@azure/identity 4.5.1-alpha.20241028.2 → 4.5.1-alpha.20241030.1

package/dist-esm/src/msal/nodeFlows/msalPlugins.js.map

@@ -1 +1 @@
-{"version":3,"file":"msalPlugins.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAC;AAoDnG;;;GAGG;AACH,MAAM,CAAC,IAAI,mBAAmB,GAEd,SAAS,CAAC;AAE1B;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,cAAc,CAAC,cAA8D;QAC3E,mBAAmB,GAAG,cAAc,CAAC;IACvC,CAAC;CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,IAAI,gBAAgB,GAIX,SAAS,CAAC;AAE1B,MAAM,UAAU,eAAe;IAC7B,OAAO,gBAAgB,KAAK,SAAS,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAA8B;IACxE,eAAe,CAAC,MAAM;QACpB,gBAAgB,GAAG;YACjB,MAAM;SACP,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;;;;;;GAOG;AACH,SAAS,2BAA2B,CAAC,OAA0B;;IAC7D,MAAM,MAAM,GAAwB;QAClC,KAAK,EAAE,EAAE;QACT,MAAM,EAAE;YACN,SAAS,EAAE,MAAA,MAAA,OAAO,CAAC,aAAa,0CAAE,OAAO,mCAAI,KAAK;YAClD,oBAAoB,EAAE,MAAA,MAAA,OAAO,CAAC,aAAa,0CAAE,0BAA0B,mCAAI,KAAK;YAChF,kBAAkB,EAAE,MAAA,OAAO,CAAC,aAAa,0CAAE,kBAAkB;SAC9D;KACF,CAAC;IAEF,IAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,EAAE,CAAC;QAClD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,OAAO,CAAC,4BAA4B,CAAC,IAAI,IAAI,wBAAwB,CAAC;QAC5F,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,mBAAmB,iBAC5C,IAAI,EAAE,GAAG,aAAa,IAAI,oBAAoB,EAAE,IAC7C,OAAO,CAAC,4BAA4B,EACvC,CAAC;QACH,MAAM,CAAC,KAAK,CAAC,cAAc,GAAG,mBAAmB,iBAC/C,IAAI,EAAE,GAAG,aAAa,IAAI,gBAAgB,EAAE,IACzC,OAAO,CAAC,4BAA4B,EACvC,CAAC;IACL,CAAC;IAED,IAAI,MAAA,OAAO,CAAC,aAAa,0CAAE,OAAO,EAAE,CAAC;QACnC,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb;gBACE,kFAAkF;gBAClF,mGAAmG;gBACnG,mFAAmF;gBACnF,8EAA8E;aAC/E,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,MAAM,CAAC,kBAAkB,GAAG,gBAAiB,CAAC,MAAM,CAAC;IAC9D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,2BAA2B;CAC5B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport * as msalNode from \"@azure/msal-node\";\n\nimport { CACHE_CAE_SUFFIX, CACHE_NON_CAE_SUFFIX, DEFAULT_TOKEN_CACHE_NAME } from \"../../constants\";\n\nimport { MsalClientOptions } from \"./msalClient\";\nimport { NativeBrokerPluginControl } from \"../../plugins/provider\";\nimport { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions\";\n\n/**\n * Configuration for the plugins used by the MSAL node client.\n */\nexport interface PluginConfiguration {\n  /**\n   * Configuration for the cache plugin.\n   */\n  cache: {\n    /**\n     * The non-CAE cache plugin handler.\n     */\n    cachePlugin?: Promise<msalNode.ICachePlugin>;\n    /**\n     * The CAE cache plugin handler - persisted to a different file.\n     */\n    cachePluginCae?: Promise<msalNode.ICachePlugin>;\n  };\n  /**\n   * Configuration for the broker plugin.\n   */\n  broker: {\n    /**\n     * True if the broker plugin is enabled and available. False otherwise.\n     *\n     * It is a bug if this is true and the broker plugin is not available.\n     */\n    isEnabled: boolean;\n    /**\n     * If true, MSA account will be passed through, required for WAM authentication.\n     */\n    enableMsaPassthrough: boolean;\n    /**\n     * The parent window handle for the broker.\n     */\n    parentWindowHandle?: Uint8Array;\n    /**\n     * The native broker plugin handler.\n     */\n    nativeBrokerPlugin?: msalNode.INativeBrokerPlugin;\n    /**\n     * If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication. Default is set to false.\n     */\n    useDefaultBrokerAccount?: boolean;\n  };\n}\n\n/**\n * The current persistence provider, undefined by default.\n * @internal\n */\nexport let persistenceProvider:\n  | ((options?: TokenCachePersistenceOptions) => Promise<msalNode.ICachePlugin>)\n  | undefined = undefined;\n\n/**\n * An object that allows setting the persistence provider.\n * @internal\n */\nexport const msalNodeFlowCacheControl = {\n  setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void {\n    persistenceProvider = pluginProvider;\n  },\n};\n\n/**\n * The current native broker provider, undefined by default.\n * @internal\n */\nexport let nativeBrokerInfo:\n  | {\n      broker: msalNode.INativeBrokerPlugin;\n    }\n  | undefined = undefined;\n\nexport function hasNativeBroker(): boolean {\n  return nativeBrokerInfo !== undefined;\n}\n\n/**\n * An object that allows setting the native broker provider.\n * @internal\n */\nexport const msalNodeFlowNativeBrokerControl: NativeBrokerPluginControl = {\n  setNativeBroker(broker): void {\n    nativeBrokerInfo = {\n      broker,\n    };\n  },\n};\n\n/**\n * Configures plugins, validating that required plugins are available and enabled.\n *\n * Does not create the plugins themselves, but rather returns the configuration that will be used to create them.\n *\n * @param options - options for creating the MSAL client\n * @returns plugin configuration\n */\nfunction generatePluginConfiguration(options: MsalClientOptions): PluginConfiguration {\n  const config: PluginConfiguration = {\n    cache: {},\n    broker: {\n      isEnabled: options.brokerOptions?.enabled ?? false,\n      enableMsaPassthrough: options.brokerOptions?.legacyEnableMsaPassthrough ?? false,\n      parentWindowHandle: options.brokerOptions?.parentWindowHandle,\n    },\n  };\n\n  if (options.tokenCachePersistenceOptions?.enabled) {\n    if (persistenceProvider === undefined) {\n      throw new Error(\n        [\n          \"Persistent token caching was requested, but no persistence provider was configured.\",\n          \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n          \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n          \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\",\n        ].join(\" \"),\n      );\n    }\n\n    const cacheBaseName = options.tokenCachePersistenceOptions.name || DEFAULT_TOKEN_CACHE_NAME;\n    config.cache.cachePlugin = persistenceProvider({\n      name: `${cacheBaseName}.${CACHE_NON_CAE_SUFFIX}`,\n      ...options.tokenCachePersistenceOptions,\n    });\n    config.cache.cachePluginCae = persistenceProvider({\n      name: `${cacheBaseName}.${CACHE_CAE_SUFFIX}`,\n      ...options.tokenCachePersistenceOptions,\n    });\n  }\n\n  if (options.brokerOptions?.enabled) {\n    if (nativeBrokerInfo === undefined) {\n      throw new Error(\n        [\n          \"Broker for WAM was requested to be enabled, but no native broker was configured.\",\n          \"You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)\",\n          \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n          \"`useIdentityPlugin(createNativeBrokerPlugin())` before using `enableBroker`.\",\n        ].join(\" \"),\n      );\n    }\n    config.broker.nativeBrokerPlugin = nativeBrokerInfo!.broker;\n  }\n\n  return config;\n}\n\n/**\n * Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.\n */\nexport const msalPlugins = {\n  generatePluginConfiguration,\n};\n"]}
+{"version":3,"file":"msalPlugins.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAC;AAoDnG;;;GAGG;AACH,MAAM,CAAC,IAAI,mBAAmB,GAEd,SAAS,CAAC;AAE1B;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,cAAc,CAAC,cAA8D;QAC3E,mBAAmB,GAAG,cAAc,CAAC;IACvC,CAAC;CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,IAAI,gBAAgB,GAIX,SAAS,CAAC;AAE1B,MAAM,UAAU,eAAe;IAC7B,OAAO,gBAAgB,KAAK,SAAS,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAA8B;IACxE,eAAe,CAAC,MAAM;QACpB,gBAAgB,GAAG;YACjB,MAAM;SACP,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;;;;;;GAOG;AACH,SAAS,2BAA2B,CAAC,OAA0B;;IAC7D,MAAM,MAAM,GAAwB;QAClC,KAAK,EAAE,EAAE;QACT,MAAM,EAAE;YACN,SAAS,EAAE,MAAA,MAAA,OAAO,CAAC,aAAa,0CAAE,OAAO,mCAAI,KAAK;YAClD,oBAAoB,EAAE,MAAA,MAAA,OAAO,CAAC,aAAa,0CAAE,0BAA0B,mCAAI,KAAK;YAChF,kBAAkB,EAAE,MAAA,OAAO,CAAC,aAAa,0CAAE,kBAAkB;SAC9D;KACF,CAAC;IAEF,IAAI,MAAA,OAAO,CAAC,4BAA4B,0CAAE,OAAO,EAAE,CAAC;QAClD,IAAI,mBAAmB,KAAK,SAAS,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CACb;gBACE,qFAAqF;gBACrF,yHAAyH;gBACzH,mFAAmF;gBACnF,0FAA0F;aAC3F,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,aAAa,GAAG,OAAO,CAAC,4BAA4B,CAAC,IAAI,IAAI,wBAAwB,CAAC;QAC5F,MAAM,CAAC,KAAK,CAAC,WAAW,GAAG,mBAAmB,iBAC5C,IAAI,EAAE,GAAG,aAAa,IAAI,oBAAoB,EAAE,IAC7C,OAAO,CAAC,4BAA4B,EACvC,CAAC;QACH,MAAM,CAAC,KAAK,CAAC,cAAc,GAAG,mBAAmB,iBAC/C,IAAI,EAAE,GAAG,aAAa,IAAI,gBAAgB,EAAE,IACzC,OAAO,CAAC,4BAA4B,EACvC,CAAC;IACL,CAAC;IAED,IAAI,MAAA,OAAO,CAAC,aAAa,0CAAE,OAAO,EAAE,CAAC;QACnC,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb;gBACE,kFAAkF;gBAClF,mGAAmG;gBACnG,mFAAmF;gBACnF,8EAA8E;aAC/E,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,MAAM,CAAC,kBAAkB,GAAG,gBAAiB,CAAC,MAAM,CAAC;IAC9D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG;IACzB,2BAA2B;CAC5B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type * as msalNode from \"@azure/msal-node\";\n\nimport { CACHE_CAE_SUFFIX, CACHE_NON_CAE_SUFFIX, DEFAULT_TOKEN_CACHE_NAME } from \"../../constants\";\n\nimport type { MsalClientOptions } from \"./msalClient\";\nimport type { NativeBrokerPluginControl } from \"../../plugins/provider\";\nimport type { TokenCachePersistenceOptions } from \"./tokenCachePersistenceOptions\";\n\n/**\n * Configuration for the plugins used by the MSAL node client.\n */\nexport interface PluginConfiguration {\n  /**\n   * Configuration for the cache plugin.\n   */\n  cache: {\n    /**\n     * The non-CAE cache plugin handler.\n     */\n    cachePlugin?: Promise<msalNode.ICachePlugin>;\n    /**\n     * The CAE cache plugin handler - persisted to a different file.\n     */\n    cachePluginCae?: Promise<msalNode.ICachePlugin>;\n  };\n  /**\n   * Configuration for the broker plugin.\n   */\n  broker: {\n    /**\n     * True if the broker plugin is enabled and available. False otherwise.\n     *\n     * It is a bug if this is true and the broker plugin is not available.\n     */\n    isEnabled: boolean;\n    /**\n     * If true, MSA account will be passed through, required for WAM authentication.\n     */\n    enableMsaPassthrough: boolean;\n    /**\n     * The parent window handle for the broker.\n     */\n    parentWindowHandle?: Uint8Array;\n    /**\n     * The native broker plugin handler.\n     */\n    nativeBrokerPlugin?: msalNode.INativeBrokerPlugin;\n    /**\n     * If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication. Default is set to false.\n     */\n    useDefaultBrokerAccount?: boolean;\n  };\n}\n\n/**\n * The current persistence provider, undefined by default.\n * @internal\n */\nexport let persistenceProvider:\n  | ((options?: TokenCachePersistenceOptions) => Promise<msalNode.ICachePlugin>)\n  | undefined = undefined;\n\n/**\n * An object that allows setting the persistence provider.\n * @internal\n */\nexport const msalNodeFlowCacheControl = {\n  setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void {\n    persistenceProvider = pluginProvider;\n  },\n};\n\n/**\n * The current native broker provider, undefined by default.\n * @internal\n */\nexport let nativeBrokerInfo:\n  | {\n      broker: msalNode.INativeBrokerPlugin;\n    }\n  | undefined = undefined;\n\nexport function hasNativeBroker(): boolean {\n  return nativeBrokerInfo !== undefined;\n}\n\n/**\n * An object that allows setting the native broker provider.\n * @internal\n */\nexport const msalNodeFlowNativeBrokerControl: NativeBrokerPluginControl = {\n  setNativeBroker(broker): void {\n    nativeBrokerInfo = {\n      broker,\n    };\n  },\n};\n\n/**\n * Configures plugins, validating that required plugins are available and enabled.\n *\n * Does not create the plugins themselves, but rather returns the configuration that will be used to create them.\n *\n * @param options - options for creating the MSAL client\n * @returns plugin configuration\n */\nfunction generatePluginConfiguration(options: MsalClientOptions): PluginConfiguration {\n  const config: PluginConfiguration = {\n    cache: {},\n    broker: {\n      isEnabled: options.brokerOptions?.enabled ?? false,\n      enableMsaPassthrough: options.brokerOptions?.legacyEnableMsaPassthrough ?? false,\n      parentWindowHandle: options.brokerOptions?.parentWindowHandle,\n    },\n  };\n\n  if (options.tokenCachePersistenceOptions?.enabled) {\n    if (persistenceProvider === undefined) {\n      throw new Error(\n        [\n          \"Persistent token caching was requested, but no persistence provider was configured.\",\n          \"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)\",\n          \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n          \"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.\",\n        ].join(\" \"),\n      );\n    }\n\n    const cacheBaseName = options.tokenCachePersistenceOptions.name || DEFAULT_TOKEN_CACHE_NAME;\n    config.cache.cachePlugin = persistenceProvider({\n      name: `${cacheBaseName}.${CACHE_NON_CAE_SUFFIX}`,\n      ...options.tokenCachePersistenceOptions,\n    });\n    config.cache.cachePluginCae = persistenceProvider({\n      name: `${cacheBaseName}.${CACHE_CAE_SUFFIX}`,\n      ...options.tokenCachePersistenceOptions,\n    });\n  }\n\n  if (options.brokerOptions?.enabled) {\n    if (nativeBrokerInfo === undefined) {\n      throw new Error(\n        [\n          \"Broker for WAM was requested to be enabled, but no native broker was configured.\",\n          \"You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)\",\n          \"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling\",\n          \"`useIdentityPlugin(createNativeBrokerPlugin())` before using `enableBroker`.\",\n        ].join(\" \"),\n      );\n    }\n    config.broker.nativeBrokerPlugin = nativeBrokerInfo!.broker;\n  }\n\n  return config;\n}\n\n/**\n * Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.\n */\nexport const msalPlugins = {\n  generatePluginConfiguration,\n};\n"]}

