsMsi\",\n  async isAvailable(options: {\n    scopes: string | string[];\n    identityClient?: IdentityClient;\n    clientId?: string;\n    resourceId?: string;\n    getTokenOptions?: GetTokenOptions;\n  }): Promise<boolean> {\n    const { scopes, identityClient, getTokenOptions } = options;\n    const resource = mapScopesToResource(scopes);\n    if (!resource) {\n      logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n      return false;\n    }\n\n    // if the PodIdentityEndpoint environment variable was set no need to probe the endpoint, it can be assumed to exist\n    if (process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) {\n      return true;\n    }\n\n    if (!identityClient) {\n      throw new Error(\"Missing IdentityClient\");\n    }\n\n    const requestOptions = prepareInvalidRequestOptions(resource);\n\n    return tracingClient.withSpan(\n      \"ManagedIdentityCredential-pingImdsEndpoint\",\n      getTokenOptions ?? {},\n      async (updatedOptions) => {\n        requestOptions.tracingOptions = updatedOptions.tracingOptions;\n\n        // Create a request with a timeout since we expect that\n        // not having a \"Metadata\" header should cause an error to be\n        // returned quickly from the endpoint, proving its availability.\n        const request = createPipelineRequest(requestOptions);\n\n        // Default to 1000 if the default of 0 is used.\n        // Negative values can still be used to disable the timeout.\n        request.timeout = updatedOptions.requestOptions?.timeout || 1000;\n\n        // This MSI uses the imdsEndpoint to get the token, which only uses http://\n        request.allowInsecureConnection = true;\n        let response: PipelineResponse;\n        try {\n          logger.info(`${msiName}: Pinging the Azure IMDS endpoint`);\n          response = await identityClient.sendRequest(request);\n        } catch (err: unknown) {\n          // If the request failed, or Node.js was unable to establish a connection,\n          // or the host was down, we'll assume the IMDS endpoint isn't available.\n          if (isError(err)) {\n            logger.verbose(`${msiName}: Caught error ${err.name}: ${err.message}`);\n          }\n          // This is a special case for Docker Desktop which responds with a 403 with a message that contains \"A socket operation was attempted to an unreachable network\" or \"A socket operation was attempted to an unreachable host\"\n          // rather than just timing out, as expected.\n          logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);\n          return false;\n        }\n        if (response.status === 403) {\n          if (response.bodyAsText?.includes(\"unreachable\")) {\n            logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);\n            logger.info(`${msiName}: ${response.bodyAsText}`);\n            return false;\n          }\n        }\n        // If we received any response, the endpoint is available\n        logger.info(`${msiName}: The Azure IMDS endpoint is available`);\n        return true;\n      },\n    );\n  },\n};\n"]}

package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts

@@ -1,13 +0,0 @@
-import type { PipelinePolicy } from "@azure/core-rest-pipeline";
-import type { MSIConfiguration } from "./models.js";
-/**
- * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
- * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
- * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
- * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
- *
- * @param msiRetryConfig - The retry configuration for the MSI credential.
- * @returns - The policy that will retry on 404s and 410s.
- */
-export declare function imdsRetryPolicy(msiRetryConfig: MSIConfiguration["retryConfig"]): PipelinePolicy;
-//# sourceMappingURL=imdsRetryPolicy.d.ts.map

package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"imdsRetryPolicy.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAGhE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAYpD;;;;;;;;GAQG;AACH,wBAAgB,eAAe,CAAC,cAAc,EAAE,gBAAgB,CAAC,aAAa,CAAC,GAAG,cAAc,CA2B/F"}

