@azure/identity 4.6.0 → 4.6.1-alpha.20250117.1
Sign up to get free protection for your applications and to get access to all the features.
- package/README.md +5 -1
- package/dist/browser/client/identityClient.d.ts +65 -0
- package/dist/browser/client/identityClient.d.ts.map +1 -0
- package/dist/browser/client/identityClient.js +248 -0
- package/dist/browser/client/identityClient.js.map +1 -0
- package/dist/browser/constants.d.ts +69 -0
- package/dist/browser/constants.d.ts.map +1 -0
- package/dist/browser/constants.js +75 -0
- package/dist/browser/constants.js.map +1 -0
- package/dist/browser/credentials/authorityValidationOptions.d.ts +16 -0
- package/dist/browser/credentials/authorityValidationOptions.d.ts.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredential.d.ts +11 -0
- package/dist/browser/credentials/authorizationCodeCredential.js +16 -0
- package/dist/browser/credentials/authorizationCodeCredentialOptions.d.ts +8 -0
- package/dist/browser/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/authorizationCodeCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/azureApplicationCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/azureApplicationCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/azureApplicationCredential.d.ts +24 -0
- package/dist/browser/credentials/azureApplicationCredential.js +34 -0
- package/dist/browser/credentials/azureApplicationCredentialOptions.d.ts +13 -0
- package/dist/browser/credentials/azureApplicationCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/azureApplicationCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/azureCliCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/azureCliCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/azureCliCredential.d.ts +13 -0
- package/dist/browser/credentials/azureCliCredential.js +23 -0
- package/dist/browser/credentials/azureCliCredentialOptions.d.ts +20 -0
- package/dist/browser/credentials/azureCliCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/azureCliCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredential.d.ts +13 -0
- package/dist/browser/credentials/azureDeveloperCliCredential.js +23 -0
- package/dist/browser/credentials/azureDeveloperCliCredentialOptions.d.ts +15 -0
- package/dist/browser/credentials/azureDeveloperCliCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/azureDeveloperCliCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredential.d.ts +13 -0
- package/dist/browser/credentials/azurePipelinesCredential.js +23 -0
- package/dist/browser/credentials/azurePipelinesCredentialOptions.d.ts +9 -0
- package/dist/browser/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/azurePipelinesCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/azurePowerShellCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/azurePowerShellCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/azurePowerShellCredential.d.ts +12 -0
- package/dist/browser/credentials/azurePowerShellCredential.js +22 -0
- package/dist/browser/credentials/azurePowerShellCredentialOptions.d.ts +15 -0
- package/dist/browser/credentials/azurePowerShellCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/azurePowerShellCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/brokerAuthOptions.d.ts +13 -0
- package/dist/browser/credentials/brokerAuthOptions.d.ts.map +1 -0
- package/dist/browser/credentials/brokerAuthOptions.js.map +1 -0
- package/dist/browser/credentials/browserCustomizationOptions.d.ts +19 -0
- package/dist/browser/credentials/browserCustomizationOptions.d.ts.map +1 -0
- package/dist/browser/credentials/chainedTokenCredential.d.ts +51 -0
- package/dist/browser/credentials/chainedTokenCredential.d.ts.map +1 -0
- package/dist/browser/credentials/chainedTokenCredential.js +92 -0
- package/dist/browser/credentials/chainedTokenCredential.js.map +1 -0
- package/dist/browser/credentials/clientAssertionCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/clientAssertionCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/clientAssertionCredential.d.ts +12 -0
- package/dist/browser/credentials/clientAssertionCredential.js +22 -0
- package/dist/browser/credentials/clientAssertionCredentialOptions.d.ts +9 -0
- package/dist/browser/credentials/clientAssertionCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/clientAssertionCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/clientCertificateCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/clientCertificateCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/clientCertificateCredential.d.ts +13 -0
- package/dist/browser/credentials/clientCertificateCredential.js +23 -0
- package/dist/browser/credentials/clientCertificateCredentialModels.d.ts +31 -0
- package/dist/browser/credentials/clientCertificateCredentialModels.d.ts.map +1 -0
- package/dist/browser/credentials/clientCertificateCredentialModels.js +4 -0
- package/dist/browser/credentials/clientCertificateCredentialModels.js.map +1 -0
- package/dist/browser/credentials/clientCertificateCredentialOptions.d.ts +14 -0
- package/dist/browser/credentials/clientCertificateCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/clientCertificateCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/clientSecretCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/clientSecretCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/clientSecretCredential.d.ts +40 -0
- package/dist/browser/credentials/clientSecretCredential.js +83 -0
- package/dist/browser/credentials/clientSecretCredentialOptions.d.ts +9 -0
- package/dist/browser/credentials/clientSecretCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/clientSecretCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/credentialPersistenceOptions.d.ts +30 -0
- package/dist/browser/credentials/credentialPersistenceOptions.d.ts.map +1 -0
- package/dist/browser/credentials/credentialPersistenceOptions.js.map +1 -0
- package/dist/browser/credentials/defaultAzureCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/defaultAzureCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/defaultAzureCredential.d.ts +19 -0
- package/dist/browser/credentials/defaultAzureCredential.js +29 -0
- package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts +49 -0
- package/dist/browser/credentials/defaultAzureCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/defaultAzureCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/deviceCodeCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/deviceCodeCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/deviceCodeCredential.d.ts +13 -0
- package/dist/browser/credentials/deviceCodeCredential.js +23 -0
- package/dist/browser/credentials/deviceCodeCredentialOptions.d.ts +53 -0
- package/dist/browser/credentials/deviceCodeCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/deviceCodeCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/environmentCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/environmentCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/environmentCredential.d.ts +13 -0
- package/dist/browser/credentials/environmentCredential.js +23 -0
- package/dist/browser/credentials/environmentCredentialOptions.d.ts +9 -0
- package/dist/browser/credentials/environmentCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/environmentCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredential.d.ts +53 -0
- package/dist/browser/credentials/interactiveBrowserCredential.js +86 -0
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.d.ts +77 -0
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/interactiveBrowserCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/interactiveCredentialOptions.d.ts +25 -0
- package/dist/browser/credentials/interactiveCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/interactiveCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsMsi.d.ts +18 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsMsi.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsMsi.js +122 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsMsi.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +12 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/index-browser.d.mts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/index-browser.mjs.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/index.d.ts +6 -0
- package/dist/browser/credentials/managedIdentityCredential/index.js +16 -0
- package/dist/browser/credentials/managedIdentityCredential/models.d.ts +24 -0
- package/dist/browser/credentials/managedIdentityCredential/models.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/models.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/options.d.ts +37 -0
- package/dist/browser/credentials/managedIdentityCredential/options.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/options.js +4 -0
- package/dist/browser/credentials/managedIdentityCredential/options.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts +14 -0
- package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js +32 -0
- package/dist/browser/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/utils.d.ts +33 -0
- package/dist/browser/credentials/managedIdentityCredential/utils.d.ts.map +1 -0
- package/dist/browser/credentials/managedIdentityCredential/utils.js +77 -0
- package/dist/browser/credentials/managedIdentityCredential/utils.js.map +1 -0
- package/dist/browser/credentials/multiTenantTokenCredentialOptions.d.ts +12 -0
- package/dist/browser/credentials/multiTenantTokenCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/multiTenantTokenCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/onBehalfOfCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/onBehalfOfCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/onBehalfOfCredential.d.ts +12 -0
- package/dist/browser/credentials/onBehalfOfCredential.js +23 -0
- package/dist/browser/credentials/onBehalfOfCredentialOptions.d.ts +76 -0
- package/dist/browser/credentials/onBehalfOfCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/onBehalfOfCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredential.d.ts +40 -0
- package/dist/browser/credentials/usernamePasswordCredential.js +77 -0
- package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts +9 -0
- package/dist/browser/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/usernamePasswordCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredential.d.ts +15 -0
- package/dist/browser/credentials/visualStudioCodeCredential.js +27 -0
- package/dist/browser/credentials/visualStudioCodeCredentialOptions.d.ts +11 -0
- package/dist/browser/credentials/visualStudioCodeCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredentialOptions.js.map +1 -0
- package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts +11 -0
- package/dist/browser/credentials/visualStudioCodeCredentialPlugin.d.ts.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential-browser.d.mts.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential-browser.mjs.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredential.d.ts +17 -0
- package/dist/browser/credentials/workloadIdentityCredential.js +27 -0
- package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts +20 -0
- package/dist/browser/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -0
- package/dist/browser/credentials/workloadIdentityCredentialOptions.js.map +1 -0
- package/dist/browser/errors.d.ts +139 -0
- package/dist/browser/errors.d.ts.map +1 -0
- package/dist/browser/errors.js.map +1 -0
- package/dist/browser/index.d.ts +61 -0
- package/dist/browser/index.d.ts.map +1 -0
- package/dist/browser/index.js +34 -0
- package/dist/browser/index.js.map +1 -0
- package/dist/browser/msal/browserFlows/flows.d.ts +42 -0
- package/dist/browser/msal/browserFlows/flows.d.ts.map +1 -0
- package/dist/browser/msal/browserFlows/flows.js.map +1 -0
- package/dist/browser/msal/browserFlows/msalAuthCode.d.ts +48 -0
- package/dist/browser/msal/browserFlows/msalAuthCode.d.ts.map +1 -0
- package/dist/browser/msal/browserFlows/msalAuthCode.js +203 -0
- package/dist/browser/msal/browserFlows/msalAuthCode.js.map +1 -0
- package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts +106 -0
- package/dist/browser/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -0
- package/dist/browser/msal/browserFlows/msalBrowserCommon.js +116 -0
- package/dist/browser/msal/browserFlows/msalBrowserCommon.js.map +1 -0
- package/dist/browser/msal/credentials.d.ts +52 -0
- package/dist/browser/msal/credentials.d.ts.map +1 -0
- package/dist/browser/msal/credentials.js.map +1 -0
- package/dist/browser/msal/msal-browser.d.mts.map +1 -0
- package/dist/browser/msal/msal-browser.mjs.map +1 -0
- package/dist/browser/msal/msal.d.ts +3 -0
- package/dist/browser/msal/msal.js +5 -0
- package/dist/browser/msal/nodeFlows/brokerOptions.d.ts +44 -0
- package/dist/browser/msal/nodeFlows/brokerOptions.d.ts.map +1 -0
- package/dist/browser/msal/nodeFlows/msalClient.d.ts +186 -0
- package/dist/browser/msal/nodeFlows/msalClient.d.ts.map +1 -0
- package/dist/browser/msal/nodeFlows/msalClient.js +477 -0
- package/dist/browser/msal/nodeFlows/msalClient.js.map +1 -0
- package/dist/browser/msal/nodeFlows/msalPlugins.d.ts +91 -0
- package/dist/browser/msal/nodeFlows/msalPlugins.d.ts.map +1 -0
- package/dist/browser/msal/nodeFlows/msalPlugins.js +87 -0
- package/dist/browser/msal/nodeFlows/msalPlugins.js.map +1 -0
- package/dist/browser/msal/nodeFlows/tokenCachePersistenceOptions.d.ts +24 -0
- package/dist/browser/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map +1 -0
- package/dist/browser/msal/types.d.ts +87 -0
- package/dist/browser/msal/types.d.ts.map +1 -0
- package/dist/browser/msal/types.js.map +1 -0
- package/dist/browser/msal/utils.d.ts +95 -0
- package/dist/browser/msal/utils.d.ts.map +1 -0
- package/dist/browser/msal/utils.js +238 -0
- package/dist/browser/msal/utils.js.map +1 -0
- package/dist/browser/package.json +3 -0
- package/dist/browser/plugins/consumer-browser.d.mts.map +1 -0
- package/dist/browser/plugins/consumer-browser.mjs.map +1 -0
- package/dist/browser/plugins/consumer.d.ts +2 -0
- package/dist/browser/plugins/consumer.js +7 -0
- package/dist/browser/plugins/provider.d.ts +36 -0
- package/dist/browser/plugins/provider.d.ts.map +1 -0
- package/dist/browser/plugins/provider.js.map +1 -0
- package/dist/browser/regionalAuthority.d.ts +122 -0
- package/dist/browser/regionalAuthority.d.ts.map +1 -0
- package/dist/browser/tokenCredentialOptions.d.ts +28 -0
- package/dist/browser/tokenCredentialOptions.d.ts.map +1 -0
- package/dist/browser/tokenCredentialOptions.js.map +1 -0
- package/dist/browser/tokenProvider.d.ts +39 -0
- package/dist/browser/tokenProvider.d.ts.map +1 -0
- package/dist/browser/tokenProvider.js +53 -0
- package/dist/browser/tokenProvider.js.map +1 -0
- package/dist/browser/util/authHostEnv-browser.d.mts +4 -0
- package/dist/browser/util/authHostEnv-browser.d.mts.map +1 -0
- package/dist/browser/util/authHostEnv-browser.mjs +7 -0
- package/dist/browser/util/authHostEnv-browser.mjs.map +1 -0
- package/dist/browser/util/identityTokenEndpoint.d.ts +2 -0
- package/dist/browser/util/identityTokenEndpoint.d.ts.map +1 -0
- package/dist/browser/util/logging.d.ts +70 -0
- package/dist/browser/util/logging.d.ts.map +1 -0
- package/dist/browser/util/logging.js.map +1 -0
- package/dist/browser/util/processMultiTenantRequest-browser.d.mts.map +1 -0
- package/dist/browser/util/processMultiTenantRequest-browser.mjs.map +1 -0
- package/dist/browser/util/processMultiTenantRequest.d.ts +9 -0
- package/dist/browser/util/processMultiTenantRequest.js +29 -0
- package/dist/browser/util/processUtils.d.ts +13 -0
- package/dist/browser/util/processUtils.d.ts.map +1 -0
- package/dist/browser/util/scopeUtils.d.ts +17 -0
- package/dist/browser/util/scopeUtils.d.ts.map +1 -0
- package/dist/browser/util/scopeUtils.js +29 -0
- package/dist/browser/util/scopeUtils.js.map +1 -0
- package/dist/browser/util/subscriptionUtils.d.ts +6 -0
- package/dist/browser/util/subscriptionUtils.d.ts.map +1 -0
- package/dist/browser/util/subscriptionUtils.js +14 -0
- package/dist/browser/util/subscriptionUtils.js.map +1 -0
- package/dist/browser/util/tenantIdUtils.d.ts +15 -0
- package/dist/browser/util/tenantIdUtils.d.ts.map +1 -0
- package/dist/browser/util/tenantIdUtils.js +44 -0
- package/dist/browser/util/tenantIdUtils.js.map +1 -0
- package/dist/browser/util/tracing.d.ts +6 -0
- package/dist/browser/util/tracing.d.ts.map +1 -0
- package/dist/browser/util/tracing.js +14 -0
- package/dist/browser/util/tracing.js.map +1 -0
- package/dist/commonjs/client/identityClient.d.ts +65 -0
- package/dist/commonjs/client/identityClient.d.ts.map +1 -0
- package/dist/commonjs/client/identityClient.js +253 -0
- package/dist/commonjs/client/identityClient.js.map +1 -0
- package/dist/commonjs/constants.d.ts +69 -0
- package/dist/commonjs/constants.d.ts.map +1 -0
- package/dist/commonjs/constants.js +78 -0
- package/dist/commonjs/constants.js.map +1 -0
- package/dist/commonjs/credentials/authorityValidationOptions.d.ts +16 -0
- package/dist/commonjs/credentials/authorityValidationOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/authorityValidationOptions.js +5 -0
- package/dist/commonjs/credentials/authorityValidationOptions.js.map +1 -0