package/dist-esm/src/msal/utils.js.map

@@ -1 +1 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,2BAA2B,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AACpF,OAAO,EAAoB,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAClF,OAAO,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACrE,OAAO,EAAE,UAAU,IAAI,cAAc,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEpF,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAMpC;;GAEG;AACH,MAAM,MAAM,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;AAEjD;;;GAGG;AACH,MAAM,iCAAiC,GAAG,KAAK,CAAC;AAEhD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAyB,EACzB,SAA4B,EAC5B,eAAiC;IAEjC,MAAM,KAAK,GAAG,CAAC,OAAe,EAAS,EAAE;QACvC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,IAAI,2BAA2B,CAAC;YACrC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACjD,eAAe;YACf,OAAO;SACR,CAAC,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;QACzB,MAAM,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAoC;IACnE,IAAI,aAAa,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,CAAC;IAE3C,IAAI,CAAC,aAAa,IAAI,UAAU,EAAE,CAAC;QACjC,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;IACnD,CAAC;IAED,OAAO,aAAa,aAAb,aAAa,cAAb,aAAa,GAAI,oBAAoB,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAa;IAC1D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,IAAI,GAAG,oBAAoB,CAAC;IAC9B,CAAC;IACD,IAAI,IAAI,MAAM,CAAC,GAAG,QAAQ,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,GAAG,QAAQ,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,aAAqB,EACrB,wBAAkC;IAElC,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,aAAa,CAAC,IAAI,wBAAwB,EAAE,CAAC;QACvE,OAAO,CAAC,aAAa,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAIhC,CAAC,UAA4B,EAAE,WAA+B,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAE,EAAE,CAC7F,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAQ,EAAE;IACpC,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU,CAAC,QAAQ,CAAC,KAAK;YAC5B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,cAAc,OAAO,EAAE,CAAC,CAAC;YACzD,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,IAAI;YAC3B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,qBAAqB,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,wBAAwB,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,gBAAgB,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO;IACX,CAAC;AACH,CAAC,CAAC;AAEJ;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,QAAmC;IACjE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC;YACE,4CAA4C;YAC5C,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;IACpC,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,UAAU;IACxB,OAAO,cAAc,EAAE,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAgB,EAChB,KAAY,EACZ,eAAiC;IAEjC,IACE,KAAK,CAAC,IAAI,KAAK,WAAW;QAC1B,KAAK,CAAC,IAAI,KAAK,iBAAiB;QAChC,KAAK,CAAC,IAAI,KAAK,kBAAkB,EACjC,CAAC;QACD,MAAM,SAAS,GAAG,KAA6B,CAAC;QAChD,QAAQ,SAAS,CAAC,SAAS,EAAE,CAAC;YAC5B,KAAK,4BAA4B;gBAC/B,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChD,OAAO,IAAI,0BAA0B,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,KAAK,+BAA+B;gBAClC,OAAO,IAAI,UAAU,CAAC,oDAAoD,CAAC,CAAC;YAC9E,KAAK,kBAAkB,CAAC;YACxB,KAAK,sBAAsB,CAAC;YAC5B,KAAK,gBAAgB;gBACnB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,MAAM,EAAE,qCAAqC,SAAS,CAAC,SAAS,EAAE,CAAC,CAChF,CAAC;gBACF,MAAM;YACR;gBACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC9E,MAAM;QACV,CAAC;IACH,CAAC;IACD,IACE,KAAK,CAAC,IAAI,KAAK,0BAA0B;QACzC,KAAK,CAAC,IAAI,KAAK,+BAA+B;QAC9C,KAAK,CAAC,IAAI,KAAK,YAAY;QAC3B,KAAK,CAAC,IAAI,KAAK,qBAAqB,EACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CACT,WAAW,CACT,MAAM,EACN,iCAAiC,KAAK,CAAC,OAAO,sBAC3C,KAAa,CAAC,UACjB,EAAE,CACH,CACF,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;AAC9F,CAAC;AAED,qBAAqB;AAErB,MAAM,UAAU,YAAY,CAAC,OAA6B;IACxD,MAAM,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClF,uCACK,OAAO,KACV,cAAc,EAAE,OAAO,CAAC,aAAa,EACrC,WAAW,IACX;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,OAAwB;IACrE,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,WAAW,CAAC;QAC9D,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,eAAe;QAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ;QACR,OAAO,EAAE,iCAAiC;KAC3C,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,6BAA6B,CAAC,MAA4B;IACxE,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,+BAA+B,CAAC,gBAAwB;IACtE,MAAM,MAAM,GAAgD,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAEzF,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,KAAK,iCAAiC,EAAE,CAAC;QAC3E,MAAM,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AuthenticationRecord, MsalAccountInfo, MsalToken, ValidMsalToken } from \"./types\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../errors\";\nimport { CredentialLogger, credentialLogger, formatError } from \"../util/logging\";\nimport { DefaultAuthorityHost, DefaultTenantId } from \"../constants\";\nimport { randomUUID as coreRandomUUID, isNode, isNodeLike } from \"@azure/core-util\";\n\nimport { AbortError } from \"@azure/abort-controller\";\nimport { AzureLogLevel } from \"@azure/logger\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { msalCommon } from \"./msal\";\n\nexport interface ILoggerCallback {\n  (level: msalCommon.LogLevel, message: string, containsPii: boolean): void;\n}\n\n/**\n * @internal\n */\nconst logger = credentialLogger(\"IdentityUtils\");\n\n/**\n * Latest AuthenticationRecord version\n * @internal\n */\nconst LatestAuthenticationRecordVersion = \"1.0\";\n\n/**\n * Ensures the validity of the MSAL token\n * @internal\n */\nexport function ensureValidMsalToken(\n  scopes: string | string[],\n  msalToken?: MsalToken | null,\n  getTokenOptions?: GetTokenOptions,\n): asserts msalToken is ValidMsalToken {\n  const error = (message: string): Error => {\n    logger.getToken.info(message);\n    return new AuthenticationRequiredError({\n      scopes: Array.isArray(scopes) ? scopes : [scopes],\n      getTokenOptions,\n      message,\n    });\n  };\n  if (!msalToken) {\n    throw error(\"No response\");\n  }\n  if (!msalToken.expiresOn) {\n    throw error(`Response had no \"expiresOn\" property.`);\n  }\n  if (!msalToken.accessToken) {\n    throw error(`Response had no \"accessToken\" property.`);\n  }\n}\n\n/**\n * Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable.\n *\n * Defaults to {@link DefaultAuthorityHost}.\n * @internal\n */\nexport function getAuthorityHost(options?: { authorityHost?: string }): string {\n  let authorityHost = options?.authorityHost;\n\n  if (!authorityHost && isNodeLike) {\n    authorityHost = process.env.AZURE_AUTHORITY_HOST;\n  }\n\n  return authorityHost ?? DefaultAuthorityHost;\n}\n\n/**\n * Generates a valid authority by combining a host with a tenantId.\n * @internal\n */\nexport function getAuthority(tenantId: string, host?: string): string {\n  if (!host) {\n    host = DefaultAuthorityHost;\n  }\n  if (new RegExp(`${tenantId}/?$`).test(host)) {\n    return host;\n  }\n  if (host.endsWith(\"/\")) {\n    return host + tenantId;\n  } else {\n    return `${host}/${tenantId}`;\n  }\n}\n\n/**\n * Generates the known authorities.\n * If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.\n * For that reason, we have to force MSAL to disable validating the authority\n * by sending it within the known authorities in the MSAL configuration.\n * @internal\n */\nexport function getKnownAuthorities(\n  tenantId: string,\n  authorityHost: string,\n  disableInstanceDiscovery?: boolean,\n): string[] {\n  if ((tenantId === \"adfs\" && authorityHost) || disableInstanceDiscovery) {\n    return [authorityHost];\n  }\n  return [];\n}\n\n/**\n * Generates a logger that can be passed to the MSAL clients.\n * @param credLogger - The logger of the credential.\n * @internal\n */\nexport const defaultLoggerCallback: (\n  logger: CredentialLogger,\n  platform?: \"Node\" | \"Browser\",\n) => ILoggerCallback =\n  (credLogger: CredentialLogger, platform: \"Node\" | \"Browser\" = isNode ? \"Node\" : \"Browser\") =>\n  (level, message, containsPii): void => {\n    if (containsPii) {\n      return;\n    }\n    switch (level) {\n      case msalCommon.LogLevel.Error:\n        credLogger.info(`MSAL ${platform} V2 error: ${message}`);\n        return;\n      case msalCommon.LogLevel.Info:\n        credLogger.info(`MSAL ${platform} V2 info message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Verbose:\n        credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Warning:\n        credLogger.info(`MSAL ${platform} V2 warning: ${message}`);\n        return;\n    }\n  };\n\n/**\n * @internal\n */\nexport function getMSALLogLevel(logLevel: AzureLogLevel | undefined): msalCommon.LogLevel {\n  switch (logLevel) {\n    case \"error\":\n      return msalCommon.LogLevel.Error;\n    case \"info\":\n      return msalCommon.LogLevel.Info;\n    case \"verbose\":\n      return msalCommon.LogLevel.Verbose;\n    case \"warning\":\n      return msalCommon.LogLevel.Warning;\n    default:\n      // default msal logging level should be Info\n      return msalCommon.LogLevel.Info;\n  }\n}\n\n/**\n * Wraps core-util's randomUUID in order to allow for mocking in tests.