npm - @azure/identity - Versions diffs - 4.5.1-alpha.20241112.1 → 4.5.1-alpha.20241113.2 - Mend

@azure/identity 4.5.1-alpha.20241112.1 → 4.5.1-alpha.20241113.2

Files changed (1066) hide show

package/dist/browser/credentials/managedIdentityCredential/utils.d.ts ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * Most MSIs send requests to the IMDS endpoint, or a similar endpoint.
+ * These are GET requests that require sending a `resource` parameter on the query.
+ * This resource can be derived from the scopes received through the getToken call, as long as only one scope is received.
+ * Multiple scopes assume that the resulting token will have access to multiple resources, which won't be the case.
+ *
+ * For that reason, when we encounter multiple scopes, we return undefined.
+ * It's up to the individual MSI implementations to throw the errors (which helps us provide less generic errors).
+ */
+export declare function mapScopesToResource(scopes: string | string[]): string | undefined;
+/**
+ * Internal type roughly matching the raw responses of the authentication endpoints.
+ *
+ * @internal
+ */
+export interface TokenResponseParsedBody {
+    access_token?: string;
+    refresh_token?: string;
+    expires_in: number;
+    expires_on?: number | string;
+    refresh_on?: number | string;
+}
+/**
+ * Given a token response, return the expiration timestamp as the number of milliseconds from the Unix epoch.
+ * @param body - A parsed response body from the authentication endpoint.
+ */
+export declare function parseExpirationTimestamp(body: TokenResponseParsedBody): number;
+/**
+ * Given a token response, return the expiration timestamp as the number of milliseconds from the Unix epoch.
+ * @param body - A parsed response body from the authentication endpoint.
+ */
+export declare function parseRefreshTimestamp(body: TokenResponseParsedBody): number | undefined;
+//# sourceMappingURL=utils.d.ts.map

package/dist/browser/credentials/managedIdentityCredential/utils.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/utils.ts"],"names":[],"mappings":"AAKA;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAiBjF;AAED;;;;GAIG;AACH,MAAM,WAAW,uBAAuB;IACtC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IAC7B,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CAC9B;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,uBAAuB,GAAG,MAAM,CAwB9E;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,uBAAuB,GAAG,MAAM,GAAG,SAAS,CAqBvF"}

package/dist/browser/credentials/multiTenantTokenCredentialOptions.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { TokenCredentialOptions } from "../tokenCredentialOptions.js";
+/**
+ * Options for multi-tenant applications which allows for additionally allowed tenants.
+ */
+export interface MultiTenantTokenCredentialOptions extends TokenCredentialOptions {
+    /**
+     * For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.
+     * Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application is installed.
+     */
+    additionallyAllowedTenants?: string[];
+}
+//# sourceMappingURL=multiTenantTokenCredentialOptions.d.ts.map

package/dist/browser/credentials/multiTenantTokenCredentialOptions.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"multiTenantTokenCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/multiTenantTokenCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAE3E;;GAEG;AACH,MAAM,WAAW,iCAAkC,SAAQ,sBAAsB;IAC/E;;;OAGG;IACH,0BAA0B,CAAC,EAAE,MAAM,EAAE,CAAC;CACvC"}

package/dist/browser/credentials/multiTenantTokenCredentialOptions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"multiTenantTokenCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/multiTenantTokenCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { TokenCredentialOptions } from \"../tokenCredentialOptions.js\";\n\n/**\n * Options for multi-tenant applications which allows for additionally allowed tenants.\n */\nexport interface MultiTenantTokenCredentialOptions extends TokenCredentialOptions {\n /**\n * For multi-tenant applications, specifies additional tenants for which the credential may acquire tokens.\n * Add the wildcard value \"*\" to allow the credential to acquire tokens for any tenant the application is installed.\n */\n additionallyAllowedTenants?: string[];\n}\n"]}

package/dist/browser/credentials/onBehalfOfCredential-browser.d.mts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"onBehalfOfCredential-browser.d.mts","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential-browser.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAOrE;;GAEG;AACH,qBAAa,oBAAqB,YAAW,eAAe;IAC1D;;OAEG;;IAMI,QAAQ,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAI/C"}

