@azure/identity 4.5.1-alpha.20241111.1 → 4.5.1-alpha.20241113.2

package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts

@@ -0,0 +1,106 @@
+import type * as msalBrowser from "@azure/msal-browser";
+import type { AccessToken, GetTokenOptions } from "@azure/core-auth";
+import type { AuthenticationRecord, MsalResult } from "../types.js";
+import type { CredentialLogger } from "../../util/logging.js";
+import type { MsalFlow, MsalFlowOptions } from "./flows.js";
+import type { BrowserLoginStyle } from "../../credentials/interactiveBrowserCredentialOptions.js";
+import type { CredentialFlowGetTokenOptions } from "../credentials.js";
+import type { LogPolicyOptions } from "@azure/core-rest-pipeline";
+import type { MultiTenantTokenCredentialOptions } from "../../credentials/multiTenantTokenCredentialOptions.js";
+/**
+ * Union of the constructor parameters that all MSAL flow types take.
+ * Some properties might not be used by some flow types.
+ */
+export interface MsalBrowserFlowOptions extends MsalFlowOptions {
+    tokenCredentialOptions: MultiTenantTokenCredentialOptions;
+    redirectUri?: string;
+    loginStyle: BrowserLoginStyle;
+    loginHint?: string;
+    /**
+     * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
+     */
+    loggingOptions?: LogPolicyOptions & {
+        /**
+         * Allows logging account information once the authentication flow succeeds.
+         */
+        allowLoggingAccountIdentifiers?: boolean;
+        /**
+         * Allows logging personally identifiable information for customer support.
+         */
+        enableUnsafeSupportLogging?: boolean;
+    };
+}
+/**
+ * The common methods we use to work with the MSAL browser flows.
+ * @internal
+ */
+export interface MsalBrowserFlow extends MsalFlow {
+    login(scopes?: string[]): Promise<AuthenticationRecord | undefined>;
+    handleRedirect(): Promise<AuthenticationRecord | undefined>;
+}
+/**
+ * Generates a MSAL configuration that generally works for browsers
+ * @internal
+ */
+export declare function defaultBrowserMsalConfig(options: MsalBrowserFlowOptions): msalBrowser.Configuration;
+/**
+ * MSAL partial base client for the browsers.
+ *
+ * It completes the input configuration with some default values.
+ * It also provides with utility protected methods that can be used from any of the clients,
+ * which includes handlers for successful responses and errors.
+ *
+ * @internal
+ */
+export declare abstract class MsalBrowser implements MsalBrowserFlow {
+    protected loginStyle: BrowserLoginStyle;
+    protected clientId: string;
+    protected tenantId: string;
+    protected additionallyAllowedTenantIds: string[];
+    protected authorityHost?: string;
+    protected account: AuthenticationRecord | undefined;
+    protected msalConfig: msalBrowser.Configuration;
+    protected disableAutomaticAuthentication?: boolean;
+    protected app?: msalBrowser.IPublicClientApplication;
+    protected logger: CredentialLogger;
+    constructor(options: MsalBrowserFlowOptions);
+    /**
+     * In the browsers we don't need to init()
+     */
+    init(): Promise<void>;
+    /**
+     * Attempts to handle a redirection request the least amount of times possible.
+     */
+    abstract handleRedirect(): Promise<AuthenticationRecord | undefined>;
+    /**
+     * Clears MSAL's cache.
+     */
+    logout(): Promise<void>;
+    /**
+     * Uses MSAL to retrieve the active account.
+     */
+    abstract getActiveAccount(): Promise<AuthenticationRecord | undefined>;
+    /**
+     * Uses MSAL to trigger a redirect or a popup login.
+     */
+    abstract login(scopes?: string | string[]): Promise<AuthenticationRecord | undefined>;
+    /**
+     * Attempts to retrieve a token from cache.
+     */
+    abstract getTokenSilent(scopes: string[]): Promise<AccessToken>;
+    /**
+     * Attempts to retrieve the token in the browser.
+     */
+    protected abstract doGetToken(scopes: string[]): Promise<AccessToken>;
+    /**
+     * Attempts to retrieve an authenticated token from MSAL.
+     */
+    getToken(scopes: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken>;
+    /**
+     * Handles the MSAL authentication result.
+     * If the result has an account, we update the local account reference.
+     * If the token received is invalid, an error will be thrown depending on what's missing.
+     */
+    protected handleResult(scopes: string | string[], result?: MsalResult, getTokenOptions?: GetTokenOptions): AccessToken;
+}
+//# sourceMappingURL=msalBrowserCommon.d.ts.map

