@azure/identity 4.5.0-beta.2 → 4.5.0-beta.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (213) hide show
  1. package/README.md +45 -49
  2. package/dist/index.js +119 -60
  3. package/dist/index.js.map +1 -1
  4. package/dist-esm/src/client/identityClient.js +3 -2
  5. package/dist-esm/src/client/identityClient.js.map +1 -1
  6. package/dist-esm/src/constants.js +2 -2
  7. package/dist-esm/src/constants.js.map +1 -1
  8. package/dist-esm/src/credentials/authorityValidationOptions.js +1 -1
  9. package/dist-esm/src/credentials/authorityValidationOptions.js.map +1 -1
  10. package/dist-esm/src/credentials/authorizationCodeCredential.browser.js +1 -1
  11. package/dist-esm/src/credentials/authorizationCodeCredential.browser.js.map +1 -1
  12. package/dist-esm/src/credentials/authorizationCodeCredential.js +1 -1
  13. package/dist-esm/src/credentials/authorizationCodeCredential.js.map +1 -1
  14. package/dist-esm/src/credentials/authorizationCodeCredentialOptions.js +1 -1
  15. package/dist-esm/src/credentials/authorizationCodeCredentialOptions.js.map +1 -1
  16. package/dist-esm/src/credentials/azureApplicationCredential.browser.js +1 -1
  17. package/dist-esm/src/credentials/azureApplicationCredential.browser.js.map +1 -1
  18. package/dist-esm/src/credentials/azureApplicationCredential.js +1 -1
  19. package/dist-esm/src/credentials/azureApplicationCredential.js.map +1 -1
  20. package/dist-esm/src/credentials/azureApplicationCredentialOptions.js +1 -1
  21. package/dist-esm/src/credentials/azureApplicationCredentialOptions.js.map +1 -1
  22. package/dist-esm/src/credentials/azureCliCredential.browser.js +1 -1
  23. package/dist-esm/src/credentials/azureCliCredential.browser.js.map +1 -1
  24. package/dist-esm/src/credentials/azureCliCredential.js +1 -1
  25. package/dist-esm/src/credentials/azureCliCredential.js.map +1 -1
  26. package/dist-esm/src/credentials/azureCliCredentialOptions.js +1 -1
  27. package/dist-esm/src/credentials/azureCliCredentialOptions.js.map +1 -1
  28. package/dist-esm/src/credentials/azureDeveloperCliCredential.browser.js +1 -1
  29. package/dist-esm/src/credentials/azureDeveloperCliCredential.browser.js.map +1 -1
  30. package/dist-esm/src/credentials/azureDeveloperCliCredential.js +1 -1
  31. package/dist-esm/src/credentials/azureDeveloperCliCredential.js.map +1 -1
  32. package/dist-esm/src/credentials/azureDeveloperCliCredentialOptions.js +1 -1
  33. package/dist-esm/src/credentials/azureDeveloperCliCredentialOptions.js.map +1 -1
  34. package/dist-esm/src/credentials/azurePipelinesCredential.browser.js +1 -1
  35. package/dist-esm/src/credentials/azurePipelinesCredential.browser.js.map +1 -1
  36. package/dist-esm/src/credentials/azurePipelinesCredential.js +1 -1
  37. package/dist-esm/src/credentials/azurePipelinesCredential.js.map +1 -1
  38. package/dist-esm/src/credentials/azurePipelinesCredentialOptions.js +1 -1
  39. package/dist-esm/src/credentials/azurePipelinesCredentialOptions.js.map +1 -1
  40. package/dist-esm/src/credentials/azurePowerShellCredential.browser.js +1 -1
  41. package/dist-esm/src/credentials/azurePowerShellCredential.browser.js.map +1 -1
  42. package/dist-esm/src/credentials/azurePowerShellCredential.js +1 -1
  43. package/dist-esm/src/credentials/azurePowerShellCredential.js.map +1 -1
  44. package/dist-esm/src/credentials/azurePowerShellCredentialOptions.js +1 -1
  45. package/dist-esm/src/credentials/azurePowerShellCredentialOptions.js.map +1 -1
  46. package/dist-esm/src/credentials/brokerAuthOptions.js.map +1 -1
  47. package/dist-esm/src/credentials/browserCustomizationOptions.js +1 -1
  48. package/dist-esm/src/credentials/browserCustomizationOptions.js.map +1 -1
  49. package/dist-esm/src/credentials/chainedTokenCredential.js +1 -1
  50. package/dist-esm/src/credentials/chainedTokenCredential.js.map +1 -1
  51. package/dist-esm/src/credentials/clientAssertionCredential.browser.js +1 -1
  52. package/dist-esm/src/credentials/clientAssertionCredential.browser.js.map +1 -1
  53. package/dist-esm/src/credentials/clientAssertionCredential.js +1 -1
  54. package/dist-esm/src/credentials/clientAssertionCredential.js.map +1 -1
  55. package/dist-esm/src/credentials/clientAssertionCredentialOptions.js +1 -1
  56. package/dist-esm/src/credentials/clientAssertionCredentialOptions.js.map +1 -1
  57. package/dist-esm/src/credentials/clientCertificateCredential.browser.js +1 -1
  58. package/dist-esm/src/credentials/clientCertificateCredential.browser.js.map +1 -1
  59. package/dist-esm/src/credentials/clientCertificateCredential.js +1 -1
  60. package/dist-esm/src/credentials/clientCertificateCredential.js.map +1 -1
  61. package/dist-esm/src/credentials/clientCertificateCredentialOptions.js +1 -1
  62. package/dist-esm/src/credentials/clientCertificateCredentialOptions.js.map +1 -1
  63. package/dist-esm/src/credentials/clientSecretCredential.browser.js +1 -1
  64. package/dist-esm/src/credentials/clientSecretCredential.browser.js.map +1 -1
  65. package/dist-esm/src/credentials/clientSecretCredential.js +1 -1
  66. package/dist-esm/src/credentials/clientSecretCredential.js.map +1 -1
  67. package/dist-esm/src/credentials/clientSecretCredentialOptions.js +1 -1
  68. package/dist-esm/src/credentials/clientSecretCredentialOptions.js.map +1 -1
  69. package/dist-esm/src/credentials/credentialPersistenceOptions.js +1 -1