package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.js

@@ -1,43 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { retryPolicy } from "@azure/core-rest-pipeline";
-import { calculateRetryDelay } from "@azure/core-util";
-// Matches the default retry configuration in expontentialRetryStrategy.ts
-const DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;
-// For 410 responses, we need at least 70 seconds total retry duration
-// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d
-// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70
-// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.
-const MIN_DELAY_FOR_410_MS = 3000;
-/**
- * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on
- * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when
- * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.
- * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.
- *
- * @param msiRetryConfig - The retry configuration for the MSI credential.
- * @returns - The policy that will retry on 404s and 410s.
- */
-export function imdsRetryPolicy(msiRetryConfig) {
-    return retryPolicy([
-        {
-            name: "imdsRetryPolicy",
-            retry: ({ retryCount, response }) => {
-                if (response?.status !== 404 && response?.status !== 410) {
-                    return { skipStrategy: true };
-                }
-                // For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration
-                const initialDelayMs = response?.status === 410
-                    ? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)
-                    : msiRetryConfig.startDelayInMs;
-                return calculateRetryDelay(retryCount, {
-                    retryDelayInMs: initialDelayMs,
-                    maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,
-                });
-            },
-        },
-    ], {
-        maxRetries: msiRetryConfig.maxRetries,
-    });
-}
-//# sourceMappingURL=imdsRetryPolicy.js.map

package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD,sEAAsE;AACtE,oFAAoF;AACpF,kFAAkF;AAClF,sEAAsE;AACtE,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAElC;;;;;;;;GAQG;AACH,MAAM,UAAU,eAAe,CAAC,cAA+C;IAC7E,OAAO,WAAW,CAChB;QACE;YACE,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAClC,IAAI,QAAQ,EAAE,MAAM,KAAK,GAAG,IAAI,QAAQ,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;oBACzD,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;gBAChC,CAAC;gBAED,qGAAqG;gBACrG,MAAM,cAAc,GAClB,QAAQ,EAAE,MAAM,KAAK,GAAG;oBACtB,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,oBAAoB,EAAE,cAAc,CAAC,cAAc,CAAC;oBAC/D,CAAC,CAAC,cAAc,CAAC,cAAc,CAAC;gBAEpC,OAAO,mBAAmB,CAAC,UAAU,EAAE;oBACrC,cAAc,EAAE,cAAc;oBAC9B,iBAAiB,EAAE,iCAAiC;iBACrD,CAAC,CAAC;YACL,CAAC;SACF;KACF,EACD;QACE,UAAU,EAAE,cAAc,CAAC,UAAU;KACtC,CACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelinePolicy } from \"@azure/core-rest-pipeline\";\nimport { retryPolicy } from \"@azure/core-rest-pipeline\";\n\nimport type { MSIConfiguration } from \"./models.js\";\nimport { calculateRetryDelay } from \"@azure/core-util\";\n\n// Matches the default retry configuration in expontentialRetryStrategy.ts\nconst DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;\n\n// For 410 responses, we need at least 70 seconds total retry duration\n// With 5 retries using exponential backoff: delays of d, 2d, 4d, 8d, 16d sum to 31d\n// Accounting for jitter (which can reduce delays by 20%), we need 31d * 0.8 >= 70\n// So we need d >= 70/24.8 = 2.82 seconds. Using 3 seconds to be safe.\nconst MIN_DELAY_FOR_410_MS = 3000;\n\n/**\n * An additional policy that retries on 404 and 410 errors. The default retry policy does not retry on\n * 404s or 410s, but the IMDS endpoint can return these when the token is not yet available or when\n * the identity is still being set up. This policy will retry on 404s and 410s with an exponential backoff.\n * For 410 responses, it uses a minimum 3-second initial delay to ensure at least 70 seconds total duration.\n *\n * @param msiRetryConfig - The retry configuration for the MSI credential.\n * @returns - The policy that will retry on 404s and 410s.\n */\nexport function imdsRetryPolicy(msiRetryConfig: MSIConfiguration[\"retryConfig\"]): PipelinePolicy {\n  return retryPolicy(\n    [\n      {\n        name: \"imdsRetryPolicy\",\n        retry: ({ retryCount, response }) => {\n          if (response?.status !== 404 && response?.status !== 410) {\n            return { skipStrategy: true };\n          }\n\n          // For 410 responses, use a minimum 3-second delay to ensure at least 70 seconds total retry duration\n          const initialDelayMs =\n            response?.status === 410\n              ? Math.max(MIN_DELAY_FOR_410_MS, msiRetryConfig.startDelayInMs)\n              : msiRetryConfig.startDelayInMs;\n\n          return calculateRetryDelay(retryCount, {\n            retryDelayInMs: initialDelayMs,\n            maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,\n          });\n        },\n      },\n    ],\n    {\n      maxRetries: msiRetryConfig.maxRetries,\n    },\n  );\n}\n"]}