\n * This prepares the library for the upcoming core-util update to ESM.\n *\n * @internal\n * @returns A string containing a random UUID\n */\nexport function randomUUID(): string {\n  return coreRandomUUID();\n}\n\n/**\n * Handles MSAL errors.\n */\nexport function handleMsalError(\n  scopes: string[],\n  error: Error,\n  getTokenOptions?: GetTokenOptions,\n): Error {\n  if (\n    error.name === \"AuthError\" ||\n    error.name === \"ClientAuthError\" ||\n    error.name === \"BrowserAuthError\"\n  ) {\n    const msalError = error as msalCommon.AuthError;\n    switch (msalError.errorCode) {\n      case \"endpoints_resolution_error\":\n        logger.info(formatError(scopes, error.message));\n        return new CredentialUnavailableError(error.message);\n      case \"device_code_polling_cancelled\":\n        return new AbortError(\"The authentication has been aborted by the caller.\");\n      case \"consent_required\":\n      case \"interaction_required\":\n      case \"login_required\":\n        logger.info(\n          formatError(scopes, `Authentication returned errorCode ${msalError.errorCode}`),\n        );\n        break;\n      default:\n        logger.info(formatError(scopes, `Failed to acquire token: ${error.message}`));\n        break;\n    }\n  }\n  if (\n    error.name === \"ClientConfigurationError\" ||\n    error.name === \"BrowserConfigurationAuthError\" ||\n    error.name === \"AbortError\" ||\n    error.name === \"AuthenticationError\"\n  ) {\n    return error;\n  }\n  if (error.name === \"NativeAuthError\") {\n    logger.info(\n      formatError(\n        scopes,\n        `Error from the native broker: ${error.message} with status code: ${\n          (error as any).statusCode\n        }`,\n      ),\n    );\n    return error;\n  }\n  return new AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });\n}\n\n// transformations.ts\n\nexport function publicToMsal(account: AuthenticationRecord): msalCommon.AccountInfo {\n  const [environment] = account.authority.match(/([a-z]*\\.[a-z]*\\.[a-z]*)/) || [\"\"];\n  return {\n    ...account,\n    localAccountId: account.homeAccountId,\n    environment,\n  };\n}\n\nexport function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord {\n  const record = {\n    authority: getAuthority(account.tenantId, account.environment),\n    homeAccountId: account.homeAccountId,\n    tenantId: account.tenantId || DefaultTenantId,\n    username: account.username,\n    clientId,\n    version: LatestAuthenticationRecordVersion,\n  };\n  return record;\n}\n\n/**\n * Serializes an `AuthenticationRecord` into a string.\n *\n * The output of a serialized authentication record will contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.\n */\nexport function serializeAuthenticationRecord(record: AuthenticationRecord): string {\n  return JSON.stringify(record);\n}\n\n/**\n * Deserializes a previously serialized authentication record from a string into an object.\n *\n * The input string must contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * If the version we receive is unsupported, an error will be thrown.\n *\n * At the moment, the only available version is: \"1.0\", which is always set when the authentication record is serialized.\n *\n * @param serializedRecord - Authentication record previously serialized into string.\n * @returns AuthenticationRecord.\n */\nexport function deserializeAuthenticationRecord(serializedRecord: string): AuthenticationRecord {\n  const parsed: AuthenticationRecord & { version?: string } = JSON.parse(serializedRecord);\n\n  if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {\n    throw Error(\"Unsupported AuthenticationRecord version\");\n  }\n\n  return parsed;\n}\n"]}
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../src/msal/utils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,2BAA2B,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAEpF,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAChE,OAAO,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACrE,OAAO,EAAE,UAAU,IAAI,cAAc,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAEpF,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAGrD,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAMpC;;GAEG;AACH,MAAM,MAAM,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;AAEjD;;;GAGG;AACH,MAAM,iCAAiC,GAAG,KAAK,CAAC;AAEhD;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAyB,EACzB,SAA4B,EAC5B,eAAiC;IAEjC,MAAM,KAAK,GAAG,CAAC,OAAe,EAAS,EAAE;QACvC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,IAAI,2BAA2B,CAAC;YACrC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACjD,eAAe;YACf,OAAO;SACR,CAAC,CAAC;IACL,CAAC,CAAC;IACF,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;QACzB,MAAM,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACvD,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,yCAAyC,CAAC,CAAC;IACzD,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAoC;IACnE,IAAI,aAAa,GAAG,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,aAAa,CAAC;IAE3C,IAAI,CAAC,aAAa,IAAI,UAAU,EAAE,CAAC;QACjC,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;IACnD,CAAC;IAED,OAAO,aAAa,aAAb,aAAa,cAAb,aAAa,GAAI,oBAAoB,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAa;IAC1D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,IAAI,GAAG,oBAAoB,CAAC;IAC9B,CAAC;IACD,IAAI,IAAI,MAAM,CAAC,GAAG,QAAQ,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,GAAG,QAAQ,CAAC;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,QAAgB,EAChB,aAAqB,EACrB,wBAAkC;IAElC,IAAI,CAAC,QAAQ,KAAK,MAAM,IAAI,aAAa,CAAC,IAAI,wBAAwB,EAAE,CAAC;QACvE,OAAO,CAAC,aAAa,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAIhC,CAAC,UAA4B,EAAE,WAA+B,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,EAAE,EAAE,CAC7F,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,EAAQ,EAAE;IACpC,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO;IACT,CAAC;IACD,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU,CAAC,QAAQ,CAAC,KAAK;YAC5B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,cAAc,OAAO,EAAE,CAAC,CAAC;YACzD,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,IAAI;YAC3B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,qBAAqB,OAAO,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,wBAAwB,OAAO,EAAE,CAAC,CAAC;YACnE,OAAO;QACT,KAAK,UAAU,CAAC,QAAQ,CAAC,OAAO;YAC9B,UAAU,CAAC,IAAI,CAAC,QAAQ,QAAQ,gBAAgB,OAAO,EAAE,CAAC,CAAC;YAC3D,OAAO;IACX,CAAC;AACH,CAAC,CAAC;AAEJ;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,QAAmC;IACjE,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;QAClC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC,KAAK,SAAS;YACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;QACrC;YACE,4CAA4C;YAC5C,OAAO,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;IACpC,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,UAAU;IACxB,OAAO,cAAc,EAAE,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAgB,EAChB,KAAY,EACZ,eAAiC;IAEjC,IACE,KAAK,CAAC,IAAI,KAAK,WAAW;QAC1B,KAAK,CAAC,IAAI,KAAK,iBAAiB;QAChC,KAAK,CAAC,IAAI,KAAK,kBAAkB,EACjC,CAAC;QACD,MAAM,SAAS,GAAG,KAA6B,CAAC;QAChD,QAAQ,SAAS,CAAC,SAAS,EAAE,CAAC;YAC5B,KAAK,4BAA4B;gBAC/B,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;gBAChD,OAAO,IAAI,0BAA0B,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACvD,KAAK,+BAA+B;gBAClC,OAAO,IAAI,UAAU,CAAC,oDAAoD,CAAC,CAAC;YAC9E,KAAK,kBAAkB,CAAC;YACxB,KAAK,sBAAsB,CAAC;YAC5B,KAAK,gBAAgB;gBACnB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,MAAM,EAAE,qCAAqC,SAAS,CAAC,SAAS,EAAE,CAAC,CAChF,CAAC;gBACF,MAAM;YACR;gBACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,4BAA4B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC9E,MAAM;QACV,CAAC;IACH,CAAC;IACD,IACE,KAAK,CAAC,IAAI,KAAK,0BAA0B;QACzC,KAAK,CAAC,IAAI,KAAK,+BAA+B;QAC9C,KAAK,CAAC,IAAI,KAAK,YAAY;QAC3B,KAAK,CAAC,IAAI,KAAK,qBAAqB,EACpC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CACT,WAAW,CACT,MAAM,EACN,iCAAiC,KAAK,CAAC,OAAO,sBAC3C,KAAa,CAAC,UACjB,EAAE,CACH,CACF,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,2BAA2B,CAAC,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;AAC9F,CAAC;AAED,qBAAqB;AAErB,MAAM,UAAU,YAAY,CAAC,OAA6B;IACxD,MAAM,CAAC,WAAW,CAAC,GAAG,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClF,uCACK,OAAO,KACV,cAAc,EAAE,OAAO,CAAC,aAAa,EACrC,WAAW,IACX;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,OAAwB;IACrE,MAAM,MAAM,GAAG;QACb,SAAS,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,WAAW,CAAC;QAC9D,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,eAAe;QAC7C,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,QAAQ;QACR,OAAO,EAAE,iCAAiC;KAC3C,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,6BAA6B,CAAC,MAA4B;IACxE,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,+BAA+B,CAAC,gBAAwB;IACtE,MAAM,MAAM,GAAgD,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAEzF,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,KAAK,iCAAiC,EAAE,CAAC;QAC3E,MAAM,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthenticationRecord, MsalAccountInfo, MsalToken, ValidMsalToken } from \"./types\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../errors\";\nimport type { CredentialLogger } from \"../util/logging\";\nimport { credentialLogger, formatError } from \"../util/logging\";\nimport { DefaultAuthorityHost, DefaultTenantId } from \"../constants\";\nimport { randomUUID as coreRandomUUID, isNode, isNodeLike } from \"@azure/core-util\";\n\nimport { AbortError } from \"@azure/abort-controller\";\nimport type { AzureLogLevel } from \"@azure/logger\";\nimport type { GetTokenOptions } from \"@azure/core-auth\";\nimport { msalCommon } from \"./msal\";\n\nexport interface ILoggerCallback {\n  (level: msalCommon.LogLevel, message: string, containsPii: boolean): void;\n}\n\n/**\n * @internal\n */\nconst logger = credentialLogger(\"IdentityUtils\");\n\n/**\n * Latest AuthenticationRecord version\n * @internal\n */\nconst LatestAuthenticationRecordVersion = \"1.0\";\n\n/**\n * Ensures the validity of the MSAL token\n * @internal\n */\nexport function ensureValidMsalToken(\n  scopes: string | string[],\n  msalToken?: MsalToken | null,\n  getTokenOptions?: GetTokenOptions,\n): asserts msalToken is ValidMsalToken {\n  const error = (message: string): Error => {\n    logger.getToken.info(message);\n    return new AuthenticationRequiredError({\n      scopes: Array.isArray(scopes) ? scopes : [scopes],\n      getTokenOptions,\n      message,\n    });\n  };\n  if (!msalToken) {\n    throw error(\"No response\");\n  }\n  if (!msalToken.expiresOn) {\n    throw error(`Response had no \"expiresOn\" property.`);\n  }\n  if (!msalToken.accessToken) {\n    throw error(`Response had no \"accessToken\" property.`);\n  }\n}\n\n/**\n * Returns the authority host from either the options bag or the AZURE_AUTHORITY_HOST environment variable.\n *\n * Defaults to {@link DefaultAuthorityHost}.\n * @internal\n */\nexport function getAuthorityHost(options?: { authorityHost?: string }): string {\n  let authorityHost = options?.authorityHost;\n\n  if (!authorityHost && isNodeLike) {\n    authorityHost = process.env.AZURE_AUTHORITY_HOST;\n  }\n\n  return authorityHost ?? DefaultAuthorityHost;\n}\n\n/**\n * Generates a valid authority by combining a host with a tenantId.\n * @internal\n */\nexport function getAuthority(tenantId: string, host?: string): string {\n  if (!host) {\n    host = DefaultAuthorityHost;\n  }\n  if (new RegExp(`${tenantId}/?$`).test(host)) {\n    return host;\n  }\n  if (host.endsWith(\"/\")) {\n    return host + tenantId;\n  } else {\n    return `${host}/${tenantId}`;\n  }\n}\n\n/**\n * Generates the known authorities.\n * If the Tenant Id is `adfs`, the authority can't be validated since the format won't match the expected one.\n * For that reason, we have to force MSAL to disable validating the authority\n * by sending it within the known authorities in the MSAL configuration.\n * @internal\n */\nexport function getKnownAuthorities(\n  tenantId: string,\n  authorityHost: string,\n  disableInstanceDiscovery?: boolean,\n): string[] {\n  if ((tenantId === \"adfs\" && authorityHost) || disableInstanceDiscovery) {\n    return [authorityHost];\n  }\n  return [];\n}\n\n/**\n * Generates a logger that can be passed to the MSAL clients.\n * @param credLogger - The logger of the credential.\n * @internal\n */\nexport const defaultLoggerCallback: (\n  logger: CredentialLogger,\n  platform?: \"Node\" | \"Browser\",\n) => ILoggerCallback =\n  (credLogger: CredentialLogger, platform: \"Node\" | \"Browser\" = isNode ? \"Node\" : \"Browser\") =>\n  (level, message, containsPii): void => {\n    if (containsPii) {\n      return;\n    }\n    switch (level) {\n      case msalCommon.LogLevel.Error:\n        credLogger.info(`MSAL ${platform} V2 error: ${message}`);\n        return;\n      case msalCommon.LogLevel.Info:\n        credLogger.info(`MSAL ${platform} V2 info message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Verbose:\n        credLogger.info(`MSAL ${platform} V2 verbose message: ${message}`);\n        return;\n      case msalCommon.LogLevel.Warning:\n        credLogger.info(`MSAL ${platform} V2 warning: ${message}`);\n        return;\n    }\n  };\n\n/**\n * @internal\n */\nexport function getMSALLogLevel(logLevel: AzureLogLevel | undefined): msalCommon.LogLevel {\n  switch (logLevel) {\n    case \"error\":\n      return msalCommon.LogLevel.Error;\n    case \"info\":\n      return msalCommon.LogLevel.Info;\n    case \"verbose\":\n      return msalCommon.LogLevel.Verbose;\n    case \"warning\":\n      return msalCommon.LogLevel.Warning;\n    default:\n      // default msal logging level should be Info\n      return msalCommon.LogLevel.Info;\n  }\n}\n\n/**\n * Wraps core-util's randomUUID in order to allow for mocking in tests.\n * This prepares the library for the upcoming core-util update to ESM.\n *\n * @internal\n * @returns A string containing a random UUID\n */\nexport function randomUUID(): string {\n  return coreRandomUUID();\n}\n\n/**\n * Handles MSAL errors.\n */\nexport function handleMsalError(\n  scopes: string[],\n  error: Error,\n  getTokenOptions?: GetTokenOptions,\n): Error {\n  if (\n    error.name === \"AuthError\" ||\n    error.name === \"ClientAuthError\" ||\n    error.name === \"BrowserAuthError\"\n  ) {\n    const msalError = error as msalCommon.AuthError;\n    switch (msalError.errorCode) {\n      case \"endpoints_resolution_error\":\n        logger.info(formatError(scopes, error.message));\n        return new CredentialUnavailableError(error.message);\n      case \"device_code_polling_cancelled\":\n        return new AbortError(\"The authentication has been aborted by the caller.\");\n      case \"consent_required\":\n      case \"interaction_required\":\n      case \"login_required\":\n        logger.info(\n          formatError(scopes, `Authentication returned errorCode ${msalError.errorCode}`),\n        );\n        break;\n      default:\n        logger.info(formatError(scopes, `Failed to acquire token: ${error.message}`));\n        break;\n    }\n  }\n  if (\n    error.name === \"ClientConfigurationError\" ||\n    error.name === \"BrowserConfigurationAuthError\" ||\n    error.name === \"AbortError\" ||\n    error.name === \"AuthenticationError\"\n  ) {\n    return error;\n  }\n  if (error.name === \"NativeAuthError\") {\n    logger.info(\n      formatError(\n        scopes,\n        `Error from the native broker: ${error.message} with status code: ${\n          (error as any).statusCode\n        }`,\n      ),\n    );\n    return error;\n  }\n  return new AuthenticationRequiredError({ scopes, getTokenOptions, message: error.message });\n}\n\n// transformations.ts\n\nexport function publicToMsal(account: AuthenticationRecord): msalCommon.AccountInfo {\n  const [environment] = account.authority.match(/([a-z]*\\.[a-z]*\\.[a-z]*)/) || [\"\"];\n  return {\n    ...account,\n    localAccountId: account.homeAccountId,\n    environment,\n  };\n}\n\nexport function msalToPublic(clientId: string, account: MsalAccountInfo): AuthenticationRecord {\n  const record = {\n    authority: getAuthority(account.tenantId, account.environment),\n    homeAccountId: account.homeAccountId,\n    tenantId: account.tenantId || DefaultTenantId,\n    username: account.username,\n    clientId,\n    version: LatestAuthenticationRecordVersion,\n  };\n  return record;\n}\n\n/**\n * Serializes an `AuthenticationRecord` into a string.\n *\n * The output of a serialized authentication record will contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * To later convert this string to a serialized `AuthenticationRecord`, please use the exported function `deserializeAuthenticationRecord()`.\n */\nexport function serializeAuthenticationRecord(record: AuthenticationRecord): string {\n  return JSON.stringify(record);\n}\n\n/**\n * Deserializes a previously serialized authentication record from a string into an object.\n *\n * The input string must contain the following properties:\n *\n * - \"authority\"\n * - \"homeAccountId\"\n * - \"clientId\"\n * - \"tenantId\"\n * - \"username\"\n * - \"version\"\n *\n * If the version we receive is unsupported, an error will be thrown.\n *\n * At the moment, the only available version is: \"1.0\", which is always set when the authentication record is serialized.\n *\n * @param serializedRecord - Authentication record previously serialized into string.\n * @returns AuthenticationRecord.\n */\nexport function deserializeAuthenticationRecord(serializedRecord: string): AuthenticationRecord {\n  const parsed: AuthenticationRecord & { version?: string } = JSON.parse(serializedRecord);\n\n  if (parsed.version && parsed.version !== LatestAuthenticationRecordVersion) {\n    throw Error(\"Unsupported AuthenticationRecord version\");\n  }\n\n  return parsed;\n}\n"]}