  70. package/dist-esm/src/credentials/credentialPersistenceOptions.js.map +1 -1
  71. package/dist-esm/src/credentials/defaultAzureCredential.browser.js +1 -1
  72. package/dist-esm/src/credentials/defaultAzureCredential.browser.js.map +1 -1
  73. package/dist-esm/src/credentials/defaultAzureCredential.js +1 -1
  74. package/dist-esm/src/credentials/defaultAzureCredential.js.map +1 -1
  75. package/dist-esm/src/credentials/defaultAzureCredentialOptions.js +1 -1
  76. package/dist-esm/src/credentials/defaultAzureCredentialOptions.js.map +1 -1
  77. package/dist-esm/src/credentials/deviceCodeCredential.browser.js +1 -1
  78. package/dist-esm/src/credentials/deviceCodeCredential.browser.js.map +1 -1
  79. package/dist-esm/src/credentials/deviceCodeCredential.js +1 -1
  80. package/dist-esm/src/credentials/deviceCodeCredential.js.map +1 -1
  81. package/dist-esm/src/credentials/deviceCodeCredentialOptions.js +1 -1
  82. package/dist-esm/src/credentials/deviceCodeCredentialOptions.js.map +1 -1
  83. package/dist-esm/src/credentials/environmentCredential.browser.js +1 -1
  84. package/dist-esm/src/credentials/environmentCredential.browser.js.map +1 -1
  85. package/dist-esm/src/credentials/environmentCredential.js +1 -1
  86. package/dist-esm/src/credentials/environmentCredential.js.map +1 -1
  87. package/dist-esm/src/credentials/environmentCredentialOptions.js +1 -1
  88. package/dist-esm/src/credentials/environmentCredentialOptions.js.map +1 -1
  89. package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js +1 -1
  90. package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js.map +1 -1
  91. package/dist-esm/src/credentials/interactiveBrowserCredential.js +1 -1
  92. package/dist-esm/src/credentials/interactiveBrowserCredential.js.map +1 -1
  93. package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.js +1 -1
  94. package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.js.map +1 -1
  95. package/dist-esm/src/credentials/interactiveCredentialOptions.js +1 -1
  96. package/dist-esm/src/credentials/interactiveCredentialOptions.js.map +1 -1
  97. package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2017.js +1 -1
  98. package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2017.js.map +1 -1
  99. package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2019.js +1 -1
  100. package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2019.js.map +1 -1
  101. package/dist-esm/src/credentials/managedIdentityCredential/arcMsi.js +1 -1
  102. package/dist-esm/src/credentials/managedIdentityCredential/arcMsi.js.map +1 -1
  103. package/dist-esm/src/credentials/managedIdentityCredential/cloudShellMsi.js +1 -1
  104. package/dist-esm/src/credentials/managedIdentityCredential/cloudShellMsi.js.map +1 -1
  105. package/dist-esm/src/credentials/managedIdentityCredential/constants.js +1 -1
  106. package/dist-esm/src/credentials/managedIdentityCredential/constants.js.map +1 -1
  107. package/dist-esm/src/credentials/managedIdentityCredential/fabricMsi.js +1 -1
  108. package/dist-esm/src/credentials/managedIdentityCredential/fabricMsi.js.map +1 -1
  109. package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js +1 -1
  110. package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js.map +1 -1
  111. package/dist-esm/src/credentials/managedIdentityCredential/imdsRetryPolicy.js +6 -10
  112. package/dist-esm/src/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -1
  113. package/dist-esm/src/credentials/managedIdentityCredential/index.browser.js +1 -1
  114. package/dist-esm/src/credentials/managedIdentityCredential/index.browser.js.map +1 -1
  115. package/dist-esm/src/credentials/managedIdentityCredential/index.js +1 -1
  116. package/dist-esm/src/credentials/managedIdentityCredential/index.js.map +1 -1
  117. package/dist-esm/src/credentials/managedIdentityCredential/legacyMsiProvider.js +7 -1
  118. package/dist-esm/src/credentials/managedIdentityCredential/legacyMsiProvider.js.map +1 -1
  119. package/dist-esm/src/credentials/managedIdentityCredential/models.js +1 -1
  120. package/dist-esm/src/credentials/managedIdentityCredential/models.js.map +1 -1
  121. package/dist-esm/src/credentials/managedIdentityCredential/msalMsiProvider.js +20 -4
  122. package/dist-esm/src/credentials/managedIdentityCredential/msalMsiProvider.js.map +1 -1
  123. package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js +1 -1
  124. package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -1
  125. package/dist-esm/src/credentials/managedIdentityCredential/utils.js +26 -1
  126. package/dist-esm/src/credentials/managedIdentityCredential/utils.js.map +1 -1
  127. package/dist-esm/src/credentials/multiTenantTokenCredentialOptions.js +1 -1
  128. package/dist-esm/src/credentials/multiTenantTokenCredentialOptions.js.map +1 -1
  129. package/dist-esm/src/credentials/onBehalfOfCredential.browser.js +1 -1
  130. package/dist-esm/src/credentials/onBehalfOfCredential.browser.js.map +1 -1
  131. package/dist-esm/src/credentials/onBehalfOfCredential.js +1 -1
  132. package/dist-esm/src/credentials/onBehalfOfCredential.js.map +1 -1
  133. package/dist-esm/src/credentials/onBehalfOfCredentialOptions.js +1 -1
  134. package/dist-esm/src/credentials/onBehalfOfCredentialOptions.js.map +1 -1