- package/dist/commonjs/credentials/authorizationCodeCredential.d.ts +73 -0
- package/dist/commonjs/credentials/authorizationCodeCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/authorizationCodeCredential.js +64 -0
- package/dist/commonjs/credentials/authorizationCodeCredential.js.map +1 -0
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.d.ts +8 -0
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/authorizationCodeCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/azureApplicationCredential.d.ts +24 -0
- package/dist/commonjs/credentials/azureApplicationCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/azureApplicationCredential.js +36 -0
- package/dist/commonjs/credentials/azureApplicationCredential.js.map +1 -0
- package/dist/commonjs/credentials/azureApplicationCredentialOptions.d.ts +13 -0
- package/dist/commonjs/credentials/azureApplicationCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/azureApplicationCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/azureApplicationCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/azureCliCredential.d.ts +64 -0
- package/dist/commonjs/credentials/azureCliCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/azureCliCredential.js +194 -0
- package/dist/commonjs/credentials/azureCliCredential.js.map +1 -0
- package/dist/commonjs/credentials/azureCliCredentialOptions.d.ts +20 -0
- package/dist/commonjs/credentials/azureCliCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/azureCliCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/azureCliCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts +71 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredential.js +176 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredential.js.map +1 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.d.ts +15 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/azureDeveloperCliCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/azurePipelinesCredential.d.ts +38 -0
- package/dist/commonjs/credentials/azurePipelinesCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/azurePipelinesCredential.js +146 -0
- package/dist/commonjs/credentials/azurePipelinesCredential.js.map +1 -0
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.d.ts +9 -0
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/azurePipelinesCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/azurePowerShellCredential.d.ts +75 -0
- package/dist/commonjs/credentials/azurePowerShellCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/azurePowerShellCredential.js +235 -0
- package/dist/commonjs/credentials/azurePowerShellCredential.js.map +1 -0
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.d.ts +15 -0
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/azurePowerShellCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/brokerAuthOptions.d.ts +13 -0
- package/dist/commonjs/credentials/brokerAuthOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/brokerAuthOptions.js +3 -0
- package/dist/commonjs/credentials/brokerAuthOptions.js.map +1 -0
- package/dist/commonjs/credentials/browserCustomizationOptions.d.ts +19 -0
- package/dist/commonjs/credentials/browserCustomizationOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/browserCustomizationOptions.js +5 -0
- package/dist/commonjs/credentials/browserCustomizationOptions.js.map +1 -0
- package/dist/commonjs/credentials/chainedTokenCredential.d.ts +51 -0
- package/dist/commonjs/credentials/chainedTokenCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/chainedTokenCredential.js +96 -0
- package/dist/commonjs/credentials/chainedTokenCredential.js.map +1 -0
- package/dist/commonjs/credentials/clientAssertionCredential.d.ts +33 -0
- package/dist/commonjs/credentials/clientAssertionCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientAssertionCredential.js +59 -0
- package/dist/commonjs/credentials/clientAssertionCredential.js.map +1 -0
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.d.ts +9 -0
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/clientAssertionCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/clientCertificateCredential.d.ts +72 -0
- package/dist/commonjs/credentials/clientCertificateCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientCertificateCredential.js +127 -0
- package/dist/commonjs/credentials/clientCertificateCredential.js.map +1 -0
- package/dist/commonjs/credentials/clientCertificateCredentialModels.d.ts +31 -0
- package/dist/commonjs/credentials/clientCertificateCredentialModels.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientCertificateCredentialModels.js +5 -0
- package/dist/commonjs/credentials/clientCertificateCredentialModels.js.map +1 -0
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.d.ts +14 -0
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/clientCertificateCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/clientSecretCredential.d.ts +37 -0
- package/dist/commonjs/credentials/clientSecretCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientSecretCredential.js +64 -0
- package/dist/commonjs/credentials/clientSecretCredential.js.map +1 -0
- package/dist/commonjs/credentials/clientSecretCredentialOptions.d.ts +9 -0
- package/dist/commonjs/credentials/clientSecretCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/clientSecretCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/clientSecretCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/credentialPersistenceOptions.d.ts +30 -0
- package/dist/commonjs/credentials/credentialPersistenceOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/credentialPersistenceOptions.js +5 -0
- package/dist/commonjs/credentials/credentialPersistenceOptions.js.map +1 -0
- package/dist/commonjs/credentials/defaultAzureCredential.d.ts +65 -0
- package/dist/commonjs/credentials/defaultAzureCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/defaultAzureCredential.js +171 -0
- package/dist/commonjs/credentials/defaultAzureCredential.js.map +1 -0
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts +49 -0
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/defaultAzureCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/deviceCodeCredential.d.ts +67 -0
- package/dist/commonjs/credentials/deviceCodeCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/deviceCodeCredential.js +96 -0
- package/dist/commonjs/credentials/deviceCodeCredential.js.map +1 -0
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.d.ts +53 -0
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/deviceCodeCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/environmentCredential.d.ts +52 -0
- package/dist/commonjs/credentials/environmentCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/environmentCredential.js +135 -0
- package/dist/commonjs/credentials/environmentCredential.js.map +1 -0
- package/dist/commonjs/credentials/environmentCredentialOptions.d.ts +9 -0
- package/dist/commonjs/credentials/environmentCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/environmentCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/environmentCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/interactiveBrowserCredential.d.ts +56 -0
- package/dist/commonjs/credentials/interactiveBrowserCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/interactiveBrowserCredential.js +95 -0
- package/dist/commonjs/credentials/interactiveBrowserCredential.js.map +1 -0
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.d.ts +77 -0
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/interactiveBrowserCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/interactiveCredentialOptions.d.ts +25 -0
- package/dist/commonjs/credentials/interactiveCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/interactiveCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/interactiveCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.d.ts +18 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js +125 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsMsi.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +12 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js +36 -0
- package/dist/commonjs/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/index.d.ts +61 -0
- package/dist/commonjs/credentials/managedIdentityCredential/index.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/index.js +221 -0
- package/dist/commonjs/credentials/managedIdentityCredential/index.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/models.d.ts +24 -0
- package/dist/commonjs/credentials/managedIdentityCredential/models.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/models.js +5 -0
- package/dist/commonjs/credentials/managedIdentityCredential/models.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/options.d.ts +37 -0
- package/dist/commonjs/credentials/managedIdentityCredential/options.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/options.js +5 -0
- package/dist/commonjs/credentials/managedIdentityCredential/options.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts +14 -0
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js +35 -0
- package/dist/commonjs/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/utils.d.ts +33 -0
- package/dist/commonjs/credentials/managedIdentityCredential/utils.d.ts.map +1 -0
- package/dist/commonjs/credentials/managedIdentityCredential/utils.js +82 -0
- package/dist/commonjs/credentials/managedIdentityCredential/utils.js.map +1 -0
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.d.ts +12 -0
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/multiTenantTokenCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/onBehalfOfCredential.d.ts +105 -0
- package/dist/commonjs/credentials/onBehalfOfCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/onBehalfOfCredential.js +116 -0
- package/dist/commonjs/credentials/onBehalfOfCredential.js.map +1 -0
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.d.ts +76 -0
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/onBehalfOfCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/usernamePasswordCredential.d.ts +41 -0
- package/dist/commonjs/credentials/usernamePasswordCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/usernamePasswordCredential.js +71 -0
- package/dist/commonjs/credentials/usernamePasswordCredential.js.map +1 -0
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.d.ts +9 -0
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/usernamePasswordCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/visualStudioCodeCredential.d.ts +60 -0
- package/dist/commonjs/credentials/visualStudioCodeCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/visualStudioCodeCredential.js +196 -0
- package/dist/commonjs/credentials/visualStudioCodeCredential.js.map +1 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.d.ts +11 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialOptions.js.map +1 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.d.ts +11 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.d.ts.map +1 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js +5 -0
- package/dist/commonjs/credentials/visualStudioCodeCredentialPlugin.js.map +1 -0
- package/dist/commonjs/credentials/workloadIdentityCredential.d.ts +47 -0
- package/dist/commonjs/credentials/workloadIdentityCredential.d.ts.map +1 -0
- package/dist/commonjs/credentials/workloadIdentityCredential.js +118 -0
- package/dist/commonjs/credentials/workloadIdentityCredential.js.map +1 -0
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts +20 -0
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js +5 -0
- package/dist/commonjs/credentials/workloadIdentityCredentialOptions.js.map +1 -0
- package/dist/commonjs/errors.d.ts +139 -0
- package/dist/commonjs/errors.d.ts.map +1 -0
- package/dist/commonjs/errors.js +130 -0
- package/dist/commonjs/errors.js.map +1 -0
- package/dist/commonjs/index.d.ts +61 -0
- package/dist/commonjs/index.d.ts.map +1 -0
- package/dist/commonjs/index.js +69 -0
- package/dist/commonjs/index.js.map +1 -0
- package/dist/commonjs/msal/browserFlows/flows.d.ts +42 -0
- package/dist/commonjs/msal/browserFlows/flows.d.ts.map +1 -0
- package/dist/commonjs/msal/browserFlows/flows.js +5 -0
- package/dist/commonjs/msal/browserFlows/flows.js.map +1 -0
- package/dist/commonjs/msal/browserFlows/msalAuthCode.d.ts +48 -0
- package/dist/commonjs/msal/browserFlows/msalAuthCode.d.ts.map +1 -0
- package/dist/commonjs/msal/browserFlows/msalAuthCode.js +208 -0
- package/dist/commonjs/msal/browserFlows/msalAuthCode.js.map +1 -0
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.d.ts +106 -0
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -0
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js +121 -0
- package/dist/commonjs/msal/browserFlows/msalBrowserCommon.js.map +1 -0
- package/dist/commonjs/msal/credentials.d.ts +52 -0
- package/dist/commonjs/msal/credentials.d.ts.map +1 -0
- package/dist/commonjs/msal/credentials.js +5 -0
- package/dist/commonjs/msal/credentials.js.map +1 -0
- package/dist/commonjs/msal/msal.d.ts +3 -0
- package/dist/commonjs/msal/msal.d.ts.map +1 -0
- package/dist/commonjs/msal/msal.js +9 -0
- package/dist/commonjs/msal/msal.js.map +1 -0
- package/dist/commonjs/msal/nodeFlows/brokerOptions.d.ts +44 -0
- package/dist/commonjs/msal/nodeFlows/brokerOptions.d.ts.map +1 -0
- package/dist/commonjs/msal/nodeFlows/brokerOptions.js +3 -0
- package/dist/commonjs/msal/nodeFlows/brokerOptions.js.map +1 -0
- package/dist/commonjs/msal/nodeFlows/msalClient.d.ts +186 -0
- package/dist/commonjs/msal/nodeFlows/msalClient.d.ts.map +1 -0
- package/dist/commonjs/msal/nodeFlows/msalClient.js +482 -0
- package/dist/commonjs/msal/nodeFlows/msalClient.js.map +1 -0
- package/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts +91 -0
- package/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts.map +1 -0
- package/dist/commonjs/msal/nodeFlows/msalPlugins.js +91 -0
- package/dist/commonjs/msal/nodeFlows/msalPlugins.js.map +1 -0
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.d.ts +24 -0
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map +1 -0
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js +5 -0
- package/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js.map +1 -0
- package/dist/commonjs/msal/types.d.ts +87 -0
- package/dist/commonjs/msal/types.d.ts.map +1 -0
- package/dist/commonjs/msal/types.js +5 -0
- package/dist/commonjs/msal/types.js.map +1 -0
- package/dist/commonjs/msal/utils.d.ts +95 -0
- package/dist/commonjs/msal/utils.d.ts.map +1 -0
- package/dist/commonjs/msal/utils.js +253 -0
- package/dist/commonjs/msal/utils.js.map +1 -0
- package/dist/commonjs/package.json +3 -0
- package/dist/commonjs/plugins/consumer.d.ts +28 -0
- package/dist/commonjs/plugins/consumer.d.ts.map +1 -0
- package/dist/commonjs/plugins/consumer.js +46 -0
- package/dist/commonjs/plugins/consumer.js.map +1 -0
- package/dist/commonjs/plugins/provider.d.ts +36 -0
- package/dist/commonjs/plugins/provider.d.ts.map +1 -0
- package/dist/commonjs/plugins/provider.js +5 -0
- package/dist/commonjs/plugins/provider.js.map +1 -0
- package/dist/commonjs/regionalAuthority.d.ts +122 -0
- package/dist/commonjs/regionalAuthority.d.ts.map +1 -0
- package/dist/commonjs/regionalAuthority.js +144 -0
- package/dist/commonjs/regionalAuthority.js.map +1 -0
- package/dist/commonjs/tokenCredentialOptions.d.ts +28 -0
- package/dist/commonjs/tokenCredentialOptions.d.ts.map +1 -0
- package/dist/commonjs/tokenCredentialOptions.js +5 -0
- package/dist/commonjs/tokenCredentialOptions.js.map +1 -0
- package/dist/commonjs/tokenProvider.d.ts +39 -0
- package/dist/commonjs/tokenProvider.d.ts.map +1 -0
- package/dist/commonjs/tokenProvider.js +56 -0
- package/dist/commonjs/tokenProvider.js.map +1 -0
- package/dist/commonjs/tsdoc-metadata.json +11 -0
- package/dist/commonjs/util/identityTokenEndpoint.d.ts +2 -0
- package/dist/commonjs/util/identityTokenEndpoint.d.ts.map +1 -0
- package/dist/commonjs/util/identityTokenEndpoint.js +14 -0
- package/dist/commonjs/util/identityTokenEndpoint.js.map +1 -0
- package/dist/commonjs/util/logging.d.ts +70 -0
- package/dist/commonjs/util/logging.d.ts.map +1 -0
- package/dist/commonjs/util/logging.js +103 -0
- package/dist/commonjs/util/logging.js.map +1 -0
- package/dist/commonjs/util/processMultiTenantRequest.d.ts +10 -0
- package/dist/commonjs/util/processMultiTenantRequest.d.ts.map +1 -0
- package/dist/commonjs/util/processMultiTenantRequest.js +38 -0
- package/dist/commonjs/util/processMultiTenantRequest.js.map +1 -0
- package/dist/commonjs/util/processUtils.d.ts +13 -0
- package/dist/commonjs/util/processUtils.d.ts.map +1 -0
- package/dist/commonjs/util/processUtils.js +36 -0
- package/dist/commonjs/util/processUtils.js.map +1 -0
- package/dist/commonjs/util/scopeUtils.d.ts +17 -0
- package/dist/commonjs/util/scopeUtils.d.ts.map +1 -0
- package/dist/commonjs/util/scopeUtils.js +34 -0
- package/dist/commonjs/util/scopeUtils.js.map +1 -0
- package/dist/commonjs/util/subscriptionUtils.d.ts +6 -0
- package/dist/commonjs/util/subscriptionUtils.d.ts.map +1 -0
- package/dist/commonjs/util/subscriptionUtils.js +17 -0
- package/dist/commonjs/util/subscriptionUtils.js.map +1 -0
- package/dist/commonjs/util/tenantIdUtils.d.ts +15 -0