package/dist/browser/credentials/onBehalfOfCredential-browser.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"onBehalfOfCredential-browser.mjs","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredential-browser.mts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEnE,MAAM,cAAc,GAAG,sBAAsB,CAAC;AAC9C,MAAM,wBAAwB,GAAG,IAAI,KAAK,CAAC,GAAG,cAAc,iCAAiC,CAAC,CAAC;AAC/F,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B;;OAEG;IACH;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\n\nconst credentialName = \"OnBehalfOfCredential\";\nconst BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);\nconst logger = credentialLogger(credentialName);\n\n/**\n * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).\n */\nexport class OnBehalfOfCredential implements TokenCredential {\n /**\n * Only available in Node.js\n */\n constructor() {\n logger.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n\n public getToken(): Promise<AccessToken | null> {\n logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n}\n"]}

package/dist/browser/credentials/onBehalfOfCredential.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { AccessToken, TokenCredential } from "@azure/core-auth";
+/**
+ * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).
+ */
+export declare class OnBehalfOfCredential implements TokenCredential {
+    /**
+     * Only available in Node.js
+     */
+    constructor();
+    getToken(): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=onBehalfOfCredential-browser.d.mts.map

package/dist/browser/credentials/onBehalfOfCredential.js ADDED Viewed

@@ -0,0 +1,23 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { credentialLogger, formatError } from "../util/logging.js";
+const credentialName = "OnBehalfOfCredential";
+const BrowserNotSupportedError = new Error(`${credentialName}: Not supported in the browser.`);
+const logger = credentialLogger(credentialName);
+/**
+ * Enables authentication to Microsoft Entra ID using the [On Behalf Of flow](https://learn.microsoft.com/entra/identity-platform/v2-oauth2-on-behalf-of-flow).
+ */
+export class OnBehalfOfCredential {
+    /**
+     * Only available in Node.js
+     */
+    constructor() {
+        logger.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+    getToken() {
+        logger.getToken.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+}
+//# sourceMappingURL=onBehalfOfCredential-browser.mjs.map

package/dist/browser/credentials/onBehalfOfCredentialOptions.d.ts ADDED Viewed

@@ -0,0 +1,76 @@
+import type { AuthorityValidationOptions } from "./authorityValidationOptions.js";
+import type { CredentialPersistenceOptions } from "./credentialPersistenceOptions.js";
+import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
+/**
+ * Defines the parameters to authenticate the {@link OnBehalfOfCredential} with a secret.
+ */
+export interface OnBehalfOfCredentialSecretOptions {
+    /**
+     * The Microsoft Entra tenant (directory) ID.
+     */
+    tenantId: string;
+    /**
+     * The client (application) ID of an App Registration in the tenant.
+     */
+    clientId: string;
+    /**
+     * A client secret that was generated for the App Registration.
+     */
+    clientSecret: string;
+    /**
+     * The user assertion for the On-Behalf-Of flow.
+     */
+    userAssertionToken: string;
+}
+/**
+ * Defines the parameters to authenticate the {@link OnBehalfOfCredential} with a certificate.
+ */
+export interface OnBehalfOfCredentialCertificateOptions {
+    /**
+     * The Microsoft Entra tenant (directory) ID.
+     */
+    tenantId: string;
+    /**
+     * The client (application) ID of an App Registration in the tenant.
+     */
+    clientId: string;
+    /**
+     * The path to a PEM-encoded public/private key certificate on the filesystem.
+     */
+    certificatePath: string;
+    /**
+     * The user assertion for the On-Behalf-Of flow.
+     */
+    userAssertionToken: string;
+    /**
+     * Option to include x5c header for SubjectName and Issuer name authorization.
+     * Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim
+     */
+    sendCertificateChain?: boolean;
+}
+/**
+ * Defines the parameters to authenticate the {@link OnBehalfOfCredential} with an assertion.
+ */
+export interface OnBehalfOfCredentialAssertionOptions {
+    /**
+     * The Microsoft Entra tenant (directory) ID.
+     */
+    tenantId: string;
+    /**
+     * The client (application) ID of an App Registration in the tenant.
+     */
+    clientId: string;
+    /**
+     * A function that retrieves the client assertion for the credential to use
+     */
+    getAssertion: () => Promise<string>;
+    /**
+     * The user assertion for the On-Behalf-Of flow.
+     */
+    userAssertionToken: string;
+}
+/**
+ * Optional parameters for the {@link OnBehalfOfCredential} class.
+ */
+export type OnBehalfOfCredentialOptions = (OnBehalfOfCredentialSecretOptions | OnBehalfOfCredentialCertificateOptions | OnBehalfOfCredentialAssertionOptions) & MultiTenantTokenCredentialOptions & CredentialPersistenceOptions & AuthorityValidationOptions;
+//# sourceMappingURL=onBehalfOfCredentialOptions.d.ts.map

