@azure/identity 4.5.1-alpha.20241111.1 → 4.5.1-alpha.20241113.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (1066) hide show
  1. package/dist/browser/client/identityClient.d.ts +65 -0
  2. package/dist/browser/client/identityClient.d.ts.map +1 -0
  3. package/dist/browser/client/identityClient.js +248 -0
  4. package/dist/browser/client/identityClient.js.map +1 -0
  5. package/dist/browser/constants.d.ts +64 -0
  6. package/dist/browser/constants.d.ts.map +1 -0
  7. package/dist/browser/credentials/authorityValidationOptions.d.ts +16 -0
  8. package/dist/browser/credentials/authorityValidationOptions.d.ts.map +1 -0
  9. package/dist/browser/credentials/authorizationCodeCredential-browser.d.mts.map +1 -0
  10. package/dist/browser/credentials/authorizationCodeCredential-browser.mjs.map +1 -0
  11. package/dist/browser/credentials/authorizationCodeCredential.d.ts +11 -0
  12. package/dist/browser/credentials/authorizationCodeCredential.js +16 -0
  13. package/dist/browser/credentials/authorizationCodeCredentialOptions.d.ts +8 -0
  14. package/dist/browser/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -0
  15. package/dist/browser/credentials/authorizationCodeCredentialOptions.js.map +1 -0
  16. package/dist/browser/credentials/azureApplicationCredential-browser.d.mts.map +1 -0
  17. package/dist/browser/credentials/azureApplicationCredential-browser.mjs.map +1 -0
  18. package/dist/browser/credentials/azureApplicationCredential.d.ts +24 -0
  19. package/dist/browser/credentials/azureApplicationCredential.js +34 -0
  20. package/dist/browser/credentials/azureApplicationCredentialOptions.d.ts +13 -0
  21. package/dist/browser/credentials/azureApplicationCredentialOptions.d.ts.map +1 -0
  22. package/dist/browser/credentials/azureApplicationCredentialOptions.js.map +1 -0
  23. package/dist/browser/credentials/azureCliCredential-browser.d.mts.map +1 -0
  24. package/dist/browser/credentials/azureCliCredential-browser.mjs.map +1 -0
  25. package/dist/browser/credentials/azureCliCredential.d.ts +13 -0
  26. package/dist/browser/credentials/azureCliCredential.js +23 -0
  27. package/dist/browser/credentials/azureCliCredentialOptions.d.ts +20 -0
  28. package/dist/browser/credentials/azureCliCredentialOptions.d.ts.map +1 -0
  29. package/dist/browser/credentials/azureCliCredentialOptions.js.map +1 -0
  30. package/dist/browser/credentials/azureDeveloperCliCredential-browser.d.mts.map +1 -0
  31. package/dist/browser/credentials/azureDeveloperCliCredential-browser.mjs.map +1 -0
  32. package/dist/browser/credentials/azureDeveloperCliCredential.d.ts +13 -0
  33. package/dist/browser/credentials/azureDeveloperCliCredential.js +23 -0
  34. package/dist/browser/credentials/azureDeveloperCliCredentialOptions.d.ts +15 -0
  35. package/dist/browser/credentials/azureDeveloperCliCredentialOptions.d.ts.map +1 -0
  36. package/dist/browser/credentials/azureDeveloperCliCredentialOptions.js.map +1 -0
  37. package/dist/browser/credentials/azurePipelinesCredential-browser.d.mts.map +1 -0
  38. package/dist/browser/credentials/azurePipelinesCredential-browser.mjs.map +1 -0
  39. package/dist/browser/credentials/azurePipelinesCredential.d.ts +13 -0
  40. package/dist/browser/credentials/azurePipelinesCredential.js +23 -0
  41. package/dist/browser/credentials/azurePipelinesCredentialOptions.d.ts +9 -0
  42. package/dist/browser/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -0
  43. package/dist/browser/credentials/azurePipelinesCredentialOptions.js.map +1 -0
  44. package/dist/browser/credentials/azurePowerShellCredential-browser.d.mts.map +1 -0
  45. package/dist/browser/credentials/azurePowerShellCredential-browser.mjs.map +1 -0
  46. package/dist/browser/credentials/azurePowerShellCredential.d.ts +12 -0
  47. package/dist/browser/credentials/azurePowerShellCredential.js +22 -0
  48. package/dist/browser/credentials/azurePowerShellCredentialOptions.d.ts +15 -0
  49. package/dist/browser/credentials/azurePowerShellCredentialOptions.d.ts.map +1 -0
  50. package/dist/browser/credentials/azurePowerShellCredentialOptions.js.map +1 -0
  51. package/dist/browser/credentials/brokerAuthOptions.d.ts +13 -0
  52. package/dist/browser/credentials/brokerAuthOptions.d.ts.map +1 -0
  53. package/dist/browser/credentials/brokerAuthOptions.js.map +1 -0
  54. package/dist/browser/credentials/browserCustomizationOptions.d.ts +19 -0
  55. package/dist/browser/credentials/browserCustomizationOptions.d.ts.map +1 -0
  56. package/dist/browser/credentials/chainedTokenCredential.d.ts +49 -0
  57. package/dist/browser/credentials/chainedTokenCredential.d.ts.map +1 -0
  58. package/dist/browser/credentials/chainedTokenCredential.js +90 -0
  59. package/dist/browser/credentials/chainedTokenCredential.js.map +1 -0
  60. package/dist/browser/credentials/clientAssertionCredential-browser.d.mts.map +1 -0
  61. package/dist/browser/credentials/clientAssertionCredential-browser.mjs.map +1 -0
  62. package/dist/browser/credentials/clientAssertionCredential.d.ts +12 -0
  63. package/dist/browser/credentials/clientAssertionCredential.js +22 -0
  64. package/dist/browser/credentials/clientAssertionCredentialOptions.d.ts +9 -0
  65. package/dist/browser/credentials/clientAssertionCredentialOptions.d.ts.map +1 -0
  66. package/dist/browser/credentials/clientAssertionCredentialOptions.js.map +1 -0
  67. package/dist/browser/credentials/clientCertificateCredential-browser.d.mts.map +1 -0
  68. package/dist/browser/credentials/clientCertificateCredential-browser.mjs.map +1 -0
  69. package/dist/browser/credentials/clientCertificateCredential.d.ts +13 -0
  70. package/dist/browser/credentials/clientCertificateCredential.js +23 -0
  71. package/dist/browser/credentials/clientCertificateCredentialOptions.d.ts +14 -0
  72. package/dist/browser/credentials/clientCertificateCredentialOptions.d.ts.map +1 -0
  73. package/dist/browser/credentials/clientCertificateCredentialOptions.js.map +1 -0
  74. package/dist/browser/credentials/clientSecretCredential-browser.d.mts.map +1 -0
  75. package/dist/browser/credentials/clientSecretCredential-browser.mjs.map +1 -0
  76. package/dist/browser/credentials/clientSecretCredential.d.ts +40 -0
  77. package/dist/browser/credentials/clientSecretCredential.js +83 -0
  78. package/dist/browser/credentials/clientSecretCredentialOptions.d.ts +9 -0
  79. package/dist/browser/credentials/clientSecretCredentialOptions.d.ts.map +1 -0
  80. package/dist/browser/credentials/clientSecretCredentialOptions.js.map +1 -0
  81. package/dist/browser/credentials/credentialPersistenceOptions.d.ts +29 -0
  82. package/dist/browser/credentials/credentialPersistenceOptions.d.ts.map +1 -0
  83. package/dist/browser/credentials/credentialPersistenceOptions.js.map +1 -0
  84. package/dist/browser/credentials/defaultAzureCredential-browser.d.mts.map +1 -0
  85. package/dist/browser/credentials/defaultAzureCredential-browser.mjs.map +1 -0
  86. package/dist/browser/credentials/defaultAzureCredential.d.ts +19 -0
  87. package/dist/browser/credentials/defaultAzureCredential.js +29 -0
  88. package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts +49 -0
  89. package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts.map +1 -0
  90. package/dist/browser/credentials/defaultAzureCredentialOptions.js.map +1 -0
  91. package/dist/browser/credentials/deviceCodeCredential-browser.d.mts.map +1 -0
  92. package/dist/browser/credentials/deviceCodeCredential-browser.mjs.map +1 -0
  93. package/dist/browser/credentials/deviceCodeCredential.d.ts +13 -0
  94. package/dist/browser/credentials/deviceCodeCredential.js +23 -0
  95. package/dist/browser/credentials/deviceCodeCredentialOptions.d.ts +53 -0
  96. package/dist/browser/credentials/deviceCodeCredentialOptions.d.ts.map +1 -0
  97. package/dist/browser/credentials/deviceCodeCredentialOptions.js.map +1 -0
  98. package/dist/browser/credentials/environmentCredential-browser.d.mts.map +1 -0
  99. package/dist/browser/credentials/environmentCredential-browser.mjs.map +1 -0
  100. package/dist/browser/credentials/environmentCredential.d.ts +13 -0
  101. package/dist/browser/credentials/environmentCredential.js +23 -0
  102. package/dist/browser/credentials/environmentCredentialOptions.d.ts +9 -0
  103. package/dist/browser/credentials/environmentCredentialOptions.d.ts.map +1 -0
  104. package/dist/browser/credentials/environmentCredentialOptions.js.map +1 -0
  105. package/dist/browser/credentials/interactiveBrowserCredential-browser.d.mts.map +1 -0
  106. package/dist/browser/credentials/interactiveBrowserCredential-browser.mjs.map +1 -0
  107. package/dist/browser/credentials/interactiveBrowserCredential.d.ts +53 -0
  108. package/dist/browser/credentials/interactiveBrowserCredential.js +86 -0
  109. package/dist/browser/credentials/interactiveBrowserCredentialOptions.d.ts +77 -0
  110. package/dist/browser/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -0
  111. package/dist/browser/credentials/interactiveBrowserCredentialOptions.js.map +1 -0
  112. package/dist/browser/credentials/interactiveCredentialOptions.d.ts +25 -0
  113. package/dist/browser/credentials/interactiveCredentialOptions.d.ts.map +1 -0
  114. package/dist/browser/credentials/interactiveCredentialOptions.js.map +1 -0
  115. package/dist/browser/credentials/managedIdentityCredential/imdsMsi.d.ts +18 -0
  116. package/dist/browser/credentials/managedIdentityCredential/imdsMsi.d.ts.map +1 -0
  117. package/dist/browser/credentials/managedIdentityCredential/imdsMsi.js +122 -0
  118. package/dist/browser/credentials/managedIdentityCredential/imdsMsi.js.map +1 -0
  119. package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +12 -0
  120. package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -0
  121. package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -0
  122. package/dist/browser/credentials/managedIdentityCredential/index-browser.d.mts.map +1 -0
  123. package/dist/browser/credentials/managedIdentityCredential/index-browser.mjs.map +1 -0
  124. package/dist/browser/credentials/managedIdentityCredential/index.d.ts +6 -0
  125. package/dist/browser/credentials/managedIdentityCredential/index.js +16 -0
  126. package/dist/browser/credentials/managedIdentityCredential/models.d.ts +24 -0
  127. package/dist/browser/credentials/managedIdentityCredential/models.d.ts.map +1 -0
  128. package/dist/browser/credentials/managedIdentityCredential/models.js.map +1 -0
  129. package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts +14 -0
  130. package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map +1 -0
  131. package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js +32 -0
  132. package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -0
  133. package/dist/browser/credentials/managedIdentityCredential/utils.d.ts +33 -0
  134. package/dist/browser/credentials/managedIdentityCredential/utils.d.ts.map +1 -0
  135. package/dist/browser/credentials/multiTenantTokenCredentialOptions.d.ts +12 -0
  136. package/dist/browser/credentials/multiTenantTokenCredentialOptions.d.ts.map +1 -0
  137. package/dist/browser/credentials/multiTenantTokenCredentialOptions.js.map +1 -0
  138. package/dist/browser/credentials/onBehalfOfCredential-browser.d.mts.map +1 -0
  139. package/dist/browser/credentials/onBehalfOfCredential-browser.mjs.map +1 -0
  140. package/dist/browser/credentials/onBehalfOfCredential.d.ts +12 -0
  141. package/dist/browser/credentials/onBehalfOfCredential.js +23 -0
  142. package/dist/browser/credentials/onBehalfOfCredentialOptions.d.ts +76 -0
  143. package/dist/browser/credentials/onBehalfOfCredentialOptions.d.ts.map +1 -0
  144. package/dist/browser/credentials/onBehalfOfCredentialOptions.js.map +1 -0
  145. package/dist/browser/credentials/usernamePasswordCredential-browser.d.mts.map +1 -0
  146. package/dist/browser/credentials/usernamePasswordCredential-browser.mjs.map +1 -0
  147. package/dist/browser/credentials/usernamePasswordCredential.d.ts +40 -0
  148. package/dist/browser/credentials/usernamePasswordCredential.js +77 -0
  149. package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts +9 -0
  150. package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -0
  151. package/dist/browser/credentials/usernamePasswordCredentialOptions.js.map +1 -0
  152. package/dist/browser/credentials/visualStudioCodeCredential-browser.d.mts.map +1 -0
  153. package/dist/browser/credentials/visualStudioCodeCredential-browser.mjs.map +1 -0
  154. package/dist/browser/credentials/visualStudioCodeCredential.d.ts +15 -0
  155. package/dist/browser/credentials/visualStudioCodeCredential.js +27 -0
  156. package/dist/browser/credentials/visualStudioCodeCredentialOptions.d.ts +11 -0
  157. package/dist/browser/credentials/visualStudioCodeCredentialOptions.d.ts.map +1 -0
  158. package/dist/browser/credentials/visualStudioCodeCredentialOptions.js.map +1 -0
  159. package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts +11 -0
  160. package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts.map +1 -0
  161. package/dist/browser/credentials/workloadIdentityCredential-browser.d.mts.map +1 -0
  162. package/dist/browser/credentials/workloadIdentityCredential-browser.mjs.map +1 -0
  163. package/dist/browser/credentials/workloadIdentityCredential.d.ts +17 -0
  164. package/dist/browser/credentials/workloadIdentityCredential.js +27 -0
  165. package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts +20 -0
  166. package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -0
  167. package/dist/browser/credentials/workloadIdentityCredentialOptions.js.map +1 -0
  168. package/dist/browser/errors.d.ts +139 -0
  169. package/dist/browser/errors.d.ts.map +1 -0
  170. package/dist/browser/index.d.ts +59 -0
  171. package/dist/browser/index.d.ts.map +1 -0
  172. package/dist/browser/index.js +34 -0
  173. package/dist/browser/index.js.map +1 -0
  174. package/dist/browser/msal/browserFlows/flows.d.ts +42 -0
  175. package/dist/browser/msal/browserFlows/flows.d.ts.map +1 -0
  176. package/dist/browser/msal/browserFlows/flows.js.map +1 -0
  177. package/dist/browser/msal/browserFlows/msalAuthCode.d.ts +50 -0
  178. package/dist/browser/msal/browserFlows/msalAuthCode.d.ts.map +1 -0
  179. package/dist/browser/msal/browserFlows/msalAuthCode.js +203 -0
  180. package/dist/browser/msal/browserFlows/msalAuthCode.js.map +1 -0
  181. package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts +106 -0
  182. package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -0
  183. package/dist/browser/msal/browserFlows/msalBrowserCommon.js +116 -0
  184. package/dist/browser/msal/browserFlows/msalBrowserCommon.js.map +1 -0
  185. package/dist/browser/msal/credentials.d.ts +52 -0
  186. package/dist/browser/msal/credentials.d.ts.map +1 -0
  187. package/dist/browser/msal/credentials.js.map +1 -0
  188. package/dist/browser/msal/msal-browser.d.mts.map +1 -0
  189. package/dist/browser/msal/msal-browser.mjs.map +1 -0
  190. package/dist/browser/msal/msal.d.ts +3 -0
  191. package/dist/browser/msal/msal.js +5 -0
  192. package/dist/browser/msal/nodeFlows/brokerOptions.d.ts +44 -0
  193. package/dist/browser/msal/nodeFlows/brokerOptions.d.ts.map +1 -0
  194. package/dist/browser/msal/nodeFlows/msalClient.d.ts +186 -0
  195. package/dist/browser/msal/nodeFlows/msalClient.d.ts.map +1 -0
  196. package/dist/browser/msal/nodeFlows/msalClient.js +477 -0
  197. package/dist/browser/msal/nodeFlows/msalClient.js.map +1 -0
  198. package/dist/browser/msal/nodeFlows/msalPlugins.d.ts +91 -0
  199. package/dist/browser/msal/nodeFlows/msalPlugins.d.ts.map +1 -0
  200. package/dist/browser/msal/nodeFlows/msalPlugins.js +87 -0
  201. package/dist/browser/msal/nodeFlows/msalPlugins.js.map +1 -0
  202. package/dist/browser/msal/nodeFlows/tokenCachePersistenceOptions.d.ts +24 -0
  203. package/dist/browser/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map +1 -0
  204. package/dist/browser/msal/types.d.ts +87 -0
  205. package/dist/browser/msal/types.d.ts.map +1 -0
  206. package/dist/browser/msal/utils.d.ts +95 -0
  207. package/dist/browser/msal/utils.d.ts.map +1 -0
  208. package/dist/browser/msal/utils.js +232 -0
  209. package/dist/browser/msal/utils.js.map +1 -0
  210. package/dist/browser/package.json +3 -0
  211. package/dist/browser/plugins/consumer-browser.d.mts.map +1 -0
  212. package/dist/browser/plugins/consumer-browser.mjs.map +1 -0
  213. package/dist/browser/plugins/consumer.d.ts +2 -0
  214. package/dist/browser/plugins/consumer.js +7 -0
  215. package/dist/browser/plugins/provider.d.ts +36 -0
  216. package/dist/browser/plugins/provider.d.ts.map +1 -0