package/dist/browser/credentials/managedIdentityCredential/index.d.ts

@@ -1,6 +0,0 @@
-import type { AccessToken, TokenCredential } from "@azure/core-auth";
-export declare class ManagedIdentityCredential implements TokenCredential {
-    constructor();
-    getToken(): Promise<AccessToken | null>;
-}
-//# sourceMappingURL=index-browser.d.mts.map

package/dist/browser/credentials/managedIdentityCredential/models.d.ts

@@ -1,24 +0,0 @@
-import type { AccessToken } from "@azure/core-auth";
-import type { IdentityClient } from "../../client/identityClient.js";
-/**
- * @internal
- */
-export interface MSIConfiguration {
-    retryConfig: {
-        maxRetries: number;
-        startDelayInMs: number;
-        intervalIncrement: number;
-    };
-    identityClient: IdentityClient;
-    scopes: string | string[];
-    clientId?: string;
-    resourceId?: string;
-}
-/**
- * @internal
- * Represents an access token for {@link ManagedIdentity} for internal usage,
- * with an expiration time and the time in which token should refresh.
- */
-export declare interface MSIToken extends AccessToken {
-}
-//# sourceMappingURL=models.d.ts.map

package/dist/browser/credentials/managedIdentityCredential/models.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/models.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAErE;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE;QACX,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,EAAE,MAAM,CAAC;KAC3B,CAAC;IACF,cAAc,EAAE,cAAc,CAAC;IAC/B,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,CAAC,OAAO,WAAW,QAAS,SAAQ,WAAW;CAAG"}

package/dist/browser/credentials/managedIdentityCredential/models.js

@@ -1,4 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export {};
-//# sourceMappingURL=models.js.map

package/dist/browser/credentials/managedIdentityCredential/models.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"models.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/models.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken } from \"@azure/core-auth\";\n\nimport type { IdentityClient } from \"../../client/identityClient.js\";\n\n/**\n * @internal\n */\nexport interface MSIConfiguration {\n  retryConfig: {\n    maxRetries: number;\n    startDelayInMs: number;\n    intervalIncrement: number;\n  };\n  identityClient: IdentityClient;\n  scopes: string | string[];\n  clientId?: string;\n  resourceId?: string;\n}\n\n/**\n * @internal\n * Represents an access token for {@link ManagedIdentity} for internal usage,\n * with an expiration time and the time in which token should refresh.\n */\nexport declare interface MSIToken extends AccessToken {}\n"]}

package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts

@@ -1,14 +0,0 @@
-import type { AccessToken, GetTokenOptions } from "@azure/core-auth";
-import type { MSIConfiguration } from "./models.js";
-/**
- * Defines how to determine whether the token exchange MSI is available, and also how to retrieve a token from the token exchange MSI.
- *
- * Token exchange MSI (used by AKS) is the only MSI implementation handled entirely by Azure Identity.
- * The rest have been migrated to MSAL.
- */
-export declare const tokenExchangeMsi: {
-    name: string;
-    isAvailable(clientId?: string): Promise<boolean>;
-    getToken(configuration: MSIConfiguration, getTokenOptions?: GetTokenOptions): Promise<AccessToken | null>;
-};
-//# sourceMappingURL=tokenExchangeMsi.d.ts.map

package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"tokenExchangeMsi.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/tokenExchangeMsi.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAQpD;;;;;GAKG;AACH,eAAO,MAAM,gBAAgB;;2BAEE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;4BAerC,gBAAgB,oBACd,eAAe,GAC/B,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAY/B,CAAC"}

