@azure/identity 4.5.0-alpha.20240823.1 → 4.5.0-alpha.20240826.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (16) hide show
  1. package/dist/index.js +38 -1
  2. package/dist/index.js.map +1 -1
  3. package/dist-esm/src/client/identityClient.js +2 -1
  4. package/dist-esm/src/client/identityClient.js.map +1 -1
  5. package/dist-esm/src/credentials/managedIdentityCredential/legacyMsiProvider.js +6 -0
  6. package/dist-esm/src/credentials/managedIdentityCredential/legacyMsiProvider.js.map +1 -1
  7. package/dist-esm/src/credentials/managedIdentityCredential/msalMsiProvider.js +2 -0
  8. package/dist-esm/src/credentials/managedIdentityCredential/msalMsiProvider.js.map +1 -1
  9. package/dist-esm/src/credentials/managedIdentityCredential/utils.js +25 -0
  10. package/dist-esm/src/credentials/managedIdentityCredential/utils.js.map +1 -1
  11. package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js +2 -0
  12. package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js.map +1 -1
  13. package/dist-esm/src/msal/nodeFlows/msalClient.js +10 -1
  14. package/dist-esm/src/msal/nodeFlows/msalClient.js.map +1 -1
  15. package/dist-esm/src/msal/types.js.map +1 -1
  16. package/package.json +2 -2
package/dist/index.js CHANGED
@@ -550,6 +550,31 @@ function parseExpirationTimestamp(body) {
550
550
  }
551
551
  throw new Error(`Failed to parse token expiration from body. expires_in="${body.expires_in}", expires_on="${body.expires_on}"`);
552
552
  }
553
+ /**
554
+ * Given a token response, return the expiration timestamp as the number of milliseconds from the Unix epoch.
555
+ * @param body - A parsed response body from the authentication endpoint.
556
+ */
557
+ function parseRefreshTimestamp(body) {
558
+ if (body.refresh_on) {
559
+ if (typeof body.refresh_on === "number") {
560
+ return body.refresh_on * 1000;
561
+ }
562
+ if (typeof body.refresh_on === "string") {
563
+ const asNumber = +body.refresh_on;
564
+ if (!isNaN(asNumber)) {
565
+ return asNumber * 1000;
566
+ }
567
+ const asDate = Date.parse(body.refresh_on);
568
+ if (!isNaN(asDate)) {
569
+ return asDate;
570
+ }
571
+ }
572
+ throw new Error(`Failed to parse refresh_on from body. refresh_on="${body.refresh_on}"`);
573
+ }
574
+ else {
575
+ return undefined;
576
+ }
577
+ }
553
578
 
554
579
  // Copyright (c) Microsoft Corporation.
555
580
  // Licensed under the MIT license.
@@ -614,6 +639,7 @@ class IdentityClient extends coreClient.ServiceClient {
614
639
  accessToken: {
615
640
  token: parsedBody.access_token,
616
641
  expiresOnTimestamp: parseExpirationTimestamp(parsedBody),
642
+ refreshAfterTimestamp: parseRefreshTimestamp(parsedBody),
617
643
  },
618
644
  refreshToken: parsedBody.refresh_token,
619
645
  };
@@ -1684,7 +1710,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1684
1710
  * @returns A promise that resolves to an AccessToken object containing the access token and its expiration timestamp.
1685
1711
  */
1686
1712
  async function withSilentAuthentication(msalApp, scopes, options, onAuthenticationRequired) {
1687
- var _a;
1713
+ var _a, _b;
1688
1714
  let response = null;
1689
1715
  try {
1690
1716
  response = await getTokenSilent(msalApp, scopes, options);
@@ -1717,9 +1743,11 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1717
1743
  return {
1718
1744
  token: response.accessToken,
1719
1745
  expiresOnTimestamp: response.expiresOn.getTime(),
1746
+ refreshAfterTimestamp: (_b = response.refreshOn) === null || _b === void 0 ? void 0 : _b.getTime(),
1720
1747
  };
1721
1748
  }
1722
1749
  async function getTokenByClientSecret(scopes, clientSecret, options = {}) {
1750
+ var _a;
1723
1751
  state.logger.getToken.info(`Attempting to acquire token using client secret`);
1724
1752
  state.msalConfig.auth.clientSecret = clientSecret;
1725
1753
  const msalApp = await getConfidentialApp(options);
@@ -1735,6 +1763,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1735
1763
  return {
1736
1764
  token: response.accessToken,
1737
1765
  expiresOnTimestamp: response.expiresOn.getTime(),
1766
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1738
1767
  };
1739
1768
  }
1740
1769
  catch (err) {
@@ -1742,6 +1771,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1742
1771
  }
1743
1772
  }
1744
1773
  async function getTokenByClientAssertion(scopes, clientAssertion, options = {}) {
1774
+ var _a;
1745
1775
  state.logger.getToken.info(`Attempting to acquire token using client assertion`);
1746
1776
  state.msalConfig.auth.clientAssertion = clientAssertion;
1747
1777
  const msalApp = await getConfidentialApp(options);
@@ -1758,6 +1788,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1758
1788
  return {
1759
1789
  token: response.accessToken,
1760
1790
  expiresOnTimestamp: response.expiresOn.getTime(),
1791
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1761
1792
  };
1762
1793
  }
1763
1794
  catch (err) {
@@ -1765,6 +1796,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1765
1796
  }
1766
1797
  }
1767
1798
  async function getTokenByClientCertificate(scopes, certificate, options = {}) {
1799
+ var _a;
1768
1800
  state.logger.getToken.info(`Attempting to acquire token using client certificate`);
1769
1801
  state.msalConfig.auth.clientCertificate = certificate;
1770
1802
  const msalApp = await getConfidentialApp(options);
@@ -1780,6 +1812,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1780
1812
  return {
1781
1813
  token: response.accessToken,
1782
1814
  expiresOnTimestamp: response.expiresOn.getTime(),
1815
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1783
1816
  };
1784
1817
  }
1785
1818
  catch (err) {
@@ -1850,6 +1883,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1850
1883
  });
1851
1884
  }
1852
1885
  async function getTokenOnBehalfOf(scopes, userAssertionToken, clientCredentials, options = {}) {
1886
+ var _a;
1853
1887
  msalLogger.getToken.info(`Attempting to acquire token on behalf of another user`);
1854
1888
  if (typeof clientCredentials === "string") {
1855
1889
  // Client secret
@@ -1879,6 +1913,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1879
1913
  return {
1880
1914
  token: response.accessToken,
1881
1915
  expiresOnTimestamp: response.expiresOn.getTime(),
1916
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1882
1917
  };
1883
1918
  }
1884
1919
  catch (err) {
@@ -2222,6 +2257,7 @@ class MsalMsiProvider {
2222
2257
  throw new CredentialUnavailableError(`ManagedIdentityCredential: Multiple scopes are not supported. Scopes: ${JSON.stringify(scopes)}`);
2223
2258
  }
2224
2259
  return tracingClient.withSpan("ManagedIdentityCredential.getToken", options, async () => {
2260
+ var _a;
2225
2261
  try {
2226
2262
  const isTokenExchangeMsi = await tokenExchangeMsi.isAvailable({
2227
2263
  scopes,
@@ -2281,6 +2317,7 @@ class MsalMsiProvider {
2281
2317
  return {
2282
2318
  expiresOnTimestamp: token.expiresOn.getTime(),
2283
2319
  token: token.accessToken,
2320
+ refreshAfterTimestamp: (_a = token.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
2284
2321
  };
2285
2322
  }
2286
2323
  catch (err) {