npm - @azure/identity - Versions diffs - 4.8.1-alpha.20250410.1 → 4.9.1-alpha.20250416.4 - Mend

@azure/identity 4.8.1-alpha.20250410.1 → 4.9.1-alpha.20250416.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (323) hide show

package/dist/workerd/credentials/workloadIdentityCredential.js ADDED Viewed

@@ -0,0 +1,114 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+import { credentialLogger, processEnvVars } from "../util/logging.js";
+import { ClientAssertionCredential } from "./clientAssertionCredential.js";
+import { CredentialUnavailableError } from "../errors.js";
+import { checkTenantId } from "../util/tenantIdUtils.js";
+import { readFile } from "node:fs/promises";
+const credentialName = "WorkloadIdentityCredential";
+/**
+ * Contains the list of all supported environment variable names so that an
+ * appropriate error message can be generated when no credentials can be
+ * configured.
+ *
+ * @internal
+ */
+export const SupportedWorkloadEnvironmentVariables = [
+    "AZURE_TENANT_ID",
+    "AZURE_CLIENT_ID",
+    "AZURE_FEDERATED_TOKEN_FILE",
+];
+const logger = credentialLogger(credentialName);
+/**
+ * Workload Identity authentication is a feature in Azure that allows applications running on virtual machines (VMs)
+ * to access other Azure resources without the need for a service principal or managed identity. With Workload Identity
+ * authentication, applications authenticate themselves using their own identity, rather than using a shared service
+ * principal or managed identity. Under the hood, Workload Identity authentication uses the concept of Service Account
+ * Credentials (SACs), which are automatically created by Azure and stored securely in the VM. By using Workload
+ * Identity authentication, you can avoid the need to manage and rotate service principals or managed identities for
+ * each application on each VM. Additionally, because SACs are created automatically and managed by Azure, you don't
+ * need to worry about storing and securing sensitive credentials themselves.
+ * The WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Azure Kubernetes and acquires
+ * a token using the SACs available in the Azure Kubernetes environment.
+ * Refer to <a href="https://learn.microsoft.com/azure/aks/workload-identity-overview">Microsoft Entra
+ * Workload ID</a> for more information.
+ */
+export class WorkloadIdentityCredential {
+    /**
+     * WorkloadIdentityCredential supports Microsoft Entra Workload ID on Kubernetes.
+     *
+     * @param options - The identity client options to use for authentication.
+     */
+    constructor(options) {
+        this.azureFederatedTokenFileContent = undefined;
+        this.cacheDate = undefined;
+        // Logging environment variables for error details
+        const assignedEnv = processEnvVars(SupportedWorkloadEnvironmentVariables).assigned.join(", ");
+        logger.info(`Found the following environment variables: ${assignedEnv}`);
+        const workloadIdentityCredentialOptions = options !== null && options !== void 0 ? options : {};
+        const tenantId = workloadIdentityCredentialOptions.tenantId || process.env.AZURE_TENANT_ID;
+        const clientId = workloadIdentityCredentialOptions.clientId || process.env.AZURE_CLIENT_ID;
+        this.federatedTokenFilePath =
+            workloadIdentityCredentialOptions.tokenFilePath || process.env.AZURE_FEDERATED_TOKEN_FILE;
+        if (tenantId) {
+            checkTenantId(logger, tenantId);
+        }
+        if (!clientId) {
+            throw new CredentialUnavailableError(`${credentialName}: is unavailable. clientId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - "AZURE_CLIENT_ID".
+        See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`);
+        }
+        if (!tenantId) {
+            throw new CredentialUnavailableError(`${credentialName}: is unavailable. tenantId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - "AZURE_TENANT_ID".
+        See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`);
+        }
+        if (!this.federatedTokenFilePath) {
+            throw new CredentialUnavailableError(`${credentialName}: is unavailable. federatedTokenFilePath is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - "AZURE_FEDERATED_TOKEN_FILE".
+        See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`);
+        }
+        logger.info(`Invoking ClientAssertionCredential with tenant ID: ${tenantId}, clientId: ${workloadIdentityCredentialOptions.clientId} and federated token path: [REDACTED]`);
+        this.client = new ClientAssertionCredential(tenantId, clientId, this.readFileContents.bind(this), options);
+    }
+    /**
+     * Authenticates with Microsoft Entra ID and returns an access token if successful.
+     * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.
+     *
+     * @param scopes - The list of scopes for which the token will have access.
+     * @param options - The options used to configure any requests this
+     *                TokenCredential implementation might make.
+     */
+    async getToken(scopes, options) {
+        if (!this.client) {
+            const errorMessage = `${credentialName}: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters.
+      In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables -
+      "AZURE_TENANT_ID",
+      "AZURE_CLIENT_ID",
+      "AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`;
+            logger.info(errorMessage);
+            throw new CredentialUnavailableError(errorMessage);
+        }
+        logger.info("Invoking getToken() of Client Assertion Credential");
+        return this.client.getToken(scopes, options);
+    }
+    async readFileContents() {
+        // Cached assertions expire after 5 minutes
+        if (this.cacheDate !== undefined && Date.now() - this.cacheDate >= 1000 * 60 * 5) {
+            this.azureFederatedTokenFileContent = undefined;
+        }
+        if (!this.federatedTokenFilePath) {
+            throw new CredentialUnavailableError(`${credentialName}: is unavailable. Invalid file path provided ${this.federatedTokenFilePath}.`);
+        }
+        if (!this.azureFederatedTokenFileContent) {
+            const file = await readFile(this.federatedTokenFilePath, "utf8");
+            const value = file.trim();
+            if (!value) {
+                throw new CredentialUnavailableError(`${credentialName}: is unavailable. No content on the file ${this.federatedTokenFilePath}.`);
+            }
+            else {
+                this.azureFederatedTokenFileContent = value;
+                this.cacheDate = Date.now();
+            }
+        }
+        return this.azureFederatedTokenFileContent;
+    }
+}
+//# sourceMappingURL=workloadIdentityCredential.js.map