package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"msalBrowserCommon.d.ts","sourceRoot":"","sources":["../../../../src/msal/browserFlows/msalBrowserCommon.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,KAAK,WAAW,MAAM,qBAAqB,CAAC;AAExD,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEpE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAE9D,OAAO,KAAK,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAQ5D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,0DAA0D,CAAC;AAClG,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,mBAAmB,CAAC;AAEvE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAClE,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wDAAwD,CAAC;AAEhH;;;GAGG;AACH,MAAM,WAAW,sBAAuB,SAAQ,eAAe;IAC7D,sBAAsB,EAAE,iCAAiC,CAAC;IAC1D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,iBAAiB,CAAC;IAC9B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,cAAc,CAAC,EAAE,gBAAgB,GAAG;QAClC;;WAEG;QACH,8BAA8B,CAAC,EAAE,OAAO,CAAC;QACzC;;WAEG;QACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;KACtC,CAAC;CACH;AAED;;;GAGG;AACH,MAAM,WAAW,eAAgB,SAAQ,QAAQ;IAC/C,KAAK,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAC;IACpE,cAAc,IAAI,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAC;CAC7D;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,sBAAsB,GAC9B,WAAW,CAAC,aAAa,CAc3B;AAED;;;;;;;;GAQG;AACH,8BAAsB,WAAY,YAAW,eAAe;IAC1D,SAAS,CAAC,UAAU,EAAE,iBAAiB,CAAC;IACxC,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC3B,SAAS,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC3B,SAAS,CAAC,4BAA4B,EAAE,MAAM,EAAE,CAAC;IACjD,SAAS,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IACjC,SAAS,CAAC,OAAO,EAAE,oBAAoB,GAAG,SAAS,CAAC;IACpD,SAAS,CAAC,UAAU,EAAE,WAAW,CAAC,aAAa,CAAC;IAChD,SAAS,CAAC,8BAA8B,CAAC,EAAE,OAAO,CAAC;IACnD,SAAS,CAAC,GAAG,CAAC,EAAE,WAAW,CAAC,wBAAwB,CAAC;IACrD,SAAS,CAAC,MAAM,EAAE,gBAAgB,CAAC;gBAEvB,OAAO,EAAE,sBAAsB;IAuB3C;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3B;;OAEG;aACa,cAAc,IAAI,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC;IAE3E;;OAEG;IACG,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAI7B;;OAEG;aACa,gBAAgB,IAAI,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC;IAE7E;;OAEG;aACa,KAAK,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC;IAE5F;;OAEG;aACa,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC;IAEtE;;OAEG;IACH,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC;IAErE;;OAEG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,EAAE,EAChB,OAAO,GAAE,6BAAkC,GAC1C,OAAO,CAAC,WAAW,CAAC;IAkCvB;;;;OAIG;IACH,SAAS,CAAC,YAAY,CACpB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,MAAM,CAAC,EAAE,UAAU,EACnB,eAAe,CAAC,EAAE,eAAe,GAChC,WAAW;CAaf"}

package/dist/browser/msal/browserFlows/msalBrowserCommon.js

@@ -0,0 +1,116 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { AuthenticationRequiredError, CredentialUnavailableError } from "../../errors.js";
+import { formatSuccess } from "../../util/logging.js";
+import { ensureValidMsalToken, getAuthority, getKnownAuthorities, msalToPublic } from "../utils.js";
+import { processMultiTenantRequest, resolveAdditionallyAllowedTenantIds, resolveTenantId, } from "../../util/tenantIdUtils.js";
+import { DefaultTenantId } from "../../constants.js";
+/**
+ * Generates a MSAL configuration that generally works for browsers
+ * @internal
+ */
+export function defaultBrowserMsalConfig(options) {
+    const tenantId = options.tenantId || DefaultTenantId;
+    const authority = getAuthority(tenantId, options.authorityHost);
+    return {
+        auth: {
+            clientId: options.clientId,
+            authority,
+            knownAuthorities: getKnownAuthorities(tenantId, authority, options.disableInstanceDiscovery),
+            // If the users picked redirect as their login style,
+            // but they didn't provide a redirectUri,
+            // we can try to use the current page we're in as a default value.
+            redirectUri: options.redirectUri || self.location.origin,
+        },
+    };
+}
+/**
+ * MSAL partial base client for the browsers.
+ *
+ * It completes the input configuration with some default values.
+ * It also provides with utility protected methods that can be used from any of the clients,
+ * which includes handlers for successful responses and errors.
+ *
+ * @internal
+ */
+export class MsalBrowser {
+    constructor(options) {
+        var _a;
+        this.logger = options.logger;
+        this.loginStyle = options.loginStyle;
+        if (!options.clientId) {
+            throw new CredentialUnavailableError("A client ID is required in browsers");
+        }
+        this.clientId = options.clientId;
+        this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds((_a = options === null || options === void 0 ? void 0 : options.tokenCredentialOptions) === null || _a === void 0 ? void 0 : _a.additionallyAllowedTenants);
+        this.tenantId = resolveTenantId(this.logger, options.tenantId, options.clientId);
+        this.authorityHost = options.authorityHost;
+        this.msalConfig = defaultBrowserMsalConfig(options);
+        this.disableAutomaticAuthentication = options.disableAutomaticAuthentication;
+        if (options.authenticationRecord) {
+            this.account = Object.assign(Object.assign({}, options.authenticationRecord), { tenantId: this.tenantId });
+        }
+    }
+    /**
+     * In the browsers we don't need to init()
+     */
+    async init() {
+        // Nothing to do here.
+    }
+    /**
+     * Clears MSAL's cache.
+     */
+    async logout() {
+        var _a;
+        (_a = this.app) === null || _a === void 0 ? void 0 : _a.logout();
+    }
+    /**
+     * Attempts to retrieve an authenticated token from MSAL.
+     */
+    async getToken(scopes, options = {}) {
+        const tenantId = processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds) ||
+            this.tenantId;
+        if (!options.authority) {
+            options.authority = getAuthority(tenantId, this.authorityHost);
+        }
+        // We ensure that redirection is handled at this point.
+        await this.handleRedirect();
+        if (!(await this.getActiveAccount()) && !this.disableAutomaticAuthentication) {
+            await this.login(scopes);
+        }
+        return this.getTokenSilent(scopes).catch((err) => {
+            if (err.name !== "AuthenticationRequiredError") {
+                throw err;
+            }
+            if (options === null || options === void 0 ? void 0 : options.disableAutomaticAuthentication) {
+                throw new AuthenticationRequiredError({
+                    scopes,
+                    getTokenOptions: options,
+                    message: "Automatic authentication has been disabled. You may call the authentication() method.",
+                });
+            }
+            this.logger.info(`Silent authentication failed, falling back to interactive method ${this.loginStyle}`);
+            return this.doGetToken(scopes);
+        });
+    }
+    /**
+     * Handles the MSAL authentication result.
+     * If the result has an account, we update the local account reference.
+     * If the token received is invalid, an error will be thrown depending on what's missing.
+     */
+    handleResult(scopes, result, getTokenOptions) {
+        var _a;
+        if (result === null || result === void 0 ? void 0 : result.account) {
+            this.account = msalToPublic(this.clientId, result.account);
+        }
+        ensureValidMsalToken(scopes, result, getTokenOptions);
+        this.logger.getToken.info(formatSuccess(scopes));
+        return {
+            token: result.accessToken,
+            expiresOnTimestamp: result.expiresOn.getTime(),
+            refreshAfterTimestamp: (_a = result.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
+            tokenType: "Bearer",
+        };
+    }
+}
+//# sourceMappingURL=msalBrowserCommon.js.map