  217. package/dist/browser/plugins/provider.js.map +1 -0
  218. package/dist/browser/regionalAuthority.d.ts +122 -0
  219. package/dist/browser/regionalAuthority.d.ts.map +1 -0
  220. package/dist/browser/tokenCredentialOptions.d.ts +28 -0
  221. package/dist/browser/tokenCredentialOptions.d.ts.map +1 -0
  222. package/dist/browser/tokenProvider.d.ts +38 -0
  223. package/dist/browser/tokenProvider.d.ts.map +1 -0
  224. package/dist/browser/util/authHostEnv-browser.d.mts +4 -0
  225. package/dist/browser/util/authHostEnv-browser.d.mts.map +1 -0
  226. package/dist/browser/util/authHostEnv-browser.mjs +7 -0
  227. package/dist/browser/util/authHostEnv-browser.mjs.map +1 -0
  228. package/dist/browser/util/identityTokenEndpoint.d.ts +2 -0
  229. package/dist/browser/util/identityTokenEndpoint.d.ts.map +1 -0
  230. package/dist/browser/util/logging.d.ts +70 -0
  231. package/dist/browser/util/logging.d.ts.map +1 -0
  232. package/dist/browser/util/processMultiTenantRequest-browser.d.mts.map +1 -0
  233. package/dist/browser/util/processMultiTenantRequest-browser.mjs.map +1 -0
  234. package/dist/browser/util/processMultiTenantRequest.d.ts +9 -0
  235. package/dist/browser/util/processMultiTenantRequest.js +29 -0
  236. package/dist/browser/util/processUtils.d.ts +13 -0
  237. package/dist/browser/util/processUtils.d.ts.map +1 -0
  238. package/dist/browser/util/scopeUtils.d.ts +17 -0
  239. package/dist/browser/util/scopeUtils.d.ts.map +1 -0
  240. package/dist/browser/util/scopeUtils.js +29 -0
  241. package/dist/browser/util/scopeUtils.js.map +1 -0
  242. package/dist/browser/util/subscriptionUtils.d.ts +6 -0
  243. package/dist/browser/util/subscriptionUtils.d.ts.map +1 -0
  244. package/dist/browser/util/subscriptionUtils.js +14 -0
  245. package/dist/browser/util/subscriptionUtils.js.map +1 -0
  246. package/dist/browser/util/tenantIdUtils.d.ts +15 -0
  247. package/dist/browser/util/tenantIdUtils.d.ts.map +1 -0
  248. package/dist/browser/util/tenantIdUtils.js +44 -0
  249. package/dist/browser/util/tenantIdUtils.js.map +1 -0
  250. package/dist/browser/util/tracing.d.ts +6 -0
  251. package/dist/browser/util/tracing.d.ts.map +1 -0
  252. package/dist/browser/util/tracing.js +14 -0
  253. package/dist/browser/util/tracing.js.map +1 -0
  254. package/dist/commonjs/client/identityClient.d.ts +65 -0
  255. package/dist/commonjs/client/identityClient.d.ts.map +1 -0
  256. package/dist/commonjs/client/identityClient.js +253 -0
  257. package/dist/commonjs/client/identityClient.js.map +1 -0
  258. package/dist/commonjs/constants.d.ts +64 -0
  259. package/dist/commonjs/constants.d.ts.map +1 -0
  260. package/dist/commonjs/constants.js +73 -0
  261. package/dist/commonjs/constants.js.map +1 -0
  262. package/dist/commonjs/credentials/authorityValidationOptions.d.ts +16 -0
  263. package/dist/commonjs/credentials/authorityValidationOptions.d.ts.map +1 -0
  264. package/dist/commonjs/credentials/authorityValidationOptions.js +5 -0
  265. package/dist/commonjs/credentials/authorityValidationOptions.js.map +1 -0
  266. package/dist/commonjs/credentials/authorizationCodeCredential.d.ts +73 -0
  267. package/dist/commonjs/credentials/authorizationCodeCredential.d.ts.map +1 -0
  268. package/dist/commonjs/credentials/authorizationCodeCredential.js +64 -0
  269. package/dist/commonjs/credentials/authorizationCodeCredential.js.map +1 -0
  270. package/dist/commonjs/credentials/authorizationCodeCredentialOptions.d.ts +8 -0
  271. package/dist/commonjs/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -0
  272. package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js +5 -0
  273. package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js.map +1 -0
  274. package/dist/commonjs/credentials/azureApplicationCredential.d.ts +24 -0
  275. package/dist/commonjs/credentials/azureApplicationCredential.d.ts.map +1 -0
  276. package/dist/commonjs/credentials/azureApplicationCredential.js +36 -0
  277. package/dist/commonjs/credentials/azureApplicationCredential.js.map +1 -0
  278. package/dist/commonjs/credentials/azureApplicationCredentialOptions.d.ts +13 -0
  279. package/dist/commonjs/credentials/azureApplicationCredentialOptions.d.ts.map +1 -0
  280. package/dist/commonjs/credentials/azureApplicationCredentialOptions.js +5 -0
  281. package/dist/commonjs/credentials/azureApplicationCredentialOptions.js.map +1 -0
  282. package/dist/commonjs/credentials/azureCliCredential.d.ts +64 -0
  283. package/dist/commonjs/credentials/azureCliCredential.d.ts.map +1 -0
  284. package/dist/commonjs/credentials/azureCliCredential.js +194 -0
  285. package/dist/commonjs/credentials/azureCliCredential.js.map +1 -0
  286. package/dist/commonjs/credentials/azureCliCredentialOptions.d.ts +20 -0
  287. package/dist/commonjs/credentials/azureCliCredentialOptions.d.ts.map +1 -0
  288. package/dist/commonjs/credentials/azureCliCredentialOptions.js +5 -0
  289. package/dist/commonjs/credentials/azureCliCredentialOptions.js.map +1 -0
  290. package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts +71 -0
  291. package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts.map +1 -0
  292. package/dist/commonjs/credentials/azureDeveloperCliCredential.js +176 -0
  293. package/dist/commonjs/credentials/azureDeveloperCliCredential.js.map +1 -0
  294. package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.d.ts +15 -0
  295. package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.d.ts.map +1 -0
  296. package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js +5 -0
  297. package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js.map +1 -0
  298. package/dist/commonjs/credentials/azurePipelinesCredential.d.ts +38 -0
  299. package/dist/commonjs/credentials/azurePipelinesCredential.d.ts.map +1 -0
  300. package/dist/commonjs/credentials/azurePipelinesCredential.js +146 -0
  301. package/dist/commonjs/credentials/azurePipelinesCredential.js.map +1 -0
  302. package/dist/commonjs/credentials/azurePipelinesCredentialOptions.d.ts +9 -0
  303. package/dist/commonjs/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -0
  304. package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js +5 -0
  305. package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js.map +1 -0
  306. package/dist/commonjs/credentials/azurePowerShellCredential.d.ts +75 -0
  307. package/dist/commonjs/credentials/azurePowerShellCredential.d.ts.map +1 -0
  308. package/dist/commonjs/credentials/azurePowerShellCredential.js +235 -0
  309. package/dist/commonjs/credentials/azurePowerShellCredential.js.map +1 -0
  310. package/dist/commonjs/credentials/azurePowerShellCredentialOptions.d.ts +15 -0
  311. package/dist/commonjs/credentials/azurePowerShellCredentialOptions.d.ts.map +1 -0
  312. package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js +5 -0
  313. package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js.map +1 -0
  314. package/dist/commonjs/credentials/brokerAuthOptions.d.ts +13 -0
  315. package/dist/commonjs/credentials/brokerAuthOptions.d.ts.map +1 -0
  316. package/dist/commonjs/credentials/brokerAuthOptions.js +3 -0
  317. package/dist/commonjs/credentials/brokerAuthOptions.js.map +1 -0
  318. package/dist/commonjs/credentials/browserCustomizationOptions.d.ts +19 -0
  319. package/dist/commonjs/credentials/browserCustomizationOptions.d.ts.map +1 -0
  320. package/dist/commonjs/credentials/browserCustomizationOptions.js +5 -0
  321. package/dist/commonjs/credentials/browserCustomizationOptions.js.map +1 -0
  322. package/dist/commonjs/credentials/chainedTokenCredential.d.ts +49 -0
  323. package/dist/commonjs/credentials/chainedTokenCredential.d.ts.map +1 -0
  324. package/dist/commonjs/credentials/chainedTokenCredential.js +94 -0
  325. package/dist/commonjs/credentials/chainedTokenCredential.js.map +1 -0
  326. package/dist/commonjs/credentials/clientAssertionCredential.d.ts +33 -0
  327. package/dist/commonjs/credentials/clientAssertionCredential.d.ts.map +1 -0
  328. package/dist/commonjs/credentials/clientAssertionCredential.js +59 -0
  329. package/dist/commonjs/credentials/clientAssertionCredential.js.map +1 -0
  330. package/dist/commonjs/credentials/clientAssertionCredentialOptions.d.ts +9 -0
  331. package/dist/commonjs/credentials/clientAssertionCredentialOptions.d.ts.map +1 -0
  332. package/dist/commonjs/credentials/clientAssertionCredentialOptions.js +5 -0
  333. package/dist/commonjs/credentials/clientAssertionCredentialOptions.js.map +1 -0
  334. package/dist/commonjs/credentials/clientCertificateCredential.d.ts +101 -0
  335. package/dist/commonjs/credentials/clientCertificateCredential.d.ts.map +1 -0
  336. package/dist/commonjs/credentials/clientCertificateCredential.js +124 -0
  337. package/dist/commonjs/credentials/clientCertificateCredential.js.map +1 -0
  338. package/dist/commonjs/credentials/clientCertificateCredentialOptions.d.ts +14 -0
  339. package/dist/commonjs/credentials/clientCertificateCredentialOptions.d.ts.map +1 -0
  340. package/dist/commonjs/credentials/clientCertificateCredentialOptions.js +5 -0
  341. package/dist/commonjs/credentials/clientCertificateCredentialOptions.js.map +1 -0
  342. package/dist/commonjs/credentials/clientSecretCredential.d.ts +37 -0
  343. package/dist/commonjs/credentials/clientSecretCredential.d.ts.map +1 -0
  344. package/dist/commonjs/credentials/clientSecretCredential.js +64 -0
  345. package/dist/commonjs/credentials/clientSecretCredential.js.map +1 -0
  346. package/dist/commonjs/credentials/clientSecretCredentialOptions.d.ts +9 -0
  347. package/dist/commonjs/credentials/clientSecretCredentialOptions.d.ts.map +1 -0
  348. package/dist/commonjs/credentials/clientSecretCredentialOptions.js +5 -0
  349. package/dist/commonjs/credentials/clientSecretCredentialOptions.js.map +1 -0
  350. package/dist/commonjs/credentials/credentialPersistenceOptions.d.ts +29 -0
  351. package/dist/commonjs/credentials/credentialPersistenceOptions.d.ts.map +1 -0
  352. package/dist/commonjs/credentials/credentialPersistenceOptions.js +5 -0
  353. package/dist/commonjs/credentials/credentialPersistenceOptions.js.map +1 -0
  354. package/dist/commonjs/credentials/defaultAzureCredential.d.ts +65 -0
  355. package/dist/commonjs/credentials/defaultAzureCredential.d.ts.map +1 -0
  356. package/dist/commonjs/credentials/defaultAzureCredential.js +171 -0
  357. package/dist/commonjs/credentials/defaultAzureCredential.js.map +1 -0
  358. package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts +49 -0
  359. package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts.map +1 -0
  360. package/dist/commonjs/credentials/defaultAzureCredentialOptions.js +5 -0
  361. package/dist/commonjs/credentials/defaultAzureCredentialOptions.js.map +1 -0
  362. package/dist/commonjs/credentials/deviceCodeCredential.d.ts +67 -0
  363. package/dist/commonjs/credentials/deviceCodeCredential.d.ts.map +1 -0
  364. package/dist/commonjs/credentials/deviceCodeCredential.js +96 -0
  365. package/dist/commonjs/credentials/deviceCodeCredential.js.map +1 -0
  366. package/dist/commonjs/credentials/deviceCodeCredentialOptions.d.ts +53 -0
  367. package/dist/commonjs/credentials/deviceCodeCredentialOptions.d.ts.map +1 -0
  368. package/dist/commonjs/credentials/deviceCodeCredentialOptions.js +5 -0
  369. package/dist/commonjs/credentials/deviceCodeCredentialOptions.js.map +1 -0
  370. package/dist/commonjs/credentials/environmentCredential.d.ts +52 -0
  371. package/dist/commonjs/credentials/environmentCredential.d.ts.map +1 -0
  372. package/dist/commonjs/credentials/environmentCredential.js +135 -0
  373. package/dist/commonjs/credentials/environmentCredential.js.map +1 -0
  374. package/dist/commonjs/credentials/environmentCredentialOptions.d.ts +9 -0
  375. package/dist/commonjs/credentials/environmentCredentialOptions.d.ts.map +1 -0
  376. package/dist/commonjs/credentials/environmentCredentialOptions.js +5 -0
  377. package/dist/commonjs/credentials/environmentCredentialOptions.js.map +1 -0
  378. package/dist/commonjs/credentials/interactiveBrowserCredential.d.ts +56 -0
  379. package/dist/commonjs/credentials/interactiveBrowserCredential.d.ts.map +1 -0
  380. package/dist/commonjs/credentials/interactiveBrowserCredential.js +95 -0
  381. package/dist/commonjs/credentials/interactiveBrowserCredential.js.map +1 -0
  382. package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.d.ts +77 -0
  383. package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -0
  384. package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js +5 -0
  385. package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js.map +1 -0
  386. package/dist/commonjs/credentials/interactiveCredentialOptions.d.ts +25 -0
  387. package/dist/commonjs/credentials/interactiveCredentialOptions.d.ts.map +1 -0
  388. package/dist/commonjs/credentials/interactiveCredentialOptions.js +5 -0
  389. package/dist/commonjs/credentials/interactiveCredentialOptions.js.map +1 -0
  390. package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.d.ts +18 -0
  391. package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.d.ts.map +1 -0
  392. package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js +125 -0
  393. package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js.map +1 -0
  394. package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +12 -0
  395. package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -0
  396. package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js +36 -0
  397. package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -0
  398. package/dist/commonjs/credentials/managedIdentityCredential/index.d.ts +95 -0
  399. package/dist/commonjs/credentials/managedIdentityCredential/index.d.ts.map +1 -0
  400. package/dist/commonjs/credentials/managedIdentityCredential/index.js +221 -0
  401. package/dist/commonjs/credentials/managedIdentityCredential/index.js.map +1 -0
  402. package/dist/commonjs/credentials/managedIdentityCredential/models.d.ts +24 -0
  403. package/dist/commonjs/credentials/managedIdentityCredential/models.d.ts.map +1 -0
  404. package/dist/commonjs/credentials/managedIdentityCredential/models.js +5 -0
  405. package/dist/commonjs/credentials/managedIdentityCredential/models.js.map +1 -0
  406. package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts +14 -0
  407. package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map +1 -0
  408. package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js +35 -0
  409. package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -0
  410. package/dist/commonjs/credentials/managedIdentityCredential/utils.d.ts +33 -0
  411. package/dist/commonjs/credentials/managedIdentityCredential/utils.d.ts.map +1 -0
  412. package/dist/commonjs/credentials/managedIdentityCredential/utils.js +82 -0
  413. package/dist/commonjs/credentials/managedIdentityCredential/utils.js.map +1 -0
  414. package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.d.ts +12 -0
  415. package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.d.ts.map +1 -0
  416. package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js +5 -0
  417. package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js.map +1 -0
  418. package/dist/commonjs/credentials/onBehalfOfCredential.d.ts +102 -0
  419. package/dist/commonjs/credentials/onBehalfOfCredential.d.ts.map +1 -0
  420. package/dist/commonjs/credentials/onBehalfOfCredential.js +116 -0
  421. package/dist/commonjs/credentials/onBehalfOfCredential.js.map +1 -0
  422. package/dist/commonjs/credentials/onBehalfOfCredentialOptions.d.ts +76 -0
  423. package/dist/commonjs/credentials/onBehalfOfCredentialOptions.d.ts.map +1 -0
  424. package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js +5 -0
  425. package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js.map +1 -0
  426. package/dist/commonjs/credentials/usernamePasswordCredential.d.ts +41 -0
  427. package/dist/commonjs/credentials/usernamePasswordCredential.d.ts.map +1 -0
  428. package/dist/commonjs/credentials/usernamePasswordCredential.js +71 -0
  429. package/dist/commonjs/credentials/usernamePasswordCredential.js.map +1 -0
  430. package/dist/commonjs/credentials/usernamePasswordCredentialOptions.d.ts +9 -0
  431. package/dist/commonjs/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -0
  432. package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js +5 -0
  433. package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js.map +1 -0
  434. package/dist/commonjs/credentials/visualStudioCodeCredential.d.ts +60 -0