package/dist/workerd/credentials/workloadIdentityCredential.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"workloadIdentityCredential.js","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredential.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAGlC,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEtE,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AAE1D,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AACzD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAE5C,MAAM,cAAc,GAAG,4BAA4B,CAAC;AACpD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,qCAAqC,GAAG;IACnD,iBAAiB;IACjB,iBAAiB;IACjB,4BAA4B;CAC7B,CAAC;AACF,MAAM,MAAM,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;AAChD;;;;;;;;;;;;;GAaG;AACH,MAAM,OAAO,0BAA0B;IAMrC;;;;OAIG;IACH,YAAY,OAA2C;QAT/C,mCAA8B,GAAuB,SAAS,CAAC;QAC/D,cAAS,GAAuB,SAAS,CAAC;QAShD,kDAAkD;QAClD,MAAM,WAAW,GAAG,cAAc,CAAC,qCAAqC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9F,MAAM,CAAC,IAAI,CAAC,8CAA8C,WAAW,EAAE,CAAC,CAAC;QAEzE,MAAM,iCAAiC,GAAG,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,CAAC;QACxD,MAAM,QAAQ,GAAG,iCAAiC,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC3F,MAAM,QAAQ,GAAG,iCAAiC,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;QAC3F,IAAI,CAAC,sBAAsB;YACzB,iCAAiC,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;QAC5F,IAAI,QAAQ,EAAE,CAAC;YACb,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc;qIAC4G,CAC9H,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc;qIAC4G,CAC9H,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;YACjC,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc;qIAC4G,CAC9H,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,IAAI,CACT,sDAAsD,QAAQ,eAAe,iCAAiC,CAAC,QAAQ,uCAAuC,CAC/J,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,IAAI,yBAAyB,CACzC,QAAQ,EACR,QAAQ,EACR,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAChC,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,QAAQ,CACnB,MAAyB,EACzB,OAAyB;QAEzB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,GAAG,cAAc;;;;iKAIqH,CAAC;YAC5J,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC1B,MAAM,IAAI,0BAA0B,CAAC,YAAY,CAAC,CAAC;QACrD,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;QAClE,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC/C,CAAC;IAEO,KAAK,CAAC,gBAAgB;QAC5B,2CAA2C;QAC3C,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;YACjF,IAAI,CAAC,8BAA8B,GAAG,SAAS,CAAC;QAClD,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC;YACjC,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc,gDAAgD,IAAI,CAAC,sBAAsB,GAAG,CAChG,CAAC;QACJ,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,8BAA8B,EAAE,CAAC;YACzC,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC;YACjE,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC1B,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,0BAA0B,CAClC,GAAG,cAAc,4CAA4C,IAAI,CAAC,sBAAsB,GAAG,CAC5F,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,8BAA8B,GAAG,KAAK,CAAC;gBAC5C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAC9B,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC,8BAA8B,CAAC;IAC7C,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AccessToken, GetTokenOptions, TokenCredential } from \"@azure/core-auth\";\nimport { credentialLogger, processEnvVars } from \"../util/logging.js\";\n\nimport { ClientAssertionCredential } from \"./clientAssertionCredential.js\";\nimport { CredentialUnavailableError } from \"../errors.js\";\nimport type { WorkloadIdentityCredentialOptions } from \"./workloadIdentityCredentialOptions.js\";\nimport { checkTenantId } from \"../util/tenantIdUtils.js\";\nimport { readFile } from \"node:fs/promises\";\n\nconst credentialName = \"WorkloadIdentityCredential\";\n/**\n * Contains the list of all supported environment variable names so that an\n * appropriate error message can be generated when no credentials can be\n * configured.\n *\n * @internal\n */\nexport const SupportedWorkloadEnvironmentVariables = [\n \"AZURE_TENANT_ID\",\n \"AZURE_CLIENT_ID\",\n \"AZURE_FEDERATED_TOKEN_FILE\",\n];\nconst logger = credentialLogger(credentialName);\n/**\n * Workload Identity authentication is a feature in Azure that allows applications running on virtual machines (VMs)\n * to access other Azure resources without the need for a service principal or managed identity. With Workload Identity\n * authentication, applications authenticate themselves using their own identity, rather than using a shared service\n * principal or managed identity. Under the hood, Workload Identity authentication uses the concept of Service Account\n * Credentials (SACs), which are automatically created by Azure and stored securely in the VM. By using Workload\n * Identity authentication, you can avoid the need to manage and rotate service principals or managed identities for\n * each application on each VM. Additionally, because SACs are created automatically and managed by Azure, you don't\n * need to worry about storing and securing sensitive credentials themselves.