- package/dist/commonjs/util/tenantIdUtils.d.ts.map +1 -0
- package/dist/commonjs/util/tenantIdUtils.js +51 -0
- package/dist/commonjs/util/tenantIdUtils.js.map +1 -0
- package/dist/commonjs/util/tracing.d.ts +6 -0
- package/dist/commonjs/util/tracing.d.ts.map +1 -0
- package/dist/commonjs/util/tracing.js +17 -0
- package/dist/commonjs/util/tracing.js.map +1 -0
- package/dist/esm/client/identityClient.d.ts +65 -0
- package/dist/esm/client/identityClient.d.ts.map +1 -0
- package/dist/esm/client/identityClient.js +248 -0
- package/dist/esm/client/identityClient.js.map +1 -0
- package/dist/esm/constants.d.ts +69 -0
- package/dist/esm/constants.d.ts.map +1 -0
- package/dist/esm/constants.js +75 -0
- package/dist/esm/constants.js.map +1 -0
- package/dist/esm/credentials/authorityValidationOptions.d.ts +16 -0
- package/dist/esm/credentials/authorityValidationOptions.d.ts.map +1 -0
- package/dist/esm/credentials/authorityValidationOptions.js +4 -0
- package/dist/esm/credentials/authorityValidationOptions.js.map +1 -0
- package/dist/esm/credentials/authorizationCodeCredential.d.ts +73 -0
- package/dist/esm/credentials/authorizationCodeCredential.d.ts.map +1 -0
- package/dist/esm/credentials/authorizationCodeCredential.js +60 -0
- package/dist/esm/credentials/authorizationCodeCredential.js.map +1 -0
- package/dist/esm/credentials/authorizationCodeCredentialOptions.d.ts +8 -0
- package/dist/esm/credentials/authorizationCodeCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/authorizationCodeCredentialOptions.js +4 -0
- package/dist/esm/credentials/authorizationCodeCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/azureApplicationCredential.d.ts +24 -0
- package/dist/esm/credentials/azureApplicationCredential.d.ts.map +1 -0
- package/dist/esm/credentials/azureApplicationCredential.js +32 -0
- package/dist/esm/credentials/azureApplicationCredential.js.map +1 -0
- package/dist/esm/credentials/azureApplicationCredentialOptions.d.ts +13 -0
- package/dist/esm/credentials/azureApplicationCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/azureApplicationCredentialOptions.js +4 -0
- package/dist/esm/credentials/azureApplicationCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/azureCliCredential.d.ts +64 -0
- package/dist/esm/credentials/azureCliCredential.d.ts.map +1 -0
- package/dist/esm/credentials/azureCliCredential.js +189 -0
- package/dist/esm/credentials/azureCliCredential.js.map +1 -0
- package/dist/esm/credentials/azureCliCredentialOptions.d.ts +20 -0
- package/dist/esm/credentials/azureCliCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/azureCliCredentialOptions.js +4 -0
- package/dist/esm/credentials/azureCliCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/azureDeveloperCliCredential.d.ts +71 -0
- package/dist/esm/credentials/azureDeveloperCliCredential.d.ts.map +1 -0
- package/dist/esm/credentials/azureDeveloperCliCredential.js +171 -0
- package/dist/esm/credentials/azureDeveloperCliCredential.js.map +1 -0
- package/dist/esm/credentials/azureDeveloperCliCredentialOptions.d.ts +15 -0
- package/dist/esm/credentials/azureDeveloperCliCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/azureDeveloperCliCredentialOptions.js +4 -0
- package/dist/esm/credentials/azureDeveloperCliCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/azurePipelinesCredential.d.ts +38 -0
- package/dist/esm/credentials/azurePipelinesCredential.d.ts.map +1 -0
- package/dist/esm/credentials/azurePipelinesCredential.js +141 -0
- package/dist/esm/credentials/azurePipelinesCredential.js.map +1 -0
- package/dist/esm/credentials/azurePipelinesCredentialOptions.d.ts +9 -0
- package/dist/esm/credentials/azurePipelinesCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/azurePipelinesCredentialOptions.js +4 -0
- package/dist/esm/credentials/azurePipelinesCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/azurePowerShellCredential.d.ts +75 -0
- package/dist/esm/credentials/azurePowerShellCredential.d.ts.map +1 -0
- package/dist/esm/credentials/azurePowerShellCredential.js +229 -0
- package/dist/esm/credentials/azurePowerShellCredential.js.map +1 -0
- package/dist/esm/credentials/azurePowerShellCredentialOptions.d.ts +15 -0
- package/dist/esm/credentials/azurePowerShellCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/azurePowerShellCredentialOptions.js +4 -0
- package/dist/esm/credentials/azurePowerShellCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/brokerAuthOptions.d.ts +13 -0
- package/dist/esm/credentials/brokerAuthOptions.d.ts.map +1 -0
- package/dist/esm/credentials/brokerAuthOptions.js +2 -0
- package/dist/esm/credentials/brokerAuthOptions.js.map +1 -0
- package/dist/esm/credentials/browserCustomizationOptions.d.ts +19 -0
- package/dist/esm/credentials/browserCustomizationOptions.d.ts.map +1 -0
- package/dist/esm/credentials/browserCustomizationOptions.js +4 -0
- package/dist/esm/credentials/browserCustomizationOptions.js.map +1 -0
- package/dist/esm/credentials/chainedTokenCredential.d.ts +51 -0
- package/dist/esm/credentials/chainedTokenCredential.d.ts.map +1 -0
- package/dist/esm/credentials/chainedTokenCredential.js +92 -0
- package/dist/esm/credentials/chainedTokenCredential.js.map +1 -0
- package/dist/esm/credentials/clientAssertionCredential.d.ts +33 -0
- package/dist/esm/credentials/clientAssertionCredential.d.ts.map +1 -0
- package/dist/esm/credentials/clientAssertionCredential.js +55 -0
- package/dist/esm/credentials/clientAssertionCredential.js.map +1 -0
- package/dist/esm/credentials/clientAssertionCredentialOptions.d.ts +9 -0
- package/dist/esm/credentials/clientAssertionCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/clientAssertionCredentialOptions.js +4 -0
- package/dist/esm/credentials/clientAssertionCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/clientCertificateCredential.d.ts +72 -0
- package/dist/esm/credentials/clientCertificateCredential.d.ts.map +1 -0
- package/dist/esm/credentials/clientCertificateCredential.js +122 -0
- package/dist/esm/credentials/clientCertificateCredential.js.map +1 -0
- package/dist/esm/credentials/clientCertificateCredentialModels.d.ts +31 -0
- package/dist/esm/credentials/clientCertificateCredentialModels.d.ts.map +1 -0
- package/dist/esm/credentials/clientCertificateCredentialModels.js +4 -0
- package/dist/esm/credentials/clientCertificateCredentialModels.js.map +1 -0
- package/dist/esm/credentials/clientCertificateCredentialOptions.d.ts +14 -0
- package/dist/esm/credentials/clientCertificateCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/clientCertificateCredentialOptions.js +4 -0
- package/dist/esm/credentials/clientCertificateCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/clientSecretCredential.d.ts +37 -0
- package/dist/esm/credentials/clientSecretCredential.d.ts.map +1 -0
- package/dist/esm/credentials/clientSecretCredential.js +60 -0
- package/dist/esm/credentials/clientSecretCredential.js.map +1 -0
- package/dist/esm/credentials/clientSecretCredentialOptions.d.ts +9 -0
- package/dist/esm/credentials/clientSecretCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/clientSecretCredentialOptions.js +4 -0
- package/dist/esm/credentials/clientSecretCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/credentialPersistenceOptions.d.ts +30 -0
- package/dist/esm/credentials/credentialPersistenceOptions.d.ts.map +1 -0
- package/dist/esm/credentials/credentialPersistenceOptions.js +4 -0
- package/dist/esm/credentials/credentialPersistenceOptions.js.map +1 -0
- package/dist/esm/credentials/defaultAzureCredential.d.ts +65 -0
- package/dist/esm/credentials/defaultAzureCredential.d.ts.map +1 -0
- package/dist/esm/credentials/defaultAzureCredential.js +164 -0
- package/dist/esm/credentials/defaultAzureCredential.js.map +1 -0
- package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts +49 -0
- package/dist/esm/credentials/defaultAzureCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/defaultAzureCredentialOptions.js +4 -0
- package/dist/esm/credentials/defaultAzureCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/deviceCodeCredential.d.ts +67 -0
- package/dist/esm/credentials/deviceCodeCredential.d.ts.map +1 -0
- package/dist/esm/credentials/deviceCodeCredential.js +91 -0
- package/dist/esm/credentials/deviceCodeCredential.js.map +1 -0
- package/dist/esm/credentials/deviceCodeCredentialOptions.d.ts +53 -0
- package/dist/esm/credentials/deviceCodeCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/deviceCodeCredentialOptions.js +4 -0
- package/dist/esm/credentials/deviceCodeCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/environmentCredential.d.ts +52 -0
- package/dist/esm/credentials/environmentCredential.d.ts.map +1 -0
- package/dist/esm/credentials/environmentCredential.js +130 -0
- package/dist/esm/credentials/environmentCredential.js.map +1 -0
- package/dist/esm/credentials/environmentCredentialOptions.d.ts +9 -0
- package/dist/esm/credentials/environmentCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/environmentCredentialOptions.js +4 -0
- package/dist/esm/credentials/environmentCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/interactiveBrowserCredential.d.ts +56 -0
- package/dist/esm/credentials/interactiveBrowserCredential.d.ts.map +1 -0
- package/dist/esm/credentials/interactiveBrowserCredential.js +91 -0
- package/dist/esm/credentials/interactiveBrowserCredential.js.map +1 -0
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.d.ts +77 -0
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.js +4 -0
- package/dist/esm/credentials/interactiveBrowserCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/interactiveCredentialOptions.d.ts +25 -0
- package/dist/esm/credentials/interactiveCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/interactiveCredentialOptions.js +4 -0
- package/dist/esm/credentials/interactiveCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsMsi.d.ts +18 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsMsi.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsMsi.js +122 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsMsi.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts +12 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.js +33 -0
- package/dist/esm/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/index.d.ts +61 -0
- package/dist/esm/credentials/managedIdentityCredential/index.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/index.js +217 -0
- package/dist/esm/credentials/managedIdentityCredential/index.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/models.d.ts +24 -0
- package/dist/esm/credentials/managedIdentityCredential/models.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/models.js +4 -0
- package/dist/esm/credentials/managedIdentityCredential/models.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/options.d.ts +37 -0
- package/dist/esm/credentials/managedIdentityCredential/options.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/options.js +4 -0
- package/dist/esm/credentials/managedIdentityCredential/options.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts +14 -0
- package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.js +32 -0
- package/dist/esm/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/utils.d.ts +33 -0
- package/dist/esm/credentials/managedIdentityCredential/utils.d.ts.map +1 -0
- package/dist/esm/credentials/managedIdentityCredential/utils.js +77 -0
- package/dist/esm/credentials/managedIdentityCredential/utils.js.map +1 -0
- package/dist/esm/credentials/multiTenantTokenCredentialOptions.d.ts +12 -0
- package/dist/esm/credentials/multiTenantTokenCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/multiTenantTokenCredentialOptions.js +4 -0
- package/dist/esm/credentials/multiTenantTokenCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/onBehalfOfCredential.d.ts +105 -0
- package/dist/esm/credentials/onBehalfOfCredential.d.ts.map +1 -0
- package/dist/esm/credentials/onBehalfOfCredential.js +112 -0
- package/dist/esm/credentials/onBehalfOfCredential.js.map +1 -0
- package/dist/esm/credentials/onBehalfOfCredentialOptions.d.ts +76 -0
- package/dist/esm/credentials/onBehalfOfCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/onBehalfOfCredentialOptions.js +4 -0
- package/dist/esm/credentials/onBehalfOfCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/usernamePasswordCredential.d.ts +41 -0
- package/dist/esm/credentials/usernamePasswordCredential.d.ts.map +1 -0
- package/dist/esm/credentials/usernamePasswordCredential.js +67 -0
- package/dist/esm/credentials/usernamePasswordCredential.js.map +1 -0
- package/dist/esm/credentials/usernamePasswordCredentialOptions.d.ts +9 -0
- package/dist/esm/credentials/usernamePasswordCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/usernamePasswordCredentialOptions.js +4 -0
- package/dist/esm/credentials/usernamePasswordCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/visualStudioCodeCredential.d.ts +60 -0
- package/dist/esm/credentials/visualStudioCodeCredential.d.ts.map +1 -0
- package/dist/esm/credentials/visualStudioCodeCredential.js +190 -0
- package/dist/esm/credentials/visualStudioCodeCredential.js.map +1 -0
- package/dist/esm/credentials/visualStudioCodeCredentialOptions.d.ts +11 -0
- package/dist/esm/credentials/visualStudioCodeCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/visualStudioCodeCredentialOptions.js +4 -0
- package/dist/esm/credentials/visualStudioCodeCredentialOptions.js.map +1 -0
- package/dist/esm/credentials/visualStudioCodeCredentialPlugin.d.ts +11 -0
- package/dist/esm/credentials/visualStudioCodeCredentialPlugin.d.ts.map +1 -0
- package/dist/esm/credentials/visualStudioCodeCredentialPlugin.js +4 -0
- package/dist/esm/credentials/visualStudioCodeCredentialPlugin.js.map +1 -0
- package/dist/esm/credentials/workloadIdentityCredential.d.ts +47 -0
- package/dist/esm/credentials/workloadIdentityCredential.d.ts.map +1 -0
- package/dist/esm/credentials/workloadIdentityCredential.js +114 -0
- package/dist/esm/credentials/workloadIdentityCredential.js.map +1 -0
- package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts +20 -0
- package/dist/esm/credentials/workloadIdentityCredentialOptions.d.ts.map +1 -0
- package/dist/esm/credentials/workloadIdentityCredentialOptions.js +4 -0
- package/dist/esm/credentials/workloadIdentityCredentialOptions.js.map +1 -0
- package/dist/esm/errors.d.ts +139 -0
- package/dist/esm/errors.d.ts.map +1 -0
- package/dist/esm/errors.js +123 -0
- package/dist/esm/errors.js.map +1 -0
- package/dist/esm/index.d.ts +61 -0
- package/dist/esm/index.d.ts.map +1 -0
- package/dist/esm/index.js +34 -0
- package/dist/esm/index.js.map +1 -0
- package/dist/esm/msal/browserFlows/flows.d.ts +42 -0
- package/dist/esm/msal/browserFlows/flows.d.ts.map +1 -0
- package/dist/esm/msal/browserFlows/flows.js +4 -0
- package/dist/esm/msal/browserFlows/flows.js.map +1 -0
- package/dist/esm/msal/browserFlows/msalAuthCode.d.ts +48 -0
- package/dist/esm/msal/browserFlows/msalAuthCode.d.ts.map +1 -0
- package/dist/esm/msal/browserFlows/msalAuthCode.js +203 -0
- package/dist/esm/msal/browserFlows/msalAuthCode.js.map +1 -0
- package/dist/esm/msal/browserFlows/msalBrowserCommon.d.ts +106 -0
- package/dist/esm/msal/browserFlows/msalBrowserCommon.d.ts.map +1 -0
- package/dist/esm/msal/browserFlows/msalBrowserCommon.js +116 -0
- package/dist/esm/msal/browserFlows/msalBrowserCommon.js.map +1 -0
- package/dist/esm/msal/credentials.d.ts +52 -0
- package/dist/esm/msal/credentials.d.ts.map +1 -0
- package/dist/esm/msal/credentials.js +4 -0
- package/dist/esm/msal/credentials.js.map +1 -0
- package/dist/esm/msal/msal.d.ts +3 -0
- package/dist/esm/msal/msal.d.ts.map +1 -0
- package/dist/esm/msal/nodeFlows/brokerOptions.d.ts +44 -0
- package/dist/esm/msal/nodeFlows/brokerOptions.d.ts.map +1 -0
- package/dist/esm/msal/nodeFlows/brokerOptions.js +2 -0
- package/dist/esm/msal/nodeFlows/brokerOptions.js.map +1 -0
- package/dist/esm/msal/nodeFlows/msalClient.d.ts +186 -0
- package/dist/esm/msal/nodeFlows/msalClient.d.ts.map +1 -0
- package/dist/esm/msal/nodeFlows/msalClient.js +477 -0
- package/dist/esm/msal/nodeFlows/msalClient.js.map +1 -0
- package/dist/esm/msal/nodeFlows/msalPlugins.d.ts +91 -0
- package/dist/esm/msal/nodeFlows/msalPlugins.d.ts.map +1 -0
- package/dist/esm/msal/nodeFlows/msalPlugins.js +87 -0
- package/dist/esm/msal/nodeFlows/msalPlugins.js.map +1 -0
- package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.d.ts +24 -0
- package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map +1 -0
- package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.js +4 -0
- package/dist/esm/msal/nodeFlows/tokenCachePersistenceOptions.js.map +1 -0
- package/dist/esm/msal/types.d.ts +87 -0
- package/dist/esm/msal/types.d.ts.map +1 -0
- package/dist/esm/msal/types.js +4 -0
- package/dist/esm/msal/types.js.map +1 -0
- package/dist/esm/msal/utils.d.ts +95 -0
- package/dist/esm/msal/utils.d.ts.map +1 -0
- package/dist/esm/msal/utils.js +238 -0
- package/dist/esm/msal/utils.js.map +1 -0
- package/dist/esm/package.json +3 -0
- package/dist/esm/plugins/consumer.d.ts +28 -0
- package/dist/esm/plugins/consumer.d.ts.map +1 -0
- package/dist/esm/plugins/consumer.js +43 -0
- package/dist/esm/plugins/consumer.js.map +1 -0