package/dist/browser/msal/browserFlows/msalBrowserCommon.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"msalBrowserCommon.js","sourceRoot":"","sources":["../../../../src/msal/browserFlows/msalBrowserCommon.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAMlC,OAAO,EAAE,2BAA2B,EAAE,0BAA0B,EAAE,MAAM,iBAAiB,CAAC;AAE1F,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEtD,OAAO,EAAE,oBAAoB,EAAE,YAAY,EAAE,mBAAmB,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACpG,OAAO,EACL,yBAAyB,EACzB,mCAAmC,EACnC,eAAe,GAChB,MAAM,6BAA6B,CAAC;AAIrC,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAqCrD;;;GAGG;AACH,MAAM,UAAU,wBAAwB,CACtC,OAA+B;IAE/B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAC;IACrD,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAChE,OAAO;QACL,IAAI,EAAE;YACJ,QAAQ,EAAE,OAAO,CAAC,QAAS;YAC3B,SAAS;YACT,gBAAgB,EAAE,mBAAmB,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,wBAAwB,CAAC;YAC5F,qDAAqD;YACrD,yCAAyC;YACzC,kEAAkE;YAClE,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM;SACzD;KACF,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,OAAgB,WAAW;IAY/B,YAAY,OAA+B;;QACzC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YACtB,MAAM,IAAI,0BAA0B,CAAC,qCAAqC,CAAC,CAAC;QAC9E,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QACjC,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,sBAAsB,0CAAE,0BAA0B,CAC5D,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjF,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;QACpD,IAAI,CAAC,8BAA8B,GAAG,OAAO,CAAC,8BAA8B,CAAC;QAE7E,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;YACjC,IAAI,CAAC,OAAO,mCACP,OAAO,CAAC,oBAAoB,KAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ,GACxB,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,sBAAsB;IACxB,CAAC;IAOD;;OAEG;IACH,KAAK,CAAC,MAAM;;QACV,MAAA,IAAI,CAAC,GAAG,0CAAE,MAAM,EAAE,CAAC;IACrB,CAAC;IAsBD;;OAEG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAgB,EAChB,UAAyC,EAAE;QAE3C,MAAM,QAAQ,GACZ,yBAAyB,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,4BAA4B,CAAC;YACpF,IAAI,CAAC,QAAQ,CAAC;QAEhB,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;YACvB,OAAO,CAAC,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACjE,CAAC;QAED,uDAAuD;QACvD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE5B,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC;YAC7E,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YAC/C,IAAI,GAAG,CAAC,IAAI,KAAK,6BAA6B,EAAE,CAAC;gBAC/C,MAAM,GAAG,CAAC;YACZ,CAAC;YACD,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,8BAA8B,EAAE,CAAC;gBAC5C,MAAM,IAAI,2BAA2B,CAAC;oBACpC,MAAM;oBACN,eAAe,EAAE,OAAO;oBACxB,OAAO,EACL,uFAAuF;iBAC1F,CAAC,CAAC;YACL,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,oEAAoE,IAAI,CAAC,UAAU,EAAE,CACtF,CAAC;YACF,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACO,YAAY,CACpB,MAAyB,EACzB,MAAmB,EACnB,eAAiC;;QAEjC,IAAI,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,OAAO,EAAE,CAAC;YACpB,IAAI,CAAC,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;QAC7D,CAAC;QACD,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;QACjD,OAAO;YACL,KAAK,EAAE,MAAM,CAAC,WAAW;YACzB,kBAAkB,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,EAAE;YAC9C,qBAAqB,EAAE,MAAA,MAAM,CAAC,SAAS,0CAAE,OAAO,EAAE;YAClD,SAAS,EAAE,QAAQ;SACL,CAAC;IACnB,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type * as msalBrowser from \"@azure/msal-browser\";\n\nimport type { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport type { AuthenticationRecord, MsalResult } from \"../types.js\";\nimport { AuthenticationRequiredError, CredentialUnavailableError } from \"../../errors.js\";\nimport type { CredentialLogger } from \"../../util/logging.js\";\nimport { formatSuccess } from \"../../util/logging.js\";\nimport type { MsalFlow, MsalFlowOptions } from \"./flows.js\";\nimport { ensureValidMsalToken, getAuthority, getKnownAuthorities, msalToPublic } from \"../utils.js\";\nimport {\n  processMultiTenantRequest,\n  resolveAdditionallyAllowedTenantIds,\n  resolveTenantId,\n} from \"../../util/tenantIdUtils.js\";\n\nimport type { BrowserLoginStyle } from \"../../credentials/interactiveBrowserCredentialOptions.js\";\nimport type { CredentialFlowGetTokenOptions } from \"../credentials.js\";\nimport { DefaultTenantId } from \"../../constants.js\";\nimport type { LogPolicyOptions } from \"@azure/core-rest-pipeline\";\nimport type { MultiTenantTokenCredentialOptions } from \"../../credentials/multiTenantTokenCredentialOptions.js\";\n\n/**\n * Union of the constructor parameters that all MSAL flow types take.\n * Some properties might not be used by some flow types.\n */\nexport interface MsalBrowserFlowOptions extends MsalFlowOptions {\n  tokenCredentialOptions: MultiTenantTokenCredentialOptions;\n  redirectUri?: string;\n  loginStyle: BrowserLoginStyle;\n  loginHint?: string;\n  /**\n   * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.\n   */\n  loggingOptions?: LogPolicyOptions & {\n    /**\n     * Allows logging account information once the authentication flow succeeds.\n     */\n    allowLoggingAccountIdentifiers?: boolean;\n    /**\n     * Allows logging personally identifiable information for customer support.\n     */\n    enableUnsafeSupportLogging?: boolean;\n  };\n}\n\n/**\n * The common methods we use to work with the MSAL browser flows.