@azure/identity 4.3.1-alpha.20240628.2 → 4.4.0

package/README.md

@@ -10,7 +10,7 @@ Key links:
 - [Package (npm)](https://www.npmjs.com/package/@azure/identity)
 - [API Reference Documentation](https://learn.microsoft.com/javascript/api/@azure/identity)
 - [Microsoft Entra ID documentation](https://learn.microsoft.com/entra/identity)
-- [Samples](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples/v2)
+- [Samples](https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/identity/identity/samples)
 
 ## Getting started
 

package/dist/index.js

@@ -46,7 +46,7 @@ var child_process__namespace = /*#__PURE__*/_interopNamespaceDefault(child_proce
 /**
  * Current version of the `@azure/identity` package.
  */
-const SDK_VERSION = `4.3.1`;
+const SDK_VERSION = `4.4.0`;
 /**
  * The default client ID for authentication
  * @internal
@@ -2056,6 +2056,16 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         state.logger.getToken.info("Attempting to acquire token silently");
         return app.acquireTokenSilent(silentRequest);
     }
+    /**
+     * Builds an authority URL for the given request. The authority may be different than the one used when creating the MSAL client
+     * if the user is creating cross-tenant requests
+     */
+    function calculateRequestAuthority(options) {
+        if (options === null || options === void 0 ? void 0 : options.tenantId) {
+            return getAuthority(options.tenantId, createMsalClientOptions.authorityHost);
+        }
+        return state.msalConfig.auth.authority;
+    }
     /**
      * Performs silent authentication using MSAL to acquire an access token.
      * If silent authentication fails, falls back to interactive authentication.
@@ -2109,7 +2119,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         try {
             const response = await msalApp.acquireTokenByClientCredential({
                 scopes,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 azureRegion: calculateRegionalAuthority(),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             });
@@ -2131,7 +2141,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         try {
             const response = await msalApp.acquireTokenByClientCredential({
                 scopes,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 azureRegion: calculateRegionalAuthority(),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
                 clientAssertion,
@@ -2154,7 +2164,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         try {
             const response = await msalApp.acquireTokenByClientCredential({
                 scopes,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 azureRegion: calculateRegionalAuthority(),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             });
@@ -2178,7 +2188,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
                 scopes,
                 cancel: (_b = (_a = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a === void 0 ? void 0 : _a.aborted) !== null && _b !== void 0 ? _b : false,
                 deviceCodeCallback,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             };
             const deviceCodeRequest = msalApp.acquireTokenByDeviceCode(requestOptions);
@@ -2198,7 +2208,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
                 scopes,
                 username,
                 password,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             };
             return msalApp.acquireTokenByUsernamePassword(requestOptions);
@@ -2227,7 +2237,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
                 scopes,
                 redirectUri,
                 code: authorizationCode,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
             });
         });
@@ -2253,7 +2263,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
         try {
             const response = await msalApp.acquireTokenOnBehalfOf({
                 scopes,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 claims: options.claims,
                 oboAssertion: userAssertionToken,
             });
@@ -2320,7 +2330,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
                     await interactiveBrowserMockable.open(url, { wait: true, newInstance: true });
                 },
                 scopes,
-                authority: state.msalConfig.auth.authority,
+                authority: calculateRequestAuthority(options),
                 claims: options === null || options === void 0 ? void 0 : options.claims,
                 loginHint: options === null || options === void 0 ? void 0 : options.loginHint,
                 errorTemplate: (_a = options === null || options === void 0 ? void 0 : options.browserCustomizationOptions) === null || _a === void 0 ? void 0 : _a.errorMessage,