package/dist-esm/src/plugins/consumer.js.map

@@ -1 +1 @@
-{"version":3,"file":"consumer.js","sourceRoot":"","sources":["../../../src/plugins/consumer.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,wBAAwB,EACxB,+BAA+B,GAChC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAE,uBAAuB,EAAE,MAAM,2CAA2C,CAAC;AAEpF;;;;GAIG;AACH,MAAM,aAAa,GAAuB;IACxC,kBAAkB,EAAE,wBAAwB;IAC5C,yBAAyB,EAAE,+BAA+B;IAC1D,uBAAuB,EAAE,uBAAuB;CACjD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAsB;IACtD,MAAM,CAAC,aAAa,CAAC,CAAC;AACxB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AzurePluginContext, IdentityPlugin } from \"./provider\";\nimport {\n  msalNodeFlowCacheControl,\n  msalNodeFlowNativeBrokerControl,\n} from \"../msal/nodeFlows/msalPlugins\";\n\nimport { vsCodeCredentialControl } from \"../credentials/visualStudioCodeCredential\";\n\n/**\n * The context passed to an Identity plugin. This contains objects that\n * plugins can use to set backend implementations.\n * @internal\n */\nconst pluginContext: AzurePluginContext = {\n  cachePluginControl: msalNodeFlowCacheControl,\n  nativeBrokerPluginControl: msalNodeFlowNativeBrokerControl,\n  vsCodeCredentialControl: vsCodeCredentialControl,\n};\n\n/**\n * Extend Azure Identity with additional functionality. Pass a plugin from\n * a plugin package, such as:\n *\n * - `@azure/identity-cache-persistence`: provides persistent token caching\n * - `@azure/identity-vscode`: provides the dependencies of\n *   `VisualStudioCodeCredential` and enables it\n *\n * Example:\n *\n * ```ts snippet:consumer_example\n * import { useIdentityPlugin, DeviceCodeCredential } from \"@azure/identity\";\n *\n * useIdentityPlugin(cachePersistencePlugin);\n * // The plugin has the capability to extend `DeviceCodeCredential` and to\n * // add middleware to the underlying credentials, such as persistence.\n * const credential = new DeviceCodeCredential({\n *   tokenCachePersistenceOptions: {\n *     enabled: true,\n *   },\n * });\n * ```\n *\n * @param plugin - the plugin to register\n */\nexport function useIdentityPlugin(plugin: IdentityPlugin): void {\n  plugin(pluginContext);\n}\n"]}
+{"version":3,"file":"consumer.js","sourceRoot":"","sources":["../../../src/plugins/consumer.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,wBAAwB,EACxB,+BAA+B,GAChC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EAAE,uBAAuB,EAAE,MAAM,2CAA2C,CAAC;AAEpF;;;;GAIG;AACH,MAAM,aAAa,GAAuB;IACxC,kBAAkB,EAAE,wBAAwB;IAC5C,yBAAyB,EAAE,+BAA+B;IAC1D,uBAAuB,EAAE,uBAAuB;CACjD,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAsB;IACtD,MAAM,CAAC,aAAa,CAAC,CAAC;AACxB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AzurePluginContext, IdentityPlugin } from \"./provider\";\nimport {\n  msalNodeFlowCacheControl,\n  msalNodeFlowNativeBrokerControl,\n} from \"../msal/nodeFlows/msalPlugins\";\n\nimport { vsCodeCredentialControl } from \"../credentials/visualStudioCodeCredential\";\n\n/**\n * The context passed to an Identity plugin. This contains objects that\n * plugins can use to set backend implementations.\n * @internal\n */\nconst pluginContext: AzurePluginContext = {\n  cachePluginControl: msalNodeFlowCacheControl,\n  nativeBrokerPluginControl: msalNodeFlowNativeBrokerControl,\n  vsCodeCredentialControl: vsCodeCredentialControl,\n};\n\n/**\n * Extend Azure Identity with additional functionality. Pass a plugin from\n * a plugin package, such as:\n *\n * - `@azure/identity-cache-persistence`: provides persistent token caching\n * - `@azure/identity-vscode`: provides the dependencies of\n *   `VisualStudioCodeCredential` and enables it\n *\n * Example:\n *\n * ```ts snippet:consumer_example\n * import { useIdentityPlugin, DeviceCodeCredential } from \"@azure/identity\";\n *\n * useIdentityPlugin(cachePersistencePlugin);\n * // The plugin has the capability to extend `DeviceCodeCredential` and to\n * // add middleware to the underlying credentials, such as persistence.\n * const credential = new DeviceCodeCredential({\n *   tokenCachePersistenceOptions: {\n *     enabled: true,\n *   },\n * });\n * ```\n *\n * @param plugin - the plugin to register\n */\nexport function useIdentityPlugin(plugin: IdentityPlugin): void {\n  plugin(pluginContext);\n}\n"]}

package/dist-esm/src/plugins/provider.js.map

@@ -1 +1 @@
-{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../../src/plugins/provider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { TokenCachePersistenceOptions } from \"../msal/nodeFlows/tokenCachePersistenceOptions\";\nimport { VSCodeCredentialFinder } from \"../credentials/visualStudioCodeCredentialPlugin\";\n\n/**\n * The type of an Azure Identity plugin, a function accepting a plugin\n * context.\n */\nexport type IdentityPlugin = (context: unknown) => void;\n\n/**\n * Plugin context entries for controlling cache plugins.\n */\nexport interface CachePluginControl {\n  setPersistence(\n    persistenceFactory: (\n      options?: TokenCachePersistenceOptions,\n    ) => Promise<import(\"@azure/msal-node\").ICachePlugin>,\n  ): void;\n}\n\nexport interface NativeBrokerPluginControl {\n  setNativeBroker(nativeBroker: import(\"@azure/msal-node\").INativeBrokerPlugin): void;\n}\n\n/**\n * Plugin context entries for controlling VisualStudioCodeCredential.\n */\nexport interface VisualStudioCodeCredentialControl {\n  setVsCodeCredentialFinder(finder: VSCodeCredentialFinder): void;\n}\n\n/**\n * Context options passed to a plugin during initialization.\n *\n * Plugin authors are responsible for casting their plugin context values\n * to this type.\n *\n * @internal\n */\nexport interface AzurePluginContext {\n  cachePluginControl: CachePluginControl;\n  nativeBrokerPluginControl: NativeBrokerPluginControl;\n  vsCodeCredentialControl: VisualStudioCodeCredentialControl;\n}\n"]}
+{"version":3,"file":"provider.js","sourceRoot":"","sources":["../../../src/plugins/provider.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCachePersistenceOptions } from \"../msal/nodeFlows/tokenCachePersistenceOptions\";\nimport type { VSCodeCredentialFinder } from \"../credentials/visualStudioCodeCredentialPlugin\";\n\n/**\n * The type of an Azure Identity plugin, a function accepting a plugin\n * context.\n */\nexport type IdentityPlugin = (context: unknown) => void;\n\n/**\n * Plugin context entries for controlling cache plugins.\n */\nexport interface CachePluginControl {\n  setPersistence(\n    persistenceFactory: (\n      options?: TokenCachePersistenceOptions,\n    ) => Promise<import(\"@azure/msal-node\").ICachePlugin>,\n  ): void;\n}\n\nexport interface NativeBrokerPluginControl {\n  setNativeBroker(nativeBroker: import(\"@azure/msal-node\").INativeBrokerPlugin): void;\n}\n\n/**\n * Plugin context entries for controlling VisualStudioCodeCredential.\n */\nexport interface VisualStudioCodeCredentialControl {\n  setVsCodeCredentialFinder(finder: VSCodeCredentialFinder): void;\n}\n\n/**\n * Context options passed to a plugin during initialization.\n *\n * Plugin authors are responsible for casting their plugin context values\n * to this type.\n *\n * @internal\n */\nexport interface AzurePluginContext {\n  cachePluginControl: CachePluginControl;\n  nativeBrokerPluginControl: NativeBrokerPluginControl;\n  vsCodeCredentialControl: VisualStudioCodeCredentialControl;\n}\n"]}