package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js

@@ -1,38 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import { WorkloadIdentityCredential } from "../workloadIdentityCredential.js";
-import { credentialLogger } from "../../util/logging.js";
-const msiName = "ManagedIdentityCredential - Token Exchange";
-const logger = credentialLogger(msiName);
-/**
- * Defines how to determine whether the token exchange MSI is available, and also how to retrieve a token from the token exchange MSI.
- *
- * Token exchange MSI (used by AKS) is the only MSI implementation handled entirely by Azure Identity.
- * The rest have been migrated to MSAL.
- */
-export const tokenExchangeMsi = {
-    name: "tokenExchangeMsi",
-    async isAvailable(clientId) {
-        const env = process.env;
-        const result = Boolean((clientId || env.AZURE_CLIENT_ID) &&
-            env.AZURE_TENANT_ID &&
-            process.env.AZURE_FEDERATED_TOKEN_FILE);
-        if (!result) {
-            logger.info(`${msiName}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`);
-        }
-        return result;
-    },
-    async getToken(configuration, getTokenOptions = {}) {
-        const { scopes, clientId } = configuration;
-        const identityClientTokenCredentialOptions = {};
-        const workloadIdentityCredential = new WorkloadIdentityCredential({
-            clientId,
-            tenantId: process.env.AZURE_TENANT_ID,
-            tokenFilePath: process.env.AZURE_FEDERATED_TOKEN_FILE,
-            ...identityClientTokenCredentialOptions,
-            disableInstanceDiscovery: true,
-        });
-        return workloadIdentityCredential.getToken(scopes, getTokenOptions);
-    },
-};
-//# sourceMappingURL=tokenExchangeMsi.js.map

package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"tokenExchangeMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/tokenExchangeMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAGzD,MAAM,OAAO,GAAG,4CAA4C,CAAC;AAC7D,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,IAAI,EAAE,kBAAkB;IACxB,KAAK,CAAC,WAAW,CAAC,QAAiB;QACjC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,OAAO,CACpB,CAAC,QAAQ,IAAI,GAAG,CAAC,eAAe,CAAC;YACjC,GAAG,CAAC,eAAe;YACnB,OAAO,CAAC,GAAG,CAAC,0BAA0B,CACvC,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,qKAAqK,CAChL,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;QAErC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,CAAC;QAC3C,MAAM,oCAAoC,GAAG,EAAE,CAAC;QAChD,MAAM,0BAA0B,GAAG,IAAI,0BAA0B,CAAC;YAChE,QAAQ;YACR,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;YACrC,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B;YACrD,GAAG,oCAAoC;YACvC,wBAAwB,EAAE,IAAI;SACM,CAAC,CAAC;QACxC,OAAO,0BAA0B,CAAC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IACtE,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport type { MSIConfiguration } from \"./models.js\";\nimport { WorkloadIdentityCredential } from \"../workloadIdentityCredential.js\";\nimport { credentialLogger } from \"../../util/logging.js\";\nimport type { WorkloadIdentityCredentialOptions } from \"../workloadIdentityCredentialOptions.js\";\n\nconst msiName = \"ManagedIdentityCredential - Token Exchange\";\nconst logger = credentialLogger(msiName);\n\n/**\n * Defines how to determine whether the token exchange MSI is available, and also how to retrieve a token from the token exchange MSI.\n *\n * Token exchange MSI (used by AKS) is the only MSI implementation handled entirely by Azure Identity.\n * The rest have been migrated to MSAL.\n */\nexport const tokenExchangeMsi = {\n  name: \"tokenExchangeMsi\",\n  async isAvailable(clientId?: string): Promise<boolean> {\n    const env = process.env;\n    const result = Boolean(\n      (clientId || env.AZURE_CLIENT_ID) &&\n      env.AZURE_TENANT_ID &&\n      process.env.AZURE_FEDERATED_TOKEN_FILE,\n    );\n    if (!result) {\n      logger.info(\n        `${msiName}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`,\n      );\n    }\n    return result;\n  },\n  async getToken(\n    configuration: MSIConfiguration,\n    getTokenOptions: GetTokenOptions = {},\n  ): Promise<AccessToken | null> {\n    const { scopes, clientId } = configuration;\n    const identityClientTokenCredentialOptions = {};\n    const workloadIdentityCredential = new WorkloadIdentityCredential({\n      clientId,\n      tenantId: process.env.AZURE_TENANT_ID,\n      tokenFilePath: process.env.AZURE_FEDERATED_TOKEN_FILE,\n      ...identityClientTokenCredentialOptions,\n      disableInstanceDiscovery: true,\n    } as WorkloadIdentityCredentialOptions);\n    return workloadIdentityCredential.getToken(scopes, getTokenOptions);\n  },\n};\n"]}