  435. package/dist/commonjs/credentials/visualStudioCodeCredential.d.ts.map +1 -0
  436. package/dist/commonjs/credentials/visualStudioCodeCredential.js +196 -0
  437. package/dist/commonjs/credentials/visualStudioCodeCredential.js.map +1 -0
  438. package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.d.ts +11 -0
  439. package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.d.ts.map +1 -0
  440. package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js +5 -0
  441. package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js.map +1 -0
  442. package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.d.ts +11 -0
  443. package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.d.ts.map +1 -0
  444. package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js +5 -0
  445. package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js.map +1 -0
  446. package/dist/commonjs/credentials/workloadIdentityCredential.d.ts +47 -0
  447. package/dist/commonjs/credentials/workloadIdentityCredential.d.ts.map +1 -0
  448. package/dist/commonjs/credentials/workloadIdentityCredential.js +118 -0
  449. package/dist/commonjs/credentials/workloadIdentityCredential.js.map +1 -0
  450. package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts +20 -0
  451. package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -0
  452. package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js +5 -0
  453. package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js.map +1 -0
  454. package/dist/commonjs/errors.d.ts +139 -0
  455. package/dist/commonjs/errors.d.ts.map +1 -0
  456. package/dist/commonjs/errors.js +130 -0
  457. package/dist/commonjs/errors.js.map +1 -0
  458. package/dist/commonjs/index.d.ts +59 -0
  459. package/dist/commonjs/index.d.ts.map +1 -0
  460. package/dist/commonjs/index.js +69 -0
  461. package/dist/commonjs/index.js.map +1 -0
  462. package/dist/commonjs/msal/browserFlows/flows.d.ts +42 -0
  463. package/dist/commonjs/msal/browserFlows/flows.d.ts.map +1 -0
  464. package/dist/commonjs/msal/browserFlows/flows.js +5 -0
  465. package/dist/commonjs/msal/browserFlows/flows.js.map +1 -0
  466. package/dist/commonjs/msal/browserFlows/msalAuthCode.d.ts +50 -0
  467. package/dist/commonjs/msal/browserFlows/msalAuthCode.d.ts.map +1 -0
  468. package/dist/commonjs/msal/browserFlows/msalAuthCode.js +208 -0
  469. package/dist/commonjs/msal/browserFlows/msalAuthCode.js.map +1 -0
  470. package/dist/commonjs/msal/browserFlows/msalBrowserCommon.d.ts +106 -0
  471. package/dist/commonjs/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -0
  472. package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js +121 -0
  473. package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js.map +1 -0
  474. package/dist/commonjs/msal/credentials.d.ts +52 -0
  475. package/dist/commonjs/msal/credentials.d.ts.map +1 -0
  476. package/dist/commonjs/msal/credentials.js +5 -0
  477. package/dist/commonjs/msal/credentials.js.map +1 -0
  478. package/dist/commonjs/msal/msal.d.ts +3 -0
  479. package/dist/commonjs/msal/msal.d.ts.map +1 -0
  480. package/dist/commonjs/msal/msal.js +9 -0
  481. package/dist/commonjs/msal/msal.js.map +1 -0
  482. package/dist/commonjs/msal/nodeFlows/brokerOptions.d.ts +44 -0
  483. package/dist/commonjs/msal/nodeFlows/brokerOptions.d.ts.map +1 -0
  484. package/dist/commonjs/msal/nodeFlows/brokerOptions.js +3 -0
  485. package/dist/commonjs/msal/nodeFlows/brokerOptions.js.map +1 -0
  486. package/dist/commonjs/msal/nodeFlows/msalClient.d.ts +186 -0
  487. package/dist/commonjs/msal/nodeFlows/msalClient.d.ts.map +1 -0
  488. package/dist/commonjs/msal/nodeFlows/msalClient.js +482 -0
  489. package/dist/commonjs/msal/nodeFlows/msalClient.js.map +1 -0
  490. package/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts +91 -0
  491. package/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts.map +1 -0
  492. package/dist/commonjs/msal/nodeFlows/msalPlugins.js +91 -0
  493. package/dist/commonjs/msal/nodeFlows/msalPlugins.js.map +1 -0
  494. package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.d.ts +24 -0
  495. package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map +1 -0
  496. package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js +5 -0
  497. package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js.map +1 -0
  498. package/dist/commonjs/msal/types.d.ts +87 -0
  499. package/dist/commonjs/msal/types.d.ts.map +1 -0
  500. package/dist/commonjs/msal/types.js +5 -0
  501. package/dist/commonjs/msal/types.js.map +1 -0
  502. package/dist/commonjs/msal/utils.d.ts +95 -0
  503. package/dist/commonjs/msal/utils.d.ts.map +1 -0
  504. package/dist/commonjs/msal/utils.js +247 -0
  505. package/dist/commonjs/msal/utils.js.map +1 -0
  506. package/dist/commonjs/package.json +3 -0
  507. package/dist/commonjs/plugins/consumer.d.ts +28 -0
  508. package/dist/commonjs/plugins/consumer.d.ts.map +1 -0
  509. package/dist/commonjs/plugins/consumer.js +46 -0
  510. package/dist/commonjs/plugins/consumer.js.map +1 -0
  511. package/dist/commonjs/plugins/provider.d.ts +36 -0
  512. package/dist/commonjs/plugins/provider.d.ts.map +1 -0
  513. package/dist/commonjs/plugins/provider.js +5 -0
  514. package/dist/commonjs/plugins/provider.js.map +1 -0
  515. package/dist/commonjs/regionalAuthority.d.ts +122 -0
  516. package/dist/commonjs/regionalAuthority.d.ts.map +1 -0
  517. package/dist/commonjs/regionalAuthority.js +144 -0
  518. package/dist/commonjs/regionalAuthority.js.map +1 -0
  519. package/dist/commonjs/tokenCredentialOptions.d.ts +28 -0
  520. package/dist/commonjs/tokenCredentialOptions.d.ts.map +1 -0
  521. package/dist/commonjs/tokenCredentialOptions.js +5 -0
  522. package/dist/commonjs/tokenCredentialOptions.js.map +1 -0
  523. package/dist/commonjs/tokenProvider.d.ts +38 -0
  524. package/dist/commonjs/tokenProvider.d.ts.map +1 -0
  525. package/dist/commonjs/tokenProvider.js +55 -0
  526. package/dist/commonjs/tokenProvider.js.map +1 -0
  527. package/dist/commonjs/tsdoc-metadata.json +11 -0
  528. package/dist/commonjs/util/identityTokenEndpoint.d.ts +2 -0
  529. package/dist/commonjs/util/identityTokenEndpoint.d.ts.map +1 -0
  530. package/dist/commonjs/util/identityTokenEndpoint.js +14 -0
  531. package/dist/commonjs/util/identityTokenEndpoint.js.map +1 -0
  532. package/dist/commonjs/util/logging.d.ts +70 -0
  533. package/dist/commonjs/util/logging.d.ts.map +1 -0
  534. package/dist/commonjs/util/logging.js +103 -0
  535. package/dist/commonjs/util/logging.js.map +1 -0
  536. package/dist/commonjs/util/processMultiTenantRequest.d.ts +10 -0
  537. package/dist/commonjs/util/processMultiTenantRequest.d.ts.map +1 -0
  538. package/dist/commonjs/util/processMultiTenantRequest.js +38 -0
  539. package/dist/commonjs/util/processMultiTenantRequest.js.map +1 -0
  540. package/dist/commonjs/util/processUtils.d.ts +13 -0
  541. package/dist/commonjs/util/processUtils.d.ts.map +1 -0
  542. package/dist/commonjs/util/processUtils.js +36 -0
  543. package/dist/commonjs/util/processUtils.js.map +1 -0
  544. package/dist/commonjs/util/scopeUtils.d.ts +17 -0
  545. package/dist/commonjs/util/scopeUtils.d.ts.map +1 -0
  546. package/dist/commonjs/util/scopeUtils.js +34 -0
  547. package/dist/commonjs/util/scopeUtils.js.map +1 -0
  548. package/dist/commonjs/util/subscriptionUtils.d.ts +6 -0
  549. package/dist/commonjs/util/subscriptionUtils.d.ts.map +1 -0
  550. package/dist/commonjs/util/subscriptionUtils.js +17 -0
  551. package/dist/commonjs/util/subscriptionUtils.js.map +1 -0
  552. package/dist/commonjs/util/tenantIdUtils.d.ts +15 -0
  553. package/dist/commonjs/util/tenantIdUtils.d.ts.map +1 -0
  554. package/dist/commonjs/util/tenantIdUtils.js +51 -0
  555. package/dist/commonjs/util/tenantIdUtils.js.map +1 -0
  556. package/dist/commonjs/util/tracing.d.ts +6 -0
  557. package/dist/commonjs/util/tracing.d.ts.map +1 -0
  558. package/dist/commonjs/util/tracing.js +17 -0
  559. package/dist/commonjs/util/tracing.js.map +1 -0
  560. package/dist/esm/client/identityClient.d.ts +65 -0
  561. package/dist/esm/client/identityClient.d.ts.map +1 -0
  562. package/dist/esm/client/identityClient.js +248 -0
  563. package/dist/esm/client/identityClient.js.map +1 -0
  564. package/dist/esm/constants.d.ts +64 -0
  565. package/dist/esm/constants.d.ts.map +1 -0
  566. package/dist/esm/constants.js +70 -0
  567. package/dist/esm/constants.js.map +1 -0
  568. package/dist/esm/credentials/authorityValidationOptions.d.ts +16 -0
  569. package/dist/esm/credentials/authorityValidationOptions.d.ts.map +1 -0
  570. package/dist/esm/credentials/authorityValidationOptions.js +4 -0
  571. package/dist/esm/credentials/authorityValidationOptions.js.map +1 -0
  572. package/dist/esm/credentials/authorizationCodeCredential.d.ts +73 -0
  573. package/dist/esm/credentials/authorizationCodeCredential.d.ts.map +1 -0
  574. package/dist/esm/credentials/authorizationCodeCredential.js +60 -0
  575. package/dist/esm/credentials/authorizationCodeCredential.js.map +1 -0
  576. package/dist/esm/credentials/authorizationCodeCredentialOptions.d.ts +8 -0
  577. package/dist/esm/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -0
  578. package/dist/esm/credentials/authorizationCodeCredentialOptions.js +4 -0
  579. package/dist/esm/credentials/authorizationCodeCredentialOptions.js.map +1 -0
  580. package/dist/esm/credentials/azureApplicationCredential.d.ts +24 -0
  581. package/dist/esm/credentials/azureApplicationCredential.d.ts.map +1 -0
  582. package/dist/esm/credentials/azureApplicationCredential.js +32 -0
  583. package/dist/esm/credentials/azureApplicationCredential.js.map +1 -0
  584. package/dist/esm/credentials/azureApplicationCredentialOptions.d.ts +13 -0
  585. package/dist/esm/credentials/azureApplicationCredentialOptions.d.ts.map +1 -0
  586. package/dist/esm/credentials/azureApplicationCredentialOptions.js +4 -0
  587. package/dist/esm/credentials/azureApplicationCredentialOptions.js.map +1 -0
  588. package/dist/esm/credentials/azureCliCredential.d.ts +64 -0
  589. package/dist/esm/credentials/azureCliCredential.d.ts.map +1 -0
  590. package/dist/esm/credentials/azureCliCredential.js +189 -0
  591. package/dist/esm/credentials/azureCliCredential.js.map +1 -0
  592. package/dist/esm/credentials/azureCliCredentialOptions.d.ts +20 -0
  593. package/dist/esm/credentials/azureCliCredentialOptions.d.ts.map +1 -0
  594. package/dist/esm/credentials/azureCliCredentialOptions.js +4 -0
  595. package/dist/esm/credentials/azureCliCredentialOptions.js.map +1 -0
  596. package/dist/esm/credentials/azureDeveloperCliCredential.d.ts +71 -0
  597. package/dist/esm/credentials/azureDeveloperCliCredential.d.ts.map +1 -0
  598. package/dist/esm/credentials/azureDeveloperCliCredential.js +171 -0
  599. package/dist/esm/credentials/azureDeveloperCliCredential.js.map +1 -0
  600. package/dist/esm/credentials/azureDeveloperCliCredentialOptions.d.ts +15 -0
  601. package/dist/esm/credentials/azureDeveloperCliCredentialOptions.d.ts.map +1 -0
  602. package/dist/esm/credentials/azureDeveloperCliCredentialOptions.js +4 -0
  603. package/dist/esm/credentials/azureDeveloperCliCredentialOptions.js.map +1 -0
  604. package/dist/esm/credentials/azurePipelinesCredential.d.ts +38 -0
  605. package/dist/esm/credentials/azurePipelinesCredential.d.ts.map +1 -0
  606. package/dist/esm/credentials/azurePipelinesCredential.js +141 -0
  607. package/dist/esm/credentials/azurePipelinesCredential.js.map +1 -0
  608. package/dist/esm/credentials/azurePipelinesCredentialOptions.d.ts +9 -0
  609. package/dist/esm/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -0
  610. package/dist/esm/credentials/azurePipelinesCredentialOptions.js +4 -0
  611. package/dist/esm/credentials/azurePipelinesCredentialOptions.js.map +1 -0
  612. package/dist/esm/credentials/azurePowerShellCredential.d.ts +75 -0
  613. package/dist/esm/credentials/azurePowerShellCredential.d.ts.map +1 -0
  614. package/dist/esm/credentials/azurePowerShellCredential.js +229 -0
  615. package/dist/esm/credentials/azurePowerShellCredential.js.map +1 -0
  616. package/dist/esm/credentials/azurePowerShellCredentialOptions.d.ts +15 -0
  617. package/dist/esm/credentials/azurePowerShellCredentialOptions.d.ts.map +1 -0
  618. package/dist/esm/credentials/azurePowerShellCredentialOptions.js +4 -0
  619. package/dist/esm/credentials/azurePowerShellCredentialOptions.js.map +1 -0
  620. package/dist/esm/credentials/brokerAuthOptions.d.ts +13 -0
  621. package/dist/esm/credentials/brokerAuthOptions.d.ts.map +1 -0
  622. package/dist/esm/credentials/brokerAuthOptions.js +2 -0
  623. package/dist/esm/credentials/brokerAuthOptions.js.map +1 -0
  624. package/dist/esm/credentials/browserCustomizationOptions.d.ts +19 -0
  625. package/dist/esm/credentials/browserCustomizationOptions.d.ts.map +1 -0
  626. package/dist/esm/credentials/browserCustomizationOptions.js +4 -0
  627. package/dist/esm/credentials/browserCustomizationOptions.js.map +1 -0
  628. package/dist/esm/credentials/chainedTokenCredential.d.ts +49 -0
  629. package/dist/esm/credentials/chainedTokenCredential.d.ts.map +1 -0
  630. package/dist/esm/credentials/chainedTokenCredential.js +90 -0
  631. package/dist/esm/credentials/chainedTokenCredential.js.map +1 -0
  632. package/dist/esm/credentials/clientAssertionCredential.d.ts +33 -0
  633. package/dist/esm/credentials/clientAssertionCredential.d.ts.map +1 -0
  634. package/dist/esm/credentials/clientAssertionCredential.js +55 -0
  635. package/dist/esm/credentials/clientAssertionCredential.js.map +1 -0
  636. package/dist/esm/credentials/clientAssertionCredentialOptions.d.ts +9 -0
  637. package/dist/esm/credentials/clientAssertionCredentialOptions.d.ts.map +1 -0
  638. package/dist/esm/credentials/clientAssertionCredentialOptions.js +4 -0
  639. package/dist/esm/credentials/clientAssertionCredentialOptions.js.map +1 -0
  640. package/dist/esm/credentials/clientCertificateCredential.d.ts +101 -0
  641. package/dist/esm/credentials/clientCertificateCredential.d.ts.map +1 -0
  642. package/dist/esm/credentials/clientCertificateCredential.js +119 -0
  643. package/dist/esm/credentials/clientCertificateCredential.js.map +1 -0
  644. package/dist/esm/credentials/clientCertificateCredentialOptions.d.ts +14 -0
  645. package/dist/esm/credentials/clientCertificateCredentialOptions.d.ts.map +1 -0
  646. package/dist/esm/credentials/clientCertificateCredentialOptions.js +4 -0
  647. package/dist/esm/credentials/clientCertificateCredentialOptions.js.map +1 -0
  648. package/dist/esm/credentials/clientSecretCredential.d.ts +37 -0
  649. package/dist/esm/credentials/clientSecretCredential.d.ts.map +1 -0
  650. package/dist/esm/credentials/clientSecretCredential.js +60 -0
  651. package/dist/esm/credentials/clientSecretCredential.js.map +1 -0
  652. package/dist/esm/credentials/clientSecretCredentialOptions.d.ts +9 -0
  653. package/dist/esm/credentials/clientSecretCredentialOptions.d.ts.map +1 -0
  654. package/dist/esm/credentials/clientSecretCredentialOptions.js +4 -0
  655. package/dist/esm/credentials/clientSecretCredentialOptions.js.map +1 -0
  656. package/dist/esm/credentials/credentialPersistenceOptions.d.ts +29 -0
  657. package/dist/esm/credentials/credentialPersistenceOptions.d.ts.map +1 -0
  658. package/dist/esm/credentials/credentialPersistenceOptions.js +4 -0
  659. package/dist/esm/credentials/credentialPersistenceOptions.js.map +1 -0
  660. package/dist/esm/credentials/defaultAzureCredential.d.ts +65 -0
  661. package/dist/esm/credentials/defaultAzureCredential.d.ts.map +1 -0
  662. package/dist/esm/credentials/defaultAzureCredential.js +164 -0
  663. package/dist/esm/credentials/defaultAzureCredential.js.map +1 -0
  664. package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts +49 -0
  665. package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts.map +1 -0
  666. package/dist/esm/credentials/defaultAzureCredentialOptions.js +4 -0
  667. package/dist/esm/credentials/defaultAzureCredentialOptions.js.map +1 -0
  668. package/dist/esm/credentials/deviceCodeCredential.d.ts +67 -0
  669. package/dist/esm/credentials/deviceCodeCredential.d.ts.map +1 -0
  670. package/dist/esm/credentials/deviceCodeCredential.js +91 -0
  671. package/dist/esm/credentials/deviceCodeCredential.js.map +1 -0
  672. package/dist/esm/credentials/deviceCodeCredentialOptions.d.ts +53 -0
  673. package/dist/esm/credentials/deviceCodeCredentialOptions.d.ts.map +1 -0
  674. package/dist/esm/credentials/deviceCodeCredentialOptions.js +4 -0
  675. package/dist/esm/credentials/deviceCodeCredentialOptions.js.map +1 -0