package/dist-esm/src/tokenCredentialOptions.js.map

@@ -1 +1 @@
-{"version":3,"file":"tokenCredentialOptions.js","sourceRoot":"","sources":["../../src/tokenCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { CommonClientOptions } from \"@azure/core-client\";\nimport { LogPolicyOptions } from \"@azure/core-rest-pipeline\";\n\n/**\n * Provides options to configure how the Identity library makes authentication\n * requests to Microsoft Entra ID.\n */\nexport interface TokenCredentialOptions extends CommonClientOptions {\n  /**\n   * The authority host to use for authentication requests.\n   * Possible values are available through {@link AzureAuthorityHosts}.\n   * The default is \"https://login.microsoftonline.com\".\n   */\n  authorityHost?: string;\n  /**\n   * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.\n   */\n  loggingOptions?: LogPolicyOptions & {\n    /**\n     * Allows logging account information once the authentication flow succeeds.\n     */\n    allowLoggingAccountIdentifiers?: boolean;\n    /**\n     * Allows logging personally identifiable information for customer support.\n     */\n    enableUnsafeSupportLogging?: boolean;\n  };\n}\n"]}
+{"version":3,"file":"tokenCredentialOptions.js","sourceRoot":"","sources":["../../src/tokenCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { CommonClientOptions } from \"@azure/core-client\";\nimport type { LogPolicyOptions } from \"@azure/core-rest-pipeline\";\n\n/**\n * Provides options to configure how the Identity library makes authentication\n * requests to Microsoft Entra ID.\n */\nexport interface TokenCredentialOptions extends CommonClientOptions {\n  /**\n   * The authority host to use for authentication requests.\n   * Possible values are available through {@link AzureAuthorityHosts}.\n   * The default is \"https://login.microsoftonline.com\".\n   */\n  authorityHost?: string;\n  /**\n   * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.\n   */\n  loggingOptions?: LogPolicyOptions & {\n    /**\n     * Allows logging account information once the authentication flow succeeds.\n     */\n    allowLoggingAccountIdentifiers?: boolean;\n    /**\n     * Allows logging personally identifiable information for customer support.\n     */\n    enableUnsafeSupportLogging?: boolean;\n  };\n}\n"]}

package/dist-esm/src/util/logging.js.map

@@ -1 +1 @@
-{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../../src/util/logging.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAe,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEhE;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;AAOrD;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,gBAA0B;IACvD,OAAO,gBAAgB,CAAC,MAAM,CAC5B,CAAC,GAA2B,EAAE,WAAmB,EAAE,EAAE;QACnD,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC9B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAsB,EAAE,gBAA0B;IAC3E,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;IACtD,MAAM,CAAC,IAAI,CACT,GAAG,cAAc,kDAAkD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACzF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAwB;IACpD,OAAO,oBAAoB,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;AAChF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,KAAoC,EAAE,KAAqB;IACrF,IAAI,OAAO,GAAG,QAAQ,CAAC;IACvB,IAAI,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,MAAM,EAAE,CAAC;QAClB,OAAO,IAAI,YAAY,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;IAC5E,CAAC;IACD,OAAO,GAAG,OAAO,mBAAmB,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC;AAC3F,CAAC;AAcD;;;;;;;GAOG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAa,EACb,MAAiC,EACjC,MAAmB,MAAM;IAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAElE,SAAS,IAAI,CAAC,OAAe;QAC3B,GAAG,CAAC,IAAI,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,SAAS,KAAK,CAAC,OAAe;QAC5B,GAAG,CAAC,KAAK,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IACxC,CAAC;IAED,OAAO;QACL,KAAK;QACL,SAAS;QACT,IAAI;QACJ,OAAO;QACP,OAAO;QACP,KAAK;KACN,CAAC;AACJ,CAAC;AAWD;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,MAAmB,MAAM;IACvE,MAAM,UAAU,GAAG,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;IACnE,uCACK,UAAU,KACb,MAAM,EAAE,GAAG,EACX,QAAQ,EAAE,wBAAwB,CAAC,eAAe,EAAE,UAAU,EAAE,GAAG,CAAC,IACpE;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { AzureLogger, createClientLogger } from \"@azure/logger\";\n\n/**\n * The AzureLogger used for all clients within the identity package\n */\nexport const logger = createClientLogger(\"identity\");\n\ninterface EnvironmentAccumulator {\n  missing: string[];\n  assigned: string[];\n}\n\n/**\n * Separates a list of environment variable names into a plain object with two arrays: an array of missing environment variables and another array with assigned environment variables.\n * @param supportedEnvVars - List of environment variable names\n */\nexport function processEnvVars(supportedEnvVars: string[]): EnvironmentAccumulator {\n  return supportedEnvVars.reduce(\n    (acc: EnvironmentAccumulator, envVariable: string) => {\n      if (process.env[envVariable]) {\n        acc.assigned.push(envVariable);\n      } else {\n        acc.missing.push(envVariable);\n      }\n      return acc;\n    },\n    { missing: [], assigned: [] },\n  );\n}\n\n/**\n * Based on a given list of environment variable names,\n * logs the environment variables currently assigned during the usage of a credential that goes by the given name.\n * @param credentialName - Name of the credential in use\n * @param supportedEnvVars - List of environment variables supported by that credential\n */\nexport function logEnvVars(credentialName: string, supportedEnvVars: string[]): void {\n  const { assigned } = processEnvVars(supportedEnvVars);\n  logger.info(\n    `${credentialName} => Found the following environment variables: ${assigned.join(\", \")}`,\n  );\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatSuccess(scope: string | string[]): string {\n  return `SUCCESS. Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatError(scope: string | string[] | undefined, error: Error | string): string {\n  let message = \"ERROR.\";\n  if (scope?.length) {\n    message += ` Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n  }\n  return `${message} Error message: ${typeof error === \"string\" ? error : error.message}.`;\n}\n\n/**\n * A CredentialLoggerInstance is a logger properly formatted to work in a credential's constructor, and its methods.\n */\nexport interface CredentialLoggerInstance {\n  title: string;\n  fullTitle: string;\n  info(message: string): void;\n  warning(message: string): void;\n  verbose(message: string): void;\n  error(err: string): void;\n}\n\n/**\n * Generates a CredentialLoggerInstance.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *\n */\nexport function credentialLoggerInstance(\n  title: string,\n  parent?: CredentialLoggerInstance,\n  log: AzureLogger = logger,\n): CredentialLoggerInstance {\n  const fullTitle = parent ? `${parent.fullTitle} ${title}` : title;\n\n  function info(message: string): void {\n    log.info(`${fullTitle} =>`, message);\n  }\n\n  function warning(message: string): void {\n    log.warning(`${fullTitle} =>`, message);\n  }\n\n  function verbose(message: string): void {\n    log.verbose(`${fullTitle} =>`, message);\n  }\n\n  function error(message: string): void {\n    log.error(`${fullTitle} =>`, message);\n  }\n\n  return {\n    title,\n    fullTitle,\n    info,\n    warning,\n    verbose,\n    error,\n  };\n}\n\n/**\n * A CredentialLogger is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n */\nexport interface CredentialLogger extends CredentialLoggerInstance {\n  parent: AzureLogger;\n  getToken: CredentialLoggerInstance;\n}\n\n/**\n * Generates a CredentialLogger, which is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *   `[title] => getToken() => [message]`\n *\n */\nexport function credentialLogger(title: string, log: AzureLogger = logger): CredentialLogger {\n  const credLogger = credentialLoggerInstance(title, undefined, log);\n  return {\n    ...credLogger,\n    parent: log,\n    getToken: credentialLoggerInstance(\"=> getToken()\", credLogger, log),\n  };\n}\n"]}
+{"version":3,"file":"logging.js","sourceRoot":"","sources":["../../../src/util/logging.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;AAOrD;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,gBAA0B;IACvD,OAAO,gBAAgB,CAAC,MAAM,CAC5B,CAAC,GAA2B,EAAE,WAAmB,EAAE,EAAE;QACnD,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAC9B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CAAC,cAAsB,EAAE,gBAA0B;IAC3E,MAAM,EAAE,QAAQ,EAAE,GAAG,cAAc,CAAC,gBAAgB,CAAC,CAAC;IACtD,MAAM,CAAC,IAAI,CACT,GAAG,cAAc,kDAAkD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACzF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAwB;IACpD,OAAO,oBAAoB,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;AAChF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,KAAoC,EAAE,KAAqB;IACrF,IAAI,OAAO,GAAG,QAAQ,CAAC;IACvB,IAAI,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,MAAM,EAAE,CAAC;QAClB,OAAO,IAAI,YAAY,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;IAC5E,CAAC;IACD,OAAO,GAAG,OAAO,mBAAmB,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC;AAC3F,CAAC;AAcD;;;;;;;GAOG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAa,EACb,MAAiC,EACjC,MAAmB,MAAM;IAEzB,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,SAAS,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;IAElE,SAAS,IAAI,CAAC,OAAe;QAC3B,GAAG,CAAC,IAAI,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,SAAS,OAAO,CAAC,OAAe;QAC9B,GAAG,CAAC,OAAO,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IAC1C,CAAC;IAED,SAAS,KAAK,CAAC,OAAe;QAC5B,GAAG,CAAC,KAAK,CAAC,GAAG,SAAS,KAAK,EAAE,OAAO,CAAC,CAAC;IACxC,CAAC;IAED,OAAO;QACL,KAAK;QACL,SAAS;QACT,IAAI;QACJ,OAAO;QACP,OAAO;QACP,KAAK;KACN,CAAC;AACJ,CAAC;AAWD;;;;;;;;;GASG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa,EAAE,MAAmB,MAAM;IACvE,MAAM,UAAU,GAAG,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC;IACnE,uCACK,UAAU,KACb,MAAM,EAAE,GAAG,EACX,QAAQ,EAAE,wBAAwB,CAAC,eAAe,EAAE,UAAU,EAAE,GAAG,CAAC,IACpE;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AzureLogger } from \"@azure/logger\";\nimport { createClientLogger } from \"@azure/logger\";\n\n/**\n * The AzureLogger used for all clients within the identity package\n */\nexport const logger = createClientLogger(\"identity\");\n\ninterface EnvironmentAccumulator {\n  missing: string[];\n  assigned: string[];\n}\n\n/**\n * Separates a list of environment variable names into a plain object with two arrays: an array of missing environment variables and another array with assigned environment variables.\n * @param supportedEnvVars - List of environment variable names\n */\nexport function processEnvVars(supportedEnvVars: string[]): EnvironmentAccumulator {\n  return supportedEnvVars.reduce(\n    (acc: EnvironmentAccumulator, envVariable: string) => {\n      if (process.env[envVariable]) {\n        acc.assigned.push(envVariable);\n      } else {\n        acc.missing.push(envVariable);\n      }\n      return acc;\n    },\n    { missing: [], assigned: [] },\n  );\n}\n\n/**\n * Based on a given list of environment variable names,\n * logs the environment variables currently assigned during the usage of a credential that goes by the given name.\n * @param credentialName - Name of the credential in use\n * @param supportedEnvVars - List of environment variables supported by that credential\n */\nexport function logEnvVars(credentialName: string, supportedEnvVars: string[]): void {\n  const { assigned } = processEnvVars(supportedEnvVars);\n  logger.info(\n    `${credentialName} => Found the following environment variables: ${assigned.join(\", \")}`,\n  );\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatSuccess(scope: string | string[]): string {\n  return `SUCCESS. Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n}\n\n/**\n * Formatting the success event on the credentials\n */\nexport function formatError(scope: string | string[] | undefined, error: Error | string): string {\n  let message = \"ERROR.\";\n  if (scope?.length) {\n    message += ` Scopes: ${Array.isArray(scope) ? scope.join(\", \") : scope}.`;\n  }\n  return `${message} Error message: ${typeof error === \"string\" ? error : error.message}.`;\n}\n\n/**\n * A CredentialLoggerInstance is a logger properly formatted to work in a credential's constructor, and its methods.\n */\nexport interface CredentialLoggerInstance {\n  title: string;\n  fullTitle: string;\n  info(message: string): void;\n  warning(message: string): void;\n  verbose(message: string): void;\n  error(err: string): void;\n}\n\n/**\n * Generates a CredentialLoggerInstance.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *\n */\nexport function credentialLoggerInstance(\n  title: string,\n  parent?: CredentialLoggerInstance,\n  log: AzureLogger = logger,\n): CredentialLoggerInstance {\n  const fullTitle = parent ? `${parent.fullTitle} ${title}` : title;\n\n  function info(message: string): void {\n    log.info(`${fullTitle} =>`, message);\n  }\n\n  function warning(message: string): void {\n    log.warning(`${fullTitle} =>`, message);\n  }\n\n  function verbose(message: string): void {\n    log.verbose(`${fullTitle} =>`, message);\n  }\n\n  function error(message: string): void {\n    log.error(`${fullTitle} =>`, message);\n  }\n\n  return {\n    title,\n    fullTitle,\n    info,\n    warning,\n    verbose,\n    error,\n  };\n}\n\n/**\n * A CredentialLogger is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n */\nexport interface CredentialLogger extends CredentialLoggerInstance {\n  parent: AzureLogger;\n  getToken: CredentialLoggerInstance;\n}\n\n/**\n * Generates a CredentialLogger, which is a logger declared at the credential's constructor, and used at any point in the credential.\n * It has all the properties of a CredentialLoggerInstance, plus other logger instances, one per method.\n *\n * It logs with the format:\n *\n *   `[title] => [message]`\n *   `[title] => getToken() => [message]`\n *\n */\nexport function credentialLogger(title: string, log: AzureLogger = logger): CredentialLogger {\n  const credLogger = credentialLoggerInstance(title, undefined, log);\n  return {\n    ...credLogger,\n    parent: log,\n    getToken: credentialLoggerInstance(\"=> getToken()\", credLogger, log),\n  };\n}\n"]}