  135. package/dist-esm/src/credentials/usernamePasswordCredential.browser.js +1 -1
  136. package/dist-esm/src/credentials/usernamePasswordCredential.browser.js.map +1 -1
  137. package/dist-esm/src/credentials/usernamePasswordCredential.js +1 -1
  138. package/dist-esm/src/credentials/usernamePasswordCredential.js.map +1 -1
  139. package/dist-esm/src/credentials/usernamePasswordCredentialOptions.js +1 -1
  140. package/dist-esm/src/credentials/usernamePasswordCredentialOptions.js.map +1 -1
  141. package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js +1 -1
  142. package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js.map +1 -1
  143. package/dist-esm/src/credentials/visualStudioCodeCredential.js +1 -1
  144. package/dist-esm/src/credentials/visualStudioCodeCredential.js.map +1 -1
  145. package/dist-esm/src/credentials/visualStudioCodeCredentialOptions.js +1 -1
  146. package/dist-esm/src/credentials/visualStudioCodeCredentialOptions.js.map +1 -1
  147. package/dist-esm/src/credentials/visualStudioCodeCredentialPlugin.js +1 -1
  148. package/dist-esm/src/credentials/visualStudioCodeCredentialPlugin.js.map +1 -1
  149. package/dist-esm/src/credentials/workloadIdentityCredential.browser.js +1 -1
  150. package/dist-esm/src/credentials/workloadIdentityCredential.browser.js.map +1 -1
  151. package/dist-esm/src/credentials/workloadIdentityCredential.js +1 -1
  152. package/dist-esm/src/credentials/workloadIdentityCredential.js.map +1 -1
  153. package/dist-esm/src/credentials/workloadIdentityCredentialOptions.js +1 -1
  154. package/dist-esm/src/credentials/workloadIdentityCredentialOptions.js.map +1 -1
  155. package/dist-esm/src/errors.js +1 -2
  156. package/dist-esm/src/errors.js.map +1 -1
  157. package/dist-esm/src/index.js +1 -1
  158. package/dist-esm/src/index.js.map +1 -1
  159. package/dist-esm/src/msal/browserFlows/flows.js +1 -1
  160. package/dist-esm/src/msal/browserFlows/flows.js.map +1 -1
  161. package/dist-esm/src/msal/browserFlows/msalAuthCode.js +1 -1
  162. package/dist-esm/src/msal/browserFlows/msalAuthCode.js.map +1 -1
  163. package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js +3 -1
  164. package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js.map +1 -1
  165. package/dist-esm/src/msal/credentials.js +1 -1
  166. package/dist-esm/src/msal/credentials.js.map +1 -1
  167. package/dist-esm/src/msal/msal.browser.js +1 -1
  168. package/dist-esm/src/msal/msal.browser.js.map +1 -1
  169. package/dist-esm/src/msal/msal.js +1 -1
  170. package/dist-esm/src/msal/msal.js.map +1 -1
  171. package/dist-esm/src/msal/nodeFlows/brokerOptions.js.map +1 -1
  172. package/dist-esm/src/msal/nodeFlows/msalClient.js +17 -8
  173. package/dist-esm/src/msal/nodeFlows/msalClient.js.map +1 -1
  174. package/dist-esm/src/msal/nodeFlows/msalPlugins.js +1 -1
  175. package/dist-esm/src/msal/nodeFlows/msalPlugins.js.map +1 -1
  176. package/dist-esm/src/msal/nodeFlows/tokenCachePersistenceOptions.js +1 -1
  177. package/dist-esm/src/msal/nodeFlows/tokenCachePersistenceOptions.js.map +1 -1
  178. package/dist-esm/src/msal/types.js +1 -1
  179. package/dist-esm/src/msal/types.js.map +1 -1
  180. package/dist-esm/src/msal/utils.js +15 -2
  181. package/dist-esm/src/msal/utils.js.map +1 -1
  182. package/dist-esm/src/plugins/consumer.browser.js +1 -1
  183. package/dist-esm/src/plugins/consumer.browser.js.map +1 -1
  184. package/dist-esm/src/plugins/consumer.js +1 -1
  185. package/dist-esm/src/plugins/consumer.js.map +1 -1
  186. package/dist-esm/src/plugins/provider.js +1 -1
  187. package/dist-esm/src/plugins/provider.js.map +1 -1
  188. package/dist-esm/src/regionalAuthority.js +1 -1
  189. package/dist-esm/src/regionalAuthority.js.map +1 -1
  190. package/dist-esm/src/tokenCredentialOptions.js +1 -1
  191. package/dist-esm/src/tokenCredentialOptions.js.map +1 -1
  192. package/dist-esm/src/tokenProvider.js +1 -1
  193. package/dist-esm/src/tokenProvider.js.map +1 -1
  194. package/dist-esm/src/util/authHostEnv.browser.js +1 -1
  195. package/dist-esm/src/util/authHostEnv.browser.js.map +1 -1
  196. package/dist-esm/src/util/identityTokenEndpoint.js +1 -1
  197. package/dist-esm/src/util/identityTokenEndpoint.js.map +1 -1
  198. package/dist-esm/src/util/logging.js +1 -1
  199. package/dist-esm/src/util/logging.js.map +1 -1
  200. package/dist-esm/src/util/processMultiTenantRequest.browser.js +1 -1
  201. package/dist-esm/src/util/processMultiTenantRequest.browser.js.map +1 -1
  202. package/dist-esm/src/util/processMultiTenantRequest.js +1 -1
  203. package/dist-esm/src/util/processMultiTenantRequest.js.map +1 -1
  204. package/dist-esm/src/util/processUtils.js +1 -1
  205. package/dist-esm/src/util/processUtils.js.map +1 -1
  206. package/dist-esm/src/util/scopeUtils.js +1 -1
  207. package/dist-esm/src/util/scopeUtils.js.map +1 -1
  208. package/dist-esm/src/util/tenantIdUtils.js +1 -1
  209. package/dist-esm/src/util/tenantIdUtils.js.map +1 -1
  210. package/dist-esm/src/util/tracing.js +1 -1
  211. package/dist-esm/src/util/tracing.js.map +1 -1
  212. package/package.json +7 -7
  213. package/types/identity.d.ts +21 -3
package/dist/index.js CHANGED
@@ -40,11 +40,11 @@ var msalCommon__namespace = /*#__PURE__*/_interopNamespaceDefault(msalCommon);
40
40
  var child_process__namespace = /*#__PURE__*/_interopNamespaceDefault(child_process);
41
41
 