  676. package/dist/esm/credentials/environmentCredential.d.ts +52 -0
  677. package/dist/esm/credentials/environmentCredential.d.ts.map +1 -0
  678. package/dist/esm/credentials/environmentCredential.js +130 -0
  679. package/dist/esm/credentials/environmentCredential.js.map +1 -0
  680. package/dist/esm/credentials/environmentCredentialOptions.d.ts +9 -0
  681. package/dist/esm/credentials/environmentCredentialOptions.d.ts.map +1 -0
  682. package/dist/esm/credentials/environmentCredentialOptions.js +4 -0
  683. package/dist/esm/credentials/environmentCredentialOptions.js.map +1 -0
  684. package/dist/esm/credentials/interactiveBrowserCredential.d.ts +56 -0
  685. package/dist/esm/credentials/interactiveBrowserCredential.d.ts.map +1 -0
  686. package/dist/esm/credentials/interactiveBrowserCredential.js +91 -0
  687. package/dist/esm/credentials/interactiveBrowserCredential.js.map +1 -0
  688. package/dist/esm/credentials/interactiveBrowserCredentialOptions.d.ts +77 -0
  689. package/dist/esm/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -0
  690. package/dist/esm/credentials/interactiveBrowserCredentialOptions.js +4 -0
  691. package/dist/esm/credentials/interactiveBrowserCredentialOptions.js.map +1 -0
  692. package/dist/esm/credentials/interactiveCredentialOptions.d.ts +25 -0
  693. package/dist/esm/credentials/interactiveCredentialOptions.d.ts.map +1 -0
  694. package/dist/esm/credentials/interactiveCredentialOptions.js +4 -0
  695. package/dist/esm/credentials/interactiveCredentialOptions.js.map +1 -0
  696. package/dist/esm/credentials/managedIdentityCredential/imdsMsi.d.ts +18 -0
  697. package/dist/esm/credentials/managedIdentityCredential/imdsMsi.d.ts.map +1 -0
  698. package/dist/esm/credentials/managedIdentityCredential/imdsMsi.js +122 -0
  699. package/dist/esm/credentials/managedIdentityCredential/imdsMsi.js.map +1 -0
  700. package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +12 -0
  701. package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -0
  702. package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.js +33 -0
  703. package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -0
  704. package/dist/esm/credentials/managedIdentityCredential/index.d.ts +95 -0
  705. package/dist/esm/credentials/managedIdentityCredential/index.d.ts.map +1 -0
  706. package/dist/esm/credentials/managedIdentityCredential/index.js +217 -0
  707. package/dist/esm/credentials/managedIdentityCredential/index.js.map +1 -0
  708. package/dist/esm/credentials/managedIdentityCredential/models.d.ts +24 -0
  709. package/dist/esm/credentials/managedIdentityCredential/models.d.ts.map +1 -0
  710. package/dist/esm/credentials/managedIdentityCredential/models.js +4 -0
  711. package/dist/esm/credentials/managedIdentityCredential/models.js.map +1 -0
  712. package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts +14 -0
  713. package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map +1 -0
  714. package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.js +32 -0
  715. package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -0
  716. package/dist/esm/credentials/managedIdentityCredential/utils.d.ts +33 -0
  717. package/dist/esm/credentials/managedIdentityCredential/utils.d.ts.map +1 -0
  718. package/dist/esm/credentials/managedIdentityCredential/utils.js +77 -0
  719. package/dist/esm/credentials/managedIdentityCredential/utils.js.map +1 -0
  720. package/dist/esm/credentials/multiTenantTokenCredentialOptions.d.ts +12 -0
  721. package/dist/esm/credentials/multiTenantTokenCredentialOptions.d.ts.map +1 -0
  722. package/dist/esm/credentials/multiTenantTokenCredentialOptions.js +4 -0
  723. package/dist/esm/credentials/multiTenantTokenCredentialOptions.js.map +1 -0
  724. package/dist/esm/credentials/onBehalfOfCredential.d.ts +102 -0
  725. package/dist/esm/credentials/onBehalfOfCredential.d.ts.map +1 -0
  726. package/dist/esm/credentials/onBehalfOfCredential.js +112 -0
  727. package/dist/esm/credentials/onBehalfOfCredential.js.map +1 -0
  728. package/dist/esm/credentials/onBehalfOfCredentialOptions.d.ts +76 -0
  729. package/dist/esm/credentials/onBehalfOfCredentialOptions.d.ts.map +1 -0
  730. package/dist/esm/credentials/onBehalfOfCredentialOptions.js +4 -0
  731. package/dist/esm/credentials/onBehalfOfCredentialOptions.js.map +1 -0
  732. package/dist/esm/credentials/usernamePasswordCredential.d.ts +41 -0
  733. package/dist/esm/credentials/usernamePasswordCredential.d.ts.map +1 -0
  734. package/dist/esm/credentials/usernamePasswordCredential.js +67 -0
  735. package/dist/esm/credentials/usernamePasswordCredential.js.map +1 -0
  736. package/dist/esm/credentials/usernamePasswordCredentialOptions.d.ts +9 -0
  737. package/dist/esm/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -0
  738. package/dist/esm/credentials/usernamePasswordCredentialOptions.js +4 -0
  739. package/dist/esm/credentials/usernamePasswordCredentialOptions.js.map +1 -0
  740. package/dist/esm/credentials/visualStudioCodeCredential.d.ts +60 -0
  741. package/dist/esm/credentials/visualStudioCodeCredential.d.ts.map +1 -0
  742. package/dist/esm/credentials/visualStudioCodeCredential.js +190 -0
  743. package/dist/esm/credentials/visualStudioCodeCredential.js.map +1 -0
  744. package/dist/esm/credentials/visualStudioCodeCredentialOptions.d.ts +11 -0
  745. package/dist/esm/credentials/visualStudioCodeCredentialOptions.d.ts.map +1 -0
  746. package/dist/esm/credentials/visualStudioCodeCredentialOptions.js +4 -0
  747. package/dist/esm/credentials/visualStudioCodeCredentialOptions.js.map +1 -0
  748. package/dist/esm/credentials/visualStudioCodeCredentialPlugin.d.ts +11 -0
  749. package/dist/esm/credentials/visualStudioCodeCredentialPlugin.d.ts.map +1 -0
  750. package/dist/esm/credentials/visualStudioCodeCredentialPlugin.js +4 -0
  751. package/dist/esm/credentials/visualStudioCodeCredentialPlugin.js.map +1 -0
  752. package/dist/esm/credentials/workloadIdentityCredential.d.ts +47 -0
  753. package/dist/esm/credentials/workloadIdentityCredential.d.ts.map +1 -0
  754. package/dist/esm/credentials/workloadIdentityCredential.js +114 -0
  755. package/dist/esm/credentials/workloadIdentityCredential.js.map +1 -0
  756. package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts +20 -0
  757. package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -0
  758. package/dist/esm/credentials/workloadIdentityCredentialOptions.js +4 -0
  759. package/dist/esm/credentials/workloadIdentityCredentialOptions.js.map +1 -0
  760. package/dist/esm/errors.d.ts +139 -0
  761. package/dist/esm/errors.d.ts.map +1 -0
  762. package/dist/esm/errors.js +123 -0
  763. package/dist/esm/errors.js.map +1 -0
  764. package/dist/esm/index.d.ts +59 -0
  765. package/dist/esm/index.d.ts.map +1 -0
  766. package/dist/esm/index.js +34 -0
  767. package/dist/esm/index.js.map +1 -0
  768. package/dist/esm/msal/browserFlows/flows.d.ts +42 -0
  769. package/dist/esm/msal/browserFlows/flows.d.ts.map +1 -0
  770. package/dist/esm/msal/browserFlows/flows.js +4 -0
  771. package/dist/esm/msal/browserFlows/flows.js.map +1 -0
  772. package/dist/esm/msal/browserFlows/msalAuthCode.d.ts +50 -0
  773. package/dist/esm/msal/browserFlows/msalAuthCode.d.ts.map +1 -0
  774. package/dist/esm/msal/browserFlows/msalAuthCode.js +203 -0
  775. package/dist/esm/msal/browserFlows/msalAuthCode.js.map +1 -0
  776. package/dist/esm/msal/browserFlows/msalBrowserCommon.d.ts +106 -0
  777. package/dist/esm/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -0
  778. package/dist/esm/msal/browserFlows/msalBrowserCommon.js +116 -0
  779. package/dist/esm/msal/browserFlows/msalBrowserCommon.js.map +1 -0
  780. package/dist/esm/msal/credentials.d.ts +52 -0
  781. package/dist/esm/msal/credentials.d.ts.map +1 -0
  782. package/dist/esm/msal/credentials.js +4 -0
  783. package/dist/esm/msal/credentials.js.map +1 -0
  784. package/dist/esm/msal/msal.d.ts +3 -0
  785. package/dist/esm/msal/msal.d.ts.map +1 -0
  786. package/dist/esm/msal/nodeFlows/brokerOptions.d.ts +44 -0
  787. package/dist/esm/msal/nodeFlows/brokerOptions.d.ts.map +1 -0
  788. package/dist/esm/msal/nodeFlows/brokerOptions.js +2 -0
  789. package/dist/esm/msal/nodeFlows/brokerOptions.js.map +1 -0
  790. package/dist/esm/msal/nodeFlows/msalClient.d.ts +186 -0
  791. package/dist/esm/msal/nodeFlows/msalClient.d.ts.map +1 -0
  792. package/dist/esm/msal/nodeFlows/msalClient.js +477 -0
  793. package/dist/esm/msal/nodeFlows/msalClient.js.map +1 -0
  794. package/dist/esm/msal/nodeFlows/msalPlugins.d.ts +91 -0
  795. package/dist/esm/msal/nodeFlows/msalPlugins.d.ts.map +1 -0
  796. package/dist/esm/msal/nodeFlows/msalPlugins.js +87 -0
  797. package/dist/esm/msal/nodeFlows/msalPlugins.js.map +1 -0
  798. package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.d.ts +24 -0
  799. package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map +1 -0
  800. package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.js +4 -0
  801. package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.js.map +1 -0
  802. package/dist/esm/msal/types.d.ts +87 -0
  803. package/dist/esm/msal/types.d.ts.map +1 -0
  804. package/dist/esm/msal/types.js +4 -0
  805. package/dist/esm/msal/types.js.map +1 -0
  806. package/dist/esm/msal/utils.d.ts +95 -0
  807. package/dist/esm/msal/utils.d.ts.map +1 -0
  808. package/dist/esm/msal/utils.js +232 -0
  809. package/dist/esm/msal/utils.js.map +1 -0
  810. package/dist/esm/package.json +3 -0
  811. package/dist/esm/plugins/consumer.d.ts +28 -0
  812. package/dist/esm/plugins/consumer.d.ts.map +1 -0
  813. package/dist/esm/plugins/consumer.js +43 -0
  814. package/dist/esm/plugins/consumer.js.map +1 -0
  815. package/dist/esm/plugins/provider.d.ts +36 -0
  816. package/dist/esm/plugins/provider.d.ts.map +1 -0
  817. package/dist/esm/plugins/provider.js +4 -0
  818. package/dist/esm/plugins/provider.js.map +1 -0
  819. package/dist/esm/regionalAuthority.d.ts +122 -0
  820. package/dist/esm/regionalAuthority.d.ts.map +1 -0
  821. package/dist/esm/regionalAuthority.js +140 -0
  822. package/dist/esm/regionalAuthority.js.map +1 -0
  823. package/dist/esm/tokenCredentialOptions.d.ts +28 -0
  824. package/dist/esm/tokenCredentialOptions.d.ts.map +1 -0
  825. package/dist/esm/tokenCredentialOptions.js +4 -0
  826. package/dist/esm/tokenCredentialOptions.js.map +1 -0
  827. package/dist/esm/tokenProvider.d.ts +38 -0
  828. package/dist/esm/tokenProvider.d.ts.map +1 -0
  829. package/dist/esm/tokenProvider.js +52 -0
  830. package/dist/esm/tokenProvider.js.map +1 -0
  831. package/dist/esm/util/authHostEnv-browser.d.mts +4 -0
  832. package/dist/esm/util/authHostEnv-browser.d.mts.map +1 -0
  833. package/dist/esm/util/authHostEnv-browser.mjs +7 -0
  834. package/dist/esm/util/authHostEnv-browser.mjs.map +1 -0
  835. package/dist/esm/util/identityTokenEndpoint.d.ts +2 -0
  836. package/dist/esm/util/identityTokenEndpoint.d.ts.map +1 -0
  837. package/dist/esm/util/identityTokenEndpoint.js +11 -0
  838. package/dist/esm/util/identityTokenEndpoint.js.map +1 -0
  839. package/dist/esm/util/logging.d.ts +70 -0
  840. package/dist/esm/util/logging.d.ts.map +1 -0
  841. package/dist/esm/util/logging.js +94 -0
  842. package/dist/esm/util/logging.js.map +1 -0
  843. package/dist/esm/util/processMultiTenantRequest.d.ts +10 -0
  844. package/dist/esm/util/processMultiTenantRequest.d.ts.map +1 -0
  845. package/dist/esm/util/processMultiTenantRequest.js +35 -0
  846. package/dist/esm/util/processMultiTenantRequest.js.map +1 -0
  847. package/dist/esm/util/processUtils.d.ts +13 -0
  848. package/dist/esm/util/processUtils.d.ts.map +1 -0
  849. package/dist/esm/util/processUtils.js +32 -0
  850. package/dist/esm/util/processUtils.js.map +1 -0
  851. package/dist/esm/util/scopeUtils.d.ts +17 -0
  852. package/dist/esm/util/scopeUtils.d.ts.map +1 -0
  853. package/dist/esm/util/scopeUtils.js +29 -0
  854. package/dist/esm/util/scopeUtils.js.map +1 -0
  855. package/dist/esm/util/subscriptionUtils.d.ts +6 -0
  856. package/dist/esm/util/subscriptionUtils.d.ts.map +1 -0
  857. package/dist/esm/util/subscriptionUtils.js +14 -0
  858. package/dist/esm/util/subscriptionUtils.js.map +1 -0
  859. package/dist/esm/util/tenantIdUtils.d.ts +15 -0
  860. package/dist/esm/util/tenantIdUtils.d.ts.map +1 -0
  861. package/dist/esm/util/tenantIdUtils.js +44 -0
  862. package/dist/esm/util/tenantIdUtils.js.map +1 -0
  863. package/dist/esm/util/tracing.d.ts +6 -0
  864. package/dist/esm/util/tracing.d.ts.map +1 -0
  865. package/dist/esm/util/tracing.js +14 -0
  866. package/dist/esm/util/tracing.js.map +1 -0
  867. package/package.json +52 -63
  868. package/dist/index.js +0 -4200
  869. package/dist/index.js.map +0 -1
  870. package/dist-esm/src/client/identityClient.js +0 -248
  871. package/dist-esm/src/client/identityClient.js.map +0 -1
  872. package/dist-esm/src/credentials/authorizationCodeCredential.browser.js +0 -16
  873. package/dist-esm/src/credentials/authorizationCodeCredential.browser.js.map +0 -1
  874. package/dist-esm/src/credentials/authorizationCodeCredential.js +0 -60
  875. package/dist-esm/src/credentials/authorizationCodeCredential.js.map +0 -1
  876. package/dist-esm/src/credentials/authorizationCodeCredentialOptions.js.map +0 -1
  877. package/dist-esm/src/credentials/azureApplicationCredential.browser.js +0 -34
  878. package/dist-esm/src/credentials/azureApplicationCredential.browser.js.map +0 -1
  879. package/dist-esm/src/credentials/azureApplicationCredential.js +0 -32
  880. package/dist-esm/src/credentials/azureApplicationCredential.js.map +0 -1
  881. package/dist-esm/src/credentials/azureApplicationCredentialOptions.js.map +0 -1
  882. package/dist-esm/src/credentials/azureCliCredential.browser.js +0 -23
  883. package/dist-esm/src/credentials/azureCliCredential.browser.js.map +0 -1
  884. package/dist-esm/src/credentials/azureCliCredential.js +0 -189
  885. package/dist-esm/src/credentials/azureCliCredential.js.map +0 -1
  886. package/dist-esm/src/credentials/azureCliCredentialOptions.js.map +0 -1
  887. package/dist-esm/src/credentials/azureDeveloperCliCredential.browser.js +0 -23
  888. package/dist-esm/src/credentials/azureDeveloperCliCredential.browser.js.map +0 -1
  889. package/dist-esm/src/credentials/azureDeveloperCliCredential.js +0 -171
  890. package/dist-esm/src/credentials/azureDeveloperCliCredential.js.map +0 -1
  891. package/dist-esm/src/credentials/azureDeveloperCliCredentialOptions.js.map +0 -1
  892. package/dist-esm/src/credentials/azurePipelinesCredential.browser.js +0 -23
  893. package/dist-esm/src/credentials/azurePipelinesCredential.browser.js.map +0 -1
  894. package/dist-esm/src/credentials/azurePipelinesCredential.js +0 -141
  895. package/dist-esm/src/credentials/azurePipelinesCredential.js.map +0 -1
  896. package/dist-esm/src/credentials/azurePipelinesCredentialOptions.js.map +0 -1
  897. package/dist-esm/src/credentials/azurePowerShellCredential.browser.js +0 -22
  898. package/dist-esm/src/credentials/azurePowerShellCredential.browser.js.map +0 -1
  899. package/dist-esm/src/credentials/azurePowerShellCredential.js +0 -229
  900. package/dist-esm/src/credentials/azurePowerShellCredential.js.map +0 -1
  901. package/dist-esm/src/credentials/azurePowerShellCredentialOptions.js.map +0 -1
  902. package/dist-esm/src/credentials/brokerAuthOptions.js.map +0 -1
  903. package/dist-esm/src/credentials/chainedTokenCredential.js +0 -90
  904. package/dist-esm/src/credentials/chainedTokenCredential.js.map +0 -1
  905. package/dist-esm/src/credentials/clientAssertionCredential.browser.js +0 -22
  906. package/dist-esm/src/credentials/clientAssertionCredential.browser.js.map +0 -1
  907. package/dist-esm/src/credentials/clientAssertionCredential.js +0 -55
  908. package/dist-esm/src/credentials/clientAssertionCredential.js.map +0 -1
  909. package/dist-esm/src/credentials/clientAssertionCredentialOptions.js.map +0 -1
  910. package/dist-esm/src/credentials/clientCertificateCredential.browser.js +0 -23
  911. package/dist-esm/src/credentials/clientCertificateCredential.browser.js.map +0 -1
  912. package/dist-esm/src/credentials/clientCertificateCredential.js +0 -119
  913. package/dist-esm/src/credentials/clientCertificateCredential.js.map +0 -1
  914. package/dist-esm/src/credentials/clientCertificateCredentialOptions.js.map +0 -1
  915. package/dist-esm/src/credentials/clientSecretCredential.browser.js +0 -83
  916. package/dist-esm/src/credentials/clientSecretCredential.browser.js.map +0 -1
  917. package/dist-esm/src/credentials/clientSecretCredential.js +0 -60