package/dist-esm/src/util/processMultiTenantRequest.browser.js.map

@@ -1 +1 @@
-{"version":3,"file":"processMultiTenantRequest.browser.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE;;IAE3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;IAC3D,CAAC;IAED,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    throw new Error(createConfigurationErrorMessage(tenantId));\n  }\n\n  return resolvedTenantId;\n}\n"]}
+{"version":3,"file":"processMultiTenantRequest.browser.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE;;IAE3C,IAAI,gBAAoC,CAAC;IACzC,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACxB,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;IAC3D,CAAC;IAED,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { GetTokenOptions } from \"@azure/core-auth\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    throw new Error(createConfigurationErrorMessage(tenantId));\n  }\n\n  return resolvedTenantId;\n}\n"]}

package/dist-esm/src/util/processMultiTenantRequest.js.map

@@ -1 +1 @@
-{"version":3,"file":"processMultiTenantRequest.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAGvD,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE,EAC3C,MAAyB;;IAEzB,IAAI,gBAAoC,CAAC;IACzC,IAAI,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,CAAC;QACvD,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QAC/B,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;IAC3D,CAAC;IACD,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF,CAAC;QACD,MAAM,OAAO,GAAG,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,MAAM,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport { CredentialLogger } from \"./logging\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n  logger?: CredentialLogger,\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (process.env.AZURE_IDENTITY_DISABLE_MULTITENANTAUTH) {\n    resolvedTenantId = tenantId;\n  } else if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    const message = createConfigurationErrorMessage(tenantId);\n    logger?.info(message);\n    throw new CredentialUnavailableError(message);\n  }\n\n  return resolvedTenantId;\n}\n"]}
+{"version":3,"file":"processMultiTenantRequest.js","sourceRoot":"","sources":["../../../src/util/processMultiTenantRequest.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,WAAW,CAAC;AAGvD,SAAS,+BAA+B,CAAC,QAAgB;IACvD,OAAO,yEAAyE,QAAQ,qMAAqM,CAAC;AAChS,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAiB,EACjB,eAAiC,EACjC,+BAAyC,EAAE,EAC3C,MAAyB;;IAEzB,IAAI,gBAAoC,CAAC;IACzC,IAAI,OAAO,CAAC,GAAG,CAAC,sCAAsC,EAAE,CAAC;QACvD,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QAC/B,gBAAgB,GAAG,QAAQ,CAAC;IAC9B,CAAC;SAAM,CAAC;QACN,gBAAgB,GAAG,MAAA,eAAe,aAAf,eAAe,uBAAf,eAAe,CAAE,QAAQ,mCAAI,QAAQ,CAAC;IAC3D,CAAC;IACD,IACE,QAAQ;QACR,gBAAgB,KAAK,QAAQ;QAC7B,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC3C,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,gBAAiB,CAAC,KAAK,CAAC,CAAC,EACnF,CAAC;QACD,MAAM,OAAO,GAAG,+BAA+B,CAAC,QAAQ,CAAC,CAAC;QAC1D,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtB,MAAM,IAAI,0BAA0B,CAAC,OAAO,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { GetTokenOptions } from \"@azure/core-auth\";\nimport { CredentialUnavailableError } from \"../errors\";\nimport type { CredentialLogger } from \"./logging\";\n\nfunction createConfigurationErrorMessage(tenantId: string): string {\n  return `The current credential is not configured to acquire tokens for tenant ${tenantId}. To enable acquiring tokens for this tenant add it to the AdditionallyAllowedTenants on the credential options, or add \"*\" to AdditionallyAllowedTenants to allow acquiring tokens for any tenant.`;\n}\n\n/**\n * Of getToken contains a tenantId, this functions allows picking this tenantId as the appropriate for authentication,\n * unless multitenant authentication has been disabled through the AZURE_IDENTITY_DISABLE_MULTITENANTAUTH (on Node.js),\n * or unless the original tenant Id is `adfs`.\n * @internal\n */\nexport function processMultiTenantRequest(\n  tenantId?: string,\n  getTokenOptions?: GetTokenOptions,\n  additionallyAllowedTenantIds: string[] = [],\n  logger?: CredentialLogger,\n): string | undefined {\n  let resolvedTenantId: string | undefined;\n  if (process.env.AZURE_IDENTITY_DISABLE_MULTITENANTAUTH) {\n    resolvedTenantId = tenantId;\n  } else if (tenantId === \"adfs\") {\n    resolvedTenantId = tenantId;\n  } else {\n    resolvedTenantId = getTokenOptions?.tenantId ?? tenantId;\n  }\n  if (\n    tenantId &&\n    resolvedTenantId !== tenantId &&\n    !additionallyAllowedTenantIds.includes(\"*\") &&\n    !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId!) === 0)\n  ) {\n    const message = createConfigurationErrorMessage(tenantId);\n    logger?.info(message);\n    throw new CredentialUnavailableError(message);\n  }\n\n  return resolvedTenantId;\n}\n"]}