\n * @internal\n */\nexport interface MsalBrowserFlow extends MsalFlow {\n  login(scopes?: string[]): Promise<AuthenticationRecord | undefined>;\n  handleRedirect(): Promise<AuthenticationRecord | undefined>;\n}\n\n/**\n * Generates a MSAL configuration that generally works for browsers\n * @internal\n */\nexport function defaultBrowserMsalConfig(\n  options: MsalBrowserFlowOptions,\n): msalBrowser.Configuration {\n  const tenantId = options.tenantId || DefaultTenantId;\n  const authority = getAuthority(tenantId, options.authorityHost);\n  return {\n    auth: {\n      clientId: options.clientId!,\n      authority,\n      knownAuthorities: getKnownAuthorities(tenantId, authority, options.disableInstanceDiscovery),\n      // If the users picked redirect as their login style,\n      // but they didn't provide a redirectUri,\n      // we can try to use the current page we're in as a default value.\n      redirectUri: options.redirectUri || self.location.origin,\n    },\n  };\n}\n\n/**\n * MSAL partial base client for the browsers.\n *\n * It completes the input configuration with some default values.\n * It also provides with utility protected methods that can be used from any of the clients,\n * which includes handlers for successful responses and errors.\n *\n * @internal\n */\nexport abstract class MsalBrowser implements MsalBrowserFlow {\n  protected loginStyle: BrowserLoginStyle;\n  protected clientId: string;\n  protected tenantId: string;\n  protected additionallyAllowedTenantIds: string[];\n  protected authorityHost?: string;\n  protected account: AuthenticationRecord | undefined;\n  protected msalConfig: msalBrowser.Configuration;\n  protected disableAutomaticAuthentication?: boolean;\n  protected app?: msalBrowser.IPublicClientApplication;\n  protected logger: CredentialLogger;\n\n  constructor(options: MsalBrowserFlowOptions) {\n    this.logger = options.logger;\n    this.loginStyle = options.loginStyle;\n    if (!options.clientId) {\n      throw new CredentialUnavailableError(\"A client ID is required in browsers\");\n    }\n    this.clientId = options.clientId;\n    this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n      options?.tokenCredentialOptions?.additionallyAllowedTenants,\n    );\n    this.tenantId = resolveTenantId(this.logger, options.tenantId, options.clientId);\n    this.authorityHost = options.authorityHost;\n    this.msalConfig = defaultBrowserMsalConfig(options);\n    this.disableAutomaticAuthentication = options.disableAutomaticAuthentication;\n\n    if (options.authenticationRecord) {\n      this.account = {\n        ...options.authenticationRecord,\n        tenantId: this.tenantId,\n      };\n    }\n  }\n\n  /**\n   * In the browsers we don't need to init()\n   */\n  async init(): Promise<void> {\n    // Nothing to do here.\n  }\n\n  /**\n   * Attempts to handle a redirection request the least amount of times possible.\n   */\n  public abstract handleRedirect(): Promise<AuthenticationRecord | undefined>;\n\n  /**\n   * Clears MSAL's cache.\n   */\n  async logout(): Promise<void> {\n    this.app?.logout();\n  }\n\n  /**\n   * Uses MSAL to retrieve the active account.\n   */\n  public abstract getActiveAccount(): Promise<AuthenticationRecord | undefined>;\n\n  /**\n   * Uses MSAL to trigger a redirect or a popup login.\n   */\n  public abstract login(scopes?: string | string[]): Promise<AuthenticationRecord | undefined>;\n\n  /**\n   * Attempts to retrieve a token from cache.\n   */\n  public abstract getTokenSilent(scopes: string[]): Promise<AccessToken>;\n\n  /**\n   * Attempts to retrieve the token in the browser.\n   */\n  protected abstract doGetToken(scopes: string[]): Promise<AccessToken>;\n\n  /**\n   * Attempts to retrieve an authenticated token from MSAL.\n   */\n  public async getToken(\n    scopes: string[],\n    options: CredentialFlowGetTokenOptions = {},\n  ): Promise<AccessToken> {\n    const tenantId =\n      processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds) ||\n      this.tenantId;\n\n    if (!options.authority) {\n      options.authority = getAuthority(tenantId, this.authorityHost);\n    }\n\n    // We ensure that redirection is handled at this point.\n    await this.handleRedirect();\n\n    if (!(await this.getActiveAccount()) && !this.disableAutomaticAuthentication) {\n      await this.login(scopes);\n    }\n    return this.getTokenSilent(scopes).catch((err) => {\n      if (err.name !== \"AuthenticationRequiredError\") {\n        throw err;\n      }\n      if (options?.disableAutomaticAuthentication) {\n        throw new AuthenticationRequiredError({\n          scopes,\n          getTokenOptions: options,\n          message:\n            \"Automatic authentication has been disabled. You may call the authentication() method.\",\n        });\n      }\n      this.logger.info(\n        `Silent authentication failed, falling back to interactive method ${this.loginStyle}`,\n      );\n      return this.doGetToken(scopes);\n    });\n  }\n\n  /**\n   * Handles the MSAL authentication result.\n   * If the result has an account, we update the local account reference.\n   * If the token received is invalid, an error will be thrown depending on what's missing.\n   */\n  protected handleResult(\n    scopes: string | string[],\n    result?: MsalResult,\n    getTokenOptions?: GetTokenOptions,\n  ): AccessToken {\n    if (result?.account) {\n      this.account = msalToPublic(this.clientId, result.account);\n    }\n    ensureValidMsalToken(scopes, result, getTokenOptions);\n    this.logger.getToken.info(formatSuccess(scopes));\n    return {\n      token: result.accessToken,\n      expiresOnTimestamp: result.expiresOn.getTime(),\n      refreshAfterTimestamp: result.refreshOn?.getTime(),\n      tokenType: \"Bearer\",\n    } as AccessToken;\n  }\n}\n"]}