  918. package/dist-esm/src/credentials/clientSecretCredential.js.map +0 -1
  919. package/dist-esm/src/credentials/clientSecretCredentialOptions.js.map +0 -1
  920. package/dist-esm/src/credentials/credentialPersistenceOptions.js.map +0 -1
  921. package/dist-esm/src/credentials/defaultAzureCredential.browser.js +0 -29
  922. package/dist-esm/src/credentials/defaultAzureCredential.browser.js.map +0 -1
  923. package/dist-esm/src/credentials/defaultAzureCredential.js +0 -164
  924. package/dist-esm/src/credentials/defaultAzureCredential.js.map +0 -1
  925. package/dist-esm/src/credentials/defaultAzureCredentialOptions.js.map +0 -1
  926. package/dist-esm/src/credentials/deviceCodeCredential.browser.js +0 -23
  927. package/dist-esm/src/credentials/deviceCodeCredential.browser.js.map +0 -1
  928. package/dist-esm/src/credentials/deviceCodeCredential.js +0 -91
  929. package/dist-esm/src/credentials/deviceCodeCredential.js.map +0 -1
  930. package/dist-esm/src/credentials/deviceCodeCredentialOptions.js.map +0 -1
  931. package/dist-esm/src/credentials/environmentCredential.browser.js +0 -23
  932. package/dist-esm/src/credentials/environmentCredential.browser.js.map +0 -1
  933. package/dist-esm/src/credentials/environmentCredential.js +0 -130
  934. package/dist-esm/src/credentials/environmentCredential.js.map +0 -1
  935. package/dist-esm/src/credentials/environmentCredentialOptions.js.map +0 -1
  936. package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js +0 -86
  937. package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js.map +0 -1
  938. package/dist-esm/src/credentials/interactiveBrowserCredential.js +0 -91
  939. package/dist-esm/src/credentials/interactiveBrowserCredential.js.map +0 -1
  940. package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.js.map +0 -1
  941. package/dist-esm/src/credentials/interactiveCredentialOptions.js.map +0 -1
  942. package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js +0 -122
  943. package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js.map +0 -1
  944. package/dist-esm/src/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +0 -1
  945. package/dist-esm/src/credentials/managedIdentityCredential/index.browser.js +0 -16
  946. package/dist-esm/src/credentials/managedIdentityCredential/index.browser.js.map +0 -1
  947. package/dist-esm/src/credentials/managedIdentityCredential/index.js +0 -217
  948. package/dist-esm/src/credentials/managedIdentityCredential/index.js.map +0 -1
  949. package/dist-esm/src/credentials/managedIdentityCredential/models.js.map +0 -1
  950. package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js +0 -32
  951. package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +0 -1
  952. package/dist-esm/src/credentials/multiTenantTokenCredentialOptions.js.map +0 -1
  953. package/dist-esm/src/credentials/onBehalfOfCredential.browser.js +0 -23
  954. package/dist-esm/src/credentials/onBehalfOfCredential.browser.js.map +0 -1
  955. package/dist-esm/src/credentials/onBehalfOfCredential.js +0 -112
  956. package/dist-esm/src/credentials/onBehalfOfCredential.js.map +0 -1
  957. package/dist-esm/src/credentials/onBehalfOfCredentialOptions.js.map +0 -1
  958. package/dist-esm/src/credentials/usernamePasswordCredential.browser.js +0 -77
  959. package/dist-esm/src/credentials/usernamePasswordCredential.browser.js.map +0 -1
  960. package/dist-esm/src/credentials/usernamePasswordCredential.js +0 -67
  961. package/dist-esm/src/credentials/usernamePasswordCredential.js.map +0 -1
  962. package/dist-esm/src/credentials/usernamePasswordCredentialOptions.js.map +0 -1
  963. package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js +0 -27
  964. package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js.map +0 -1
  965. package/dist-esm/src/credentials/visualStudioCodeCredential.js +0 -190
  966. package/dist-esm/src/credentials/visualStudioCodeCredential.js.map +0 -1
  967. package/dist-esm/src/credentials/visualStudioCodeCredentialOptions.js.map +0 -1
  968. package/dist-esm/src/credentials/workloadIdentityCredential.browser.js +0 -27
  969. package/dist-esm/src/credentials/workloadIdentityCredential.browser.js.map +0 -1
  970. package/dist-esm/src/credentials/workloadIdentityCredential.js +0 -114
  971. package/dist-esm/src/credentials/workloadIdentityCredential.js.map +0 -1
  972. package/dist-esm/src/credentials/workloadIdentityCredentialOptions.js.map +0 -1
  973. package/dist-esm/src/index.js +0 -34
  974. package/dist-esm/src/index.js.map +0 -1
  975. package/dist-esm/src/msal/browserFlows/flows.js.map +0 -1
  976. package/dist-esm/src/msal/browserFlows/msalAuthCode.js +0 -203
  977. package/dist-esm/src/msal/browserFlows/msalAuthCode.js.map +0 -1
  978. package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js +0 -116
  979. package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js.map +0 -1
  980. package/dist-esm/src/msal/credentials.js.map +0 -1
  981. package/dist-esm/src/msal/msal.browser.js +0 -5
  982. package/dist-esm/src/msal/msal.browser.js.map +0 -1
  983. package/dist-esm/src/msal/nodeFlows/msalClient.js +0 -484
  984. package/dist-esm/src/msal/nodeFlows/msalClient.js.map +0 -1
  985. package/dist-esm/src/msal/nodeFlows/msalPlugins.js +0 -87
  986. package/dist-esm/src/msal/nodeFlows/msalPlugins.js.map +0 -1
  987. package/dist-esm/src/msal/utils.js +0 -232
  988. package/dist-esm/src/msal/utils.js.map +0 -1
  989. package/dist-esm/src/plugins/consumer.browser.js +0 -7
  990. package/dist-esm/src/plugins/consumer.browser.js.map +0 -1
  991. package/dist-esm/src/plugins/consumer.js +0 -43
  992. package/dist-esm/src/plugins/consumer.js.map +0 -1
  993. package/dist-esm/src/plugins/provider.js.map +0 -1
  994. package/dist-esm/src/util/authHostEnv.browser.js +0 -7
  995. package/dist-esm/src/util/authHostEnv.browser.js.map +0 -1
  996. package/dist-esm/src/util/processMultiTenantRequest.browser.js +0 -29
  997. package/dist-esm/src/util/processMultiTenantRequest.browser.js.map +0 -1
  998. package/dist-esm/src/util/processMultiTenantRequest.js +0 -35
  999. package/dist-esm/src/util/processMultiTenantRequest.js.map +0 -1
  1000. package/dist-esm/src/util/scopeUtils.js +0 -29
  1001. package/dist-esm/src/util/scopeUtils.js.map +0 -1
  1002. package/dist-esm/src/util/subscriptionUtils.js +0 -14
  1003. package/dist-esm/src/util/subscriptionUtils.js.map +0 -1
  1004. package/dist-esm/src/util/tenantIdUtils.js +0 -44
  1005. package/dist-esm/src/util/tenantIdUtils.js.map +0 -1
  1006. package/dist-esm/src/util/tracing.js +0 -14
  1007. package/dist-esm/src/util/tracing.js.map +0 -1
  1008. /package/{dist-esm/src → dist/browser}/constants.js +0 -0
  1009. /package/{dist-esm/src → dist/browser}/constants.js.map +0 -0
  1010. /package/{dist-esm/src → dist/browser}/credentials/authorityValidationOptions.js +0 -0
  1011. /package/{dist-esm/src → dist/browser}/credentials/authorityValidationOptions.js.map +0 -0
  1012. /package/{dist-esm/src → dist/browser}/credentials/authorizationCodeCredentialOptions.js +0 -0
  1013. /package/{dist-esm/src → dist/browser}/credentials/azureApplicationCredentialOptions.js +0 -0
  1014. /package/{dist-esm/src → dist/browser}/credentials/azureCliCredentialOptions.js +0 -0
  1015. /package/{dist-esm/src → dist/browser}/credentials/azureDeveloperCliCredentialOptions.js +0 -0
  1016. /package/{dist-esm/src → dist/browser}/credentials/azurePipelinesCredentialOptions.js +0 -0
  1017. /package/{dist-esm/src → dist/browser}/credentials/azurePowerShellCredentialOptions.js +0 -0
  1018. /package/{dist-esm/src → dist/browser}/credentials/brokerAuthOptions.js +0 -0
  1019. /package/{dist-esm/src → dist/browser}/credentials/browserCustomizationOptions.js +0 -0
  1020. /package/{dist-esm/src → dist/browser}/credentials/browserCustomizationOptions.js.map +0 -0
  1021. /package/{dist-esm/src → dist/browser}/credentials/clientAssertionCredentialOptions.js +0 -0
  1022. /package/{dist-esm/src → dist/browser}/credentials/clientCertificateCredentialOptions.js +0 -0
  1023. /package/{dist-esm/src → dist/browser}/credentials/clientSecretCredentialOptions.js +0 -0
  1024. /package/{dist-esm/src → dist/browser}/credentials/credentialPersistenceOptions.js +0 -0
  1025. /package/{dist-esm/src → dist/browser}/credentials/defaultAzureCredentialOptions.js +0 -0
  1026. /package/{dist-esm/src → dist/browser}/credentials/deviceCodeCredentialOptions.js +0 -0
  1027. /package/{dist-esm/src → dist/browser}/credentials/environmentCredentialOptions.js +0 -0
  1028. /package/{dist-esm/src → dist/browser}/credentials/interactiveBrowserCredentialOptions.js +0 -0
  1029. /package/{dist-esm/src → dist/browser}/credentials/interactiveCredentialOptions.js +0 -0
  1030. /package/{dist-esm/src → dist/browser}/credentials/managedIdentityCredential/imdsRetryPolicy.js +0 -0
  1031. /package/{dist-esm/src → dist/browser}/credentials/managedIdentityCredential/models.js +0 -0
  1032. /package/{dist-esm/src → dist/browser}/credentials/managedIdentityCredential/utils.js +0 -0
  1033. /package/{dist-esm/src → dist/browser}/credentials/managedIdentityCredential/utils.js.map +0 -0
  1034. /package/{dist-esm/src → dist/browser}/credentials/multiTenantTokenCredentialOptions.js +0 -0
  1035. /package/{dist-esm/src → dist/browser}/credentials/onBehalfOfCredentialOptions.js +0 -0
  1036. /package/{dist-esm/src → dist/browser}/credentials/usernamePasswordCredentialOptions.js +0 -0
  1037. /package/{dist-esm/src → dist/browser}/credentials/visualStudioCodeCredentialOptions.js +0 -0
  1038. /package/{dist-esm/src → dist/browser}/credentials/visualStudioCodeCredentialPlugin.js +0 -0
  1039. /package/{dist-esm/src → dist/browser}/credentials/visualStudioCodeCredentialPlugin.js.map +0 -0
  1040. /package/{dist-esm/src → dist/browser}/credentials/workloadIdentityCredentialOptions.js +0 -0
  1041. /package/{dist-esm/src → dist/browser}/errors.js +0 -0
  1042. /package/{dist-esm/src → dist/browser}/errors.js.map +0 -0
  1043. /package/{dist-esm/src → dist/browser}/msal/browserFlows/flows.js +0 -0
  1044. /package/{dist-esm/src → dist/browser}/msal/credentials.js +0 -0
  1045. /package/{dist-esm/src → dist/browser}/msal/nodeFlows/brokerOptions.js +0 -0
  1046. /package/{dist-esm/src → dist/browser}/msal/nodeFlows/brokerOptions.js.map +0 -0
  1047. /package/{dist-esm/src → dist/browser}/msal/nodeFlows/tokenCachePersistenceOptions.js +0 -0
  1048. /package/{dist-esm/src → dist/browser}/msal/nodeFlows/tokenCachePersistenceOptions.js.map +0 -0
  1049. /package/{dist-esm/src → dist/browser}/msal/types.js +0 -0
  1050. /package/{dist-esm/src → dist/browser}/msal/types.js.map +0 -0
  1051. /package/{dist-esm/src → dist/browser}/plugins/provider.js +0 -0
  1052. /package/{dist-esm/src → dist/browser}/regionalAuthority.js +0 -0
  1053. /package/{dist-esm/src → dist/browser}/regionalAuthority.js.map +0 -0
  1054. /package/{dist-esm/src → dist/browser}/tokenCredentialOptions.js +0 -0
  1055. /package/{dist-esm/src → dist/browser}/tokenCredentialOptions.js.map +0 -0
  1056. /package/{dist-esm/src → dist/browser}/tokenProvider.js +0 -0
  1057. /package/{dist-esm/src → dist/browser}/tokenProvider.js.map +0 -0
  1058. /package/{dist-esm/src → dist/browser}/util/identityTokenEndpoint.js +0 -0
  1059. /package/{dist-esm/src → dist/browser}/util/identityTokenEndpoint.js.map +0 -0
  1060. /package/{dist-esm/src → dist/browser}/util/logging.js +0 -0
  1061. /package/{dist-esm/src → dist/browser}/util/logging.js.map +0 -0
  1062. /package/{dist-esm/src → dist/browser}/util/processUtils.js +0 -0
  1063. /package/{dist-esm/src → dist/browser}/util/processUtils.js.map +0 -0
  1064. /package/{dist-esm/src → dist/esm}/msal/msal.js +0 -0
  1065. /package/{dist-esm/src → dist/esm}/msal/msal.js.map +0 -0
  1066. /package/{types → dist}/identity.d.ts +0 -0
@@ -1,122 +0,0 @@
1
- // Copyright (c) Microsoft Corporation.
2
- // Licensed under the MIT License.
3
- import { createHttpHeaders, createPipelineRequest } from "@azure/core-rest-pipeline";
4
- import { isError } from "@azure/core-util";
5
- import { credentialLogger } from "../../util/logging";
6
- import { mapScopesToResource } from "./utils";
7
- import { tracingClient } from "../../util/tracing";
8
- const msiName = "ManagedIdentityCredential - IMDS";
9
- const logger = credentialLogger(msiName);
10
- const imdsHost = "http://169.254.169.254";
11
- const imdsEndpointPath = "/metadata/identity/oauth2/token";
12
- const imdsApiVersion = "2018-02-01";
13
- /**
14
- * Generates the options used on the request for an access token.
15
- */
16
- function prepareRequestOptions(scopes, clientId, resourceId, options) {
17
- var _a;
18
- const resource = mapScopesToResource(scopes);
19
- if (!resource) {
20
- throw new Error(`${msiName}: Multiple scopes are not supported.`);
21
- }
22
- const { skipQuery, skipMetadataHeader } = options || {};
23
- let query = "";
24
- // Pod Identity will try to process this request even if the Metadata header is missing.
25
- // We can exclude the request query to ensure no IMDS endpoint tries to process the ping request.
26
- if (!skipQuery) {
27
- const queryParameters = {
28
- resource,
29
- "api-version": imdsApiVersion,
30
- };
31
- if (clientId) {
32
- queryParameters.client_id = clientId;
33
- }
34
- if (resourceId) {
35
- queryParameters.msi_res_id = resourceId;
36
- }
37
- const params = new URLSearchParams(queryParameters);
38
- query = `?${params.toString()}`;
39
- }
40
- const url = new URL(imdsEndpointPath, (_a = process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) !== null && _a !== void 0 ? _a : imdsHost);
41
- const rawHeaders = {
42
- Accept: "application/json",
43
- Metadata: "true",
44
- };
45
- // Remove the Metadata header to invoke a request error from some IMDS endpoints.
46
- if (skipMetadataHeader) {
47
- delete rawHeaders.Metadata;
48
- }
49
- return {
50
- // In this case, the `?` should be added in the "query" variable `skipQuery` is not set.
51
- url: `${url}${query}`,
52
- method: "GET",
53
- headers: createHttpHeaders(rawHeaders),
54
- };
55
- }
56
- /**
57
- * Defines how to determine whether the Azure IMDS MSI is available.
58
- *
59
- * Actually getting the token once we determine IMDS is available is handled by MSAL.
60
- */
61
- export const imdsMsi = {
62
- name: "imdsMsi",
63
- async isAvailable(options) {
64
- const { scopes, identityClient, clientId, resourceId, getTokenOptions } = options;
65
- const resource = mapScopesToResource(scopes);
66
- if (!resource) {
67
- logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
68
- return false;
69
- }
70
- // if the PodIdentityEndpoint environment variable was set no need to probe the endpoint, it can be assumed to exist
71
- if (process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) {
72
- return true;
73
- }
74
- if (!identityClient) {
75
- throw new Error("Missing IdentityClient");
76
- }
77
- const requestOptions = prepareRequestOptions(resource, clientId, resourceId, {
78
- skipMetadataHeader: true,
79
- skipQuery: true,
80
- });
81
- return tracingClient.withSpan("ManagedIdentityCredential-pingImdsEndpoint", getTokenOptions !== null && getTokenOptions !== void 0 ? getTokenOptions : {}, async (updatedOptions) => {
82
- var _a, _b;
83
- requestOptions.tracingOptions = updatedOptions.tracingOptions;
84
- // Create a request with a timeout since we expect that
85
- // not having a "Metadata" header should cause an error to be
86
- // returned quickly from the endpoint, proving its availability.
87
- const request = createPipelineRequest(requestOptions);
88
- // Default to 1000 if the default of 0 is used.
89
- // Negative values can still be used to disable the timeout.
90
- request.timeout = ((_a = updatedOptions.requestOptions) === null || _a === void 0 ? void 0 : _a.timeout) || 1000;
91
- // This MSI uses the imdsEndpoint to get the token, which only uses http://
92
- request.allowInsecureConnection = true;
93
- let response;
94
- try {
95
- logger.info(`${msiName}: Pinging the Azure IMDS endpoint`);
96
- response = await identityClient.sendRequest(request);
97
- }
98
- catch (err) {
99
- // If the request failed, or Node.js was unable to establish a connection,
100
- // or the host was down, we'll assume the IMDS endpoint isn't available.
101
- if (isError(err)) {
102
- logger.verbose(`${msiName}: Caught error ${err.name}: ${err.message}`);
103
- }
104
- // This is a special case for Docker Desktop which responds with a 403 with a message that contains "A socket operation was attempted to an unreachable network" or "A socket operation was attempted to an unreachable host"
105
- // rather than just timing out, as expected.