package/dist-esm/src/util/scopeUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"scopeUtils.js","sourceRoot":"","sources":["../../../src/util/scopeUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,MAAyB;IACpD,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,+BAA+B,CAAC,KAAa,EAAE,MAAwB;IACrF,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QACrF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAChD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { CredentialLogger, formatError } from \"./logging\";\n\n/**\n * Ensures the scopes value is an array.\n * @internal\n */\nexport function ensureScopes(scopes: string | string[]): string[] {\n  return Array.isArray(scopes) ? scopes : [scopes];\n}\n\n/**\n * Throws if the received scope is not valid.\n * @internal\n */\nexport function ensureValidScopeForDevTimeCreds(scope: string, logger: CredentialLogger): void {\n  if (!scope.match(/^[0-9a-zA-Z-_.:/]+$/)) {\n    const error = new Error(\"Invalid scope was specified by the user or calling client\");\n    logger.getToken.info(formatError(scope, error));\n    throw error;\n  }\n}\n\n/**\n * Returns the resource out of a scope.\n * @internal\n */\nexport function getScopeResource(scope: string): string {\n  return scope.replace(/\\/.default$/, \"\");\n}\n"]}
+{"version":3,"file":"scopeUtils.js","sourceRoot":"","sources":["../../../src/util/scopeUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,MAAyB;IACpD,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,+BAA+B,CAAC,KAAa,EAAE,MAAwB;IACrF,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;QACrF,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QAChD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,OAAO,KAAK,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;AAC1C,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { CredentialLogger } from \"./logging\";\nimport { formatError } from \"./logging\";\n\n/**\n * Ensures the scopes value is an array.\n * @internal\n */\nexport function ensureScopes(scopes: string | string[]): string[] {\n  return Array.isArray(scopes) ? scopes : [scopes];\n}\n\n/**\n * Throws if the received scope is not valid.\n * @internal\n */\nexport function ensureValidScopeForDevTimeCreds(scope: string, logger: CredentialLogger): void {\n  if (!scope.match(/^[0-9a-zA-Z-_.:/]+$/)) {\n    const error = new Error(\"Invalid scope was specified by the user or calling client\");\n    logger.getToken.info(formatError(scope, error));\n    throw error;\n  }\n}\n\n/**\n * Returns the resource out of a scope.\n * @internal\n */\nexport function getScopeResource(scope: string): string {\n  return scope.replace(/\\/.default$/, \"\");\n}\n"]}

package/dist-esm/src/util/subscriptionUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"subscriptionUtils.js","sourceRoot":"","sources":["../../../src/util/subscriptionUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAE1D;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAwB,EAAE,YAAoB;IAC9E,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,uLAAuL,CACxL,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { CredentialLogger, formatError } from \"./logging\";\n\n/**\n * @internal\n */\nexport function checkSubscription(logger: CredentialLogger, subscription: string): void {\n  if (!subscription.match(/^[0-9a-zA-Z-._ ]+$/)) {\n    const error = new Error(\n      \"Invalid subscription provided. You can locate your subscription by following the instructions listed here: https://learn.microsoft.com/azure/azure-portal/get-subscription-tenant-id.\",\n    );\n    logger.info(formatError(\"\", error));\n    throw error;\n  }\n}\n"]}
+{"version":3,"file":"subscriptionUtils.js","sourceRoot":"","sources":["../../../src/util/subscriptionUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAExC;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAwB,EAAE,YAAoB;IAC9E,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,uLAAuL,CACxL,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { CredentialLogger } from \"./logging\";\nimport { formatError } from \"./logging\";\n\n/**\n * @internal\n */\nexport function checkSubscription(logger: CredentialLogger, subscription: string): void {\n  if (!subscription.match(/^[0-9a-zA-Z-._ ]+$/)) {\n    const error = new Error(\n      \"Invalid subscription provided. You can locate your subscription by following the instructions listed here: https://learn.microsoft.com/azure/azure-portal/get-subscription-tenant-id.\",\n    );\n    logger.info(formatError(\"\", error));\n    throw error;\n  }\n}\n"]}

package/dist-esm/src/util/tenantIdUtils.js.map

@@ -1 +1 @@
-{"version":3,"file":"tenantIdUtils.js","sourceRoot":"","sources":["../../../src/util/tenantIdUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AACpE,OAAO,EAAoB,WAAW,EAAE,MAAM,WAAW,CAAC;AAC1D,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAExE;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,MAAwB,EAAE,QAAgB;IACtE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,4KAA4K,CAC7K,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAwB,EACxB,QAAiB,EACjB,QAAiB;IAEjB,IAAI,QAAQ,EAAE,CAAC;QACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG,uBAAuB,CAAC;IACrC,CAAC;IACD,IAAI,QAAQ,KAAK,uBAAuB,EAAE,CAAC;QACzC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mCAAmC,CACjD,0BAAqC;IAErC,IAAI,CAAC,0BAA0B,IAAI,0BAA0B,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3E,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,0BAA0B,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,OAAO,0BAA0B,CAAC;AACpC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { ALL_TENANTS, DeveloperSignOnClientId } from \"../constants\";\nimport { CredentialLogger, formatError } from \"./logging\";\nexport { processMultiTenantRequest } from \"./processMultiTenantRequest\";\n\n/**\n * @internal\n */\nexport function checkTenantId(logger: CredentialLogger, tenantId: string): void {\n  if (!tenantId.match(/^[0-9a-zA-Z-.]+$/)) {\n    const error = new Error(\n      \"Invalid tenant id provided. You can locate your tenant id by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names.\",\n    );\n    logger.info(formatError(\"\", error));\n    throw error;\n  }\n}\n\n/**\n * @internal\n */\nexport function resolveTenantId(\n  logger: CredentialLogger,\n  tenantId?: string,\n  clientId?: string,\n): string {\n  if (tenantId) {\n    checkTenantId(logger, tenantId);\n    return tenantId;\n  }\n  if (!clientId) {\n    clientId = DeveloperSignOnClientId;\n  }\n  if (clientId !== DeveloperSignOnClientId) {\n    return \"common\";\n  }\n  return \"organizations\";\n}\n\n/**\n * @internal\n */\nexport function resolveAdditionallyAllowedTenantIds(\n  additionallyAllowedTenants?: string[],\n): string[] {\n  if (!additionallyAllowedTenants || additionallyAllowedTenants.length === 0) {\n    return [];\n  }\n\n  if (additionallyAllowedTenants.includes(\"*\")) {\n    return ALL_TENANTS;\n  }\n\n  return additionallyAllowedTenants;\n}\n"]}
+{"version":3,"file":"tenantIdUtils.js","sourceRoot":"","sources":["../../../src/util/tenantIdUtils.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AAEpE,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAExE;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,MAAwB,EAAE,QAAgB;IACtE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,4KAA4K,CAC7K,CAAC;QACF,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;QACpC,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAwB,EACxB,QAAiB,EACjB,QAAiB;IAEjB,IAAI,QAAQ,EAAE,CAAC;QACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,QAAQ,GAAG,uBAAuB,CAAC;IACrC,CAAC;IACD,IAAI,QAAQ,KAAK,uBAAuB,EAAE,CAAC;QACzC,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mCAAmC,CACjD,0BAAqC;IAErC,IAAI,CAAC,0BAA0B,IAAI,0BAA0B,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3E,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,0BAA0B,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,OAAO,0BAA0B,CAAC;AACpC,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { ALL_TENANTS, DeveloperSignOnClientId } from \"../constants\";\nimport type { CredentialLogger } from \"./logging\";\nimport { formatError } from \"./logging\";\nexport { processMultiTenantRequest } from \"./processMultiTenantRequest\";\n\n/**\n * @internal\n */\nexport function checkTenantId(logger: CredentialLogger, tenantId: string): void {\n  if (!tenantId.match(/^[0-9a-zA-Z-.]+$/)) {\n    const error = new Error(\n      \"Invalid tenant id provided. You can locate your tenant id by following the instructions listed here: https://learn.microsoft.com/partner-center/find-ids-and-domain-names.\",\n    );\n    logger.info(formatError(\"\", error));\n    throw error;\n  }\n}\n\n/**\n * @internal\n */\nexport function resolveTenantId(\n  logger: CredentialLogger,\n  tenantId?: string,\n  clientId?: string,\n): string {\n  if (tenantId) {\n    checkTenantId(logger, tenantId);\n    return tenantId;\n  }\n  if (!clientId) {\n    clientId = DeveloperSignOnClientId;\n  }\n  if (clientId !== DeveloperSignOnClientId) {\n    return \"common\";\n  }\n  return \"organizations\";\n}\n\n/**\n * @internal\n */\nexport function resolveAdditionallyAllowedTenantIds(\n  additionallyAllowedTenants?: string[],\n): string[] {\n  if (!additionallyAllowedTenants || additionallyAllowedTenants.length === 0) {\n    return [];\n  }\n\n  if (additionallyAllowedTenants.includes(\"*\")) {\n    return ALL_TENANTS;\n  }\n\n  return additionallyAllowedTenants;\n}\n"]}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@azure/identity",
   "sdk-type": "client",
-  "version": "4.5.1-alpha.20241028.2",
+  "version": "4.5.1-alpha.20241030.1",
   "description": "Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID",
   "main": "dist/index.js",
   "module": "dist-esm/src/index.js",

package/types/identity.d.ts

@@ -1,8 +1,8 @@
 import { AccessToken } from '@azure/core-auth';
-import { AzureLogger } from '@azure/logger';
-import { CommonClientOptions } from '@azure/core-client';
+import type { AzureLogger } from '@azure/logger';
+import type { CommonClientOptions } from '@azure/core-client';
 import { GetTokenOptions } from '@azure/core-auth';
-import { LogPolicyOptions } from '@azure/core-rest-pipeline';
+import type { LogPolicyOptions } from '@azure/core-rest-pipeline';
 import { TokenCredential } from '@azure/core-auth';
 import type { TracingContext } from '@azure/core-auth';