package/dist/browser/msal/credentials.d.ts

@@ -0,0 +1,52 @@
+import type { AccessToken, GetTokenOptions } from "@azure/core-auth";
+import type { AuthenticationRecord } from "./types.js";
+/**
+ * The MSAL clients `getToken` requests can receive a `correlationId` and `disableAutomaticAuthentication`.
+ * (which is used to prevent `getToken` from triggering the manual authentication if `getTokenSilent`  fails).
+ * @internal
+ */
+export interface CredentialFlowGetTokenOptions extends GetTokenOptions {
+    /**
+     * Unique identifier useful to track outgoing requests.
+     */
+    correlationId?: string;
+    /**
+     * Makes getToken throw if a manual authentication is necessary.
+     */
+    disableAutomaticAuthentication?: boolean;
+    /**
+     * Authority, to overwrite the default one, if necessary.
+     */
+    authority?: string;
+    /**
+     * Claims received from challenges.
+     */
+    claims?: string;
+    /**
+     * Indicates to allow Continuous Access Evaluation or not
+     */
+    enableCae?: boolean;
+    /**
+     * Client Assertion
+     */
+    getAssertion?: () => Promise<string>;
+}
+/**
+ * Simplified representation of the internal authentication flow.
+ * @internal
+ */
+export interface CredentialFlow {
+    /**
+     * Clears the MSAL cache.
+     */
+    logout(): Promise<void>;
+    /**
+     * Tries to load the active account, either from memory or from MSAL.
+     */
+    getActiveAccount(): Promise<AuthenticationRecord | undefined>;
+    /**
+     * Calls to the implementation's doGetToken method.
+     */
+    getToken(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=credentials.d.ts.map