106
- logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);
107
- return false;
108
- }
109
- if (response.status === 403) {
110
- if ((_b = response.bodyAsText) === null || _b === void 0 ? void 0 : _b.includes("unreachable")) {
111
- logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);
112
- logger.info(`${msiName}: ${response.bodyAsText}`);
113
- return false;
114
- }
115
- }
116
- // If we received any response, the endpoint is available
117
- logger.info(`${msiName}: The Azure IMDS endpoint is available`);
118
- return true;
119
- });
120
- },
121
- };
122
- //# sourceMappingURL=imdsMsi.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"imdsMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AACrF,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAG3C,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAGnD,MAAM,OAAO,GAAG,kCAAkC,CAAC;AACnD,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC,MAAM,QAAQ,GAAG,wBAAwB,CAAC;AAC1C,MAAM,gBAAgB,GAAG,iCAAiC,CAAC;AAC3D,MAAM,cAAc,GAAG,YAAY,CAAC;AAEpC;;GAEG;AACH,SAAS,qBAAqB,CAC5B,MAAyB,EACzB,QAAiB,EACjB,UAAmB,EACnB,OAGC;;IAED,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,EAAE,SAAS,EAAE,kBAAkB,EAAE,GAAG,OAAO,IAAI,EAAE,CAAC;IACxD,IAAI,KAAK,GAAG,EAAE,CAAC;IAEf,wFAAwF;IACxF,iGAAiG;IACjG,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,eAAe,GAA2B;YAC9C,QAAQ;YACR,aAAa,EAAE,cAAc;SAC9B,CAAC;QACF,IAAI,QAAQ,EAAE,CAAC;YACb,eAAe,CAAC,SAAS,GAAG,QAAQ,CAAC;QACvC,CAAC;QACD,IAAI,UAAU,EAAE,CAAC;YACf,eAAe,CAAC,UAAU,GAAG,UAAU,CAAC;QAC1C,CAAC;QACD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;QACpD,KAAK,GAAG,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IAClC,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,gBAAgB,EAAE,MAAA,OAAO,CAAC,GAAG,CAAC,iCAAiC,mCAAI,QAAQ,CAAC,CAAC;IAEjG,MAAM,UAAU,GAA2B;QACzC,MAAM,EAAE,kBAAkB;QAC1B,QAAQ,EAAE,MAAM;KACjB,CAAC;IAEF,iFAAiF;IACjF,IAAI,kBAAkB,EAAE,CAAC;QACvB,OAAO,UAAU,CAAC,QAAQ,CAAC;IAC7B,CAAC;IAED,OAAO;QACL,wFAAwF;QACxF,GAAG,EAAE,GAAG,GAAG,GAAG,KAAK,EAAE;QACrB,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,iBAAiB,CAAC,UAAU,CAAC;KACvC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG;IACrB,IAAI,EAAE,SAAS;IACf,KAAK,CAAC,WAAW,CAAC,OAMjB;QACC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,eAAe,EAAE,GAAG,OAAO,CAAC;QAClF,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QAED,oHAAoH;QACpH,IAAI,OAAO,CAAC,GAAG,CAAC,iCAAiC,EAAE,CAAC;YAClD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,cAAc,GAAG,qBAAqB,CAAC,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE;YAC3E,kBAAkB,EAAE,IAAI;YACxB,SAAS,EAAE,IAAI;SAChB,CAAC,CAAC;QAEH,OAAO,aAAa,CAAC,QAAQ,CAC3B,4CAA4C,EAC5C,eAAe,aAAf,eAAe,cAAf,eAAe,GAAI,EAAE,EACrB,KAAK,EAAE,cAAc,EAAE,EAAE;;YACvB,cAAc,CAAC,cAAc,GAAG,cAAc,CAAC,cAAc,CAAC;YAE9D,uDAAuD;YACvD,6DAA6D;YAC7D,gEAAgE;YAChE,MAAM,OAAO,GAAG,qBAAqB,CAAC,cAAc,CAAC,CAAC;YAEtD,+CAA+C;YAC/C,4DAA4D;YAC5D,OAAO,CAAC,OAAO,GAAG,CAAA,MAAA,cAAc,CAAC,cAAc,0CAAE,OAAO,KAAI,IAAI,CAAC;YAEjE,2EAA2E;YAC3E,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC;YACvC,IAAI,QAA0B,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mCAAmC,CAAC,CAAC;gBAC3D,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YACvD,CAAC;YAAC,OAAO,GAAY,EAAE,CAAC;gBACtB,0EAA0E;gBAC1E,wEAAwE;gBACxE,IAAI,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjB,MAAM,CAAC,OAAO,CAAC,GAAG,OAAO,kBAAkB,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBACzE,CAAC;gBACD,6NAA6N;gBAC7N,4CAA4C;gBAC5C,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,0CAA0C,CAAC,CAAC;gBAClE,OAAO,KAAK,CAAC;YACf,CAAC;YACD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,IAAI,MAAA,QAAQ,CAAC,UAAU,0CAAE,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACjD,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,0CAA0C,CAAC,CAAC;oBAClE,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,KAAK,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;oBAClD,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YACD,yDAAyD;YACzD,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,wCAAwC,CAAC,CAAC;YAChE,OAAO,IAAI,CAAC;QACd,CAAC,CACF,CAAC;IACJ,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelineRequestOptions, PipelineResponse } from \"@azure/core-rest-pipeline\";\nimport { createHttpHeaders, createPipelineRequest } from \"@azure/core-rest-pipeline\";\nimport { isError } from \"@azure/core-util\";\n\nimport type { GetTokenOptions } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { mapScopesToResource } from \"./utils\";\nimport { tracingClient } from \"../../util/tracing\";\nimport { IdentityClient } from \"../../client/identityClient\";\n\nconst msiName = \"ManagedIdentityCredential - IMDS\";\nconst logger = credentialLogger(msiName);\n\nconst imdsHost = \"http://169.254.169.254\";\nconst imdsEndpointPath = \"/metadata/identity/oauth2/token\";\nconst imdsApiVersion = \"2018-02-01\";\n\n/**\n * Generates the options used on the request for an access token.\n */\nfunction prepareRequestOptions(\n scopes: string | string[],\n clientId?: string,\n resourceId?: string,\n options?: {\n skipQuery?: boolean;\n skipMetadataHeader?: boolean;\n },\n): PipelineRequestOptions {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new Error(`${msiName}: Multiple scopes are not supported.`);\n }\n\n const { skipQuery, skipMetadataHeader } = options || {};\n let query = \"\";\n\n // Pod Identity will try to process this request even if the Metadata header is missing.\n // We can exclude the request query to ensure no IMDS endpoint tries to process the ping request.\n if (!skipQuery) {\n const queryParameters: Record<string, string> = {\n resource,\n \"api-version\": imdsApiVersion,\n };\n if (clientId) {\n queryParameters.client_id = clientId;\n }\n if (resourceId) {\n queryParameters.msi_res_id = resourceId;\n }\n const params = new URLSearchParams(queryParameters);\n query = `?${params.toString()}`;\n }\n\n const url = new URL(imdsEndpointPath, process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST ?? imdsHost);\n\n const rawHeaders: Record<string, string> = {\n Accept: \"application/json\",\n Metadata: \"true\",\n };\n\n // Remove the Metadata header to invoke a request error from some IMDS endpoints.\n if (skipMetadataHeader) {\n delete rawHeaders.Metadata;\n }\n\n return {\n // In this case, the `?` should be added in the \"query\" variable `skipQuery` is not set.\n url: `${url}${query}`,\n method: \"GET\",\n headers: createHttpHeaders(rawHeaders),\n };\n}\n\n/**\n * Defines how to determine whether the Azure IMDS MSI is available.\n *\n * Actually getting the token once we determine IMDS is available is handled by MSAL.\n */\nexport const imdsMsi = {\n name: \"imdsMsi\",\n async isAvailable(options: {\n scopes: string | string[];\n identityClient?: IdentityClient;\n clientId?: string;\n resourceId?: string;\n getTokenOptions?: GetTokenOptions;\n }): Promise<boolean> {\n const { scopes, identityClient, clientId, resourceId, getTokenOptions } = options;\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n return false;\n }\n\n // if the PodIdentityEndpoint environment variable was set no need to probe the endpoint, it can be assumed to exist\n if (process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) {\n return true;\n }\n\n if (!identityClient) {\n throw new Error(\"Missing IdentityClient\");\n }\n\n const requestOptions = prepareRequestOptions(resource, clientId, resourceId, {\n skipMetadataHeader: true,\n skipQuery: true,\n });\n\n return tracingClient.withSpan(\n \"ManagedIdentityCredential-pingImdsEndpoint\",\n getTokenOptions ?? {},\n async (updatedOptions) => {\n requestOptions.tracingOptions = updatedOptions.tracingOptions;\n\n // Create a request with a timeout since we expect that\n // not having a \"Metadata\" header should cause an error to be\n // returned quickly from the endpoint, proving its availability.\n const request = createPipelineRequest(requestOptions);\n\n // Default to 1000 if the default of 0 is used.\n // Negative values can still be used to disable the timeout.\n request.timeout = updatedOptions.requestOptions?.timeout || 1000;\n\n // This MSI uses the imdsEndpoint to get the token, which only uses http://\n request.allowInsecureConnection = true;\n let response: PipelineResponse;\n try {\n logger.info(`${msiName}: Pinging the Azure IMDS endpoint`);\n response = await identityClient.sendRequest(request);\n } catch (err: unknown) {\n // If the request failed, or Node.js was unable to establish a connection,\n // or the host was down, we'll assume the IMDS endpoint isn't available.\n if (isError(err)) {\n logger.verbose(`${msiName}: Caught error ${err.name}: ${err.message}`);\n }\n // This is a special case for Docker Desktop which responds with a 403 with a message that contains \"A socket operation was attempted to an unreachable network\" or \"A socket operation was attempted to an unreachable host\"\n // rather than just timing out, as expected.\n logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);\n return false;\n }\n if (response.status === 403) {\n if (response.bodyAsText?.includes(\"unreachable\")) {\n logger.info(`${msiName}: The Azure IMDS endpoint is unavailable`);\n logger.info(`${msiName}: ${response.bodyAsText}`);\n return false;\n }\n }\n // If we received any response, the endpoint is available\n logger.info(`${msiName}: The Azure IMDS endpoint is available`);\n return true;\n },\n );\n },\n};\n"]}
@@ -1 +0,0 @@
1
- {"version":3,"file":"imdsRetryPolicy.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/imdsRetryPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAGxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAEvD,0EAA0E;AAC1E,MAAM,iCAAiC,GAAG,IAAI,GAAG,EAAE,CAAC;AAEpD;;;;;;;GAOG;AACH,MAAM,UAAU,eAAe,CAAC,cAA+C;IAC7E,OAAO,WAAW,CAChB;QACE;YACE,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,EAAE,EAAE;gBAClC,IAAI,CAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,MAAK,GAAG,EAAE,CAAC;oBAC7B,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;gBAChC,CAAC;gBAED,OAAO,mBAAmB,CAAC,UAAU,EAAE;oBACrC,cAAc,EAAE,cAAc,CAAC,cAAc;oBAC7C,iBAAiB,EAAE,iCAAiC;iBACrD,CAAC,CAAC;YACL,CAAC;SACF;KACF,EACD;QACE,UAAU,EAAE,cAAc,CAAC,UAAU;KACtC,CACF,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { PipelinePolicy } from \"@azure/core-rest-pipeline\";\nimport { retryPolicy } from \"@azure/core-rest-pipeline\";\n\nimport type { MSIConfiguration } from \"./models\";\nimport { calculateRetryDelay } from \"@azure/core-util\";\n\n// Matches the default retry configuration in expontentialRetryStrategy.ts\nconst DEFAULT_CLIENT_MAX_RETRY_INTERVAL = 1000 * 64;\n\n/**\n * An additional policy that retries on 404 errors. The default retry policy does not retry on\n * 404s, but the IMDS endpoint can return 404s when the token is not yet available. This policy\n * will retry on 404s with an exponential backoff.\n *\n * @param msiRetryConfig - The retry configuration for the MSI credential.\n * @returns - The policy that will retry on 404s.\n */\nexport function imdsRetryPolicy(msiRetryConfig: MSIConfiguration[\"retryConfig\"]): PipelinePolicy {\n return retryPolicy(\n [\n {\n name: \"imdsRetryPolicy\",\n retry: ({ retryCount, response }) => {\n if (response?.status !== 404) {\n return { skipStrategy: true };\n }\n\n return calculateRetryDelay(retryCount, {\n retryDelayInMs: msiRetryConfig.startDelayInMs,\n maxRetryDelayInMs: DEFAULT_CLIENT_MAX_RETRY_INTERVAL,\n });\n },\n },\n ],\n {\n maxRetries: msiRetryConfig.maxRetries,\n },\n );\n}\n"]}
@@ -1,16 +0,0 @@
1
- // Copyright (c) Microsoft Corporation.
2
- // Licensed under the MIT License.
3
- import { credentialLogger, formatError } from "../../util/logging";
4
- const BrowserNotSupportedError = new Error("ManagedIdentityCredential is not supported in the browser.");
5
- const logger = credentialLogger("ManagedIdentityCredential");
6
- export class ManagedIdentityCredential {
7
- constructor() {
8
- logger.info(formatError("", BrowserNotSupportedError));
9
- throw BrowserNotSupportedError;
10
- }
11
- async getToken() {
12
- logger.getToken.info(formatError("", BrowserNotSupportedError));
13
- throw BrowserNotSupportedError;
14
- }
15
- }
16
- //# sourceMappingURL=index.browser.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.browser.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/index.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEnE,MAAM,wBAAwB,GAAG,IAAI,KAAK,CACxC,4DAA4D,CAC7D,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,2BAA2B,CAAC,CAAC;AAE7D,MAAM,OAAO,yBAAyB;IACpC;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,KAAK,CAAC,QAAQ;QACnB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, TokenCredential } from \"@azure/core-auth\";\n\nimport { credentialLogger, formatError } from \"../../util/logging\";\n\nconst BrowserNotSupportedError = new Error(\n \"ManagedIdentityCredential is not supported in the browser.\",\n);\nconst logger = credentialLogger(\"ManagedIdentityCredential\");\n\nexport class ManagedIdentityCredential implements TokenCredential {\n constructor() {\n logger.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n\n public async getToken(): Promise<AccessToken | null> {\n logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n}\n"]}
@@ -1,217 +0,0 @@
1
- // Copyright (c) Microsoft Corporation.
2
- // Licensed under the MIT License.
3
- import { getLogLevel } from "@azure/logger";
4
- import { ManagedIdentityApplication } from "@azure/msal-node";
5
- import { IdentityClient } from "../../client/identityClient";
6
- import { AuthenticationRequiredError, CredentialUnavailableError } from "../../errors";
7
- import { getMSALLogLevel, defaultLoggerCallback } from "../../msal/utils";
8
- import { imdsRetryPolicy } from "./imdsRetryPolicy";
9
- import { formatSuccess, formatError, credentialLogger } from "../../util/logging";
10
- import { tracingClient } from "../../util/tracing";
11
- import { imdsMsi } from "./imdsMsi";
12
- import { tokenExchangeMsi } from "./tokenExchangeMsi";
13
- import { mapScopesToResource } from "./utils";
14
- const logger = credentialLogger("ManagedIdentityCredential");
15
- /**
16
- * Attempts authentication using a managed identity available at the deployment environment.
17
- * This authentication type works in Azure VMs, App Service instances, Azure Functions applications,
18
- * Azure Kubernetes Services, Azure Service Fabric instances and inside of the Azure Cloud Shell.
19
- *
20
- * More information about configuring managed identities can be found here:
21
- * https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
22
- */
23
- export class ManagedIdentityCredential {
24
- /**
25
- * @internal
26
- * @hidden
27
- */
28
- constructor(clientIdOrOptions, options) {
29
- var _a, _b;
30
- this.msiRetryConfig = {
31
- maxRetries: 5,
32
- startDelayInMs: 800,
33
- intervalIncrement: 2,
34
- };
35
- let _options;
36
- if (typeof clientIdOrOptions === "string") {
37
- this.clientId = clientIdOrOptions;
38
- _options = options !== null && options !== void 0 ? options : {};
39
- }
40
- else {
41
- this.clientId = clientIdOrOptions === null || clientIdOrOptions === void 0 ? void 0 : clientIdOrOptions.clientId;
42
- _options = clientIdOrOptions !== null && clientIdOrOptions !== void 0 ? clientIdOrOptions : {};
43
- }
44
- this.resourceId = _options === null || _options === void 0 ? void 0 : _options.resourceId;
45
- this.objectId = _options === null || _options === void 0 ? void 0 : _options.objectId;
46
- // For JavaScript users.
47
- const providedIds = [this.clientId, this.resourceId, this.objectId].filter(Boolean);
48
- if (providedIds.length > 1) {
49
- throw new Error(`ManagedIdentityCredential: only one of 'clientId', 'resourceId', or 'objectId' can be provided. Received values: ${JSON.stringify({ clientId: this.clientId, resourceId: this.resourceId, objectId: this.objectId })}`);
50
- }
51
- // ManagedIdentity uses http for local requests
52
- _options.allowInsecureConnection = true;
53
- if (((_a = _options.retryOptions) === null || _a === void 0 ? void 0 : _a.maxRetries) !== undefined) {
54
- this.msiRetryConfig.maxRetries = _options.retryOptions.maxRetries;
55
- }
56
- this.identityClient = new IdentityClient(Object.assign(Object.assign({}, _options), { additionalPolicies: [{ policy: imdsRetryPolicy(this.msiRetryConfig), position: "perCall" }] }));
57
- this.managedIdentityApp = new ManagedIdentityApplication({
58
- managedIdentityIdParams: {
59
- userAssignedClientId: this.clientId,
60
- userAssignedResourceId: this.resourceId,
61
- userAssignedObjectId: this.objectId,
62
- },
63
- system: {
64
- disableInternalRetries: true,
65
- networkClient: this.identityClient,
66
- loggerOptions: {
67
- logLevel: getMSALLogLevel(getLogLevel()),
68
- piiLoggingEnabled: (_b = _options.loggingOptions) === null || _b === void 0 ? void 0 : _b.enableUnsafeSupportLogging,
69
- loggerCallback: defaultLoggerCallback(logger),
70
- },
71
- },
72
- });
73
- this.isAvailableIdentityClient = new IdentityClient(Object.assign(Object.assign({}, _options), { retryOptions: {
74
- maxRetries: 0,
75
- } }));
76
- // CloudShell MSI will ignore any user-assigned identity passed as parameters. To avoid confusion, we prevent this from happening as early as possible.