package/dist/browser/credentials/onBehalfOfCredential.d.ts

@@ -1,12 +0,0 @@
-import type { AccessToken, TokenCredential } from "@azure/core-auth";
-/**
- * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).
- */
-export declare class OnBehalfOfCredential implements TokenCredential {
-    /**
-     * Only available in Node.js
-     */
-    constructor();
-    getToken(): Promise<AccessToken | null>;
-}
-//# sourceMappingURL=onBehalfOfCredential-browser.d.mts.map

package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts

@@ -1,12 +0,0 @@
-/**
- * A function that searches for credentials in the Visual Studio Code credential store.
- *
- * @returns an array of credentials (username and password)
- * @internal
- *
- */
-export type VSCodeCredentialFinder = () => Promise<Array<{
-    account: string;
-    password: string;
-}>>;
-//# sourceMappingURL=visualStudioCodeCredentialPlugin.d.ts.map

package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"visualStudioCodeCredentialPlugin.d.ts","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredentialPlugin.ts"],"names":[],"mappings":"AAGA;;;;;;GAMG;AACH,MAAM,MAAM,sBAAsB,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC,CAAC"}

package/dist/browser/credentials/visualStudioCodeCredentialPlugin.js

@@ -1,4 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-export {};
-//# sourceMappingURL=visualStudioCodeCredentialPlugin.js.map

package/dist/browser/credentials/visualStudioCodeCredentialPlugin.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"visualStudioCodeCredentialPlugin.js","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredentialPlugin.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * A function that searches for credentials in the Visual Studio Code credential store.\n *\n * @returns an array of credentials (username and password)\n * @internal\n *\n */\nexport type VSCodeCredentialFinder = () => Promise<Array<{ account: string; password: string }>>;\n"]}

package/dist/browser/msal/msal.d.ts

@@ -1,3 +0,0 @@
-import * as msalCommon from "@azure/msal-browser";
-export { msalCommon };
-//# sourceMappingURL=msal-browser.d.mts.map

package/dist/browser/msal/msal.js

@@ -1,5 +0,0 @@
-// Copyright (c) Microsoft Corporation.
-// Licensed under the MIT License.
-import * as msalCommon from "@azure/msal-browser";
-export { msalCommon };
-//# sourceMappingURL=msal-browser.mjs.map