\n * The WorkloadIdentityCredential supports Microsoft Entra Workload ID authentication on Azure Kubernetes and acquires\n * a token using the SACs available in the Azure Kubernetes environment.\n * Refer to <a href=\"https://learn.microsoft.com/azure/aks/workload-identity-overview\">Microsoft Entra\n * Workload ID</a> for more information.\n */\nexport class WorkloadIdentityCredential implements TokenCredential {\n private client: ClientAssertionCredential | undefined;\n private azureFederatedTokenFileContent: string | undefined = undefined;\n private cacheDate: number | undefined = undefined;\n private federatedTokenFilePath: string | undefined;\n\n /**\n * WorkloadIdentityCredential supports Microsoft Entra Workload ID on Kubernetes.\n *\n * @param options - The identity client options to use for authentication.\n */\n constructor(options?: WorkloadIdentityCredentialOptions) {\n // Logging environment variables for error details\n const assignedEnv = processEnvVars(SupportedWorkloadEnvironmentVariables).assigned.join(\", \");\n logger.info(`Found the following environment variables: ${assignedEnv}`);\n\n const workloadIdentityCredentialOptions = options ?? {};\n const tenantId = workloadIdentityCredentialOptions.tenantId || process.env.AZURE_TENANT_ID;\n const clientId = workloadIdentityCredentialOptions.clientId || process.env.AZURE_CLIENT_ID;\n this.federatedTokenFilePath =\n workloadIdentityCredentialOptions.tokenFilePath || process.env.AZURE_FEDERATED_TOKEN_FILE;\n if (tenantId) {\n checkTenantId(logger, tenantId);\n }\n if (!clientId) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. clientId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - \"AZURE_CLIENT_ID\".\n See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`,\n );\n }\n\n if (!tenantId) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. tenantId is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - \"AZURE_TENANT_ID\".\n See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`,\n );\n }\n\n if (!this.federatedTokenFilePath) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. federatedTokenFilePath is a required parameter. In DefaultAzureCredential and ManagedIdentityCredential, this can be provided as an environment variable - \"AZURE_FEDERATED_TOKEN_FILE\".\n See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`,\n );\n }\n\n logger.info(\n `Invoking ClientAssertionCredential with tenant ID: ${tenantId}, clientId: ${workloadIdentityCredentialOptions.clientId} and federated token path: [REDACTED]`,\n );\n this.client = new ClientAssertionCredential(\n tenantId,\n clientId,\n this.readFileContents.bind(this),\n options,\n );\n }\n\n /**\n * Authenticates with Microsoft Entra ID and returns an access token if successful.\n * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure.\n *\n * @param scopes - The list of scopes for which the token will have access.\n * @param options - The options used to configure any requests this\n * TokenCredential implementation might make.\n */\n public async getToken(\n scopes: string | string[],\n options?: GetTokenOptions,\n ): Promise<AccessToken | null> {\n if (!this.client) {\n const errorMessage = `${credentialName}: is unavailable. tenantId, clientId, and federatedTokenFilePath are required parameters. \n In DefaultAzureCredential and ManagedIdentityCredential, these can be provided as environment variables - \n \"AZURE_TENANT_ID\",\n \"AZURE_CLIENT_ID\",\n \"AZURE_FEDERATED_TOKEN_FILE\". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`;\n logger.info(errorMessage);\n throw new CredentialUnavailableError(errorMessage);\n }\n logger.info(\"Invoking getToken() of Client Assertion Credential\");\n return this.client.getToken(scopes, options);\n }\n\n private async readFileContents(): Promise<string> {\n // Cached assertions expire after 5 minutes\n if (this.cacheDate !== undefined && Date.now() - this.cacheDate >= 1000 * 60 * 5) {\n this.azureFederatedTokenFileContent = undefined;\n }\n if (!this.federatedTokenFilePath) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. Invalid file path provided ${this.federatedTokenFilePath}.`,\n );\n }\n if (!this.azureFederatedTokenFileContent) {\n const file = await readFile(this.federatedTokenFilePath, \"utf8\");\n const value = file.trim();\n if (!value) {\n throw new CredentialUnavailableError(\n `${credentialName}: is unavailable. No content on the file ${this.federatedTokenFilePath}.`,\n );\n } else {\n this.azureFederatedTokenFileContent = value;\n this.cacheDate = Date.now();\n }\n }\n return this.azureFederatedTokenFileContent;\n }\n}\n"]}