77
- if (this.managedIdentityApp.getManagedIdentitySource() === "CloudShell") {
78
- if (this.clientId || this.resourceId || this.objectId) {
79
- logger.warning(`CloudShell MSI detected with user-provided IDs - throwing. Received values: ${JSON.stringify({
80
- clientId: this.clientId,
81
- resourceId: this.resourceId,
82
- objectId: this.objectId,
83
- })}.`);
84
- throw new CredentialUnavailableError("ManagedIdentityCredential: Specifying a user-assigned managed identity is not supported for CloudShell at runtime. When using Managed Identity in CloudShell, omit the clientId, resourceId, and objectId parameters.");
85
- }
86
- }
87
- }
88
- /**
89
- * Authenticates with Microsoft Entra ID and returns an access token if successful.
90
- * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
91
- * If an unexpected error occurs, an {@link AuthenticationError} will be thrown with the details of the failure.
92
- *
93
- * @param scopes - The list of scopes for which the token will have access.
94
- * @param options - The options used to configure any requests this
95
- * TokenCredential implementation might make.
96
- */
97
- async getToken(scopes, options = {}) {
98
- logger.getToken.info("Using the MSAL provider for Managed Identity.");
99
- const resource = mapScopesToResource(scopes);
100
- if (!resource) {
101
- throw new CredentialUnavailableError(`ManagedIdentityCredential: Multiple scopes are not supported. Scopes: ${JSON.stringify(scopes)}`);
102
- }
103
- return tracingClient.withSpan("ManagedIdentityCredential.getToken", options, async () => {
104
- var _a;
105
- try {
106
- const isTokenExchangeMsi = await tokenExchangeMsi.isAvailable(this.clientId);
107
- // Most scenarios are handled by MSAL except for two:
108
- // AKS pod identity - MSAL does not implement the token exchange flow.
109
- // IMDS Endpoint probing - MSAL does not do any probing before trying to get a token.
110
- // As a DefaultAzureCredential optimization we probe the IMDS endpoint with a short timeout and no retries before actually trying to get a token
111
- // We will continue to implement these features in the Identity library.
112
- const identitySource = this.managedIdentityApp.getManagedIdentitySource();
113
- const isImdsMsi = identitySource === "DefaultToImds" || identitySource === "Imds"; // Neither actually checks that IMDS endpoint is available, just that it's the source the MSAL _would_ try to use.
114
- logger.getToken.info(`MSAL Identity source: ${identitySource}`);
115
- if (isTokenExchangeMsi) {
116
- // In the AKS scenario we will use the existing tokenExchangeMsi indefinitely.
117
- logger.getToken.info("Using the token exchange managed identity.");
118
- const result = await tokenExchangeMsi.getToken({
119
- scopes,
120
- clientId: this.clientId,
121
- identityClient: this.identityClient,
122
- retryConfig: this.msiRetryConfig,
123
- resourceId: this.resourceId,
124
- });
125
- if (result === null) {
126
- throw new CredentialUnavailableError("Attempted to use the token exchange managed identity, but received a null response.");
127
- }
128
- return result;
129
- }
130
- else if (isImdsMsi) {
131
- // In the IMDS scenario we will probe the IMDS endpoint to ensure it's available before trying to get a token.
132
- // If the IMDS endpoint is not available and this is the source that MSAL will use, we will fail-fast with an error that tells DAC to move to the next credential.
133
- logger.getToken.info("Using the IMDS endpoint to probe for availability.");
134
- const isAvailable = await imdsMsi.isAvailable({
135
- scopes,
136
- clientId: this.clientId,
137
- getTokenOptions: options,
138
- identityClient: this.isAvailableIdentityClient,
139
- resourceId: this.resourceId,
140
- });
141
- if (!isAvailable) {
142
- throw new CredentialUnavailableError(`Attempted to use the IMDS endpoint, but it is not available.`);
143
- }
144
- }
145
- // If we got this far, it means:
146
- // - This is not a tokenExchangeMsi,
147
- // - We already probed for IMDS endpoint availability and failed-fast if it's unreachable.
148
- // We can proceed normally by calling MSAL for a token.
149
- logger.getToken.info("Calling into MSAL for managed identity token.");
150
- const token = await this.managedIdentityApp.acquireToken({
151
- resource,
152
- });
153
- this.ensureValidMsalToken(scopes, token, options);
154
- logger.getToken.info(formatSuccess(scopes));
155
- return {
156
- expiresOnTimestamp: token.expiresOn.getTime(),
157
- token: token.accessToken,
158
- refreshAfterTimestamp: (_a = token.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
159
- tokenType: "Bearer",
160
- };
161
- }
162
- catch (err) {
163
- logger.getToken.error(formatError(scopes, err));
164
- // AuthenticationRequiredError described as Error to enforce authentication after trying to retrieve a token silently.
165
- // TODO: why would this _ever_ happen considering we're not trying the silent request in this flow?
166
- if (err.name === "AuthenticationRequiredError") {
167
- throw err;
168
- }
169
- if (isNetworkError(err)) {
170
- throw new CredentialUnavailableError(`ManagedIdentityCredential: Network unreachable. Message: ${err.message}`, { cause: err });
171
- }
172
- throw new CredentialUnavailableError(`ManagedIdentityCredential: Authentication failed. Message ${err.message}`, { cause: err });
173
- }
174
- });
175
- }
176
- /**
177
- * Ensures the validity of the MSAL token
178
- */
179
- ensureValidMsalToken(scopes, msalToken, getTokenOptions) {
180
- const createError = (message) => {
181
- logger.getToken.info(message);
182
- return new AuthenticationRequiredError({
183
- scopes: Array.isArray(scopes) ? scopes : [scopes],
184
- getTokenOptions,
185
- message,
186
- });
187
- };
188
- if (!msalToken) {
189
- throw createError("No response.");
190
- }
191
- if (!msalToken.expiresOn) {
192
- throw createError(`Response had no "expiresOn" property.`);
193
- }
194
- if (!msalToken.accessToken) {
195
- throw createError(`Response had no "accessToken" property.`);
196
- }
197
- }
198
- }
199
- function isNetworkError(err) {
200
- // MSAL error
201
- if (err.errorCode === "network_error") {
202
- return true;
203
- }
204
- // Probe errors
205
- if (err.code === "ENETUNREACH" || err.code === "EHOSTUNREACH") {
206
- return true;
207
- }
208
- // This is a special case for Docker Desktop which responds with a 403 with a message that contains "A socket operation was attempted to an unreachable network" or "A socket operation was attempted to an unreachable host"
209
- // rather than just timing out, as expected.
210
- if (err.statusCode === 403 || err.code === 403) {
211
- if (err.message.includes("unreachable")) {
212
- return true;
213
- }
214
- }
215
- return false;
216
- }
217
- //# sourceMappingURL=index.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAKlC,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,2BAA2B,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AACvF,OAAO,EAAE,eAAe,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEpD,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAG9C,MAAM,MAAM,GAAG,gBAAgB,CAAC,2BAA2B,CAAC,CAAC;AAwC7D;;;;;;;GAOG;AACH,MAAM,OAAO,yBAAyB;IAuCpC;;;OAGG;IACH,YACE,iBAI4C,EAC5C,OAAgC;;QA3C1B,mBAAc,GAAoC;YACxD,UAAU,EAAE,CAAC;YACb,cAAc,EAAE,GAAG;YACnB,iBAAiB,EAAE,CAAC;SACrB,CAAC;QAyCA,IAAI,QAAgC,CAAC;QACrC,IAAI,OAAO,iBAAiB,KAAK,QAAQ,EAAE,CAAC;YAC1C,IAAI,CAAC,QAAQ,GAAG,iBAAiB,CAAC;YAClC,QAAQ,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,QAAQ,GAAI,iBAA8D,aAA9D,iBAAiB,uBAAjB,iBAAiB,CAA+C,QAAQ,CAAC;YAC1F,QAAQ,GAAG,iBAAiB,aAAjB,iBAAiB,cAAjB,iBAAiB,GAAI,EAAE,CAAC;QACrC,CAAC;QACD,IAAI,CAAC,UAAU,GAAI,QAAuD,aAAvD,QAAQ,uBAAR,QAAQ,CAAiD,UAAU,CAAC;QACvF,IAAI,CAAC,QAAQ,GAAI,QAAqD,aAArD,QAAQ,uBAAR,QAAQ,CAA+C,QAAQ,CAAC;QAEjF,wBAAwB;QACxB,MAAM,WAAW,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpF,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,oHAAoH,IAAI,CAAC,SAAS,CAChI,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAClF,EAAE,CACJ,CAAC;QACJ,CAAC;QAED,+CAA+C;QAC/C,QAAQ,CAAC,uBAAuB,GAAG,IAAI,CAAC;QAExC,IAAI,CAAA,MAAA,QAAQ,CAAC,YAAY,0CAAE,UAAU,MAAK,SAAS,EAAE,CAAC;YACpD,IAAI,CAAC,cAAc,CAAC,UAAU,GAAG,QAAQ,CAAC,YAAY,CAAC,UAAU,CAAC;QACpE,CAAC;QAED,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,iCACnC,QAAQ,KACX,kBAAkB,EAAE,CAAC,EAAE,MAAM,EAAE,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,IAC3F,CAAC;QAEH,IAAI,CAAC,kBAAkB,GAAG,IAAI,0BAA0B,CAAC;YACvD,uBAAuB,EAAE;gBACvB,oBAAoB,EAAE,IAAI,CAAC,QAAQ;gBACnC,sBAAsB,EAAE,IAAI,CAAC,UAAU;gBACvC,oBAAoB,EAAE,IAAI,CAAC,QAAQ;aACpC;YACD,MAAM,EAAE;gBACN,sBAAsB,EAAE,IAAI;gBAC5B,aAAa,EAAE,IAAI,CAAC,cAAc;gBAClC,aAAa,EAAE;oBACb,QAAQ,EAAE,eAAe,CAAC,WAAW,EAAE,CAAC;oBACxC,iBAAiB,EAAE,MAAA,QAAQ,CAAC,cAAc,0CAAE,0BAA0B;oBACtE,cAAc,EAAE,qBAAqB,CAAC,MAAM,CAAC;iBAC9C;aACF;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,yBAAyB,GAAG,IAAI,cAAc,iCAC9C,QAAQ,KACX,YAAY,EAAE;gBACZ,UAAU,EAAE,CAAC;aACd,IACD,CAAC;QAEH,uJAAuJ;QACvJ,IAAI,IAAI,CAAC,kBAAkB,CAAC,wBAAwB,EAAE,KAAK,YAAY,EAAE,CAAC;YACxE,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACtD,MAAM,CAAC,OAAO,CACZ,+EAA+E,IAAI,CAAC,SAAS,CAC3F;oBACE,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;iBACxB,CACF,GAAG,CACL,CAAC;gBACF,MAAM,IAAI,0BAA0B,CAClC,uNAAuN,CACxN,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QACtE,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,yEAAyE,IAAI,CAAC,SAAS,CACrF,MAAM,CACP,EAAE,CACJ,CAAC;QACJ,CAAC;QAED,OAAO,aAAa,CAAC,QAAQ,CAAC,oCAAoC,EAAE,OAAO,EAAE,KAAK,IAAI,EAAE;;YACtF,IAAI,CAAC;gBACH,MAAM,kBAAkB,GAAG,MAAM,gBAAgB,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAE7E,qDAAqD;gBACrD,sEAAsE;gBACtE,qFAAqF;gBACrF,gJAAgJ;gBAChJ,wEAAwE;gBAExE,MAAM,cAAc,GAAG,IAAI,CAAC,kBAAkB,CAAC,wBAAwB,EAAE,CAAC;gBAC1E,MAAM,SAAS,GAAG,cAAc,KAAK,eAAe,IAAI,cAAc,KAAK,MAAM,CAAC,CAAC,kHAAkH;gBAErM,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,yBAAyB,cAAc,EAAE,CAAC,CAAC;gBAEhE,IAAI,kBAAkB,EAAE,CAAC;oBACvB,8EAA8E;oBAC9E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;oBACnE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,QAAQ,CAAC;wBAC7C,MAAM;wBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,cAAc,EAAE,IAAI,CAAC,cAAc;wBACnC,WAAW,EAAE,IAAI,CAAC,cAAc;wBAChC,UAAU,EAAE,IAAI,CAAC,UAAU;qBAC5B,CAAC,CAAC;oBAEH,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;wBACpB,MAAM,IAAI,0BAA0B,CAClC,qFAAqF,CACtF,CAAC;oBACJ,CAAC;oBAED,OAAO,MAAM,CAAC;gBAChB,CAAC;qBAAM,IAAI,SAAS,EAAE,CAAC;oBACrB,8GAA8G;oBAC9G,kKAAkK;oBAClK,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;oBAC3E,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC;wBAC5C,MAAM;wBACN,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,eAAe,EAAE,OAAO;wBACxB,cAAc,EAAE,IAAI,CAAC,yBAAyB;wBAC9C,UAAU,EAAE,IAAI,CAAC,UAAU;qBAC5B,CAAC,CAAC;oBAEH,IAAI,CAAC,WAAW,EAAE,CAAC;wBACjB,MAAM,IAAI,0BAA0B,CAClC,8DAA8D,CAC/D,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAED,gCAAgC;gBAChC,oCAAoC;gBACpC,0FAA0F;gBAC1F,uDAAuD;gBACvD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;gBACtE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,YAAY,CAAC;oBACvD,QAAQ;iBACT,CAAC,CAAC;gBAEH,IAAI,CAAC,oBAAoB,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;gBAClD,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;gBAE5C,OAAO;oBACL,kBAAkB,EAAE,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE;oBAC7C,KAAK,EAAE,KAAK,CAAC,WAAW;oBACxB,qBAAqB,EAAE,MAAA,KAAK,CAAC,SAAS,0CAAE,OAAO,EAAE;oBACjD,SAAS,EAAE,QAAQ;iBACL,CAAC;YACnB,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAClB,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC;gBAEhD,sHAAsH;gBACtH,mGAAmG;gBACnG,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE,CAAC;oBAC/C,MAAM,GAAG,CAAC;gBACZ,CAAC;gBAED,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxB,MAAM,IAAI,0BAA0B,CAClC,4DAA4D,GAAG,CAAC,OAAO,EAAE,EACzE,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;gBACJ,CAAC;gBAED,MAAM,IAAI,0BAA0B,CAClC,6DAA6D,GAAG,CAAC,OAAO,EAAE,EAC1E,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,oBAAoB,CAC1B,MAAyB,EACzB,SAAqB,EACrB,eAAiC;QAEjC,MAAM,WAAW,GAAG,CAAC,OAAe,EAAS,EAAE;YAC7C,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC9B,OAAO,IAAI,2BAA2B,CAAC;gBACrC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;gBACjD,eAAe;gBACf,OAAO;aACR,CAAC,CAAC;QACL,CAAC,CAAC;QACF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,WAAW,CAAC,cAAc,CAAC,CAAC;QACpC,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;YACzB,MAAM,WAAW,CAAC,uCAAuC,CAAC,CAAC;QAC7D,CAAC;QACD,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;YAC3B,MAAM,WAAW,CAAC,yCAAyC,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;CACF;AAED,SAAS,cAAc,CAAC,GAAQ;IAC9B,aAAa;IACb,IAAI,GAAG,CAAC,SAAS,KAAK,eAAe,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,eAAe;IACf,IAAI,GAAG,CAAC,IAAI,KAAK,aAAa,IAAI,GAAG,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6NAA6N;IAC7N,4CAA4C;IAC5C,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;QAC/C,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\n\nimport type { TokenCredentialOptions } from \"../../tokenCredentialOptions\";\nimport { getLogLevel } from \"@azure/logger\";\nimport { ManagedIdentityApplication } from \"@azure/msal-node\";\nimport { IdentityClient } from \"../../client/identityClient\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../../errors\";\nimport { getMSALLogLevel, defaultLoggerCallback } from \"../../msal/utils\";\nimport { imdsRetryPolicy } from \"./imdsRetryPolicy\";\nimport { MSIConfiguration } from \"./models\";\nimport { formatSuccess, formatError, credentialLogger } from \"../../util/logging\";\nimport { tracingClient } from \"../../util/tracing\";\nimport { imdsMsi } from \"./imdsMsi\";\nimport { tokenExchangeMsi } from \"./tokenExchangeMsi\";\nimport { mapScopesToResource } from \"./utils\";\nimport { MsalToken, ValidMsalToken } from \"../../msal/types\";\n\nconst logger = credentialLogger(\"ManagedIdentityCredential\");\n\n/**\n * Options to send on the {@link ManagedIdentityCredential} constructor.\n * This variation supports `clientId` and not `resourceId`, since only one of both is supported.\n */\nexport interface ManagedIdentityCredentialClientIdOptions extends TokenCredentialOptions {\n /**\n * The client ID of the user - assigned identity, or app registration(when working with AKS pod - identity).\n */\n clientId?: string;\n}\n\n/**\n * Options to send on the {@link ManagedIdentityCredential} constructor.\n * This variation supports `resourceId` and not `clientId`, since only one of both is supported.\n */\nexport interface ManagedIdentityCredentialResourceIdOptions extends TokenCredentialOptions {\n /**\n * Allows specifying a custom resource Id.\n * In scenarios such as when user assigned identities are created using an ARM template,\n * where the resource Id of the identity is known but the client Id can't be known ahead of time,\n * this parameter allows programs to use these user assigned identities\n * without having to first determine the client Id of the created identity.\n */\n resourceId: string;\n}\n\n/**\n * Options to send on the {@link ManagedIdentityCredential} constructor.\n * This variation supports `objectId` as a constructor argument.\n */\nexport interface ManagedIdentityCredentialObjectIdOptions extends TokenCredentialOptions {\n /**\n * Allows specifying the object ID of the underlying service principal used to authenticate a user-assigned managed identity.\n * This is an alternative to providing a client ID or resource ID and is not required for system-assigned managed identities.\n */\n objectId: string;\n}\n\n/**\n * Attempts authentication using a managed identity available at the deployment environment.\n * This authentication type works in Azure VMs, App Service instances, Azure Functions applications,\n * Azure Kubernetes Services, Azure Service Fabric instances and inside of the Azure Cloud Shell.\n *\n * More information about configuring managed identities can be found here:\n * https://learn.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview\n */\nexport class ManagedIdentityCredential implements TokenCredential {\n private managedIdentityApp: ManagedIdentityApplication;\n private identityClient: IdentityClient;\n private clientId?: string;\n private resourceId?: string;\n private objectId?: string;\n private msiRetryConfig: MSIConfiguration[\"retryConfig\"] = {\n maxRetries: 5,\n startDelayInMs: 800,\n intervalIncrement: 2,\n };\n private isAvailableIdentityClient: IdentityClient;\n\n /**\n * Creates an instance of ManagedIdentityCredential with the client ID of a\n * user-assigned identity, or app registration (when working with AKS pod-identity).\n *\n * @param clientId - The client ID of the user-assigned identity, or app registration (when working with AKS pod-identity).\n * @param options - Options for configuring the client which makes the access token request.\n */\n constructor(clientId: string, options?: TokenCredentialOptions);\n /**\n * Creates an instance of ManagedIdentityCredential with a client ID\n *\n * @param options - Options for configuring the client which makes the access token request.