42
42
  // Copyright (c) Microsoft Corporation.
43
- // Licensed under the MIT license.
43
+ // Licensed under the MIT License.
44
44
  /**
45
45
  * Current version of the `@azure/identity` package.
46
46
  */
47
- const SDK_VERSION = `4.5.0-beta.2`;
47
+ const SDK_VERSION = `4.5.0-beta.3`;
48
48
  /**
49
49
  * The default client ID for authentication
50
50
  * @internal
@@ -107,7 +107,7 @@ const CACHE_NON_CAE_SUFFIX = "nocae";
107
107
  const DEFAULT_TOKEN_CACHE_NAME = "msal.cache";
108
108
 
109
109
  // Copyright (c) Microsoft Corporation.
110
- // Licensed under the MIT license.
110
+ // Licensed under the MIT License.
111
111
  /**
112
112
  * The current persistence provider, undefined by default.
113
113
  * @internal
@@ -190,7 +190,7 @@ const msalPlugins = {
190
190
  };
191
191
 
192
192
  // Copyright (c) Microsoft Corporation.
193
- // Licensed under the MIT license.
193
+ // Licensed under the MIT License.
194
194
  /**
195
195
  * The AzureLogger used for all clients within the identity package
196
196
  */
@@ -273,7 +273,7 @@ function credentialLogger(title, log = logger$l) {
273
273
  }
274
274
 
275
275
  // Copyright (c) Microsoft Corporation.
276
- // Licensed under the MIT license.
276
+ // Licensed under the MIT License.
277
277
  function isErrorResponse(errorResponse) {
278
278
  return (errorResponse &&
279
279
  typeof errorResponse.error === "string" &&
@@ -305,7 +305,6 @@ const AuthenticationErrorName = "AuthenticationError";
305
305
  * the specific failure.
306
306
  */
307
307
  class AuthenticationError extends Error {
308
- // eslint-disable-next-line @typescript-eslint/ban-types
309
308
  constructor(statusCode, errorBody, options) {
310
309
  let errorResponse = {
311
310
  error: "unknown",
@@ -397,7 +396,7 @@ class AuthenticationRequiredError extends Error {
397
396
  }
398
397
 
399
398
  // Copyright (c) Microsoft Corporation.
400
- // Licensed under the MIT license.
399
+ // Licensed under the MIT License.
401
400
  function createConfigurationErrorMessage(tenantId) {
402
401
  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add "*" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;
403
402
  }
@@ -431,7 +430,7 @@ function processMultiTenantRequest(tenantId, getTokenOptions, additionallyAllowe
431
430
  }
432
431
 
433
432
  // Copyright (c) Microsoft Corporation.
434
- // Licensed under the MIT license.
433
+ // Licensed under the MIT License.
435
434
  /**
436
435
  * @internal
437
436
  */
@@ -472,7 +471,7 @@ function resolveAdditionallyAllowedTenantIds(additionallyAllowedTenants) {
472
471
  }
473
472
 
474
473
  // Copyright (c) Microsoft Corporation.
475
- // Licensed under the MIT license.
474
+ // Licensed under the MIT License.
476
475
  function getIdentityTokenEndpointSuffix(tenantId) {
477
476
  if (tenantId === "adfs") {
478
477
  return "oauth2/token";
@@ -483,7 +482,7 @@ function getIdentityTokenEndpointSuffix(tenantId) {
483
482
  }
484
483
 
485
484
  // Copyright (c) Microsoft Corporation.
486
- // Licensed under the MIT license.
485
+ // Licensed under the MIT License.
487
486
  /**
488
487
  * Creates a span using the global tracer.
489
488
  * @internal
@@ -495,14 +494,14 @@ const tracingClient = coreTracing.createTracingClient({
495
494
  });
496
495
 
497
496
  // Copyright (c) Microsoft Corporation.
498
- // Licensed under the MIT license.
497
+ // Licensed under the MIT License.
499
498
  const DefaultScopeSuffix = "/.default";
500
499
  const imdsHost = "http://169.254.169.254";
501
500
  const imdsEndpointPath = "/metadata/identity/oauth2/token";
502
501
  const imdsApiVersion = "2018-02-01";
503
502
 
504
503
  // Copyright (c) Microsoft Corporation.
505
- // Licensed under the MIT license.
504
+ // Licensed under the MIT License.
506
505
  /**
507
506
  * Most MSIs send requests to the IMDS endpoint, or a similar endpoint.
508
507
  * These are GET requests that require sending a `resource` parameter on the query.
@@ -551,9 +550,34 @@ function parseExpirationTimestamp(body) {
551
550
  }
552
551
  throw new Error(`Failed to parse token expiration from body. expires_in="${body.expires_in}", expires_on="${body.expires_on}"`);
553
552
  }
553
+ /**
554
+ * Given a token response, return the expiration timestamp as the number of milliseconds from the Unix epoch.
555
+ * @param body - A parsed response body from the authentication endpoint.
556
+ */
557
+ function parseRefreshTimestamp(body) {
558
+ if (body.refresh_on) {
559
+ if (typeof body.refresh_on === "number") {
560
+ return body.refresh_on * 1000;
561
+ }
562
+ if (typeof body.refresh_on === "string") {
563
+ const asNumber = +body.refresh_on;
564
+ if (!isNaN(asNumber)) {
565
+ return asNumber * 1000;
566
+ }
567
+ const asDate = Date.parse(body.refresh_on);
568
+ if (!isNaN(asDate)) {
569
+ return asDate;
570
+ }
571
+ }
572
+ throw new Error(`Failed to parse refresh_on from body. refresh_on="${body.refresh_on}"`);
573
+ }
574
+ else {
575
+ return undefined;
576
+ }
577
+ }
554
578
 
555
579
  // Copyright (c) Microsoft Corporation.
556
- // Licensed under the MIT license.
580
+ // Licensed under the MIT License.
557
581
  const noCorrelationId = "noCorrelationId";
558
582
  /**
559
583
  * @internal
@@ -615,6 +639,7 @@ class IdentityClient extends coreClient.ServiceClient {
615
639
  accessToken: {
616
640
  token: parsedBody.access_token,
617
641
  expiresOnTimestamp: parseExpirationTimestamp(parsedBody),
642
+ refreshAfterTimestamp: parseRefreshTimestamp(parsedBody),
618
643
  },
619
644
  refreshToken: parsedBody.refresh_token,
620
645
  };
@@ -790,7 +815,7 @@ class IdentityClient extends coreClient.ServiceClient {
790
815
  }
791
816
 
792
817
  // Copyright (c) Microsoft Corporation.
793
- // Licensed under the MIT license.
818
+ // Licensed under the MIT License.
794
819
  const CommonTenantId = "common";
795
820
  const AzureAccountClientId = "aebc6443-996d-45c2-90f0-388ff96faa56"; // VSC: 'aebc6443-996d-45c2-90f0-388ff96faa56'
796
821
  const logger$k = credentialLogger("VisualStudioCodeCredential");
@@ -971,7 +996,7 @@ class VisualStudioCodeCredential {
971
996
  }
972
997
 