package/dist/browser/msal/credentials.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../../../src/msal/credentials.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAEvD;;;;GAIG;AACH,MAAM,WAAW,6BAA8B,SAAQ,eAAe;IACpE;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB;;OAEG;IACH,8BAA8B,CAAC,EAAE,OAAO,CAAC;IACzC;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;CACtC;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACxB;;OAEG;IACH,gBAAgB,IAAI,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAC;IAC9D;;OAEG;IACH,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE,6BAA6B,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;CACnG"}

package/dist/browser/msal/credentials.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../../src/msal/credentials.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions } from \"@azure/core-auth\";\nimport type { AuthenticationRecord } from \"./types.js\";\n\n/**\n * The MSAL clients `getToken` requests can receive a `correlationId` and `disableAutomaticAuthentication`.\n * (which is used to prevent `getToken` from triggering the manual authentication if `getTokenSilent`  fails).\n * @internal\n */\nexport interface CredentialFlowGetTokenOptions extends GetTokenOptions {\n  /**\n   * Unique identifier useful to track outgoing requests.\n   */\n  correlationId?: string;\n  /**\n   * Makes getToken throw if a manual authentication is necessary.\n   */\n  disableAutomaticAuthentication?: boolean;\n  /**\n   * Authority, to overwrite the default one, if necessary.\n   */\n  authority?: string;\n  /**\n   * Claims received from challenges.\n   */\n  claims?: string;\n  /**\n   * Indicates to allow Continuous Access Evaluation or not\n   */\n  enableCae?: boolean;\n  /**\n   * Client Assertion\n   */\n  getAssertion?: () => Promise<string>;\n}\n\n/**\n * Simplified representation of the internal authentication flow.\n * @internal\n */\nexport interface CredentialFlow {\n  /**\n   * Clears the MSAL cache.\n   */\n  logout(): Promise<void>;\n  /**\n   * Tries to load the active account, either from memory or from MSAL.\n   */\n  getActiveAccount(): Promise<AuthenticationRecord | undefined>;\n  /**\n   * Calls to the implementation's doGetToken method.\n   */\n  getToken(scopes?: string[], options?: CredentialFlowGetTokenOptions): Promise<AccessToken | null>;\n}\n"]}

package/dist/browser/msal/msal-browser.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"msal-browser.d.mts","sourceRoot":"","sources":["../../../src/msal/msal-browser.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,UAAU,MAAM,qBAAqB,CAAC;AAElD,OAAO,EAAE,UAAU,EAAE,CAAC"}

package/dist/browser/msal/msal-browser.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"msal-browser.mjs","sourceRoot":"","sources":["../../../src/msal/msal-browser.mts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,UAAU,MAAM,qBAAqB,CAAC;AAElD,OAAO,EAAE,UAAU,EAAE,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport * as msalCommon from \"@azure/msal-browser\";\n\nexport { msalCommon };\n"]}

package/dist/browser/msal/msal.d.ts

@@ -0,0 +1,3 @@
+import * as msalCommon from "@azure/msal-browser";
+export { msalCommon };
+//# sourceMappingURL=msal-browser.d.mts.map

package/dist/browser/msal/msal.js

@@ -0,0 +1,5 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import * as msalCommon from "@azure/msal-browser";
+export { msalCommon };
+//# sourceMappingURL=msal-browser.mjs.map

package/dist/browser/msal/nodeFlows/brokerOptions.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.
+ */
+export type BrokerOptions = BrokerEnabledOptions | BrokerDisabledOptions;
+/**
+ * Parameters when WAM broker authentication is disabled.
+ */
+export interface BrokerDisabledOptions {
+    /**
+     * If set to true, broker will be enabled for WAM support on Windows.
+     */
+    enabled: false;
+    /**
+     * If set to true, MSA account will be passed through, required for WAM authentication.
+     */
+    legacyEnableMsaPassthrough?: undefined;
+    /**
+     * Window handle for parent window, required for WAM authentication.
+     */
+    parentWindowHandle: undefined;
+}
+/**
+ * Parameters when WAM broker authentication is enabled.
+ */
+export interface BrokerEnabledOptions {
+    /**
+     * If set to true, broker will be enabled for WAM support on Windows.
+     */
+    enabled: true;
+    /**
+     * If set to true, MSA account will be passed through, required for WAM authentication.
+     */
+    legacyEnableMsaPassthrough?: boolean;
+    /**
+     * Window handle for parent window, required for WAM authentication.
+     */
+    parentWindowHandle: Uint8Array;
+    /**
+     * If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication.
+     * Default is set to false.
+     */
+    useDefaultBrokerAccount?: boolean;
+}
+//# sourceMappingURL=brokerOptions.d.ts.map