- package/dist/esm/plugins/provider.d.ts +36 -0
- package/dist/esm/plugins/provider.d.ts.map +1 -0
- package/dist/esm/plugins/provider.js +4 -0
- package/dist/esm/plugins/provider.js.map +1 -0
- package/dist/esm/regionalAuthority.d.ts +122 -0
- package/dist/esm/regionalAuthority.d.ts.map +1 -0
- package/dist/esm/regionalAuthority.js +140 -0
- package/dist/esm/regionalAuthority.js.map +1 -0
- package/dist/esm/tokenCredentialOptions.d.ts +28 -0
- package/dist/esm/tokenCredentialOptions.d.ts.map +1 -0
- package/dist/esm/tokenCredentialOptions.js +4 -0
- package/dist/esm/tokenCredentialOptions.js.map +1 -0
- package/dist/esm/tokenProvider.d.ts +39 -0
- package/dist/esm/tokenProvider.d.ts.map +1 -0
- package/dist/esm/tokenProvider.js +53 -0
- package/dist/esm/tokenProvider.js.map +1 -0
- package/dist/esm/util/authHostEnv-browser.d.mts +4 -0
- package/dist/esm/util/authHostEnv-browser.d.mts.map +1 -0
- package/dist/esm/util/authHostEnv-browser.mjs +7 -0
- package/dist/esm/util/authHostEnv-browser.mjs.map +1 -0
- package/dist/esm/util/identityTokenEndpoint.d.ts +2 -0
- package/dist/esm/util/identityTokenEndpoint.d.ts.map +1 -0
- package/dist/esm/util/identityTokenEndpoint.js +11 -0
- package/dist/esm/util/identityTokenEndpoint.js.map +1 -0
- package/dist/esm/util/logging.d.ts +70 -0
- package/dist/esm/util/logging.d.ts.map +1 -0
- package/dist/esm/util/logging.js +94 -0
- package/dist/esm/util/logging.js.map +1 -0
- package/dist/esm/util/processMultiTenantRequest.d.ts +10 -0
- package/dist/esm/util/processMultiTenantRequest.d.ts.map +1 -0
- package/dist/esm/util/processMultiTenantRequest.js +35 -0
- package/dist/esm/util/processMultiTenantRequest.js.map +1 -0
- package/dist/esm/util/processUtils.d.ts +13 -0
- package/dist/esm/util/processUtils.d.ts.map +1 -0
- package/dist/esm/util/processUtils.js +32 -0
- package/dist/esm/util/processUtils.js.map +1 -0
- package/dist/esm/util/scopeUtils.d.ts +17 -0
- package/dist/esm/util/scopeUtils.d.ts.map +1 -0
- package/dist/esm/util/scopeUtils.js +29 -0
- package/dist/esm/util/scopeUtils.js.map +1 -0
- package/dist/esm/util/subscriptionUtils.d.ts +6 -0
- package/dist/esm/util/subscriptionUtils.d.ts.map +1 -0
- package/dist/esm/util/subscriptionUtils.js +14 -0
- package/dist/esm/util/subscriptionUtils.js.map +1 -0
- package/dist/esm/util/tenantIdUtils.d.ts +15 -0
- package/dist/esm/util/tenantIdUtils.d.ts.map +1 -0
- package/dist/esm/util/tenantIdUtils.js +44 -0
- package/dist/esm/util/tenantIdUtils.js.map +1 -0
- package/dist/esm/util/tracing.d.ts +6 -0
- package/dist/esm/util/tracing.d.ts.map +1 -0
- package/dist/esm/util/tracing.js +14 -0
- package/dist/esm/util/tracing.js.map +1 -0
- package/package.json +65 -79
- package/dist/index.js +0 -4211
- package/dist/index.js.map +0 -1
- package/dist-esm/src/client/identityClient.js +0 -248
- package/dist-esm/src/client/identityClient.js.map +0 -1
- package/dist-esm/src/constants.js +0 -67
- package/dist-esm/src/constants.js.map +0 -1
- package/dist-esm/src/credentials/authorizationCodeCredential.browser.js +0 -16
- package/dist-esm/src/credentials/authorizationCodeCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/authorizationCodeCredential.js +0 -60
- package/dist-esm/src/credentials/authorizationCodeCredential.js.map +0 -1
- package/dist-esm/src/credentials/authorizationCodeCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/azureApplicationCredential.browser.js +0 -34
- package/dist-esm/src/credentials/azureApplicationCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/azureApplicationCredential.js +0 -32
- package/dist-esm/src/credentials/azureApplicationCredential.js.map +0 -1
- package/dist-esm/src/credentials/azureApplicationCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/azureCliCredential.browser.js +0 -23
- package/dist-esm/src/credentials/azureCliCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/azureCliCredential.js +0 -175
- package/dist-esm/src/credentials/azureCliCredential.js.map +0 -1
- package/dist-esm/src/credentials/azureCliCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/azureDeveloperCliCredential.browser.js +0 -23
- package/dist-esm/src/credentials/azureDeveloperCliCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/azureDeveloperCliCredential.js +0 -171
- package/dist-esm/src/credentials/azureDeveloperCliCredential.js.map +0 -1
- package/dist-esm/src/credentials/azureDeveloperCliCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/azurePipelinesCredential.browser.js +0 -23
- package/dist-esm/src/credentials/azurePipelinesCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/azurePipelinesCredential.js +0 -141
- package/dist-esm/src/credentials/azurePipelinesCredential.js.map +0 -1
- package/dist-esm/src/credentials/azurePipelinesCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/azurePowerShellCredential.browser.js +0 -22
- package/dist-esm/src/credentials/azurePowerShellCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/azurePowerShellCredential.js +0 -229
- package/dist-esm/src/credentials/azurePowerShellCredential.js.map +0 -1
- package/dist-esm/src/credentials/azurePowerShellCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/brokerAuthOptions.js.map +0 -1
- package/dist-esm/src/credentials/chainedTokenCredential.js +0 -89
- package/dist-esm/src/credentials/chainedTokenCredential.js.map +0 -1
- package/dist-esm/src/credentials/clientAssertionCredential.browser.js +0 -22
- package/dist-esm/src/credentials/clientAssertionCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/clientAssertionCredential.js +0 -55
- package/dist-esm/src/credentials/clientAssertionCredential.js.map +0 -1
- package/dist-esm/src/credentials/clientAssertionCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/clientCertificateCredential.browser.js +0 -23
- package/dist-esm/src/credentials/clientCertificateCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/clientCertificateCredential.js +0 -119
- package/dist-esm/src/credentials/clientCertificateCredential.js.map +0 -1
- package/dist-esm/src/credentials/clientCertificateCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/clientSecretCredential.browser.js +0 -83
- package/dist-esm/src/credentials/clientSecretCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/clientSecretCredential.js +0 -60
- package/dist-esm/src/credentials/clientSecretCredential.js.map +0 -1
- package/dist-esm/src/credentials/clientSecretCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/credentialPersistenceOptions.js.map +0 -1
- package/dist-esm/src/credentials/defaultAzureCredential.browser.js +0 -29
- package/dist-esm/src/credentials/defaultAzureCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/defaultAzureCredential.js +0 -151
- package/dist-esm/src/credentials/defaultAzureCredential.js.map +0 -1
- package/dist-esm/src/credentials/defaultAzureCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/deviceCodeCredential.browser.js +0 -23
- package/dist-esm/src/credentials/deviceCodeCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/deviceCodeCredential.js +0 -91
- package/dist-esm/src/credentials/deviceCodeCredential.js.map +0 -1
- package/dist-esm/src/credentials/deviceCodeCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/environmentCredential.browser.js +0 -23
- package/dist-esm/src/credentials/environmentCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/environmentCredential.js +0 -130
- package/dist-esm/src/credentials/environmentCredential.js.map +0 -1
- package/dist-esm/src/credentials/environmentCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js +0 -86
- package/dist-esm/src/credentials/interactiveBrowserCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/interactiveBrowserCredential.js +0 -91
- package/dist-esm/src/credentials/interactiveBrowserCredential.js.map +0 -1
- package/dist-esm/src/credentials/interactiveBrowserCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/interactiveCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2017.js +0 -71
- package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2017.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2019.js +0 -71
- package/dist-esm/src/credentials/managedIdentityCredential/appServiceMsi2019.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/arcMsi.js +0 -140
- package/dist-esm/src/credentials/managedIdentityCredential/arcMsi.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/cloudShellMsi.js +0 -75
- package/dist-esm/src/credentials/managedIdentityCredential/cloudShellMsi.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/constants.js +0 -9
- package/dist-esm/src/credentials/managedIdentityCredential/constants.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/fabricMsi.js +0 -95
- package/dist-esm/src/credentials/managedIdentityCredential/fabricMsi.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js +0 -144
- package/dist-esm/src/credentials/managedIdentityCredential/imdsMsi.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/imdsRetryPolicy.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/index.browser.js +0 -16
- package/dist-esm/src/credentials/managedIdentityCredential/index.browser.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/index.js +0 -37
- package/dist-esm/src/credentials/managedIdentityCredential/index.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/legacyMsiProvider.js +0 -309
- package/dist-esm/src/credentials/managedIdentityCredential/legacyMsiProvider.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/models.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/msalMsiProvider.js +0 -212
- package/dist-esm/src/credentials/managedIdentityCredential/msalMsiProvider.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js +0 -29
- package/dist-esm/src/credentials/managedIdentityCredential/tokenExchangeMsi.js.map +0 -1
- package/dist-esm/src/credentials/managedIdentityCredential/utils.js +0 -77
- package/dist-esm/src/credentials/managedIdentityCredential/utils.js.map +0 -1
- package/dist-esm/src/credentials/multiTenantTokenCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.browser.js +0 -23
- package/dist-esm/src/credentials/onBehalfOfCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/onBehalfOfCredential.js +0 -112
- package/dist-esm/src/credentials/onBehalfOfCredential.js.map +0 -1
- package/dist-esm/src/credentials/onBehalfOfCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/usernamePasswordCredential.browser.js +0 -77
- package/dist-esm/src/credentials/usernamePasswordCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/usernamePasswordCredential.js +0 -67
- package/dist-esm/src/credentials/usernamePasswordCredential.js.map +0 -1
- package/dist-esm/src/credentials/usernamePasswordCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js +0 -27
- package/dist-esm/src/credentials/visualStudioCodeCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/visualStudioCodeCredential.js +0 -190
- package/dist-esm/src/credentials/visualStudioCodeCredential.js.map +0 -1
- package/dist-esm/src/credentials/visualStudioCodeCredentialOptions.js.map +0 -1
- package/dist-esm/src/credentials/workloadIdentityCredential.browser.js +0 -27
- package/dist-esm/src/credentials/workloadIdentityCredential.browser.js.map +0 -1
- package/dist-esm/src/credentials/workloadIdentityCredential.js +0 -114
- package/dist-esm/src/credentials/workloadIdentityCredential.js.map +0 -1
- package/dist-esm/src/credentials/workloadIdentityCredentialOptions.js.map +0 -1
- package/dist-esm/src/errors.js.map +0 -1
- package/dist-esm/src/index.js +0 -34
- package/dist-esm/src/index.js.map +0 -1
- package/dist-esm/src/msal/browserFlows/flows.js.map +0 -1
- package/dist-esm/src/msal/browserFlows/msalAuthCode.js +0 -203
- package/dist-esm/src/msal/browserFlows/msalAuthCode.js.map +0 -1
- package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js +0 -116
- package/dist-esm/src/msal/browserFlows/msalBrowserCommon.js.map +0 -1
- package/dist-esm/src/msal/credentials.js.map +0 -1
- package/dist-esm/src/msal/msal.browser.js +0 -5
- package/dist-esm/src/msal/msal.browser.js.map +0 -1
- package/dist-esm/src/msal/nodeFlows/msalClient.js +0 -484
- package/dist-esm/src/msal/nodeFlows/msalClient.js.map +0 -1
- package/dist-esm/src/msal/nodeFlows/msalPlugins.js +0 -87
- package/dist-esm/src/msal/nodeFlows/msalPlugins.js.map +0 -1
- package/dist-esm/src/msal/types.js.map +0 -1
- package/dist-esm/src/msal/utils.js +0 -232
- package/dist-esm/src/msal/utils.js.map +0 -1
- package/dist-esm/src/plugins/consumer.browser.js +0 -7
- package/dist-esm/src/plugins/consumer.browser.js.map +0 -1
- package/dist-esm/src/plugins/consumer.js +0 -43
- package/dist-esm/src/plugins/consumer.js.map +0 -1
- package/dist-esm/src/plugins/provider.js.map +0 -1
- package/dist-esm/src/tokenCredentialOptions.js.map +0 -1
- package/dist-esm/src/tokenProvider.js +0 -52
- package/dist-esm/src/tokenProvider.js.map +0 -1
- package/dist-esm/src/util/authHostEnv.browser.js +0 -7
- package/dist-esm/src/util/authHostEnv.browser.js.map +0 -1
- package/dist-esm/src/util/logging.js.map +0 -1
- package/dist-esm/src/util/processMultiTenantRequest.browser.js +0 -29
- package/dist-esm/src/util/processMultiTenantRequest.browser.js.map +0 -1
- package/dist-esm/src/util/processMultiTenantRequest.js +0 -35
- package/dist-esm/src/util/processMultiTenantRequest.js.map +0 -1
- package/dist-esm/src/util/scopeUtils.js +0 -29
- package/dist-esm/src/util/scopeUtils.js.map +0 -1
- package/dist-esm/src/util/tenantIdUtils.js +0 -44
- package/dist-esm/src/util/tenantIdUtils.js.map +0 -1
- package/dist-esm/src/util/tracing.js +0 -14
- package/dist-esm/src/util/tracing.js.map +0 -1
- package/types/identity.d.ts +0 -1853
- /package/{dist-esm/src → dist/browser}/credentials/authorityValidationOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/authorityValidationOptions.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/authorizationCodeCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/azureApplicationCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/azureCliCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/azureDeveloperCliCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/azurePipelinesCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/azurePowerShellCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/brokerAuthOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/browserCustomizationOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/browserCustomizationOptions.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/clientAssertionCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/clientCertificateCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/clientSecretCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/credentialPersistenceOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/defaultAzureCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/deviceCodeCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/environmentCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/interactiveBrowserCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/interactiveCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/managedIdentityCredential/imdsRetryPolicy.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/managedIdentityCredential/models.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/multiTenantTokenCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/onBehalfOfCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/usernamePasswordCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/visualStudioCodeCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/visualStudioCodeCredentialPlugin.js +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/visualStudioCodeCredentialPlugin.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/credentials/workloadIdentityCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/errors.js +0 -0
- /package/{dist-esm/src → dist/browser}/msal/browserFlows/flows.js +0 -0
- /package/{dist-esm/src → dist/browser}/msal/credentials.js +0 -0
- /package/{dist-esm/src → dist/browser}/msal/nodeFlows/brokerOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/msal/nodeFlows/brokerOptions.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/msal/nodeFlows/tokenCachePersistenceOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/msal/nodeFlows/tokenCachePersistenceOptions.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/msal/types.js +0 -0
- /package/{dist-esm/src → dist/browser}/plugins/provider.js +0 -0
- /package/{dist-esm/src → dist/browser}/regionalAuthority.js +0 -0
- /package/{dist-esm/src → dist/browser}/regionalAuthority.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/tokenCredentialOptions.js +0 -0
- /package/{dist-esm/src → dist/browser}/util/identityTokenEndpoint.js +0 -0
- /package/{dist-esm/src → dist/browser}/util/identityTokenEndpoint.js.map +0 -0
- /package/{dist-esm/src → dist/browser}/util/logging.js +0 -0
- /package/{dist-esm/src → dist/browser}/util/processUtils.js +0 -0
- /package/{dist-esm/src → dist/browser}/util/processUtils.js.map +0 -0
- /package/{dist-esm/src → dist/esm}/msal/msal.js +0 -0
- /package/{dist-esm/src → dist/esm}/msal/msal.js.map +0 -0
|
@@ -1,71 +0,0 @@
|
|
|
1
|
-
// Copyright (c) Microsoft Corporation.