973
998
  // Copyright (c) Microsoft Corporation.
974
- // Licensed under the MIT license.
999
+ // Licensed under the MIT License.
975
1000
  /**
976
1001
  * The context passed to an Identity plugin. This contains objects that
977
1002
  * plugins can use to set backend implementations.
@@ -1014,7 +1039,7 @@ function useIdentityPlugin(plugin) {
1014
1039
  }
1015
1040
 
1016
1041
  // Copyright (c) Microsoft Corporation.
1017
- // Licensed under the MIT license.
1042
+ // Licensed under the MIT License.
1018
1043
  /**
1019
1044
  * @internal
1020
1045
  */
@@ -1047,6 +1072,19 @@ function ensureValidMsalToken(scopes, msalToken, getTokenOptions) {
1047
1072
  throw error(`Response had no "accessToken" property.`);
1048
1073
  }
1049
1074
  }
1075
+ /**
1076
+ * Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable.
1077
+ *
1078
+ * Defaults to {@link DefaultAuthorityHost}.
1079
+ * @internal
1080
+ */
1081
+ function getAuthorityHost(options) {
1082
+ let authorityHost = options === null || options === void 0 ? void 0 : options.authorityHost;
1083
+ if (!authorityHost && coreUtil.isNodeLike) {
1084
+ authorityHost = process.env.AZURE_AUTHORITY_HOST;
1085
+ }
1086
+ return authorityHost !== null && authorityHost !== void 0 ? authorityHost : DefaultAuthorityHost;
1087
+ }
1050
1088
  /**
1051
1089
  * Generates a valid authority by combining a host with a tenantId.
1052
1090
  * @internal
@@ -1216,7 +1254,7 @@ function deserializeAuthenticationRecord(serializedRecord) {
1216
1254
  }
1217
1255
 
1218
1256
  // Copyright (c) Microsoft Corporation.
1219
- // Licensed under the MIT license.
1257
+ // Licensed under the MIT License.
1220
1258
  const msiName$1 = "ManagedIdentityCredential - IMDS";
1221
1259
  const logger$i = credentialLogger(msiName$1);
1222
1260
  /**
@@ -1353,7 +1391,7 @@ const imdsMsi = {
1353
1391
  };
1354
1392
 
1355
1393
  // Copyright (c) Microsoft Corporation.
1356
- // Licensed under the MIT license.
1394
+ // Licensed under the MIT License.
1357
1395
  // Matches the default retry configuration in expontentialRetryStrategy.ts
1358
1396
  const DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;
1359
1397
  /**
@@ -1372,14 +1410,10 @@ function imdsRetryPolicy(msiRetryConfig) {
1372
1410
  if ((response === null || response === void 0 ? void 0 : response.status) !== 404) {
1373
1411
  return { skipStrategy: true };
1374
1412
  }
1375
- // Exponentially increase the delay each time
1376
- const exponentialDelay = msiRetryConfig.startDelayInMs * Math.pow(2, retryCount);
1377
- // Don't let the delay exceed the maximum
1378
- const clampedExponentialDelay = Math.min(DEFAULT_CLIENT_MAX_RETRY_INTERVAL, exponentialDelay);
1379
- // Allow the final value to have some "jitter" (within 50% of the delay size) so
1380
- // that retries across multiple clients don't occur simultaneously.
1381
- const retryAfterInMs = clampedExponentialDelay / 2 + coreUtil.getRandomIntegerInclusive(0, clampedExponentialDelay / 2);
1382
- return { retryAfterInMs };
1413
+ return coreUtil.calculateRetryDelay(retryCount, {
1414
+ retryDelayInMs: msiRetryConfig.startDelayInMs,
1415
+ maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,
1416
+ });
1383
1417
  },
1384
1418
  },
1385
1419
  ], {
@@ -1388,7 +1422,7 @@ function imdsRetryPolicy(msiRetryConfig) {
1388
1422
  }
1389
1423
 
1390
1424
  // Copyright (c) Microsoft Corporation.
1391
- // Licensed under the MIT license.
1425
+ // Licensed under the MIT License.
1392
1426
  /**
1393
1427
  * Helps specify a regional authority, or "AutoDiscoverRegion" to auto-detect the region.
1394
1428
  */
@@ -1528,7 +1562,7 @@ function calculateRegionalAuthority(regionalAuthority) {
1528
1562
  }
1529
1563
 