package/dist/browser/credentials/onBehalfOfCredentialOptions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"onBehalfOfCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AACtF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;GAEG;AACH,MAAM,WAAW,iCAAiC;IAChD;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,sCAAsC;IACrD;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,eAAe,EAAE,MAAM,CAAC;IACxB;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;IAC3B;;;OAGG;IACH,oBAAoB,CAAC,EAAE,OAAO,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,oCAAoC;IACnD;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,YAAY,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACpC;;OAEG;IACH,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AACD;;GAEG;AACH,MAAM,MAAM,2BAA2B,GAAG,CACtC,iCAAiC,GACjC,sCAAsC,GACtC,oCAAoC,CACvC,GACC,iCAAiC,GACjC,4BAA4B,GAC5B,0BAA0B,CAAC"}

package/dist/browser/credentials/onBehalfOfCredentialOptions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"onBehalfOfCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/onBehalfOfCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Defines the parameters to authenticate the {@link OnBehalfOfCredential} with a secret.\n */\nexport interface OnBehalfOfCredentialSecretOptions {\n /**\n * The Microsoft Entra tenant (directory) ID.\n */\n tenantId: string;\n /**\n * The client (application) ID of an App Registration in the tenant.\n */\n clientId: string;\n /**\n * A client secret that was generated for the App Registration.\n */\n clientSecret: string;\n /**\n * The user assertion for the On-Behalf-Of flow.\n */\n userAssertionToken: string;\n}\n\n/**\n * Defines the parameters to authenticate the {@link OnBehalfOfCredential} with a certificate.\n */\nexport interface OnBehalfOfCredentialCertificateOptions {\n /**\n * The Microsoft Entra tenant (directory) ID.\n */\n tenantId: string;\n /**\n * The client (application) ID of an App Registration in the tenant.\n */\n clientId: string;\n /**\n * The path to a PEM-encoded public/private key certificate on the filesystem.\n */\n certificatePath: string;\n /**\n * The user assertion for the On-Behalf-Of flow.\n */\n userAssertionToken: string;\n /**\n * Option to include x5c header for SubjectName and Issuer name authorization.\n * Set this option to send base64 encoded public certificate in the client assertion header as an x5c claim\n */\n sendCertificateChain?: boolean;\n}\n\n/**\n * Defines the parameters to authenticate the {@link OnBehalfOfCredential} with an assertion.\n */\nexport interface OnBehalfOfCredentialAssertionOptions {\n /**\n * The Microsoft Entra tenant (directory) ID.\n */\n tenantId: string;\n /**\n * The client (application) ID of an App Registration in the tenant.\n */\n clientId: string;\n /**\n * A function that retrieves the client assertion for the credential to use\n */\n getAssertion: () => Promise<string>;\n /**\n * The user assertion for the On-Behalf-Of flow.\n */\n userAssertionToken: string;\n}\n/**\n * Optional parameters for the {@link OnBehalfOfCredential} class.\n */\nexport type OnBehalfOfCredentialOptions = (\n | OnBehalfOfCredentialSecretOptions\n | OnBehalfOfCredentialCertificateOptions\n | OnBehalfOfCredentialAssertionOptions\n) &\n MultiTenantTokenCredentialOptions &\n CredentialPersistenceOptions &\n AuthorityValidationOptions;\n"]}

package/dist/browser/credentials/usernamePasswordCredential-browser.d.mts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"usernamePasswordCredential-browser.d.mts","sourceRoot":"","sources":["../../../src/credentials/usernamePasswordCredential-browser.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAStF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAMhG;;;;;GAKG;AACH,qBAAa,0BAA2B,YAAW,eAAe;IAChE,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,4BAA4B,CAAW;IAC/C,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IAEzB;;;;;;;;;;OAUG;gBAED,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,iCAAiC;IAc7C;;;;;;;;;OASG;IACU,QAAQ,CACnB,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,EACzB,OAAO,GAAE,eAAoB,GAC5B,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAuC/B"}