package/dist/browser/msal/nodeFlows/msalClient.d.ts

@@ -1,205 +0,0 @@
-import * as msal from "@azure/msal-node";
-import type { AccessToken, GetTokenOptions } from "@azure/core-auth";
-import type { AuthenticationRecord, CertificateParts } from "../types.js";
-import type { CredentialLogger } from "../../util/logging.js";
-import type { BrokerOptions } from "./brokerOptions.js";
-import type { DeviceCodePromptCallback } from "../../credentials/deviceCodeCredentialOptions.js";
-import type { InteractiveBrowserCredentialNodeOptions } from "../../credentials/interactiveBrowserCredentialOptions.js";
-import type { TokenCachePersistenceOptions } from "./tokenCachePersistenceOptions.js";
-import { CommonClientOptions } from "@azure/core-client";
-import { LogPolicyOptions } from "@azure/core-rest-pipeline";
-/**
- * Represents the options for acquiring a token using flows that support silent authentication.
- */
-export interface GetTokenWithSilentAuthOptions extends GetTokenOptions {
-    /**
-     * Disables automatic authentication. If set to true, the method will throw an error if the user needs to authenticate.
-     *
-     * @remarks
-     *
-     * This option will be set to `false` when the user calls `authenticate` directly on a credential that supports it.
-     */
-    disableAutomaticAuthentication?: boolean;
-}
-/**
- * Represents the options for acquiring a token interactively.
- */
-export interface GetTokenInteractiveOptions extends GetTokenWithSilentAuthOptions {
-    /**
-     * Window handle for parent window, required for WAM authentication.
-     */
-    parentWindowHandle?: Buffer;
-    /**
-     * Shared configuration options for browser customization
-     */
-    browserCustomizationOptions?: InteractiveBrowserCredentialNodeOptions["browserCustomizationOptions"];
-    /**
-     * loginHint allows a user name to be pre-selected for interactive logins.
-     * Setting this option skips the account selection prompt and immediately attempts to login with the specified account.
-     */
-    loginHint?: string;
-}
-/**
- * Represents a client for interacting with the Microsoft Authentication Library (MSAL).
- */
-export interface MsalClient {
-    /**
-     *
-     * Retrieves an access token by using the on-behalf-of flow and a client assertion callback of the calling service.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param userAssertionToken - The access token that was sent to the middle-tier API. This token must have an audience of the app making this OBO request.
-     * @param clientCredentials - The client secret OR client certificate OR client `getAssertion` callback.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenOnBehalfOf(scopes: string[], userAssertionToken: string, clientCredentials: string | CertificateParts | (() => Promise<string>), options?: GetTokenOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by using an interactive prompt (InteractiveBrowserCredential).
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenByInteractiveRequest(scopes: string[], options: GetTokenInteractiveOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by using a user's username and password.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param username - The username provided by the developer.
-     * @param password - The user's password provided by the developer.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenByUsernamePassword(scopes: string[], username: string, password: string, options?: GetTokenOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by prompting the user to authenticate using a device code.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param userPromptCallback - The callback function that allows developers to customize the prompt message.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenByDeviceCode(scopes: string[], userPromptCallback: DeviceCodePromptCallback, options?: GetTokenWithSilentAuthOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by using a client certificate.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param certificate - The client certificate used for authentication.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenByClientCertificate(scopes: string[], certificate: CertificateParts, options?: GetTokenOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by using a client assertion.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param clientAssertion - The client `getAssertion` callback used for authentication.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenByClientAssertion(scopes: string[], clientAssertion: () => Promise<string>, options?: GetTokenOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by using a client secret.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param clientSecret - The client secret of the application. This is a credential that the application can use to authenticate itself.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getTokenByClientSecret(scopes: string[], clientSecret: string, options?: GetTokenOptions): Promise<AccessToken>;
-    /**
-     * Retrieves an access token by using an authorization code flow.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param authorizationCode - An authorization code that was received from following the
-                                authorization code flow.  This authorization code must not
-                                have already been used to obtain an access token.
-     * @param redirectUri - The redirect URI that was used to request the authorization code.
-                          Must be the same URI that is configured for the App Registration.
-     * @param clientSecret - An optional client secret that was generated for the App Registration.
-     * @param options - Additional options that may be provided to the method.
-     */
-    getTokenByAuthorizationCode(scopes: string[], redirectUri: string, authorizationCode: string, clientSecret?: string, options?: GetTokenWithSilentAuthOptions): Promise<AccessToken>;
-    /**
-     * Retrieves the last authenticated account. This method expects an authentication record to have been previously loaded.
-     *
-     * An authentication record could be loaded by calling the `getToken` method, or by providing an `authenticationRecord` when creating a credential.
-     */
-    getActiveAccount(): AuthenticationRecord | undefined;
-    /**
-     * Retrieves an access token using brokered authentication.
-     *
-     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
-     * @param useDefaultBrokerAccount - Whether to use the default broker account for authentication.
-     * @param options - Additional options that may be provided to the method.
-     * @returns An access token.
-     */
-    getBrokeredToken(scopes: string[], useDefaultBrokerAccount: boolean, options?: GetTokenInteractiveOptions): Promise<AccessToken>;
-}
-/**
- * Represents the options for configuring the MsalClient.
- */
-export interface MsalClientOptions extends CommonClientOptions {
-    /**
-     * Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.
-     */
-    brokerOptions?: BrokerOptions;
-    /**
-     * Parameters that enable token cache persistence in the Identity credentials.
-     */
-    tokenCachePersistenceOptions?: TokenCachePersistenceOptions;
-    /**
-     * Indicates if this is being used by VSCode credential.
-     */
-    isVSCodeCredential?: boolean;
-    /**
-     * A custom authority host.
-     */
-    authorityHost?: string;
-    /**
-     * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
-     */
-    loggingOptions?: LogPolicyOptions & {
-        /**
-         * Allows logging account information once the authentication flow succeeds.
-         */
-        allowLoggingAccountIdentifiers?: boolean;
-        /**
-         * Allows logging personally identifiable information for customer support.
-         */
-        enableUnsafeSupportLogging?: boolean;
-    };
-    /**
-     * Determines whether instance discovery is disabled.
-     */
-    disableInstanceDiscovery?: boolean;
-    /**
-     * The logger for the MsalClient.
-     */
-    logger?: CredentialLogger;
-    /**
-     * The authentication record for the MsalClient.
-     */
-    authenticationRecord?: AuthenticationRecord;
-}
-/**
- * Generates the configuration for MSAL (Microsoft Authentication Library).
- *
- * @param clientId - The client ID of the application.
- * @param  tenantId - The tenant ID of the Azure Active Directory.
- * @param  msalClientOptions - Optional. Additional options for creating the MSAL client.
- * @returns  The MSAL configuration object.
- */
-export declare function generateMsalConfiguration(clientId: string, tenantId: string, msalClientOptions?: MsalClientOptions): msal.Configuration;
-/**
- * Creates an instance of the MSAL (Microsoft Authentication Library) client.
- *
- * @param clientId - The client ID of the application.
- * @param tenantId - The tenant ID of the Azure Active Directory.
- * @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.
- * @returns An instance of the MSAL client.
- *
- * @public
- */
-export declare function createMsalClient(clientId: string, tenantId: string, createMsalClientOptions?: MsalClientOptions): MsalClient;
-//# sourceMappingURL=msalClient.d.ts.map