1530
1564
  // Copyright (c) Microsoft Corporation.
1531
- // Licensed under the MIT license.
1565
+ // Licensed under the MIT License.
1532
1566
  /**
1533
1567
  * The default logger used if no logger was passed in by the credential.
1534
1568
  */
@@ -1549,10 +1583,10 @@ const interactiveBrowserMockable = {
1549
1583
  * @returns The MSAL configuration object.
1550
1584
  */
1551
1585
  function generateMsalConfiguration(clientId, tenantId, msalClientOptions = {}) {
1552
- var _a, _b, _c, _d;
1586
+ var _a, _b, _c;
1553
1587
  const resolvedTenant = resolveTenantId((_a = msalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger, tenantId, clientId);
1554
1588
  // TODO: move and reuse getIdentityClientAuthorityHost
1555
- const authority = getAuthority(resolvedTenant, (_b = msalClientOptions.authorityHost) !== null && _b !== void 0 ? _b : process.env.AZURE_AUTHORITY_HOST);
1589
+ const authority = getAuthority(resolvedTenant, getAuthorityHost(msalClientOptions));
1556
1590
  const httpClient = new IdentityClient(Object.assign(Object.assign({}, msalClientOptions.tokenCredentialOptions), { authorityHost: authority, loggingOptions: msalClientOptions.loggingOptions }));
1557
1591
  const msalConfig = {
1558
1592
  auth: {
@@ -1563,9 +1597,9 @@ function generateMsalConfiguration(clientId, tenantId, msalClientOptions = {}) {
1563
1597
  system: {
1564
1598
  networkClient: httpClient,
1565
1599
  loggerOptions: {
1566
- loggerCallback: defaultLoggerCallback((_c = msalClientOptions.logger) !== null && _c !== void 0 ? _c : msalLogger),
1600
+ loggerCallback: defaultLoggerCallback((_b = msalClientOptions.logger) !== null && _b !== void 0 ? _b : msalLogger),
1567
1601
  logLevel: getMSALLogLevel(logger$m.getLogLevel()),
1568
- piiLoggingEnabled: (_d = msalClientOptions.loggingOptions) === null || _d === void 0 ? void 0 : _d.enableUnsafeSupportLogging,
1602
+ piiLoggingEnabled: (_c = msalClientOptions.loggingOptions) === null || _c === void 0 ? void 0 : _c.enableUnsafeSupportLogging,
1569
1603
  },
1570
1604
  },
1571
1605
  };
@@ -1670,7 +1704,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1670
1704
  */
1671
1705
  function calculateRequestAuthority(options) {
1672
1706
  if (options === null || options === void 0 ? void 0 : options.tenantId) {
1673
- return getAuthority(options.tenantId, createMsalClientOptions.authorityHost);
1707
+ return getAuthority(options.tenantId, getAuthorityHost(createMsalClientOptions));
1674
1708
  }
1675
1709
  return state.msalConfig.auth.authority;
1676
1710
  }
@@ -1685,7 +1719,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1685
1719
  * @returns A promise that resolves to an AccessToken object containing the access token and its expiration timestamp.
1686
1720
  */
1687
1721
  async function withSilentAuthentication(msalApp, scopes, options, onAuthenticationRequired) {
1688
- var _a;
1722
+ var _a, _b;
1689
1723
  let response = null;
1690
1724
  try {
1691
1725
  response = await getTokenSilent(msalApp, scopes, options);
@@ -1718,9 +1752,11 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1718
1752
  return {
1719
1753
  token: response.accessToken,
1720
1754
  expiresOnTimestamp: response.expiresOn.getTime(),
1755
+ refreshAfterTimestamp: (_b = response.refreshOn) === null || _b === void 0 ? void 0 : _b.getTime(),
1721
1756
  };
1722
1757
  }
1723
1758
  async function getTokenByClientSecret(scopes, clientSecret, options = {}) {
1759
+ var _a;
1724
1760
  state.logger.getToken.info(`Attempting to acquire token using client secret`);
1725
1761
  state.msalConfig.auth.clientSecret = clientSecret;
1726
1762
  const msalApp = await getConfidentialApp(options);
@@ -1736,6 +1772,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1736
1772
  return {
1737
1773
  token: response.accessToken,
1738
1774
  expiresOnTimestamp: response.expiresOn.getTime(),
1775
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1739
1776
  };
1740
1777
  }
1741
1778
  catch (err) {
@@ -1743,6 +1780,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1743
1780
  }
1744
1781
  }
1745
1782
  async function getTokenByClientAssertion(scopes, clientAssertion, options = {}) {
1783
+ var _a;
1746
1784
  state.logger.getToken.info(`Attempting to acquire token using client assertion`);
1747
1785
  state.msalConfig.auth.clientAssertion = clientAssertion;
1748
1786
  const msalApp = await getConfidentialApp(options);
@@ -1759,6 +1797,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1759
1797
  return {
1760
1798
  token: response.accessToken,
1761
1799
  expiresOnTimestamp: response.expiresOn.getTime(),
1800
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1762
1801
  };
1763
1802
  }
1764
1803
  catch (err) {
@@ -1766,6 +1805,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1766
1805
  }
1767
1806
  }
1768
1807
  async function getTokenByClientCertificate(scopes, certificate, options = {}) {
1808
+ var _a;
1769
1809
  state.logger.getToken.info(`Attempting to acquire token using client certificate`);
1770
1810
  state.msalConfig.auth.clientCertificate = certificate;
1771
1811
  const msalApp = await getConfidentialApp(options);
@@ -1781,6 +1821,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1781
1821
  return {
1782
1822
  token: response.accessToken,
1783
1823
  expiresOnTimestamp: response.expiresOn.getTime(),
1824
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1784
1825
  };
1785
1826
  }
1786
1827
  catch (err) {
@@ -1851,6 +1892,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1851
1892
  });
1852
1893
  }
1853
1894
  async function getTokenOnBehalfOf(scopes, userAssertionToken, clientCredentials, options = {}) {
1895
+ var _a;
1854
1896
  msalLogger.getToken.info(`Attempting to acquire token on behalf of another user`);
1855
1897
  if (typeof clientCredentials === "string") {
1856
1898
  // Client secret
@@ -1880,6 +1922,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1880
1922
  return {
1881
1923
  token: response.accessToken,
1882
1924
  expiresOnTimestamp: response.expiresOn.getTime(),
1925
+ refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
1883
1926
  };
1884
1927
  }
1885
1928
  catch (err) {
@@ -1968,7 +2011,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
1968
2011
  }
1969
2012
 
1970
2013
  // Copyright (c) Microsoft Corporation.
1971
- // Licensed under the MIT license.
2014
+ // Licensed under the MIT License.
1972
2015
  const logger$h = credentialLogger("ClientAssertionCredential");
1973
2016
  /**
1974
2017
  * Authenticates a service principal with a JWT assertion.
@@ -2018,7 +2061,7 @@ class ClientAssertionCredential {
2018
2061
  }
2019
2062
 
2020
2063
  // Copyright (c) Microsoft Corporation.
2021
- // Licensed under the MIT license.
2064
+ // Licensed under the MIT License.
2022
2065
  const credentialName$4 = "WorkloadIdentityCredential";
2023
2066
  /**
2024
2067
  * Contains the list of all supported environment variable names so that an
@@ -2127,7 +2170,7 @@ class WorkloadIdentityCredential {
2127
2170
  }
2128
2171
 
2129
2172
  // Copyright (c) Microsoft Corporation.
2130
- // Licensed under the MIT license.
2173
+ // Licensed under the MIT License.
2131
2174
  const msiName = "ManagedIdentityCredential - Token Exchange";
2132
2175
  const logger$f = credentialLogger(msiName);
2133
2176
  /**
@@ -2154,7 +2197,7 @@ const tokenExchangeMsi = {
2154
2197
  };
2155
2198
 