package/dist/browser/credentials/usernamePasswordCredential-browser.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"usernamePasswordCredential-browser.mjs","sourceRoot":"","sources":["../../../src/credentials/usernamePasswordCredential-browser.mts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EACL,aAAa,EACb,yBAAyB,EACzB,mCAAmC,GACpC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AACrF,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAE7D,OAAO,EAAE,8BAA8B,EAAE,MAAM,kCAAkC,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,MAAM,MAAM,GAAG,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;AAE9D;;;;;GAKG;AACH,MAAM,OAAO,0BAA0B;IAQrC;;;;;;;;;;OAUG;IACH,YACE,cAAsB,EACtB,QAAgB,EAChB,QAAgB,EAChB,QAAgB,EAChB,OAA2C;QAE3C,aAAa,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAEtC,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ,GAAG,cAAc,CAAC;QAC/B,IAAI,CAAC,4BAA4B,GAAG,mCAAmC,CACrE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,0BAA0B,CACpC,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED;;;;;;;;;OASG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,UAA2B,EAAE;QAE7B,OAAO,aAAa,CAAC,QAAQ,CAC3B,qCAAqC,EACrC,OAAO,EACP,KAAK,EAAE,UAAU,EAAE,EAAE;YACnB,MAAM,QAAQ,GAAG,yBAAyB,CACxC,IAAI,CAAC,QAAQ,EACb,UAAU,EACV,IAAI,CAAC,4BAA4B,CAClC,CAAC;YACF,UAAU,CAAC,QAAQ,GAAG,QAAQ,CAAC;YAE/B,MAAM,SAAS,GAAG,8BAA8B,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAChE,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;gBACjC,aAAa,EAAE,OAAO;gBACtB,UAAU,EAAE,UAAU;gBACtB,SAAS,EAAE,IAAI,CAAC,QAAQ;gBACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;aAC9D,CAAC,CAAC;YACH,MAAM,WAAW,GAAG,qBAAqB,CAAC;gBACxC,GAAG,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,aAAa,IAAI,IAAI,CAAC,QAAQ,IAAI,SAAS,EAAE;gBACzE,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;gBACvB,OAAO,EAAE,iBAAiB,CAAC;oBACzB,MAAM,EAAE,kBAAkB;oBAC1B,cAAc,EAAE,mCAAmC;iBACpD,CAAC;gBACF,WAAW,EAAE,OAAO,IAAI,OAAO,CAAC,WAAW;gBAC3C,cAAc,EAAE,UAAU,CAAC,cAAc;aAC1C,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;YAC9E,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;YAC5C,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;QAC9D,CAAC,CACF,CAAC;IACJ,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport {\n checkTenantId,\n processMultiTenantRequest,\n resolveAdditionallyAllowedTenantIds,\n} from \"../util/tenantIdUtils.js\";\nimport { createHttpHeaders, createPipelineRequest } from \"@azure/core-rest-pipeline\";\nimport { credentialLogger, formatSuccess } from \"../util/logging.js\";\nimport { IdentityClient } from \"../client/identityClient.js\";\nimport type { UsernamePasswordCredentialOptions } from \"./usernamePasswordCredentialOptions.js\";\nimport { getIdentityTokenEndpointSuffix } from \"../util/identityTokenEndpoint.js\";\nimport { tracingClient } from \"../util/tracing.js\";\n\nconst logger = credentialLogger(\"UsernamePasswordCredential\");\n\n/**\n * Enables authentication to Microsoft Entra ID with a user's\n * username and password. This credential requires a high degree of\n * trust so you should only use it when other, more secure credential\n * types can't be used.\n */\nexport class UsernamePasswordCredential implements TokenCredential {\n private identityClient: IdentityClient;\n private tenantId: string;\n private additionallyAllowedTenantIds: string[];\n private clientId: string;\n private username: string;\n private password: string;\n\n /**\n * Creates an instance of the UsernamePasswordCredential with the details\n * needed to authenticate against Microsoft Entra ID with a username\n * and password.\n *\n * @param tenantIdOrName - The Microsoft Entra tenant (directory) ID or name.\n * @param clientId - The client (application) ID of an App Registration in the tenant.\n * @param username - The user account's e-mail address (user name).\n * @param password - The user account's account password\n * @param options - Options for configuring the client which makes the authentication request.\n */\n constructor(\n tenantIdOrName: string,\n clientId: string,\n username: string,\n password: string,\n options?: UsernamePasswordCredentialOptions,\n ) {\n checkTenantId(logger, tenantIdOrName);\n\n this.identityClient = new IdentityClient(options);\n this.tenantId = tenantIdOrName;\n this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(\n options?.additionallyAllowedTenants,\n );\n this.clientId = clientId;\n this.username = username;\n this.password = password;\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if\n * successful. If authentication cannot be performed at this time, this method may\n * return null. If an error occurs during authentication, an {@link AuthenticationError}\n * containing failure details will be thrown.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options: GetTokenOptions = {},\n ): Promise<AccessToken | null> {\n return tracingClient.withSpan(\n \"UsernamePasswordCredential.getToken\",\n options,\n async (newOptions) => {\n const tenantId = processMultiTenantRequest(\n this.tenantId,\n newOptions,\n this.additionallyAllowedTenantIds,\n );\n newOptions.tenantId = tenantId;\n\n const urlSuffix = getIdentityTokenEndpointSuffix(this.tenantId);\n const params = new URLSearchParams({\n response_type: \"token\",\n grant_type: \"password\",\n client_id: this.clientId,\n username: this.username,\n password: this.password,\n scope: typeof scopes === \"string\" ? scopes : scopes.join(\" \"),\n });\n const webResource = createPipelineRequest({\n url: `${this.identityClient.authorityHost}/${this.tenantId}/${urlSuffix}`,\n method: \"POST\",\n body: params.toString(),\n headers: createHttpHeaders({\n Accept: \"application/json\",\n \"Content-Type\": \"application/x-www-form-urlencoded\",\n }),\n abortSignal: options && options.abortSignal,\n tracingOptions: newOptions.tracingOptions,\n });\n\n const tokenResponse = await this.identityClient.sendTokenRequest(webResource);\n logger.getToken.info(formatSuccess(scopes));\n return (tokenResponse && tokenResponse.accessToken) || null;\n },\n );\n }\n}\n"]}