|
|
2
|
-
// Licensed under the MIT License.
|
|
3
|
-
import { createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
|
|
4
|
-
import { credentialLogger } from "../../util/logging";
|
|
5
|
-
import { mapScopesToResource } from "./utils";
|
|
6
|
-
const msiName = "ManagedIdentityCredential - AppServiceMSI 2017";
|
|
7
|
-
const logger = credentialLogger(msiName);
|
|
8
|
-
/**
|
|
9
|
-
* Generates the options used on the request for an access token.
|
|
10
|
-
*/
|
|
11
|
-
function prepareRequestOptions(scopes, clientId) {
|
|
12
|
-
const resource = mapScopesToResource(scopes);
|
|
13
|
-
if (!resource) {
|
|
14
|
-
throw new Error(`${msiName}: Multiple scopes are not supported.`);
|
|
15
|
-
}
|
|
16
|
-
const queryParameters = {
|
|
17
|
-
resource,
|
|
18
|
-
"api-version": "2017-09-01",
|
|
19
|
-
};
|
|
20
|
-
if (clientId) {
|
|
21
|
-
queryParameters.clientid = clientId;
|
|
22
|
-
}
|
|
23
|
-
const query = new URLSearchParams(queryParameters);
|
|
24
|
-
// This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.
|
|
25
|
-
if (!process.env.MSI_ENDPOINT) {
|
|
26
|
-
throw new Error(`${msiName}: Missing environment variable: MSI_ENDPOINT`);
|
|
27
|
-
}
|
|
28
|
-
if (!process.env.MSI_SECRET) {
|
|
29
|
-
throw new Error(`${msiName}: Missing environment variable: MSI_SECRET`);
|
|
30
|
-
}
|
|
31
|
-
return {
|
|
32
|
-
url: `${process.env.MSI_ENDPOINT}?${query.toString()}`,
|
|
33
|
-
method: "GET",
|
|
34
|
-
headers: createHttpHeaders({
|
|
35
|
-
Accept: "application/json",
|
|
36
|
-
secret: process.env.MSI_SECRET,
|
|
37
|
-
}),
|
|
38
|
-
};
|
|
39
|
-
}
|
|
40
|
-
/**
|
|
41
|
-
* Defines how to determine whether the Azure App Service MSI is available, and also how to retrieve a token from the Azure App Service MSI.
|
|
42
|
-
*/
|
|
43
|
-
export const appServiceMsi2017 = {
|
|
44
|
-
name: "appServiceMsi2017",
|
|
45
|
-
async isAvailable({ scopes }) {
|
|
46
|
-
const resource = mapScopesToResource(scopes);
|
|
47
|
-
if (!resource) {
|
|
48
|
-
logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
|
|
49
|
-
return false;
|
|
50
|
-
}
|
|
51
|
-
const env = process.env;
|
|
52
|
-
const result = Boolean(env.MSI_ENDPOINT && env.MSI_SECRET);
|
|
53
|
-
if (!result) {
|
|
54
|
-
logger.info(`${msiName}: Unavailable. The environment variables needed are: MSI_ENDPOINT and MSI_SECRET.`);
|
|
55
|
-
}
|
|
56
|
-
return result;
|
|
57
|
-
},
|
|
58
|
-
async getToken(configuration, getTokenOptions = {}) {
|
|
59
|
-
const { identityClient, scopes, clientId, resourceId } = configuration;
|
|
60
|
-
if (resourceId) {
|
|
61
|
-
logger.warning(`${msiName}: managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`);
|
|
62
|
-
}
|
|
63
|
-
logger.info(`${msiName}: Using the endpoint and the secret coming form the environment variables: MSI_ENDPOINT=${process.env.MSI_ENDPOINT} and MSI_SECRET=[REDACTED].`);
|
|
64
|
-
const request = createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions(scopes, clientId)), {
|
|
65
|
-
// Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
|
|
66
|
-
allowInsecureConnection: true }));
|
|
67
|
-
const tokenResponse = await identityClient.sendTokenRequest(request);
|
|
68
|
-
return (tokenResponse && tokenResponse.accessToken) || null;
|
|
69
|
-
},
|
|
70
|
-
};
|
|
71
|
-
//# sourceMappingURL=appServiceMsi2017.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"appServiceMsi2017.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/appServiceMsi2017.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAEL,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,OAAO,GAAG,gDAAgD,CAAC;AACjE,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC;;GAEG;AACH,SAAS,qBAAqB,CAC5B,MAAyB,EACzB,QAAiB;IAEjB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,eAAe,GAA2B;QAC9C,QAAQ;QACR,aAAa,EAAE,YAAY;KAC5B,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,eAAe,CAAC,QAAQ,GAAG,QAAQ,CAAC;IACtC,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;IAEnD,wIAAwI;IACxI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,8CAA8C,CAAC,CAAC;IAC5E,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,4CAA4C,CAAC,CAAC;IAC1E,CAAC;IAED,OAAO;QACL,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,KAAK,CAAC,QAAQ,EAAE,EAAE;QACtD,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,iBAAiB,CAAC;YACzB,MAAM,EAAE,kBAAkB;YAC1B,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU;SAC/B,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAQ;IACpC,IAAI,EAAE,mBAAmB;IACzB,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;QAC3D,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,mFAAmF,CAC9F,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;QAErC,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;QAEvE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,CAAC,OAAO,CACZ,GAAG,OAAO,0GAA0G,CACrH,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,2FAA2F,OAAO,CAAC,GAAG,CAAC,YAAY,6BAA6B,CAC3J,CAAC;QAEF,MAAM,OAAO,GAAG,qBAAqB,+BACnC,WAAW,EAAE,eAAe,CAAC,WAAW,IACrC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC;YAC1C,0FAA0F;YAC1F,uBAAuB,EAAE,IAAI,IAC7B,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n PipelineRequestOptions,\n createHttpHeaders,\n createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { MSI, MSIConfiguration, MSIToken } from \"./models\";\nimport { mapScopesToResource } from \"./utils\";\n\nconst msiName = \"ManagedIdentityCredential - AppServiceMSI 2017\";\nconst logger = credentialLogger(msiName);\n\n/**\n * Generates the options used on the request for an access token.\n */\nfunction prepareRequestOptions(\n scopes: string | string[],\n clientId?: string,\n): PipelineRequestOptions {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new Error(`${msiName}: Multiple scopes are not supported.`);\n }\n\n const queryParameters: Record<string, string> = {\n resource,\n \"api-version\": \"2017-09-01\",\n };\n\n if (clientId) {\n queryParameters.clientid = clientId;\n }\n\n const query = new URLSearchParams(queryParameters);\n\n // This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.\n if (!process.env.MSI_ENDPOINT) {\n throw new Error(`${msiName}: Missing environment variable: MSI_ENDPOINT`);\n }\n if (!process.env.MSI_SECRET) {\n throw new Error(`${msiName}: Missing environment variable: MSI_SECRET`);\n }\n\n return {\n url: `${process.env.MSI_ENDPOINT}?${query.toString()}`,\n method: \"GET\",\n headers: createHttpHeaders({\n Accept: \"application/json\",\n secret: process.env.MSI_SECRET,\n }),\n };\n}\n\n/**\n * Defines how to determine whether the Azure App Service MSI is available, and also how to retrieve a token from the Azure App Service MSI.\n */\nexport const appServiceMsi2017: MSI = {\n name: \"appServiceMsi2017\",\n async isAvailable({ scopes }): Promise<boolean> {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n return false;\n }\n const env = process.env;\n const result = Boolean(env.MSI_ENDPOINT && env.MSI_SECRET);\n if (!result) {\n logger.info(\n `${msiName}: Unavailable. The environment variables needed are: MSI_ENDPOINT and MSI_SECRET.`,\n );\n }\n return result;\n },\n async getToken(\n configuration: MSIConfiguration,\n getTokenOptions: GetTokenOptions = {},\n ): Promise<MSIToken | null> {\n const { identityClient, scopes, clientId, resourceId } = configuration;\n\n if (resourceId) {\n logger.warning(\n `${msiName}: managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`,\n );\n }\n\n logger.info(\n `${msiName}: Using the endpoint and the secret coming form the environment variables: MSI_ENDPOINT=${process.env.MSI_ENDPOINT} and MSI_SECRET=[REDACTED].`,\n );\n\n const request = createPipelineRequest({\n abortSignal: getTokenOptions.abortSignal,\n ...prepareRequestOptions(scopes, clientId),\n // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).\n allowInsecureConnection: true,\n });\n const tokenResponse = await identityClient.sendTokenRequest(request);\n return (tokenResponse && tokenResponse.accessToken) || null;\n },\n};\n"]}
|
|
@@ -1,71 +0,0 @@
|
|
|
1
|
-
// Copyright (c) Microsoft Corporation.
|
|
2
|
-
// Licensed under the MIT License.
|
|
3
|
-
import { createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
|
|
4
|
-
import { credentialLogger } from "../../util/logging";
|
|
5
|
-
import { mapScopesToResource } from "./utils";
|
|
6
|
-
const msiName = "ManagedIdentityCredential - AppServiceMSI 2019";
|
|
7
|
-
const logger = credentialLogger(msiName);
|
|
8
|
-
/**
|
|
9
|
-
* Generates the options used on the request for an access token.
|
|
10
|
-
*/
|
|
11
|
-
function prepareRequestOptions(scopes, clientId, resourceId) {
|
|
12
|
-
const resource = mapScopesToResource(scopes);
|
|
13
|
-
if (!resource) {
|
|
14
|
-
throw new Error(`${msiName}: Multiple scopes are not supported.`);
|
|
15
|
-
}
|
|
16
|
-
const queryParameters = {
|
|
17
|
-
resource,
|
|
18
|
-
"api-version": "2019-08-01",
|
|
19
|
-
};
|
|
20
|
-
if (clientId) {
|
|
21
|
-
queryParameters.client_id = clientId;
|
|
22
|
-
}
|
|
23
|
-
if (resourceId) {
|
|
24
|
-
queryParameters.mi_res_id = resourceId;
|
|
25
|
-
}
|
|
26
|
-
const query = new URLSearchParams(queryParameters);
|
|
27
|
-
// This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.
|
|
28
|
-
if (!process.env.IDENTITY_ENDPOINT) {
|
|
29
|
-
throw new Error(`${msiName}: Missing environment variable: IDENTITY_ENDPOINT`);
|
|
30
|
-
}
|
|
31
|
-
if (!process.env.IDENTITY_HEADER) {
|
|
32
|
-
throw new Error(`${msiName}: Missing environment variable: IDENTITY_HEADER`);
|
|
33
|
-
}
|
|
34
|
-
return {
|
|
35
|
-
url: `${process.env.IDENTITY_ENDPOINT}?${query.toString()}`,
|
|
36
|
-
method: "GET",
|
|
37
|
-
headers: createHttpHeaders({
|
|
38
|
-
Accept: "application/json",
|
|
39
|
-
"X-IDENTITY-HEADER": process.env.IDENTITY_HEADER,
|
|
40
|
-
}),
|
|
41
|
-
};
|
|
42
|
-
}
|
|
43
|
-
/**
|
|
44
|
-
* Defines how to determine whether the Azure App Service MSI is available, and also how to retrieve a token from the Azure App Service MSI.