\n */\n constructor(options?: ManagedIdentityCredentialClientIdOptions);\n /**\n * Creates an instance of ManagedIdentityCredential with a resource ID\n *\n * @param options - Options for configuring the resource which makes the access token request.\n */\n constructor(options?: ManagedIdentityCredentialResourceIdOptions);\n /**\n * Creates an instance of ManagedIdentityCredential with an object ID\n *\n * @param options - Options for configuring the resource which makes the access token request.\n */\n constructor(options?: ManagedIdentityCredentialObjectIdOptions);\n /**\n * @internal\n * @hidden\n */\n constructor(\n clientIdOrOptions?:\n | string\n | ManagedIdentityCredentialClientIdOptions\n | ManagedIdentityCredentialResourceIdOptions\n | ManagedIdentityCredentialObjectIdOptions,\n options?: TokenCredentialOptions,\n ) {\n let _options: TokenCredentialOptions;\n if (typeof clientIdOrOptions === \"string\") {\n this.clientId = clientIdOrOptions;\n _options = options ?? {};\n } else {\n this.clientId = (clientIdOrOptions as ManagedIdentityCredentialClientIdOptions)?.clientId;\n _options = clientIdOrOptions ?? {};\n }\n this.resourceId = (_options as ManagedIdentityCredentialResourceIdOptions)?.resourceId;\n this.objectId = (_options as ManagedIdentityCredentialObjectIdOptions)?.objectId;\n\n // For JavaScript users.\n const providedIds = [this.clientId, this.resourceId, this.objectId].filter(Boolean);\n if (providedIds.length > 1) {\n throw new Error(\n `ManagedIdentityCredential: only one of 'clientId', 'resourceId', or 'objectId' can be provided. Received values: ${JSON.stringify(\n { clientId: this.clientId, resourceId: this.resourceId, objectId: this.objectId },\n )}`,\n );\n }\n\n // ManagedIdentity uses http for local requests\n _options.allowInsecureConnection = true;\n\n if (_options.retryOptions?.maxRetries !== undefined) {\n this.msiRetryConfig.maxRetries = _options.retryOptions.maxRetries;\n }\n\n this.identityClient = new IdentityClient({\n ..._options,\n additionalPolicies: [{ policy: imdsRetryPolicy(this.msiRetryConfig), position: \"perCall\" }],\n });\n\n this.managedIdentityApp = new ManagedIdentityApplication({\n managedIdentityIdParams: {\n userAssignedClientId: this.clientId,\n userAssignedResourceId: this.resourceId,\n userAssignedObjectId: this.objectId,\n },\n system: {\n disableInternalRetries: true,\n networkClient: this.identityClient,\n loggerOptions: {\n logLevel: getMSALLogLevel(getLogLevel()),\n piiLoggingEnabled: _options.loggingOptions?.enableUnsafeSupportLogging,\n loggerCallback: defaultLoggerCallback(logger),\n },\n },\n });\n\n this.isAvailableIdentityClient = new IdentityClient({\n ..._options,\n retryOptions: {\n maxRetries: 0,\n },\n });\n\n // CloudShell MSI will ignore any user-assigned identity passed as parameters. To avoid confusion, we prevent this from happening as early as possible.\n if (this.managedIdentityApp.getManagedIdentitySource() === \"CloudShell\") {\n if (this.clientId || this.resourceId || this.objectId) {\n logger.warning(\n `CloudShell MSI detected with user-provided IDs - throwing. Received values: ${JSON.stringify(\n {\n clientId: this.clientId,\n resourceId: this.resourceId,\n objectId: this.objectId,\n },\n )}.`,\n );\n throw new CredentialUnavailableError(\n \"ManagedIdentityCredential: Specifying a user-assigned managed identity is not supported for CloudShell at runtime. When using Managed Identity in CloudShell, omit the clientId, resourceId, and objectId parameters.\",\n );\n }\n }\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n * If an unexpected error occurs, an {@link AuthenticationError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken> {\n logger.getToken.info(\"Using the MSAL provider for Managed Identity.\");\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new CredentialUnavailableError(\n `ManagedIdentityCredential: Multiple scopes are not supported. Scopes: ${JSON.stringify(\n scopes,\n )}`,\n );\n }\n\n return tracingClient.withSpan(\"ManagedIdentityCredential.getToken\", options, async () => {\n try {\n const isTokenExchangeMsi = await tokenExchangeMsi.isAvailable(this.clientId);\n\n // Most scenarios are handled by MSAL except for two:\n // AKS pod identity - MSAL does not implement the token exchange flow.\n // IMDS Endpoint probing - MSAL does not do any probing before trying to get a token.\n // As a DefaultAzureCredential optimization we probe the IMDS endpoint with a short timeout and no retries before actually trying to get a token\n // We will continue to implement these features in the Identity library.\n\n const identitySource = this.managedIdentityApp.getManagedIdentitySource();\n const isImdsMsi = identitySource === \"DefaultToImds\" || identitySource === \"Imds\"; // Neither actually checks that IMDS endpoint is available, just that it's the source the MSAL _would_ try to use.\n\n logger.getToken.info(`MSAL Identity source: ${identitySource}`);\n\n if (isTokenExchangeMsi) {\n // In the AKS scenario we will use the existing tokenExchangeMsi indefinitely.\n logger.getToken.info(\"Using the token exchange managed identity.\");\n const result = await tokenExchangeMsi.getToken({\n scopes,\n clientId: this.clientId,\n identityClient: this.identityClient,\n retryConfig: this.msiRetryConfig,\n resourceId: this.resourceId,\n });\n\n if (result === null) {\n throw new CredentialUnavailableError(\n \"Attempted to use the token exchange managed identity, but received a null response.\",\n );\n }\n\n return result;\n } else if (isImdsMsi) {\n // In the IMDS scenario we will probe the IMDS endpoint to ensure it's available before trying to get a token.\n // If the IMDS endpoint is not available and this is the source that MSAL will use, we will fail-fast with an error that tells DAC to move to the next credential.\n logger.getToken.info(\"Using the IMDS endpoint to probe for availability.\");\n const isAvailable = await imdsMsi.isAvailable({\n scopes,\n clientId: this.clientId,\n getTokenOptions: options,\n identityClient: this.isAvailableIdentityClient,\n resourceId: this.resourceId,\n });\n\n if (!isAvailable) {\n throw new CredentialUnavailableError(\n `Attempted to use the IMDS endpoint, but it is not available.`,\n );\n }\n }\n\n // If we got this far, it means:\n // - This is not a tokenExchangeMsi,\n // - We already probed for IMDS endpoint availability and failed-fast if it's unreachable.\n // We can proceed normally by calling MSAL for a token.\n logger.getToken.info(\"Calling into MSAL for managed identity token.\");\n const token = await this.managedIdentityApp.acquireToken({\n resource,\n });\n\n this.ensureValidMsalToken(scopes, token, options);\n logger.getToken.info(formatSuccess(scopes));\n\n return {\n expiresOnTimestamp: token.expiresOn.getTime(),\n token: token.accessToken,\n refreshAfterTimestamp: token.refreshOn?.getTime(),\n tokenType: \"Bearer\",\n } as AccessToken;\n } catch (err: any) {\n logger.getToken.error(formatError(scopes, err));\n\n // AuthenticationRequiredError described as Error to enforce authentication after trying to retrieve a token silently.\n // TODO: why would this _ever_ happen considering we're not trying the silent request in this flow?\n if (err.name === \"AuthenticationRequiredError\") {\n throw err;\n }\n\n if (isNetworkError(err)) {\n throw new CredentialUnavailableError(\n `ManagedIdentityCredential: Network unreachable. Message: ${err.message}`,\n { cause: err },\n );\n }\n\n throw new CredentialUnavailableError(\n `ManagedIdentityCredential: Authentication failed. Message ${err.message}`,\n { cause: err },\n );\n }\n });\n }\n\n /**\n * Ensures the validity of the MSAL token\n */\n private ensureValidMsalToken(\n scopes: string | string[],\n msalToken?: MsalToken,\n getTokenOptions?: GetTokenOptions,\n ): asserts msalToken is ValidMsalToken {\n const createError = (message: string): Error => {\n logger.getToken.info(message);\n return new AuthenticationRequiredError({\n scopes: Array.isArray(scopes) ? scopes : [scopes],\n getTokenOptions,\n message,\n });\n };\n if (!msalToken) {\n throw createError(\"No response.\");\n }\n if (!msalToken.expiresOn) {\n throw createError(`Response had no \"expiresOn\" property.`);\n }\n if (!msalToken.accessToken) {\n throw createError(`Response had no \"accessToken\" property.`);\n }\n }\n}\n\nfunction isNetworkError(err: any): boolean {\n // MSAL error\n if (err.errorCode === \"network_error\") {\n return true;\n }\n\n // Probe errors\n if (err.code === \"ENETUNREACH\" || err.code === \"EHOSTUNREACH\") {\n return true;\n }\n\n // This is a special case for Docker Desktop which responds with a 403 with a message that contains \"A socket operation was attempted to an unreachable network\" or \"A socket operation was attempted to an unreachable host\"\n // rather than just timing out, as expected.\n if (err.statusCode === 403 || err.code === 403) {\n if (err.message.includes(\"unreachable\")) {\n return true;\n }\n }\n\n return false;\n}\n"]}
@@ -1 +0,0 @@
1
- {"version":3,"file":"models.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/models.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken } from \"@azure/core-auth\";\n\nimport type { IdentityClient } from \"../../client/identityClient\";\n\n/**\n * @internal\n */\nexport interface MSIConfiguration {\n retryConfig: {\n maxRetries: number;\n startDelayInMs: number;\n intervalIncrement: number;\n };\n identityClient: IdentityClient;\n scopes: string | string[];\n clientId?: string;\n resourceId?: string;\n}\n\n/**\n * @internal\n * Represents an access token for {@link ManagedIdentity} for internal usage,\n * with an expiration time and the time in which token should refresh.\n */\nexport declare interface MSIToken extends AccessToken {}\n"]}
@@ -1,32 +0,0 @@
1
- // Copyright (c) Microsoft Corporation.
2
- // Licensed under the MIT License.
3
- import { WorkloadIdentityCredential } from "../workloadIdentityCredential";
4
- import { credentialLogger } from "../../util/logging";
5
- const msiName = "ManagedIdentityCredential - Token Exchange";
6
- const logger = credentialLogger(msiName);
7
- /**
8
- * Defines how to determine whether the token exchange MSI is available, and also how to retrieve a token from the token exchange MSI.
9
- *
10
- * Token exchange MSI (used by AKS) is the only MSI implementation handled entirely by Azure Identity.
11
- * The rest have been migrated to MSAL.
12
- */
13
- export const tokenExchangeMsi = {
14
- name: "tokenExchangeMsi",
15
- async isAvailable(clientId) {
16
- const env = process.env;
17
- const result = Boolean((clientId || env.AZURE_CLIENT_ID) &&
18
- env.AZURE_TENANT_ID &&
19
- process.env.AZURE_FEDERATED_TOKEN_FILE);
20
- if (!result) {
21
- logger.info(`${msiName}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`);
22
- }
23
- return result;
24
- },
25
- async getToken(configuration, getTokenOptions = {}) {
26
- const { scopes, clientId } = configuration;
27
- const identityClientTokenCredentialOptions = {};
28
- const workloadIdentityCredential = new WorkloadIdentityCredential(Object.assign(Object.assign({ clientId, tenantId: process.env.AZURE_TENANT_ID, tokenFilePath: process.env.AZURE_FEDERATED_TOKEN_FILE }, identityClientTokenCredentialOptions), { disableInstanceDiscovery: true }));
29
- return workloadIdentityCredential.getToken(scopes, getTokenOptions);
30
- },
31
- };
32
- //# sourceMappingURL=tokenExchangeMsi.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"tokenExchangeMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/tokenExchangeMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAIlC,OAAO,EAAE,0BAA0B,EAAE,MAAM,+BAA+B,CAAC;AAC3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAGtD,MAAM,OAAO,GAAG,4CAA4C,CAAC;AAC7D,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,IAAI,EAAE,kBAAkB;IACxB,KAAK,CAAC,WAAW,CAAC,QAAiB;QACjC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,OAAO,CACpB,CAAC,QAAQ,IAAI,GAAG,CAAC,eAAe,CAAC;YAC/B,GAAG,CAAC,eAAe;YACnB,OAAO,CAAC,GAAG,CAAC,0BAA0B,CACzC,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,qKAAqK,CAChL,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;QAErC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,aAAa,CAAC;QAC3C,MAAM,oCAAoC,GAAG,EAAE,CAAC;QAChD,MAAM,0BAA0B,GAAG,IAAI,0BAA0B,CAAC,8BAChE,QAAQ,EACR,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,EACrC,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,IAClD,oCAAoC,KACvC,wBAAwB,EAAE,IAAI,GACM,CAAC,CAAC;QACxC,OAAO,0BAA0B,CAAC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IACtE,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport type { MSIConfiguration } from \"./models\";\nimport { WorkloadIdentityCredential } from \"../workloadIdentityCredential\";\nimport { credentialLogger } from \"../../util/logging\";\nimport type { WorkloadIdentityCredentialOptions } from \"../workloadIdentityCredentialOptions\";\n\nconst msiName = \"ManagedIdentityCredential - Token Exchange\";\nconst logger = credentialLogger(msiName);\n\n/**\n * Defines how to determine whether the token exchange MSI is available, and also how to retrieve a token from the token exchange MSI.\n *\n * Token exchange MSI (used by AKS) is the only MSI implementation handled entirely by Azure Identity.\n * The rest have been migrated to MSAL.\n */\nexport const tokenExchangeMsi = {\n name: \"tokenExchangeMsi\",\n async isAvailable(clientId?: string): Promise<boolean> {\n const env = process.env;\n const result = Boolean(\n (clientId || env.AZURE_CLIENT_ID) &&\n env.AZURE_TENANT_ID &&\n process.env.AZURE_FEDERATED_TOKEN_FILE,\n );\n if (!result) {\n logger.info(\n `${msiName}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`,\n );\n }\n return result;\n },\n async getToken(\n configuration: MSIConfiguration,\n getTokenOptions: GetTokenOptions = {},\n ): Promise<AccessToken | null> {\n const { scopes, clientId } = configuration;\n const identityClientTokenCredentialOptions = {};\n const workloadIdentityCredential = new WorkloadIdentityCredential({\n clientId,\n tenantId: process.env.AZURE_TENANT_ID,\n tokenFilePath: process.env.AZURE_FEDERATED_TOKEN_FILE,\n ...identityClientTokenCredentialOptions,\n disableInstanceDiscovery: true,\n } as WorkloadIdentityCredentialOptions);\n return workloadIdentityCredential.getToken(scopes, getTokenOptions);\n },\n};\n"]}
@@ -1 +0,0 @@
1
- {"version":3,"file":"multiTenantTokenCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/multiTenantTokenCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredentialOptions } from \"../tokenCredentialOptions\";\n\n/**\n * Options for multi-tenant applications which allows for additionally allowed tenants.\n */\nexport interface MultiTenantTokenCredentialOptions extends TokenCredentialOptions {\n /**\n * For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.\n * Add the wildcard value \"*\" to allow the credential to acquire tokens for any tenant the application is installed.\n */\n additionallyAllowedTenants?: string[];\n}\n"]}
@@ -1,23 +0,0 @@
1
- // Copyright (c) Microsoft Corporation.
2
- // Licensed under the MIT License.
3
- import { credentialLogger, formatError } from "../util/logging";
4
- const credentialName = "OnBehalfOfCredential";
5
- const BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);
6
- const logger = credentialLogger(credentialName);
7
- /**
8
- * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).
9
- */
10
- export class OnBehalfOfCredential {
11
- /**
12
- * Only available in Node.js
13
- */
14
- constructor() {
15
- logger.info(formatError("", BrowserNotSupportedError));
16
- throw BrowserNotSupportedError;
17
- }
18
- getToken() {
19
- logger.getToken.info(formatError("", BrowserNotSupportedError));
20
- throw BrowserNotSupportedError;
21
- }
22
- }
23
- //# sourceMappingURL=onBehalfOfCredential.browser.js.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"onBehalfOfCredential.browser.js","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential.browser.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAEhE,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAC9C,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,GAAG,cAAc,iCAAiC,CAAC,CAAC;AAC/F,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;OAEG;IACH;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging\";\n\nconst credentialName = \"OnBehalfOfCredential\";\nconst BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);\nconst logger = credentialLogger(credentialName);\n\n/**\n * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).\n */\nexport class OnBehalfOfCredential implements TokenCredential {\n /**\n * Only available in Node.js\n */\n constructor() {\n logger.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n\n public getToken(): Promise<AccessToken | null> {\n logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n}\n"]}