package/dist/browser/credentials/usernamePasswordCredential.d.ts ADDED Viewed

@@ -0,0 +1,40 @@
+import type { AccessToken, GetTokenOptions, TokenCredential } from "@azure/core-auth";
+import type { UsernamePasswordCredentialOptions } from "./usernamePasswordCredentialOptions.js";
+/**
+ * Enables authentication to Microsoft Entra ID with a user's
+ * username and password. This credential requires a high degree of
+ * trust so you should only use it when other, more secure credential
+ * types can't be used.
+ */
+export declare class UsernamePasswordCredential implements TokenCredential {
+    private identityClient;
+    private tenantId;
+    private additionallyAllowedTenantIds;
+    private clientId;
+    private username;
+    private password;
+    /**
+     * Creates an instance of the UsernamePasswordCredential with the details
+     * needed to authenticate against Microsoft Entra ID with a username
+     * and password.
+     *
+     * @param tenantIdOrName - The Microsoft Entra tenant (directory) ID or name.
+     * @param clientId - The client (application) ID of an App Registration in the tenant.
+     * @param username - The user account's e-mail address (user name).
+     * @param password - The user account's account password
+     * @param options - Options for configuring the client which makes the authentication request.
+     */
+    constructor(tenantIdOrName: string, clientId: string, username: string, password: string, options?: UsernamePasswordCredentialOptions);
+    /**
+     * Authenticates with Microsoft Entra ID and returns an access token if
+     * successful.  If authentication cannot be performed at this time, this method may
+     * return null.  If an error occurs during authentication, an {@link AuthenticationError}
+     * containing failure details will be thrown.
+     *
+     * @param scopes - The list of scopes for which the token will have access.
+     * @param options - The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    getToken(scopes: string | string[], options?: GetTokenOptions): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=usernamePasswordCredential-browser.d.mts.map