|
|
45
|
-
*/
|
|
46
|
-
export const appServiceMsi2019 = {
|
|
47
|
-
name: "appServiceMsi2019",
|
|
48
|
-
async isAvailable({ scopes }) {
|
|
49
|
-
const resource = mapScopesToResource(scopes);
|
|
50
|
-
if (!resource) {
|
|
51
|
-
logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
|
|
52
|
-
return false;
|
|
53
|
-
}
|
|
54
|
-
const env = process.env;
|
|
55
|
-
const result = Boolean(env.IDENTITY_ENDPOINT && env.IDENTITY_HEADER);
|
|
56
|
-
if (!result) {
|
|
57
|
-
logger.info(`${msiName}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT and IDENTITY_HEADER.`);
|
|
58
|
-
}
|
|
59
|
-
return result;
|
|
60
|
-
},
|
|
61
|
-
async getToken(configuration, getTokenOptions = {}) {
|
|
62
|
-
const { identityClient, scopes, clientId, resourceId } = configuration;
|
|
63
|
-
logger.info(`${msiName}: Using the endpoint and the secret coming form the environment variables: IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT} and IDENTITY_HEADER=[REDACTED].`);
|
|
64
|
-
const request = createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions(scopes, clientId, resourceId)), {
|
|
65
|
-
// Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
|
|
66
|
-
allowInsecureConnection: true }));
|
|
67
|
-
const tokenResponse = await identityClient.sendTokenRequest(request);
|
|
68
|
-
return (tokenResponse && tokenResponse.accessToken) || null;
|
|
69
|
-
},
|
|
70
|
-
};
|
|
71
|
-
//# sourceMappingURL=appServiceMsi2019.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"appServiceMsi2019.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/appServiceMsi2019.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAEL,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,OAAO,GAAG,gDAAgD,CAAC;AACjE,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC;;GAEG;AACH,SAAS,qBAAqB,CAC5B,MAAyB,EACzB,QAAiB,EACjB,UAAmB;IAEnB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,eAAe,GAA2B;QAC9C,QAAQ;QACR,aAAa,EAAE,YAAY;KAC5B,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,eAAe,CAAC,SAAS,GAAG,QAAQ,CAAC;IACvC,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,eAAe,CAAC,SAAS,GAAG,UAAU,CAAC;IACzC,CAAC;IACD,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;IAEnD,wIAAwI;IACxI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;IACjF,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,iDAAiD,CAAC,CAAC;IAC/E,CAAC;IAED,OAAO;QACL,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,QAAQ,EAAE,EAAE;QAC3D,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,iBAAiB,CAAC;YACzB,MAAM,EAAE,kBAAkB;YAC1B,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;SACjD,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAQ;IACpC,IAAI,EAAE,mBAAmB;IACzB,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,eAAe,CAAC,CAAC;QACrE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,6FAA6F,CACxG,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;QAErC,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;QAEvE,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,gGAAgG,OAAO,CAAC,GAAG,CAAC,iBAAiB,kCAAkC,CAC1K,CAAC;QAEF,MAAM,OAAO,GAAG,qBAAqB,+BACnC,WAAW,EAAE,eAAe,CAAC,WAAW,IACrC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC;YACtD,0FAA0F;YAC1F,uBAAuB,EAAE,IAAI,IAC7B,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n PipelineRequestOptions,\n createHttpHeaders,\n createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { MSI, MSIConfiguration, MSIToken } from \"./models\";\nimport { mapScopesToResource } from \"./utils\";\n\nconst msiName = \"ManagedIdentityCredential - AppServiceMSI 2019\";\nconst logger = credentialLogger(msiName);\n\n/**\n * Generates the options used on the request for an access token.\n */\nfunction prepareRequestOptions(\n scopes: string | string[],\n clientId?: string,\n resourceId?: string,\n): PipelineRequestOptions {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new Error(`${msiName}: Multiple scopes are not supported.`);\n }\n\n const queryParameters: Record<string, string> = {\n resource,\n \"api-version\": \"2019-08-01\",\n };\n\n if (clientId) {\n queryParameters.client_id = clientId;\n }\n\n if (resourceId) {\n queryParameters.mi_res_id = resourceId;\n }\n const query = new URLSearchParams(queryParameters);\n\n // This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.\n if (!process.env.IDENTITY_ENDPOINT) {\n throw new Error(`${msiName}: Missing environment variable: IDENTITY_ENDPOINT`);\n }\n if (!process.env.IDENTITY_HEADER) {\n throw new Error(`${msiName}: Missing environment variable: IDENTITY_HEADER`);\n }\n\n return {\n url: `${process.env.IDENTITY_ENDPOINT}?${query.toString()}`,\n method: \"GET\",\n headers: createHttpHeaders({\n Accept: \"application/json\",\n \"X-IDENTITY-HEADER\": process.env.IDENTITY_HEADER,\n }),\n };\n}\n\n/**\n * Defines how to determine whether the Azure App Service MSI is available, and also how to retrieve a token from the Azure App Service MSI.\n */\nexport const appServiceMsi2019: MSI = {\n name: \"appServiceMsi2019\",\n async isAvailable({ scopes }): Promise<boolean> {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n return false;\n }\n const env = process.env;\n const result = Boolean(env.IDENTITY_ENDPOINT && env.IDENTITY_HEADER);\n if (!result) {\n logger.info(\n `${msiName}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT and IDENTITY_HEADER.`,\n );\n }\n return result;\n },\n async getToken(\n configuration: MSIConfiguration,\n getTokenOptions: GetTokenOptions = {},\n ): Promise<MSIToken | null> {\n const { identityClient, scopes, clientId, resourceId } = configuration;\n\n logger.info(\n `${msiName}: Using the endpoint and the secret coming form the environment variables: IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT} and IDENTITY_HEADER=[REDACTED].`,\n );\n\n const request = createPipelineRequest({\n abortSignal: getTokenOptions.abortSignal,\n ...prepareRequestOptions(scopes, clientId, resourceId),\n // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).\n allowInsecureConnection: true,\n });\n const tokenResponse = await identityClient.sendTokenRequest(request);\n return (tokenResponse && tokenResponse.accessToken) || null;\n },\n};\n"]}
|
|
@@ -1,140 +0,0 @@
|
|
|
1
|
-
// Copyright (c) Microsoft Corporation.
|
|
2
|
-
// Licensed under the MIT License.
|
|
3
|
-
import { createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
|
|
4
|
-
import { AuthenticationError } from "../../errors";
|
|
5
|
-
import { azureArcAPIVersion } from "./constants";
|
|
6
|
-
import { credentialLogger } from "../../util/logging";
|
|
7
|
-
import fs from "node:fs";
|
|
8
|
-
import { mapScopesToResource } from "./utils";
|
|
9
|
-
const msiName = "ManagedIdentityCredential - Azure Arc MSI";
|
|
10
|
-
const logger = credentialLogger(msiName);
|
|
11
|
-
/**
|
|
12
|
-
* Generates the options used on the request for an access token.
|
|
13
|
-
*/
|
|
14
|
-
function prepareRequestOptions(scopes, clientId, resourceId) {
|
|
15
|
-
const resource = mapScopesToResource(scopes);
|
|
16
|
-
if (!resource) {
|
|
17
|
-
throw new Error(`${msiName}: Multiple scopes are not supported.`);
|
|
18
|
-
}
|
|
19
|
-
const queryParameters = {
|
|
20
|
-
resource,
|
|
21
|
-
"api-version": azureArcAPIVersion,
|
|
22
|
-
};
|
|
23
|
-
if (clientId) {
|
|
24
|
-
queryParameters.client_id = clientId;
|
|
25
|
-
}
|
|
26
|
-
if (resourceId) {
|
|
27
|
-
queryParameters.msi_res_id = resourceId;
|
|
28
|
-
}
|
|
29
|
-
// This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.
|
|
30
|
-
if (!process.env.IDENTITY_ENDPOINT) {
|
|
31
|
-
throw new Error(`${msiName}: Missing environment variable: IDENTITY_ENDPOINT`);
|
|
32
|
-
}
|
|
33
|
-
const query = new URLSearchParams(queryParameters);
|
|
34
|
-
return createPipelineRequest({
|
|
35
|
-
// Should be similar to: http://localhost:40342/metadata/identity/oauth2/token
|
|
36
|
-
url: `${process.env.IDENTITY_ENDPOINT}?${query.toString()}`,
|
|
37
|
-
method: "GET",
|
|
38
|
-
headers: createHttpHeaders({
|
|
39
|
-
Accept: "application/json",
|
|
40
|
-
Metadata: "true",
|
|
41
|
-
}),
|
|
42
|
-
});
|
|
43
|
-
}
|
|
44
|
-
/**
|
|
45
|
-
* Does a request to the authentication provider that results in a file path.
|
|
46
|
-
*/
|
|
47
|
-
async function filePathRequest(identityClient, requestPrepareOptions) {
|
|
48
|
-
const response = await identityClient.sendRequest(createPipelineRequest(requestPrepareOptions));
|
|
49
|
-
if (response.status !== 401) {
|
|
50
|
-
let message = "";
|
|
51
|
-
if (response.bodyAsText) {
|
|
52
|
-
message = ` Response: ${response.bodyAsText}`;
|
|
53
|
-
}
|
|
54
|
-
throw new AuthenticationError(response.status, `${msiName}: To authenticate with Azure Arc MSI, status code 401 is expected on the first request. ${message}`);
|
|
55
|
-
}
|
|
56
|
-
const authHeader = response.headers.get("www-authenticate") || "";
|
|
57
|
-
try {
|
|
58
|
-
return authHeader.split("=").slice(1)[0];
|
|
59
|
-
}
|
|
60
|
-
catch (e) {
|
|
61
|
-
throw Error(`Invalid www-authenticate header format: ${authHeader}`);
|
|
62
|
-
}
|
|
63
|
-
}
|
|
64
|
-
export function platformToFilePath() {
|
|
65
|
-
switch (process.platform) {
|
|
66
|
-
case "win32":
|
|
67
|
-
if (!process.env.PROGRAMDATA) {
|
|
68
|
-
throw new Error(`${msiName}: PROGRAMDATA environment variable has no value.`);
|
|
69
|
-
}
|
|
70
|
-
return `${process.env.PROGRAMDATA}\\AzureConnectedMachineAgent\\Tokens`;
|
|
71
|
-
case "linux":
|
|
72
|
-
return "/var/opt/azcmagent/tokens";
|
|
73
|
-
default:
|
|
74
|
-
throw new Error(`${msiName}: Unsupported platform ${process.platform}.`);
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
|
-
/**
|
|
78
|
-
* Validates that a given Azure Arc MSI file path is valid for use.
|
|
79
|
-
*
|
|
80
|
-
* A valid file will:
|
|
81
|
-
* 1. Be in the expected path for the current platform.
|
|
82
|
-
* 2. Have a `.key` extension.
|
|
83
|
-
* 3. Be at most 4096 bytes in size.
|
|
84
|
-
*/
|
|
85
|
-
export function validateKeyFile(filePath) {
|
|
86
|
-
if (!filePath) {
|
|
87
|
-
throw new Error(`${msiName}: Failed to find the token file.`);
|
|
88
|
-
}
|
|
89
|
-
if (!filePath.endsWith(".key")) {
|
|
90
|
-
throw new Error(`${msiName}: unexpected file path from HIMDS service: ${filePath}.`);
|
|
91
|
-
}
|
|
92
|
-
const expectedPath = platformToFilePath();
|
|
93
|
-
if (!filePath.startsWith(expectedPath)) {
|
|
94
|
-
throw new Error(`${msiName}: unexpected file path from HIMDS service: ${filePath}.`);
|
|
95
|
-
}
|
|
96
|
-
const stats = fs.statSync(filePath);
|
|
97
|
-
if (stats.size > 4096) {
|
|
98
|
-
throw new Error(`${msiName}: The file at ${filePath} is larger than expected at ${stats.size} bytes.`);
|
|
99
|
-
}
|
|
100
|
-
}
|
|
101
|
-
/**
|
|
102
|
-
* Defines how to determine whether the Azure Arc MSI is available, and also how to retrieve a token from the Azure Arc MSI.
|
|
103
|
-
*/
|
|
104
|
-
export const arcMsi = {
|
|
105
|
-
name: "arc",
|
|
106
|
-
async isAvailable({ scopes }) {
|
|
107
|
-
const resource = mapScopesToResource(scopes);
|
|
108
|
-
if (!resource) {
|
|
109
|
-
logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
|
|
110
|
-
return false;
|
|
111
|
-
}
|
|
112
|
-
const result = Boolean(process.env.IMDS_ENDPOINT && process.env.IDENTITY_ENDPOINT);
|
|
113
|
-
if (!result) {
|
|
114
|
-
logger.info(`${msiName}: The environment variables needed are: IMDS_ENDPOINT and IDENTITY_ENDPOINT`);
|
|
115
|
-
}
|
|
116
|
-
return result;
|
|
117
|
-
},
|
|
118
|
-
async getToken(configuration, getTokenOptions = {}) {
|
|
119
|
-
var _a;
|
|
120
|
-
const { identityClient, scopes, clientId, resourceId } = configuration;
|
|
121
|
-
if (clientId) {
|
|
122
|
-
logger.warning(`${msiName}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
|
|
123
|
-
}
|
|
124
|
-
if (resourceId) {
|
|
125
|
-
logger.warning(`${msiName}: user defined managed Identity by resource Id is not supported. Argument resourceId will be ignored.`);
|
|
126
|
-
}
|
|
127
|
-
logger.info(`${msiName}: Authenticating.`);
|
|
128
|
-
const requestOptions = Object.assign(Object.assign({ disableJsonStringifyOnBody: true, deserializationMapper: undefined, abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions(scopes, clientId, resourceId)), { allowInsecureConnection: true });
|
|
129
|
-
const filePath = await filePathRequest(identityClient, requestOptions);
|
|
130
|
-
validateKeyFile(filePath);
|
|
131
|
-
const key = await fs.promises.readFile(filePath, { encoding: "utf-8" });
|
|
132
|
-
(_a = requestOptions.headers) === null || _a === void 0 ? void 0 : _a.set("Authorization", `Basic ${key}`);
|
|
133
|
-
const request = createPipelineRequest(Object.assign(Object.assign({}, requestOptions), {
|
|
134
|
-
// Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
|
|
135
|
-
allowInsecureConnection: true }));
|
|
136
|
-
const tokenResponse = await identityClient.sendTokenRequest(request);
|
|
137
|
-
return (tokenResponse && tokenResponse.accessToken) || null;
|
|
138
|
-
},
|
|
139
|
-
};
|
|
140
|
-
//# sourceMappingURL=arcMsi.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"arcMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/arcMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAEL,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAGnD,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,OAAO,GAAG,2CAA2C,CAAC;AAC5D,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC;;GAEG;AACH,SAAS,qBAAqB,CAC5B,MAAyB,EACzB,QAAiB,EACjB,UAAmB;IAEnB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IACD,MAAM,eAAe,GAA2B;QAC9C,QAAQ;QACR,aAAa,EAAE,kBAAkB;KAClC,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,eAAe,CAAC,SAAS,GAAG,QAAQ,CAAC;IACvC,CAAC;IACD,IAAI,UAAU,EAAE,CAAC;QACf,eAAe,CAAC,UAAU,GAAG,UAAU,CAAC;IAC1C,CAAC;IAED,wIAAwI;IACxI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;IAEnD,OAAO,qBAAqB,CAAC;QAC3B,8EAA8E;QAC9E,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,QAAQ,EAAE,EAAE;QAC3D,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,iBAAiB,CAAC;YACzB,MAAM,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,MAAM;SACjB,CAAC;KACH,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,eAAe,CAC5B,cAA8B,EAC9B,qBAA6C;IAE7C,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC,qBAAqB,CAAC,qBAAqB,CAAC,CAAC,CAAC;IAEhG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;QAC5B,IAAI,OAAO,GAAG,EAAE,CAAC;QACjB,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC;YACxB,OAAO,GAAG,cAAc,QAAQ,CAAC,UAAU,EAAE,CAAC;QAChD,CAAC;QACD,MAAM,IAAI,mBAAmB,CAC3B,QAAQ,CAAC,MAAM,EACf,GAAG,OAAO,2FAA2F,OAAO,EAAE,CAC/G,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;IAClE,IAAI,CAAC;QACH,OAAO,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,MAAM,KAAK,CAAC,2CAA2C,UAAU,EAAE,CAAC,CAAC;IACvE,CAAC;AACH,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,QAAQ,OAAO,CAAC,QAAQ,EAAE,CAAC;QACzB,KAAK,OAAO;YACV,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,kDAAkD,CAAC,CAAC;YAChF,CAAC;YACD,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,sCAAsC,CAAC;QAC1E,KAAK,OAAO;YACV,OAAO,2BAA2B,CAAC;QACrC;YACE,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,0BAA0B,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IAC7E,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,eAAe,CAAC,QAAiB;IAC/C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,kCAAkC,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,8CAA8C,QAAQ,GAAG,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,YAAY,GAAG,kBAAkB,EAAE,CAAC;IAC1C,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,8CAA8C,QAAQ,GAAG,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACpC,IAAI,KAAK,CAAC,IAAI,GAAG,IAAI,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CACb,GAAG,OAAO,iBAAiB,QAAQ,+BAA+B,KAAK,CAAC,IAAI,SAAS,CACtF,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAQ;IACzB,IAAI,EAAE,KAAK;IACX,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACnF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,6EAA6E,CACxF,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;;QAErC,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;QAEvE,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,OAAO,CACZ,GAAG,OAAO,kGAAkG,CAC7G,CAAC;QACJ,CAAC;QACD,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,CAAC,OAAO,CACZ,GAAG,OAAO,uGAAuG,CAClH,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mBAAmB,CAAC,CAAC;QAE3C,MAAM,cAAc,iCAClB,0BAA0B,EAAE,IAAI,EAChC,qBAAqB,EAAE,SAAS,EAChC,WAAW,EAAE,eAAe,CAAC,WAAW,IACrC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,KACtD,uBAAuB,EAAE,IAAI,GAC9B,CAAC;QAEF,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,cAAc,EAAE,cAAc,CAAC,CAAC;QACvE,eAAe,CAAC,QAAQ,CAAC,CAAC;QAE1B,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;QACxE,MAAA,cAAc,CAAC,OAAO,0CAAE,GAAG,CAAC,eAAe,EAAE,SAAS,GAAG,EAAE,CAAC,CAAC;QAE7D,MAAM,OAAO,GAAG,qBAAqB,iCAChC,cAAc;YACjB,0FAA0F;YAC1F,uBAAuB,EAAE,IAAI,IAC7B,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { MSI, MSIConfiguration, MSIToken } from \"./models\";\nimport {\n PipelineRequestOptions,\n createHttpHeaders,\n createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\n\nimport { AuthenticationError } from \"../../errors\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { IdentityClient } from \"../../client/identityClient\";\nimport { azureArcAPIVersion } from \"./constants\";\nimport { credentialLogger } from \"../../util/logging\";\nimport fs from \"node:fs\";\nimport { mapScopesToResource } from \"./utils\";\n\nconst msiName = \"ManagedIdentityCredential - Azure Arc MSI\";\nconst logger = credentialLogger(msiName);\n\n/**\n * Generates the options used on the request for an access token.