package/dist/browser/msal/nodeFlows/brokerOptions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"brokerOptions.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/brokerOptions.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,oBAAoB,GAAG,qBAAqB,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,OAAO,EAAE,KAAK,CAAC;IAEf;;OAEG;IACH,0BAA0B,CAAC,EAAE,SAAS,CAAC;IACvC;;OAEG;IACH,kBAAkB,EAAE,SAAS,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,OAAO,EAAE,IAAI,CAAC;IACd;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC;;OAEG;IACH,kBAAkB,EAAE,UAAU,CAAC;IAE/B;;;OAGG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC"}

package/dist/browser/msal/nodeFlows/msalClient.d.ts

@@ -0,0 +1,186 @@
+import * as msal from "@azure/msal-node";
+import type { AccessToken, GetTokenOptions } from "@azure/core-auth";
+import type { AuthenticationRecord, CertificateParts } from "../types.js";
+import type { CredentialLogger } from "../../util/logging.js";
+import type { BrokerOptions } from "./brokerOptions.js";
+import type { DeviceCodePromptCallback } from "../../credentials/deviceCodeCredentialOptions.js";
+import { IdentityClient } from "../../client/identityClient.js";
+import type { InteractiveBrowserCredentialNodeOptions } from "../../credentials/interactiveBrowserCredentialOptions.js";
+import type { TokenCachePersistenceOptions } from "./tokenCachePersistenceOptions.js";
+/**
+ * Represents the options for acquiring a token using flows that support silent authentication.
+ */
+export interface GetTokenWithSilentAuthOptions extends GetTokenOptions {
+    /**
+     * Disables automatic authentication. If set to true, the method will throw an error if the user needs to authenticate.
+     *
+     * @remarks
+     *
+     * This option will be set to `false` when the user calls `authenticate` directly on a credential that supports it.
+     */
+    disableAutomaticAuthentication?: boolean;
+}
+/**
+ * Represents the options for acquiring a token interactively.
+ */
+export interface GetTokenInteractiveOptions extends GetTokenWithSilentAuthOptions {
+    /**
+     * Window handle for parent window, required for WAM authentication.
+     */
+    parentWindowHandle?: Buffer;
+    /**
+     * Shared configuration options for browser customization
+     */
+    browserCustomizationOptions?: InteractiveBrowserCredentialNodeOptions["browserCustomizationOptions"];
+    /**
+     * loginHint allows a user name to be pre-selected for interactive logins.
+     * Setting this option skips the account selection prompt and immediately attempts to login with the specified account.
+     */
+    loginHint?: string;
+}
+/**
+ * Represents a client for interacting with the Microsoft Authentication Library (MSAL).
+ */
+export interface MsalClient {
+    /**
+     *
+     * Retrieves an access token by using the on-behalf-of flow and a client assertion callback of the calling service.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param userAssertionToken - The access token that was sent to the middle-tier API. This token must have an audience of the app making this OBO request.
+     * @param clientCredentials - The client secret OR client certificate OR client `getAssertion` callback.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenOnBehalfOf(scopes: string[], userAssertionToken: string, clientCredentials: string | CertificateParts | (() => Promise<string>), options?: GetTokenOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by using an interactive prompt (InteractiveBrowserCredential).
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenByInteractiveRequest(scopes: string[], options: GetTokenInteractiveOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by using a user's username and password.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param username - The username provided by the developer.
+     * @param password - The user's password provided by the developer.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenByUsernamePassword(scopes: string[], username: string, password: string, options?: GetTokenOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by prompting the user to authenticate using a device code.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param userPromptCallback - The callback function that allows developers to customize the prompt message.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenByDeviceCode(scopes: string[], userPromptCallback: DeviceCodePromptCallback, options?: GetTokenWithSilentAuthOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by using a client certificate.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param certificate - The client certificate used for authentication.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenByClientCertificate(scopes: string[], certificate: CertificateParts, options?: GetTokenOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by using a client assertion.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param clientAssertion - The client `getAssertion` callback used for authentication.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenByClientAssertion(scopes: string[], clientAssertion: () => Promise<string>, options?: GetTokenOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by using a client secret.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param clientSecret - The client secret of the application. This is a credential that the application can use to authenticate itself.
+     * @param options - Additional options that may be provided to the method.
+     * @returns An access token.
+     */
+    getTokenByClientSecret(scopes: string[], clientSecret: string, options?: GetTokenOptions): Promise<AccessToken>;
+    /**
+     * Retrieves an access token by using an authorization code flow.
+     *
+     * @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
+     * @param authorizationCode - An authorization code that was received from following the
+                                authorization code flow.  This authorization code must not
+                                have already been used to obtain an access token.
+     * @param redirectUri - The redirect URI that was used to request the authorization code.
+                          Must be the same URI that is configured for the App Registration.
+     * @param clientSecret - An optional client secret that was generated for the App Registration.
+     * @param options - Additional options that may be provided to the method.
+     */
+    getTokenByAuthorizationCode(scopes: string[], redirectUri: string, authorizationCode: string, clientSecret?: string, options?: GetTokenWithSilentAuthOptions): Promise<AccessToken>;
+    /**
+     * Retrieves the last authenticated account. This method expects an authentication record to have been previously loaded.
+     *
+     * An authentication record could be loaded by calling the `getToken` method, or by providing an `authenticationRecord` when creating a credential.
+     */
+    getActiveAccount(): AuthenticationRecord | undefined;
+}
+/**
+ * Represents the options for configuring the MsalClient.
+ */
+export interface MsalClientOptions {
+    /**
+     * Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.
+     */
+    brokerOptions?: BrokerOptions;
+    /**
+     * Parameters that enable token cache persistence in the Identity credentials.
+     */
+    tokenCachePersistenceOptions?: TokenCachePersistenceOptions;
+    /**
+     * A custom authority host.
+     */
+    authorityHost?: IdentityClient["tokenCredentialOptions"]["authorityHost"];
+    /**
+     * Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
+     */
+    loggingOptions?: IdentityClient["tokenCredentialOptions"]["loggingOptions"];
+    /**
+     * The token credential options for the MsalClient.
+     */
+    tokenCredentialOptions?: IdentityClient["tokenCredentialOptions"];
+    /**
+     * Determines whether instance discovery is disabled.
+     */
+    disableInstanceDiscovery?: boolean;
+    /**
+     * The logger for the MsalClient.
+     */
+    logger?: CredentialLogger;
+    /**
+     * The authentication record for the MsalClient.
+     */
+    authenticationRecord?: AuthenticationRecord;
+}
+/**
+ * Generates the configuration for MSAL (Microsoft Authentication Library).
+ *
+ * @param clientId - The client ID of the application.
+ * @param  tenantId - The tenant ID of the Azure Active Directory.
+ * @param  msalClientOptions - Optional. Additional options for creating the MSAL client.
+ * @returns  The MSAL configuration object.
+ */
+export declare function generateMsalConfiguration(clientId: string, tenantId: string, msalClientOptions?: MsalClientOptions): msal.Configuration;
+/**
+ * Creates an instance of the MSAL (Microsoft Authentication Library) client.
+ *
+ * @param clientId - The client ID of the application.
+ * @param tenantId - The tenant ID of the Azure Active Directory.
+ * @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.
+ * @returns An instance of the MSAL client.
+ *
+ * @public
+ */
+export declare function createMsalClient(clientId: string, tenantId: string, createMsalClientOptions?: MsalClientOptions): MsalClient;
+//# sourceMappingURL=msalClient.d.ts.map