package/dist/browser/credentials/usernamePasswordCredential.js ADDED Viewed

@@ -0,0 +1,77 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { checkTenantId, processMultiTenantRequest, resolveAdditionallyAllowedTenantIds, } from "../util/tenantIdUtils.js";
+import { createHttpHeaders, createPipelineRequest } from "@azure/core-rest-pipeline";
+import { credentialLogger, formatSuccess } from "../util/logging.js";
+import { IdentityClient } from "../client/identityClient.js";
+import { getIdentityTokenEndpointSuffix } from "../util/identityTokenEndpoint.js";
+import { tracingClient } from "../util/tracing.js";
+const logger = credentialLogger("UsernamePasswordCredential");
+/**
+ * Enables authentication to Microsoft Entra ID with a user's
+ * username and password. This credential requires a high degree of
+ * trust so you should only use it when other, more secure credential
+ * types can't be used.
+ */
+export class UsernamePasswordCredential {
+    /**
+     * Creates an instance of the UsernamePasswordCredential with the details
+     * needed to authenticate against Microsoft Entra ID with a username
+     * and password.
+     *
+     * @param tenantIdOrName - The Microsoft Entra tenant (directory) ID or name.
+     * @param clientId - The client (application) ID of an App Registration in the tenant.
+     * @param username - The user account's e-mail address (user name).
+     * @param password - The user account's account password
+     * @param options - Options for configuring the client which makes the authentication request.
+     */
+    constructor(tenantIdOrName, clientId, username, password, options) {
+        checkTenantId(logger, tenantIdOrName);
+        this.identityClient = new IdentityClient(options);
+        this.tenantId = tenantIdOrName;
+        this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
+        this.clientId = clientId;
+        this.username = username;
+        this.password = password;
+    }
+    /**
+     * Authenticates with Microsoft Entra ID and returns an access token if
+     * successful.  If authentication cannot be performed at this time, this method may
+     * return null.  If an error occurs during authentication, an {@link AuthenticationError}
+     * containing failure details will be thrown.
+     *
+     * @param scopes - The list of scopes for which the token will have access.
+     * @param options - The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    async getToken(scopes, options = {}) {
+        return tracingClient.withSpan("UsernamePasswordCredential.getToken", options, async (newOptions) => {
+            const tenantId = processMultiTenantRequest(this.tenantId, newOptions, this.additionallyAllowedTenantIds);
+            newOptions.tenantId = tenantId;
+            const urlSuffix = getIdentityTokenEndpointSuffix(this.tenantId);
+            const params = new URLSearchParams({
+                response_type: "token",
+                grant_type: "password",
+                client_id: this.clientId,
+                username: this.username,
+                password: this.password,
+                scope: typeof scopes === "string" ? scopes : scopes.join(" "),
+            });
+            const webResource = createPipelineRequest({
+                url: `${this.identityClient.authorityHost}/${this.tenantId}/${urlSuffix}`,
+                method: "POST",
+                body: params.toString(),
+                headers: createHttpHeaders({
+                    Accept: "application/json",
+                    "Content-Type": "application/x-www-form-urlencoded",
+                }),
+                abortSignal: options && options.abortSignal,
+                tracingOptions: newOptions.tracingOptions,
+            });
+            const tokenResponse = await this.identityClient.sendTokenRequest(webResource);
+            logger.getToken.info(formatSuccess(scopes));
+            return (tokenResponse && tokenResponse.accessToken) || null;
+        });
+    }
+}
+//# sourceMappingURL=usernamePasswordCredential-browser.mjs.map

package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { AuthorityValidationOptions } from "./authorityValidationOptions.js";
+import type { CredentialPersistenceOptions } from "./credentialPersistenceOptions.js";
+import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
+/**
+ * Defines options for the {@link UsernamePasswordCredential} class.
+ */
+export interface UsernamePasswordCredentialOptions extends MultiTenantTokenCredentialOptions, CredentialPersistenceOptions, AuthorityValidationOptions {
+}
+//# sourceMappingURL=usernamePasswordCredentialOptions.d.ts.map

package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"usernamePasswordCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/usernamePasswordCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AACtF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;GAEG;AACH,MAAM,WAAW,iCACf,SAAQ,iCAAiC,EACvC,4BAA4B,EAC5B,0BAA0B;CAAG"}

package/dist/browser/credentials/usernamePasswordCredentialOptions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"usernamePasswordCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/usernamePasswordCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { CredentialPersistenceOptions } from \"./credentialPersistenceOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Defines options for the {@link UsernamePasswordCredential} class.\n */\nexport interface UsernamePasswordCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n CredentialPersistenceOptions,\n AuthorityValidationOptions {}\n"]}

package/dist/browser/credentials/visualStudioCodeCredential-browser.d.mts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"visualStudioCodeCredential-browser.d.mts","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredential-browser.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAQrE,eAAO,MAAM,uBAAuB;;CAMnC,CAAC;AAEF;;GAEG;AACH,qBAAa,0BAA2B,YAAW,eAAe;IAChE;;OAEG;;IAMI,QAAQ,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAI/C"}

package/dist/browser/credentials/visualStudioCodeCredential-browser.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"visualStudioCodeCredential-browser.mjs","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredential-browser.mts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEnE,MAAM,wBAAwB,GAAG,IAAI,KAAK,CACxC,6DAA6D,CAC9D,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;AAE9D,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,IAAI,sBAAsB,CAAC,OAAc;QACvC,MAAM,IAAI,KAAK,CACb,qJAAqJ,CACtJ,CAAC;IACJ,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,0BAA0B;IACrC;;OAEG;IACH;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAEM,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\n\nconst BrowserNotSupportedError = new Error(\n \"VisualStudioCodeCredential is not supported in the browser.\",\n);\nconst logger = credentialLogger(\"VisualStudioCodeCredential\");\n\nexport const vsCodeCredentialControl = {\n set vsCodeCredentialFinder(_finder: never) {\n throw new Error(\n \"Attempted to register a VisualStudioCodeCredential provider plugin in the browser. This environment is not supported by VisualStudioCodeCredential.\",\n );\n },\n};\n\n/**\n * Connects to Azure using the credential provided by the VSCode extension 'Azure Account'.\n */\nexport class VisualStudioCodeCredential implements TokenCredential {\n /**\n * Only available in Node.js\n */\n constructor() {\n logger.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n\n public getToken(): Promise<AccessToken | null> {\n logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n}\n"]}