package/dist/browser/msal/nodeFlows/msalClient.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"msalClient.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalClient.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,IAAI,MAAM,kBAAkB,CAAC;AAEzC,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1E,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAgB9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,kDAAkD,CAAC;AAEjG,OAAO,KAAK,EAAE,uCAAuC,EAAE,MAAM,0DAA0D,CAAC;AACxH,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAItF,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAQ7D;;GAEG;AACH,MAAM,WAAW,6BAA8B,SAAQ,eAAe;IACpE;;;;;;OAMG;IACH,8BAA8B,CAAC,EAAE,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,0BAA2B,SAAQ,6BAA6B;IAC/E;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,2BAA2B,CAAC,EAAE,uCAAuC,CAAC,6BAA6B,CAAC,CAAC;IACrG;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;;;;;OASG;IACH,kBAAkB,CAChB,MAAM,EAAE,MAAM,EAAE,EAChB,kBAAkB,EAAE,MAAM,EAC1B,iBAAiB,EAAE,MAAM,GAAG,gBAAgB,GAAG,CAAC,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC,EACtE,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;OAKG;IACH,4BAA4B,CAC1B,MAAM,EAAE,MAAM,EAAE,EAChB,OAAO,EAAE,0BAA0B,GAClC,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;;OAQG;IACH,0BAA0B,CACxB,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;OAOG;IACH,oBAAoB,CAClB,MAAM,EAAE,MAAM,EAAE,EAChB,kBAAkB,EAAE,wBAAwB,EAC5C,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;OAOG;IACH,2BAA2B,CACzB,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,gBAAgB,EAC7B,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;OAOG;IACH,yBAAyB,CACvB,MAAM,EAAE,MAAM,EAAE,EAChB,eAAe,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,EACtC,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;OAOG;IACH,sBAAsB,CACpB,MAAM,EAAE,MAAM,EAAE,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;;;;;OAWG;IACH,2BAA2B,CACzB,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,MAAM,EACnB,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;OAIG;IACH,gBAAgB,IAAI,oBAAoB,GAAG,SAAS,CAAC;IAErD;;;;;;;OAOG;IACH,gBAAgB,CACd,MAAM,EAAE,MAAM,EAAE,EAChB,uBAAuB,EAAE,OAAO,EAChC,OAAO,CAAC,EAAE,0BAA0B,GACnC,OAAO,CAAC,WAAW,CAAC,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAkB,SAAQ,mBAAmB;IAC5D;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAE9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,4BAA4B,CAAC;IAE5D;;OAEG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,cAAc,CAAC,EAAE,gBAAgB,GAAG;QAClC;;WAEG;QACH,8BAA8B,CAAC,EAAE,OAAO,CAAC;QACzC;;WAEG;QACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;KACtC,CAAC;IAEF;;OAEG;IACH,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC;;OAEG;IACH,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAE1B;;OAEG;IACH,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;CAC7C;AAED;;;;;;;GAOG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,iBAAiB,GAAE,iBAAsB,GACxC,IAAI,CAAC,aAAa,CAmCpB;AAuBD;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,uBAAuB,GAAE,iBAAsB,GAC9C,UAAU,CA0jBZ"}