2156
2199
  // Copyright (c) Microsoft Corporation.
2157
- // Licensed under the MIT license.
2200
+ // Licensed under the MIT License.
2158
2201
  const logger$e = credentialLogger("ManagedIdentityCredential(MSAL)");
2159
2202
  class MsalMsiProvider {
2160
2203
  constructor(clientIdOrOptions, options = {}) {
@@ -2174,9 +2217,11 @@ class MsalMsiProvider {
2174
2217
  _options = clientIdOrOptions !== null && clientIdOrOptions !== void 0 ? clientIdOrOptions : {};
2175
2218
  }
2176
2219
  this.resourceId = _options === null || _options === void 0 ? void 0 : _options.resourceId;
2220
+ this.objectId = _options === null || _options === void 0 ? void 0 : _options.objectId;
2177
2221
  // For JavaScript users.
2178
- if (this.clientId && this.resourceId) {
2179
- throw new Error(`ManagedIdentityCredential - Client Id and Resource Id can't be provided at the same time.`);
2222
+ const providedIds = [this.clientId, this.resourceId, this.objectId].filter(Boolean);
2223
+ if (providedIds.length > 1) {
2224
+ throw new Error(`ManagedIdentityCredential: only one of 'clientId', 'resourceId', or 'objectId' can be provided. Received values: ${JSON.stringify({ clientId: this.clientId, resourceId: this.resourceId, objectId: this.objectId })}`);
2180
2225
  }
2181
2226
  // ManagedIdentity uses http for local requests
2182
2227
  _options.allowInsecureConnection = true;
@@ -2188,6 +2233,7 @@ class MsalMsiProvider {
2188
2233
  managedIdentityIdParams: {
2189
2234
  userAssignedClientId: this.clientId,
2190
2235
  userAssignedResourceId: this.resourceId,
2236
+ userAssignedObjectId: this.objectId,
2191
2237
  },
2192
2238
  system: {
2193
2239
  // todo: proxyUrl?
@@ -2203,6 +2249,17 @@ class MsalMsiProvider {
2203
2249
  this.isAvailableIdentityClient = new IdentityClient(Object.assign(Object.assign({}, _options), { retryOptions: {
2204
2250
  maxRetries: 0,
2205
2251
  } }));
2252
+ // CloudShell MSI will ignore any user-assigned identity passed as parameters. To avoid confusion, we prevent this from happening as early as possible.
2253
+ if (this.managedIdentityApp.getManagedIdentitySource() === "CloudShell") {
2254
+ if (this.clientId || this.resourceId || this.objectId) {
2255
+ logger$e.warning(`CloudShell MSI detected with user-provided IDs - throwing. Received values: ${JSON.stringify({
2256
+ clientId: this.clientId,
2257
+ resourceId: this.resourceId,
2258
+ objectId: this.objectId,
2259
+ })}.`);
2260
+ throw new CredentialUnavailableError("ManagedIdentityCredential: Specifying a user-assigned managed identity is not supported for CloudShell at runtime. When using Managed Identity in CloudShell, omit the clientId, resourceId, and objectId parameters.");
2261
+ }
2262
+ }
2206
2263
  }
2207
2264
  /**
2208
2265
  * Authenticates with Microsoft Entra ID and returns an access token if successful.
@@ -2220,6 +2277,7 @@ class MsalMsiProvider {
2220
2277
  throw new CredentialUnavailableError(`ManagedIdentityCredential: Multiple scopes are not supported. Scopes: ${JSON.stringify(scopes)}`);
2221
2278
  }
2222
2279
  return tracingClient.withSpan("ManagedIdentityCredential.getToken", options, async () => {
2280
+ var _a;
2223
2281
  try {
2224
2282
  const isTokenExchangeMsi = await tokenExchangeMsi.isAvailable({
2225
2283
  scopes,
@@ -2263,7 +2321,7 @@ class MsalMsiProvider {
2263
2321
  resourceId: this.resourceId,
2264
2322
  });
2265
2323
  if (!isAvailable) {
2266
- throw new CredentialUnavailableError(`ManagedIdentityCredential: Attempted to use the IMDS endpoint, but it is not available.`);
2324
+ throw new CredentialUnavailableError(`Attempted to use the IMDS endpoint, but it is not available.`);
2267
2325
  }
2268
2326
  }
2269
2327
  // If we got this far, it means:
@@ -2279,6 +2337,7 @@ class MsalMsiProvider {
2279
2337
  return {
2280
2338
  expiresOnTimestamp: token.expiresOn.getTime(),
2281
2339
  token: token.accessToken,
2340
+ refreshAfterTimestamp: (_a = token.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
2282
2341
  };
2283
2342
  }
2284
2343
  catch (err) {
@@ -2338,7 +2397,7 @@ function isNetworkError(err) {
2338
2397
  }
2339
2398
 
2340
2399
  // Copyright (c) Microsoft Corporation.
2341
- // Licensed under the MIT license.
2400
+ // Licensed under the MIT License.
2342
2401
  /**
2343
2402
  * Attempts authentication using a managed identity available at the deployment environment.
2344
2403
  * This authentication type works in Azure VMs, App Service instances, Azure Functions applications,
@@ -2374,7 +2433,7 @@ class ManagedIdentityCredential {
2374
2433
  }
2375
2434
 
2376
2435
  // Copyright (c) Microsoft Corporation.
2377
- // Licensed under the MIT license.
2436
+ // Licensed under the MIT License.
2378
2437
  /**
2379
2438
  * Ensures the scopes value is an array.
2380
2439
  * @internal
@@ -2402,7 +2461,7 @@ function getScopeResource(scope) {
2402
2461
  }
2403
2462
 
2404
2463
  // Copyright (c) Microsoft Corporation.
2405
- // Licensed under the MIT license.
2464
+ // Licensed under the MIT License.
2406
2465
  /**
2407
2466
  * Mockable reference to the CLI credential cliCredentialFunctions
2408
2467
  * @internal
@@ -2569,7 +2628,7 @@ class AzureCliCredential {
2569
2628
  }
2570
2629
 
2571
2630
  // Copyright (c) Microsoft Corporation.
2572
- // Licensed under the MIT license.
2631
+ // Licensed under the MIT License.
2573
2632
  /**
2574
2633
  * Mockable reference to the Developer CLI credential cliCredentialFunctions
2575
2634
  * @internal
@@ -2733,7 +2792,7 @@ class AzureDeveloperCliCredential {
2733
2792
  }
2734
2793
 
2735
2794
  // Copyright (c) Microsoft Corporation.
2736
- // Licensed under the MIT license.
2795
+ // Licensed under the MIT License.
2737
2796
  /**
2738
2797
  * Easy to mock childProcess utils.
2739
2798
  * @internal
@@ -2764,7 +2823,7 @@ const processUtils = {
2764
2823
  };
2765
2824
 