package/dist/browser/credentials/visualStudioCodeCredential.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { AccessToken, TokenCredential } from "@azure/core-auth";
+export declare const vsCodeCredentialControl: {
+    vsCodeCredentialFinder: never;
+};
+/**
+ * Connects to Azure using the credential provided by the VSCode extension 'Azure Account'.
+ */
+export declare class VisualStudioCodeCredential implements TokenCredential {
+    /**
+     * Only available in Node.js
+     */
+    constructor();
+    getToken(): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=visualStudioCodeCredential-browser.d.mts.map

package/dist/browser/credentials/visualStudioCodeCredential.js ADDED Viewed

@@ -0,0 +1,27 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { credentialLogger, formatError } from "../util/logging.js";
+const BrowserNotSupportedError = new Error("VisualStudioCodeCredential is not supported in the browser.");
+const logger = credentialLogger("VisualStudioCodeCredential");
+export const vsCodeCredentialControl = {
+    set vsCodeCredentialFinder(_finder) {
+        throw new Error("Attempted to register a VisualStudioCodeCredential provider plugin in the browser. This environment is not supported by VisualStudioCodeCredential.");
+    },
+};
+/**
+ * Connects to Azure using the credential provided by the VSCode extension 'Azure Account'.
+ */
+export class VisualStudioCodeCredential {
+    /**
+     * Only available in Node.js
+     */
+    constructor() {
+        logger.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+    getToken() {
+        logger.getToken.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+}
+//# sourceMappingURL=visualStudioCodeCredential-browser.mjs.map

package/dist/browser/credentials/visualStudioCodeCredentialOptions.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
+/**
+ * Provides options to configure the Visual Studio Code credential.
+ */
+export interface VisualStudioCodeCredentialOptions extends MultiTenantTokenCredentialOptions {
+    /**
+     * Optionally pass in a Tenant ID to be used as part of the credential
+     */
+    tenantId?: string;
+}
+//# sourceMappingURL=visualStudioCodeCredentialOptions.d.ts.map

package/dist/browser/credentials/visualStudioCodeCredentialOptions.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"visualStudioCodeCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;GAEG;AACH,MAAM,WAAW,iCAAkC,SAAQ,iCAAiC;IAC1F;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB"}

package/dist/browser/credentials/visualStudioCodeCredentialOptions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"visualStudioCodeCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Provides options to configure the Visual Studio Code credential.\n */\nexport interface VisualStudioCodeCredentialOptions extends MultiTenantTokenCredentialOptions {\n /**\n * Optionally pass in a Tenant ID to be used as part of the credential\n */\n tenantId?: string;\n}\n"]}

package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * A function that searches for credentials in the Visual Studio Code credential store.
+ *
+ * @returns an array of credentials (username and password)
+ * @internal
+ */
+export type VSCodeCredentialFinder = () => Promise<Array<{
+    account: string;
+    password: string;
+}>>;
+//# sourceMappingURL=visualStudioCodeCredentialPlugin.d.ts.map

package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"visualStudioCodeCredentialPlugin.d.ts","sourceRoot":"","sources":["../../../src/credentials/visualStudioCodeCredentialPlugin.ts"],"names":[],"mappings":"AAGA;;;;;GAKG;AACH,MAAM,MAAM,sBAAsB,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC,CAAC,CAAC"}

package/dist/browser/credentials/workloadIdentityCredential-browser.d.mts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"workloadIdentityCredential-browser.d.mts","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredential-browser.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAQrE;;;;GAIG;AACH,qBAAa,0BAA2B,YAAW,eAAe;IAChE;;OAEG;;IAMH;;OAEG;IACI,QAAQ,IAAI,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;CAI/C"}