\n */\nfunction prepareRequestOptions(\n scopes: string | string[],\n clientId?: string,\n resourceId?: string,\n): PipelineRequestOptions {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new Error(`${msiName}: Multiple scopes are not supported.`);\n }\n const queryParameters: Record<string, string> = {\n resource,\n \"api-version\": azureArcAPIVersion,\n };\n\n if (clientId) {\n queryParameters.client_id = clientId;\n }\n if (resourceId) {\n queryParameters.msi_res_id = resourceId;\n }\n\n // This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.\n if (!process.env.IDENTITY_ENDPOINT) {\n throw new Error(`${msiName}: Missing environment variable: IDENTITY_ENDPOINT`);\n }\n\n const query = new URLSearchParams(queryParameters);\n\n return createPipelineRequest({\n // Should be similar to: http://localhost:40342/metadata/identity/oauth2/token\n url: `${process.env.IDENTITY_ENDPOINT}?${query.toString()}`,\n method: \"GET\",\n headers: createHttpHeaders({\n Accept: \"application/json\",\n Metadata: \"true\",\n }),\n });\n}\n\n/**\n * Does a request to the authentication provider that results in a file path.\n */\nasync function filePathRequest(\n identityClient: IdentityClient,\n requestPrepareOptions: PipelineRequestOptions,\n): Promise<string | undefined> {\n const response = await identityClient.sendRequest(createPipelineRequest(requestPrepareOptions));\n\n if (response.status !== 401) {\n let message = \"\";\n if (response.bodyAsText) {\n message = ` Response: ${response.bodyAsText}`;\n }\n throw new AuthenticationError(\n response.status,\n `${msiName}: To authenticate with Azure Arc MSI, status code 401 is expected on the first request. ${message}`,\n );\n }\n\n const authHeader = response.headers.get(\"www-authenticate\") || \"\";\n try {\n return authHeader.split(\"=\").slice(1)[0];\n } catch (e: any) {\n throw Error(`Invalid www-authenticate header format: ${authHeader}`);\n }\n}\n\nexport function platformToFilePath(): string {\n switch (process.platform) {\n case \"win32\":\n if (!process.env.PROGRAMDATA) {\n throw new Error(`${msiName}: PROGRAMDATA environment variable has no value.`);\n }\n return `${process.env.PROGRAMDATA}\\\\AzureConnectedMachineAgent\\\\Tokens`;\n case \"linux\":\n return \"/var/opt/azcmagent/tokens\";\n default:\n throw new Error(`${msiName}: Unsupported platform ${process.platform}.`);\n }\n}\n\n/**\n * Validates that a given Azure Arc MSI file path is valid for use.\n *\n * A valid file will:\n * 1. Be in the expected path for the current platform.\n * 2. Have a `.key` extension.\n * 3. Be at most 4096 bytes in size.\n */\nexport function validateKeyFile(filePath?: string): asserts filePath is string {\n if (!filePath) {\n throw new Error(`${msiName}: Failed to find the token file.`);\n }\n\n if (!filePath.endsWith(\".key\")) {\n throw new Error(`${msiName}: unexpected file path from HIMDS service: ${filePath}.`);\n }\n\n const expectedPath = platformToFilePath();\n if (!filePath.startsWith(expectedPath)) {\n throw new Error(`${msiName}: unexpected file path from HIMDS service: ${filePath}.`);\n }\n\n const stats = fs.statSync(filePath);\n if (stats.size > 4096) {\n throw new Error(\n `${msiName}: The file at ${filePath} is larger than expected at ${stats.size} bytes.`,\n );\n }\n}\n\n/**\n * Defines how to determine whether the Azure Arc MSI is available, and also how to retrieve a token from the Azure Arc MSI.\n */\nexport const arcMsi: MSI = {\n name: \"arc\",\n async isAvailable({ scopes }): Promise<boolean> {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n return false;\n }\n const result = Boolean(process.env.IMDS_ENDPOINT && process.env.IDENTITY_ENDPOINT);\n if (!result) {\n logger.info(\n `${msiName}: The environment variables needed are: IMDS_ENDPOINT and IDENTITY_ENDPOINT`,\n );\n }\n return result;\n },\n async getToken(\n configuration: MSIConfiguration,\n getTokenOptions: GetTokenOptions = {},\n ): Promise<MSIToken | null> {\n const { identityClient, scopes, clientId, resourceId } = configuration;\n\n if (clientId) {\n logger.warning(\n `${msiName}: user-assigned identities not supported. The argument clientId might be ignored by the service.`,\n );\n }\n if (resourceId) {\n logger.warning(\n `${msiName}: user defined managed Identity by resource Id is not supported. Argument resourceId will be ignored.`,\n );\n }\n\n logger.info(`${msiName}: Authenticating.`);\n\n const requestOptions = {\n disableJsonStringifyOnBody: true,\n deserializationMapper: undefined,\n abortSignal: getTokenOptions.abortSignal,\n ...prepareRequestOptions(scopes, clientId, resourceId),\n allowInsecureConnection: true,\n };\n\n const filePath = await filePathRequest(identityClient, requestOptions);\n validateKeyFile(filePath);\n\n const key = await fs.promises.readFile(filePath, { encoding: \"utf-8\" });\n requestOptions.headers?.set(\"Authorization\", `Basic ${key}`);\n\n const request = createPipelineRequest({\n ...requestOptions,\n // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).\n allowInsecureConnection: true,\n });\n const tokenResponse = await identityClient.sendTokenRequest(request);\n return (tokenResponse && tokenResponse.accessToken) || null;\n },\n};\n"]}
|
|
@@ -1,75 +0,0 @@
|
|
|
1
|
-
// Copyright (c) Microsoft Corporation.
|
|
2
|
-
// Licensed under the MIT License.
|
|
3
|
-
import { createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
|
|
4
|
-
import { credentialLogger } from "../../util/logging";
|
|
5
|
-
import { mapScopesToResource } from "./utils";
|
|
6
|
-
const msiName = "ManagedIdentityCredential - CloudShellMSI";
|
|
7
|
-
export const logger = credentialLogger(msiName);
|
|
8
|
-
/**
|
|
9
|
-
* Generates the options used on the request for an access token.
|
|
10
|
-
*/
|
|
11
|
-
function prepareRequestOptions(scopes, clientId, resourceId) {
|
|
12
|
-
const resource = mapScopesToResource(scopes);
|
|
13
|
-
if (!resource) {
|
|
14
|
-
throw new Error(`${msiName}: Multiple scopes are not supported.`);
|
|
15
|
-
}
|
|
16
|
-
const body = {
|
|
17
|
-
resource,
|
|
18
|
-
};
|
|
19
|
-
if (clientId) {
|
|
20
|
-
body.client_id = clientId;
|
|
21
|
-
}
|
|
22
|
-
if (resourceId) {
|
|
23
|
-
body.msi_res_id = resourceId;
|
|
24
|
-
}
|
|
25
|
-
// This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.
|
|
26
|
-
if (!process.env.MSI_ENDPOINT) {
|
|
27
|
-
throw new Error(`${msiName}: Missing environment variable: MSI_ENDPOINT`);
|
|
28
|
-
}
|
|
29
|
-
const params = new URLSearchParams(body);
|
|
30
|
-
return {
|
|
31
|
-
url: process.env.MSI_ENDPOINT,
|
|
32
|
-
method: "POST",
|
|
33
|
-
body: params.toString(),
|
|
34
|
-
headers: createHttpHeaders({
|
|
35
|
-
Accept: "application/json",
|
|
36
|
-
Metadata: "true",
|
|
37
|
-
"Content-Type": "application/x-www-form-urlencoded",
|
|
38
|
-
}),
|
|
39
|
-
};
|
|
40
|
-
}
|
|
41
|
-
/**
|
|
42
|
-
* Defines how to determine whether the Azure Cloud Shell MSI is available, and also how to retrieve a token from the Azure Cloud Shell MSI.
|
|
43
|
-
* Since Azure Managed Identities aren't available in the Azure Cloud Shell, we log a warning for users that try to access cloud shell using user assigned identity.
|
|
44
|
-
*/
|
|
45
|
-
export const cloudShellMsi = {
|
|
46
|
-
name: "cloudShellMsi",
|
|
47
|
-
async isAvailable({ scopes }) {
|
|
48
|
-
const resource = mapScopesToResource(scopes);
|
|
49
|
-
if (!resource) {
|
|
50
|
-
logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
|
|
51
|
-
return false;
|
|
52
|
-
}
|
|
53
|
-
const result = Boolean(process.env.MSI_ENDPOINT);
|
|
54
|
-
if (!result) {
|
|
55
|
-
logger.info(`${msiName}: Unavailable. The environment variable MSI_ENDPOINT is needed.`);
|
|
56
|
-
}
|
|
57
|
-
return result;
|
|
58
|
-
},
|
|
59
|
-
async getToken(configuration, getTokenOptions = {}) {
|
|
60
|
-
const { identityClient, scopes, clientId, resourceId } = configuration;
|
|
61
|
-
if (clientId) {
|
|
62
|
-
logger.warning(`${msiName}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
|
|
63
|
-
}
|
|
64
|
-
if (resourceId) {
|
|
65
|
-
logger.warning(`${msiName}: user defined managed Identity by resource Id not supported. The argument resourceId might be ignored by the service.`);
|
|
66
|
-
}
|
|
67
|
-
logger.info(`${msiName}: Using the endpoint coming form the environment variable MSI_ENDPOINT = ${process.env.MSI_ENDPOINT}.`);
|
|
68
|
-
const request = createPipelineRequest(Object.assign(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions(scopes, clientId, resourceId)), {
|
|
69
|
-
// Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
|
|
70
|
-
allowInsecureConnection: true }));
|
|
71
|
-
const tokenResponse = await identityClient.sendTokenRequest(request);
|
|
72
|
-
return (tokenResponse && tokenResponse.accessToken) || null;
|
|
73
|
-
},
|
|
74
|
-
};
|
|
75
|
-
//# sourceMappingURL=cloudShellMsi.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"cloudShellMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/cloudShellMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAEL,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAGtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAE9C,MAAM,OAAO,GAAG,2CAA2C,CAAC;AAC5D,MAAM,CAAC,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEhD;;GAEG;AACH,SAAS,qBAAqB,CAC5B,MAAyB,EACzB,QAAiB,EACjB,UAAmB;IAEnB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,IAAI,GAA2B;QACnC,QAAQ;KACT,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC,SAAS,GAAG,QAAQ,CAAC;IAC5B,CAAC;IACD,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;IAED,wIAAwI;IACxI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,8CAA8C,CAAC,CAAC;IAC5E,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC;IACzC,OAAO;QACL,GAAG,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;QAC7B,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE;QACvB,OAAO,EAAE,iBAAiB,CAAC;YACzB,MAAM,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,MAAM;YAChB,cAAc,EAAE,mCAAmC;SACpD,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,aAAa,GAAQ;IAChC,IAAI,EAAE,eAAe;IACrB,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,iEAAiE,CAAC,CAAC;QAC3F,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;QAErC,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;QAEvE,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,OAAO,CACZ,GAAG,OAAO,kGAAkG,CAC7G,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,CAAC,OAAO,CACZ,GAAG,OAAO,wHAAwH,CACnI,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,4EAA4E,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAClH,CAAC;QAEF,MAAM,OAAO,GAAG,qBAAqB,+BACnC,WAAW,EAAE,eAAe,CAAC,WAAW,IACrC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC;YACtD,0FAA0F;YAC1F,uBAAuB,EAAE,IAAI,IAC7B,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport {\n PipelineRequestOptions,\n createHttpHeaders,\n createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { MSI, MSIConfiguration, MSIToken } from \"./models\";\nimport { mapScopesToResource } from \"./utils\";\n\nconst msiName = \"ManagedIdentityCredential - CloudShellMSI\";\nexport const logger = credentialLogger(msiName);\n\n/**\n * Generates the options used on the request for an access token.\n */\nfunction prepareRequestOptions(\n scopes: string | string[],\n clientId?: string,\n resourceId?: string,\n): PipelineRequestOptions {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new Error(`${msiName}: Multiple scopes are not supported.`);\n }\n\n const body: Record<string, string> = {\n resource,\n };\n\n if (clientId) {\n body.client_id = clientId;\n }\n if (resourceId) {\n body.msi_res_id = resourceId;\n }\n\n // This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.\n if (!process.env.MSI_ENDPOINT) {\n throw new Error(`${msiName}: Missing environment variable: MSI_ENDPOINT`);\n }\n const params = new URLSearchParams(body);\n return {\n url: process.env.MSI_ENDPOINT,\n method: \"POST\",\n body: params.toString(),\n headers: createHttpHeaders({\n Accept: \"application/json\",\n Metadata: \"true\",\n \"Content-Type\": \"application/x-www-form-urlencoded\",\n }),\n };\n}\n\n/**\n * Defines how to determine whether the Azure Cloud Shell MSI is available, and also how to retrieve a token from the Azure Cloud Shell MSI.\n * Since Azure Managed Identities aren't available in the Azure Cloud Shell, we log a warning for users that try to access cloud shell using user assigned identity.\n */\nexport const cloudShellMsi: MSI = {\n name: \"cloudShellMsi\",\n async isAvailable({ scopes }): Promise<boolean> {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n return false;\n }\n\n const result = Boolean(process.env.MSI_ENDPOINT);\n if (!result) {\n logger.info(`${msiName}: Unavailable. The environment variable MSI_ENDPOINT is needed.`);\n }\n return result;\n },\n async getToken(\n configuration: MSIConfiguration,\n getTokenOptions: GetTokenOptions = {},\n ): Promise<MSIToken | null> {\n const { identityClient, scopes, clientId, resourceId } = configuration;\n\n if (clientId) {\n logger.warning(\n `${msiName}: user-assigned identities not supported. The argument clientId might be ignored by the service.`,\n );\n }\n\n if (resourceId) {\n logger.warning(\n `${msiName}: user defined managed Identity by resource Id not supported. The argument resourceId might be ignored by the service.`,\n );\n }\n\n logger.info(\n `${msiName}: Using the endpoint coming form the environment variable MSI_ENDPOINT = ${process.env.MSI_ENDPOINT}.`,\n );\n\n const request = createPipelineRequest({\n abortSignal: getTokenOptions.abortSignal,\n ...prepareRequestOptions(scopes, clientId, resourceId),\n // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).\n allowInsecureConnection: true,\n });\n const tokenResponse = await identityClient.sendTokenRequest(request);\n return (tokenResponse && tokenResponse.accessToken) || null;\n },\n};\n"]}
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
// Copyright (c) Microsoft Corporation.