2766
2825
  // Copyright (c) Microsoft Corporation.
2767
- // Licensed under the MIT license.
2826
+ // Licensed under the MIT License.
2768
2827
  const logger$b = credentialLogger("AzurePowerShellCredential");
2769
2828
  const isWindows = process.platform === "win32";
2770
2829
  /**
@@ -2986,7 +3045,7 @@ async function parseJsonToken(result) {
2986
3045
  }
2987
3046
 
2988
3047
  // Copyright (c) Microsoft Corporation.
2989
- // Licensed under the MIT license.
3048
+ // Licensed under the MIT License.
2990
3049
  /**
2991
3050
  * @internal
2992
3051
  */
@@ -3065,7 +3124,7 @@ class ChainedTokenCredential {
3065
3124
  }
3066
3125
 
3067
3126
  // Copyright (c) Microsoft Corporation.
3068
- // Licensed under the MIT license.
3127
+ // Licensed under the MIT License.
3069
3128
  const credentialName$3 = "ClientCertificateCredential";
3070
3129
  const logger$9 = credentialLogger(credentialName$3);
3071
3130
  /**
@@ -3178,7 +3237,7 @@ async function parseCertificate(certificateConfiguration, sendCertificateChain)
3178
3237
  }
3179
3238
 
3180
3239
  // Copyright (c) Microsoft Corporation.
3181
- // Licensed under the MIT license.
3240
+ // Licensed under the MIT License.
3182
3241
  const logger$8 = credentialLogger("ClientSecretCredential");
3183
3242
  /**
3184
3243
  * Enables authentication to Microsoft Entra ID using a client secret
@@ -3232,7 +3291,7 @@ class ClientSecretCredential {
3232
3291
  }
3233
3292
 
3234
3293
  // Copyright (c) Microsoft Corporation.
3235
- // Licensed under the MIT license.
3294
+ // Licensed under the MIT License.
3236
3295
  const logger$7 = credentialLogger("UsernamePasswordCredential");
3237
3296
  /**
3238
3297
  * Enables authentication to Microsoft Entra ID with a user's
@@ -3293,7 +3352,7 @@ class UsernamePasswordCredential {
3293
3352
  }
3294
3353
 
3295
3354
  // Copyright (c) Microsoft Corporation.
3296
- // Licensed under the MIT license.
3355
+ // Licensed under the MIT License.
3297
3356
  /**
3298
3357
  * Contains the list of all supported environment variable names so that an
3299
3358
  * appropriate error message can be generated when no credentials can be
@@ -3416,7 +3475,7 @@ class EnvironmentCredential {
3416
3475
  }
3417
3476
 
3418
3477
  // Copyright (c) Microsoft Corporation.
3419
- // Licensed under the MIT license.
3478
+ // Licensed under the MIT License.
3420
3479
  const logger$5 = credentialLogger("DefaultAzureCredential");
3421
3480
  /**
3422
3481
  * Creates a {@link ManagedIdentityCredential} from the provided options.
@@ -3559,7 +3618,7 @@ class DefaultAzureCredential extends ChainedTokenCredential {
3559
3618
  }
3560
3619
 
3561
3620
  // Copyright (c) Microsoft Corporation.
3562
- // Licensed under the MIT license.
3621
+ // Licensed under the MIT License.
3563
3622
  const logger$4 = credentialLogger("InteractiveBrowserCredential");
3564
3623
  /**
3565
3624
  * Enables authentication to Microsoft Entra ID inside of the web browser
@@ -3644,7 +3703,7 @@ class InteractiveBrowserCredential {
3644
3703
  }
3645
3704
 
3646
3705
  // Copyright (c) Microsoft Corporation.
3647
- // Licensed under the MIT license.
3706
+ // Licensed under the MIT License.
3648
3707
  const logger$3 = credentialLogger("DeviceCodeCredential");
3649
3708
  /**
3650
3709
  * Method that logs the user code from the DeviceCodeCredential.
@@ -3727,7 +3786,7 @@ class DeviceCodeCredential {
3727
3786
  }
3728
3787
 
3729
3788
  // Copyright (c) Microsoft Corporation.
3730
- // Licensed under the MIT license.
3789
+ // Licensed under the MIT License.
3731
3790
  const credentialName$1 = "AzurePipelinesCredential";
3732
3791
  const logger$2 = credentialLogger(credentialName$1);
3733
3792
  const OIDC_API_VERSION = "7.1";
@@ -3851,7 +3910,7 @@ function handleOidcResponse(response) {
3851
3910
  }
3852
3911
 
3853
3912
  // Copyright (c) Microsoft Corporation.
3854
- // Licensed under the MIT license.
3913
+ // Licensed under the MIT License.
3855
3914
  const logger$1 = credentialLogger("AuthorizationCodeCredential");
3856
3915
  /**
3857
3916
  * Enables authentication to Microsoft Entra ID using an authorization code
@@ -3905,7 +3964,7 @@ class AuthorizationCodeCredential {
3905
3964
  }
3906
3965
 
3907
3966
  // Copyright (c) Microsoft Corporation.
3908
- // Licensed under the MIT license.
3967
+ // Licensed under the MIT License.
3909
3968
  const credentialName = "OnBehalfOfCredential";
3910
3969
  const logger = credentialLogger(credentialName);
3911
3970
  /**
@@ -4009,7 +4068,7 @@ class OnBehalfOfCredential {
4009
4068
  }
4010
4069
 
4011
4070
  // Copyright (c) Microsoft Corporation.
4012
- // Licensed under the MIT license.
4071
+ // Licensed under the MIT License.
4013
4072
  /**
4014
4073
  * Returns a callback that provides a bearer token.
4015
4074
  * For example, the bearer token can be used to authenticate a request as follows:
@@ -4060,7 +4119,7 @@ function getBearerTokenProvider(credential, scopes, options) {
4060
4119
  }
4061
4120
 
4062
4121
  // Copyright (c) Microsoft Corporation.
4063
- // Licensed under the MIT license.
4122
+ // Licensed under the MIT License.
4064
4123
  /**
4065
4124
  * Returns a new instance of the {@link DefaultAzureCredential}.
4066
4125
  */