package/dist/browser/msal/nodeFlows/msalClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"msalClient.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalClient.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,IAAI,MAAM,kBAAkB,CAAC;AAEzC,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1E,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAiB9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,kDAAkD,CAAC;AACjG,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,KAAK,EAAE,uCAAuC,EAAE,MAAM,0DAA0D,CAAC;AACxH,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAUtF;;GAEG;AACH,MAAM,WAAW,6BAA8B,SAAQ,eAAe;IACpE;;;;;;OAMG;IACH,8BAA8B,CAAC,EAAE,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,0BAA2B,SAAQ,6BAA6B;IAC/E;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,2BAA2B,CAAC,EAAE,uCAAuC,CAAC,6BAA6B,CAAC,CAAC;IACrG;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;;;;;OASG;IACH,kBAAkB,CAChB,MAAM,EAAE,MAAM,EAAE,EAChB,kBAAkB,EAAE,MAAM,EAC1B,iBAAiB,EAAE,MAAM,GAAG,gBAAgB,GAAG,CAAC,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC,EACtE,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;OAKG;IACH,4BAA4B,CAC1B,MAAM,EAAE,MAAM,EAAE,EAChB,OAAO,EAAE,0BAA0B,GAClC,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;;OAQG;IACH,0BAA0B,CACxB,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;OAOG;IACH,oBAAoB,CAClB,MAAM,EAAE,MAAM,EAAE,EAChB,kBAAkB,EAAE,wBAAwB,EAC5C,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;OAOG;IACH,2BAA2B,CACzB,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,gBAAgB,EAC7B,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;OAOG;IACH,yBAAyB,CACvB,MAAM,EAAE,MAAM,EAAE,EAChB,eAAe,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,EACtC,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;OAOG;IACH,sBAAsB,CACpB,MAAM,EAAE,MAAM,EAAE,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;;;;;OAWG;IACH,2BAA2B,CACzB,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,MAAM,EACnB,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;OAIG;IACH,gBAAgB,IAAI,oBAAoB,GAAG,SAAS,CAAC;CACtD;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAE9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,4BAA4B,CAAC;IAE5D;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC,wBAAwB,CAAC,CAAC,eAAe,CAAC,CAAC;IAE1E;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC,wBAAwB,CAAC,CAAC,gBAAgB,CAAC,CAAC;IAE5E;;OAEG;IACH,sBAAsB,CAAC,EAAE,cAAc,CAAC,wBAAwB,CAAC,CAAC;IAElE;;OAEG;IACH,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC;;OAEG;IACH,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAE1B;;OAEG;IACH,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;CAC7C;AAED;;;;;;;GAOG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,iBAAiB,GAAE,iBAAsB,GACxC,IAAI,CAAC,aAAa,CAoCpB;AAyBD;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,uBAAuB,GAAE,iBAAsB,GAC9C,UAAU,CAwhBZ"}