package/dist/browser/credentials/workloadIdentityCredential-browser.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"workloadIdentityCredential-browser.mjs","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredential-browser.mts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAEnE,MAAM,wBAAwB,GAAG,IAAI,KAAK,CACxC,6DAA6D,CAC9D,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;AAE9D;;;;GAIG;AACH,MAAM,OAAO,0BAA0B;IACrC;;OAEG;IACH;QACE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QACvD,MAAM,wBAAwB,CAAC;IACjC,CAAC;IAED;;OAEG;IACI,QAAQ;QACb,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC,CAAC;QAChE,MAAM,wBAAwB,CAAC;IACjC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, formatError } from \"../util/logging.js\";\n\nconst BrowserNotSupportedError = new Error(\n \"WorkloadIdentityCredential is not supported in the browser.\",\n);\nconst logger = credentialLogger(\"WorkloadIdentityCredential\");\n\n/**\n * WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Kubernetes.\n * Refer to <a href=\"https://learn.microsoft.com/azure/aks/workload-identity-overview\">Microsoft Entra Workload ID</a>\n * for more information.\n */\nexport class WorkloadIdentityCredential implements TokenCredential {\n /**\n * Only available in Node.js\n */\n constructor() {\n logger.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n\n /**\n * Only available in Node.js\n */\n public getToken(): Promise<AccessToken | null> {\n logger.getToken.info(formatError(\"\", BrowserNotSupportedError));\n throw BrowserNotSupportedError;\n }\n}\n"]}

package/dist/browser/credentials/workloadIdentityCredential.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { AccessToken, TokenCredential } from "@azure/core-auth";
+/**
+ * WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Kubernetes.
+ * Refer to <a href="https://learn.microsoft.com/azure/aks/workload-identity-overview">Microsoft Entra Workload ID</a>
+ * for more information.
+ */
+export declare class WorkloadIdentityCredential implements TokenCredential {
+    /**
+     * Only available in Node.js
+     */
+    constructor();
+    /**
+     * Only available in Node.js
+     */
+    getToken(): Promise<AccessToken | null>;
+}
+//# sourceMappingURL=workloadIdentityCredential-browser.d.mts.map

package/dist/browser/credentials/workloadIdentityCredential.js ADDED Viewed

@@ -0,0 +1,27 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { credentialLogger, formatError } from "../util/logging.js";
+const BrowserNotSupportedError = new Error("WorkloadIdentityCredential is not supported in the browser.");
+const logger = credentialLogger("WorkloadIdentityCredential");
+/**
+ * WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Kubernetes.
+ * Refer to <a href="https://learn.microsoft.com/azure/aks/workload-identity-overview">Microsoft Entra Workload ID</a>
+ * for more information.
+ */
+export class WorkloadIdentityCredential {
+    /**
+     * Only available in Node.js
+     */
+    constructor() {
+        logger.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+    /**
+     * Only available in Node.js
+     */
+    getToken() {
+        logger.getToken.info(formatError("", BrowserNotSupportedError));
+        throw BrowserNotSupportedError;
+    }
+}
+//# sourceMappingURL=workloadIdentityCredential-browser.mjs.map

package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { AuthorityValidationOptions } from "./authorityValidationOptions.js";
+import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
+/**
+ * Options for the {@link WorkloadIdentityCredential}
+ */
+export interface WorkloadIdentityCredentialOptions extends MultiTenantTokenCredentialOptions, AuthorityValidationOptions {
+    /**
+     * ID of the application's Microsoft Entra tenant. Also called its directory ID.
+     */
+    tenantId?: string;
+    /**
+     * The client ID of a Microsoft Entra app registration.
+     */
+    clientId?: string;
+    /**
+     * The path to a file containing a Kubernetes service account token that authenticates the identity.
+     */
+    tokenFilePath?: string;
+}
+//# sourceMappingURL=workloadIdentityCredentialOptions.d.ts.map

package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"workloadIdentityCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;GAEG;AACH,MAAM,WAAW,iCACf,SAAQ,iCAAiC,EACvC,0BAA0B;IAC5B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB"}

package/dist/browser/credentials/workloadIdentityCredentialOptions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"workloadIdentityCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Options for the {@link WorkloadIdentityCredential}\n */\nexport interface WorkloadIdentityCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n AuthorityValidationOptions {\n /**\n * ID of the application's Microsoft Entra tenant. Also called its directory ID.\n */\n tenantId?: string;\n /**\n * The client ID of a Microsoft Entra app registration.\n */\n clientId?: string;\n /**\n * The path to a file containing a Kubernetes service account token that authenticates the identity.\n */\n tokenFilePath?: string;\n}\n"]}