|
|
2
|
-
// Licensed under the MIT License.
|
|
3
|
-
export const DefaultScopeSuffix = "/.default";
|
|
4
|
-
export const imdsHost = "http://169.254.169.254";
|
|
5
|
-
export const imdsEndpointPath = "/metadata/identity/oauth2/token";
|
|
6
|
-
export const imdsApiVersion = "2018-02-01";
|
|
7
|
-
export const azureArcAPIVersion = "2019-11-01";
|
|
8
|
-
export const azureFabricVersion = "2019-07-01-preview";
|
|
9
|
-
//# sourceMappingURL=constants.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/constants.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAG,WAAW,CAAC;AAC9C,MAAM,CAAC,MAAM,QAAQ,GAAG,wBAAwB,CAAC;AACjD,MAAM,CAAC,MAAM,gBAAgB,GAAG,iCAAiC,CAAC;AAClE,MAAM,CAAC,MAAM,cAAc,GAAG,YAAY,CAAC;AAC3C,MAAM,CAAC,MAAM,kBAAkB,GAAG,YAAY,CAAC;AAC/C,MAAM,CAAC,MAAM,kBAAkB,GAAG,oBAAoB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport const DefaultScopeSuffix = \"/.default\";\nexport const imdsHost = \"http://169.254.169.254\";\nexport const imdsEndpointPath = \"/metadata/identity/oauth2/token\";\nexport const imdsApiVersion = \"2018-02-01\";\nexport const azureArcAPIVersion = \"2019-11-01\";\nexport const azureFabricVersion = \"2019-07-01-preview\";\n"]}
|
|
@@ -1,95 +0,0 @@
|
|
|
1
|
-
// Copyright (c) Microsoft Corporation.
|
|
2
|
-
// Licensed under the MIT License.
|
|
3
|
-
import https from "https";
|
|
4
|
-
import { createHttpHeaders, createPipelineRequest, } from "@azure/core-rest-pipeline";
|
|
5
|
-
import { credentialLogger } from "../../util/logging";
|
|
6
|
-
import { mapScopesToResource } from "./utils";
|
|
7
|
-
import { azureFabricVersion } from "./constants";
|
|
8
|
-
// This MSI can be easily tested by deploying a container to Azure Service Fabric with the Dockerfile:
|
|
9
|
-
//
|
|
10
|
-
// FROM node:12
|
|
11
|
-
// RUN wget https://host.any/path/bash.sh
|
|
12
|
-
// CMD ["bash", "bash.sh"]
|
|
13
|
-
//
|
|
14
|
-
// Where the bash script contains:
|
|
15
|
-
//
|
|
16
|
-
// curl --insecure $IDENTITY_ENDPOINT'?api-version=2019-07-01-preview&resource=https://vault.azure.net/' -H "Secret: $IDENTITY_HEADER"
|
|
17
|
-
//
|
|
18
|
-
const msiName = "ManagedIdentityCredential - Fabric MSI";
|
|
19
|
-
const logger = credentialLogger(msiName);
|
|
20
|
-
/**
|
|
21
|
-
* Generates the options used on the request for an access token.
|
|
22
|
-
*/
|
|
23
|
-
function prepareRequestOptions(scopes, clientId, resourceId) {
|
|
24
|
-
const resource = mapScopesToResource(scopes);
|
|
25
|
-
if (!resource) {
|
|
26
|
-
throw new Error(`${msiName}: Multiple scopes are not supported.`);
|
|
27
|
-
}
|
|
28
|
-
const queryParameters = {
|
|
29
|
-
resource,
|
|
30
|
-
"api-version": azureFabricVersion,
|
|
31
|
-
};
|
|
32
|
-
if (clientId) {
|
|
33
|
-
queryParameters.client_id = clientId;
|
|
34
|
-
}
|
|
35
|
-
if (resourceId) {
|
|
36
|
-
queryParameters.msi_res_id = resourceId;
|
|
37
|
-
}
|
|
38
|
-
const query = new URLSearchParams(queryParameters);
|
|
39
|
-
// This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.
|
|
40
|
-
if (!process.env.IDENTITY_ENDPOINT) {
|
|
41
|
-
throw new Error("Missing environment variable: IDENTITY_ENDPOINT");
|
|
42
|
-
}
|
|
43
|
-
if (!process.env.IDENTITY_HEADER) {
|
|
44
|
-
throw new Error("Missing environment variable: IDENTITY_HEADER");
|
|
45
|
-
}
|
|
46
|
-
return {
|
|
47
|
-
url: `${process.env.IDENTITY_ENDPOINT}?${query.toString()}`,
|
|
48
|
-
method: "GET",
|
|
49
|
-
headers: createHttpHeaders({
|
|
50
|
-
Accept: "application/json",
|
|
51
|
-
secret: process.env.IDENTITY_HEADER,
|
|
52
|
-
}),
|
|
53
|
-
};
|
|
54
|
-
}
|
|
55
|
-
/**
|
|
56
|
-
* Defines how to determine whether the Azure Service Fabric MSI is available, and also how to retrieve a token from the Azure Service Fabric MSI.
|
|
57
|
-
*/
|
|
58
|
-
export const fabricMsi = {
|
|
59
|
-
name: "fabricMsi",
|
|
60
|
-
async isAvailable({ scopes }) {
|
|
61
|
-
const resource = mapScopesToResource(scopes);
|
|
62
|
-
if (!resource) {
|
|
63
|
-
logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);
|
|
64
|
-
return false;
|
|
65
|
-
}
|
|
66
|
-
const env = process.env;
|
|
67
|
-
const result = Boolean(env.IDENTITY_ENDPOINT && env.IDENTITY_HEADER && env.IDENTITY_SERVER_THUMBPRINT);
|
|
68
|
-
if (!result) {
|
|
69
|
-
logger.info(`${msiName}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT, IDENTITY_HEADER and IDENTITY_SERVER_THUMBPRINT`);
|
|
70
|
-
}
|
|
71
|
-
return result;
|
|
72
|
-
},
|
|
73
|
-
async getToken(configuration, getTokenOptions = {}) {
|
|
74
|
-
const { scopes, identityClient, clientId, resourceId } = configuration;
|
|
75
|
-
if (resourceId) {
|
|
76
|
-
logger.warning(`${msiName}: user defined managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`);
|
|
77
|
-
}
|
|
78
|
-
logger.info([
|
|
79
|
-
`${msiName}:`,
|
|
80
|
-
"Using the endpoint and the secret coming from the environment variables:",
|
|
81
|
-
`IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT},`,
|
|
82
|
-
"IDENTITY_HEADER=[REDACTED] and",
|
|
83
|
-
"IDENTITY_SERVER_THUMBPRINT=[REDACTED].",
|
|
84
|
-
].join(" "));
|
|
85
|
-
const request = createPipelineRequest(Object.assign({ abortSignal: getTokenOptions.abortSignal }, prepareRequestOptions(scopes, clientId, resourceId)));
|
|
86
|
-
request.agent = new https.Agent({
|
|
87
|
-
// This is necessary because Service Fabric provides a self-signed certificate.
|
|
88
|
-
// The alternative path is to verify the certificate using the IDENTITY_SERVER_THUMBPRINT env variable.
|
|
89
|
-
rejectUnauthorized: false,
|
|
90
|
-
});
|
|
91
|
-
const tokenResponse = await identityClient.sendTokenRequest(request);
|
|
92
|
-
return (tokenResponse && tokenResponse.accessToken) || null;
|
|
93
|
-
},
|
|
94
|
-
};
|
|
95
|
-
//# sourceMappingURL=fabricMsi.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"fabricMsi.js","sourceRoot":"","sources":["../../../../src/credentials/managedIdentityCredential/fabricMsi.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAEL,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAEtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAEjD,sGAAsG;AACtG,EAAE;AACF,iBAAiB;AACjB,2CAA2C;AAC3C,4BAA4B;AAC5B,EAAE;AACF,kCAAkC;AAClC,EAAE;AACF,wIAAwI;AACxI,EAAE;AAEF,MAAM,OAAO,GAAG,wCAAwC,CAAC;AACzD,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAEzC;;GAEG;AACH,SAAS,qBAAqB,CAC5B,MAAyB,EACzB,QAAiB,EACjB,UAAmB;IAEnB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,sCAAsC,CAAC,CAAC;IACpE,CAAC;IAED,MAAM,eAAe,GAA2B;QAC9C,QAAQ;QACR,aAAa,EAAE,kBAAkB;KAClC,CAAC;IAEF,IAAI,QAAQ,EAAE,CAAC;QACb,eAAe,CAAC,SAAS,GAAG,QAAQ,CAAC;IACvC,CAAC;IACD,IAAI,UAAU,EAAE,CAAC;QACf,eAAe,CAAC,UAAU,GAAG,UAAU,CAAC;IAC1C,CAAC;IACD,MAAM,KAAK,GAAG,IAAI,eAAe,CAAC,eAAe,CAAC,CAAC;IAEnD,wIAAwI;IACxI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,+CAA+C,CAAC,CAAC;IACnE,CAAC;IAED,OAAO;QACL,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,QAAQ,EAAE,EAAE;QAC3D,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,iBAAiB,CAAC;YACzB,MAAM,EAAE,kBAAkB;YAC1B,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe;SACpC,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAQ;IAC5B,IAAI,EAAE,WAAW;IACjB,KAAK,CAAC,WAAW,CAAC,EAAE,MAAM,EAAE;QAC1B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,mDAAmD,CAAC,CAAC;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC;QACxB,MAAM,MAAM,GAAG,OAAO,CACpB,GAAG,CAAC,iBAAiB,IAAI,GAAG,CAAC,eAAe,IAAI,GAAG,CAAC,0BAA0B,CAC/E,CAAC;QACF,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,CAAC,IAAI,CACT,GAAG,OAAO,wHAAwH,CACnI,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,KAAK,CAAC,QAAQ,CACZ,aAA+B,EAC/B,kBAAmC,EAAE;QAErC,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,aAAa,CAAC;QAEvE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,CAAC,OAAO,CACZ,GAAG,OAAO,uHAAuH,CAClI,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CACT;YACE,GAAG,OAAO,GAAG;YACb,0EAA0E;YAC1E,qBAAqB,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG;YACrD,gCAAgC;YAChC,wCAAwC;SACzC,CAAC,IAAI,CAAC,GAAG,CAAC,CACZ,CAAC;QAEF,MAAM,OAAO,GAAG,qBAAqB,iBACnC,WAAW,EAAE,eAAe,CAAC,WAAW,IACrC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,EAGtD,CAAC;QAEH,OAAO,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,KAAK,CAAC;YAC9B,+EAA+E;YAC/E,uGAAuG;YACvG,kBAAkB,EAAE,KAAK;SAC1B,CAAC,CAAC;QAEH,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACrE,OAAO,CAAC,aAAa,IAAI,aAAa,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport https from \"https\";\nimport {\n PipelineRequestOptions,\n createHttpHeaders,\n createPipelineRequest,\n} from \"@azure/core-rest-pipeline\";\nimport { GetTokenOptions } from \"@azure/core-auth\";\nimport { credentialLogger } from \"../../util/logging\";\nimport { MSI, MSIConfiguration, MSIToken } from \"./models\";\nimport { mapScopesToResource } from \"./utils\";\nimport { azureFabricVersion } from \"./constants\";\n\n// This MSI can be easily tested by deploying a container to Azure Service Fabric with the Dockerfile:\n//\n// FROM node:12\n// RUN wget https://host.any/path/bash.sh\n// CMD [\"bash\", \"bash.sh\"]\n//\n// Where the bash script contains:\n//\n// curl --insecure $IDENTITY_ENDPOINT'?api-version=2019-07-01-preview&resource=https://vault.azure.net/' -H \"Secret: $IDENTITY_HEADER\"\n//\n\nconst msiName = \"ManagedIdentityCredential - Fabric MSI\";\nconst logger = credentialLogger(msiName);\n\n/**\n * Generates the options used on the request for an access token.\n */\nfunction prepareRequestOptions(\n scopes: string | string[],\n clientId?: string,\n resourceId?: string,\n): PipelineRequestOptions {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n throw new Error(`${msiName}: Multiple scopes are not supported.`);\n }\n\n const queryParameters: Record<string, string> = {\n resource,\n \"api-version\": azureFabricVersion,\n };\n\n if (clientId) {\n queryParameters.client_id = clientId;\n }\n if (resourceId) {\n queryParameters.msi_res_id = resourceId;\n }\n const query = new URLSearchParams(queryParameters);\n\n // This error should not bubble up, since we verify that this environment variable is defined in the isAvailable() method defined below.\n if (!process.env.IDENTITY_ENDPOINT) {\n throw new Error(\"Missing environment variable: IDENTITY_ENDPOINT\");\n }\n if (!process.env.IDENTITY_HEADER) {\n throw new Error(\"Missing environment variable: IDENTITY_HEADER\");\n }\n\n return {\n url: `${process.env.IDENTITY_ENDPOINT}?${query.toString()}`,\n method: \"GET\",\n headers: createHttpHeaders({\n Accept: \"application/json\",\n secret: process.env.IDENTITY_HEADER,\n }),\n };\n}\n\n/**\n * Defines how to determine whether the Azure Service Fabric MSI is available, and also how to retrieve a token from the Azure Service Fabric MSI.\n */\nexport const fabricMsi: MSI = {\n name: \"fabricMsi\",\n async isAvailable({ scopes }): Promise<boolean> {\n const resource = mapScopesToResource(scopes);\n if (!resource) {\n logger.info(`${msiName}: Unavailable. Multiple scopes are not supported.`);\n return false;\n }\n const env = process.env;\n const result = Boolean(\n env.IDENTITY_ENDPOINT && env.IDENTITY_HEADER && env.IDENTITY_SERVER_THUMBPRINT,\n );\n if (!result) {\n logger.info(\n `${msiName}: Unavailable. The environment variables needed are: IDENTITY_ENDPOINT, IDENTITY_HEADER and IDENTITY_SERVER_THUMBPRINT`,\n );\n }\n return result;\n },\n async getToken(\n configuration: MSIConfiguration,\n getTokenOptions: GetTokenOptions = {},\n ): Promise<MSIToken | null> {\n const { scopes, identityClient, clientId, resourceId } = configuration;\n\n if (resourceId) {\n logger.warning(\n `${msiName}: user defined managed Identity by resource Id is not supported. Argument resourceId might be ignored by the service.`,\n );\n }\n\n logger.info(\n [\n `${msiName}:`,\n \"Using the endpoint and the secret coming from the environment variables:\",\n `IDENTITY_ENDPOINT=${process.env.IDENTITY_ENDPOINT},`,\n \"IDENTITY_HEADER=[REDACTED] and\",\n \"IDENTITY_SERVER_THUMBPRINT=[REDACTED].\",\n ].join(\" \"),\n );\n\n const request = createPipelineRequest({\n abortSignal: getTokenOptions.abortSignal,\n ...prepareRequestOptions(scopes, clientId, resourceId),\n // The service fabric MSI endpoint will be HTTPS (however, the certificate will be self-signed).\n // allowInsecureConnection: true\n });\n\n request.agent = new https.Agent({\n // This is necessary because Service Fabric provides a self-signed certificate.\n // The alternative path is to verify the certificate using the IDENTITY_SERVER_THUMBPRINT env variable.\n rejectUnauthorized: false,\n });\n\n const tokenResponse = await identityClient.sendTokenRequest(request);\n return (tokenResponse && tokenResponse.accessToken) || null;\n },\n};\n"]}
|