package/dist/workerd/credentials/workloadIdentityCredentialOptions.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { AuthorityValidationOptions } from "./authorityValidationOptions.js";
+import type { MultiTenantTokenCredentialOptions } from "./multiTenantTokenCredentialOptions.js";
+/**
+ * Options for the {@link WorkloadIdentityCredential}
+ */
+export interface WorkloadIdentityCredentialOptions extends MultiTenantTokenCredentialOptions, AuthorityValidationOptions {
+    /**
+     * ID of the application's Microsoft Entra tenant. Also called its directory ID.
+     */
+    tenantId?: string;
+    /**
+     * The client ID of a Microsoft Entra app registration.
+     */
+    clientId?: string;
+    /**
+     * The path to a file containing a Kubernetes service account token that authenticates the identity.
+     */
+    tokenFilePath?: string;
+}
+//# sourceMappingURL=workloadIdentityCredentialOptions.d.ts.map

package/dist/workerd/credentials/workloadIdentityCredentialOptions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"workloadIdentityCredentialOptions.d.ts","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredentialOptions.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAClF,OAAO,KAAK,EAAE,iCAAiC,EAAE,MAAM,wCAAwC,CAAC;AAEhG;;GAEG;AACH,MAAM,WAAW,iCACf,SAAQ,iCAAiC,EACvC,0BAA0B;IAC5B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB"}

package/dist/workerd/credentials/workloadIdentityCredentialOptions.js ADDED Viewed

@@ -0,0 +1,4 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+export {};
+//# sourceMappingURL=workloadIdentityCredentialOptions.js.map

package/dist/workerd/credentials/workloadIdentityCredentialOptions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"workloadIdentityCredentialOptions.js","sourceRoot":"","sources":["../../../src/credentials/workloadIdentityCredentialOptions.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { AuthorityValidationOptions } from \"./authorityValidationOptions.js\";\nimport type { MultiTenantTokenCredentialOptions } from \"./multiTenantTokenCredentialOptions.js\";\n\n/**\n * Options for the {@link WorkloadIdentityCredential}\n */\nexport interface WorkloadIdentityCredentialOptions\n extends MultiTenantTokenCredentialOptions,\n AuthorityValidationOptions {\n /**\n * ID of the application's Microsoft Entra tenant. Also called its directory ID.\n */\n tenantId?: string;\n /**\n * The client ID of a Microsoft Entra app registration.\n */\n clientId?: string;\n /**\n * The path to a file containing a Kubernetes service account token that authenticates the identity.\n */\n tokenFilePath?: string;\n}\n"]}

package/dist/workerd/errors.d.ts ADDED Viewed

@@ -0,0 +1,139 @@
+import type { GetTokenOptions } from "@azure/core-auth";
+/**
+ * See the official documentation for more details:
+ *
+ * https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#error-response-1
+ *
+ * NOTE: This documentation is for v1 OAuth support but the same error
+ * response details still apply to v2.
+ */
+export interface ErrorResponse {
+    /**
+     * The string identifier for the error.
+     */
+    error: string;
+    /**
+     * The error's description.
+     */
+    errorDescription: string;
+    /**
+     * An array of codes pertaining to the error(s) that occurred.
+     */
+    errorCodes?: number[];
+    /**
+     * The timestamp at which the error occurred.
+     */
+    timestamp?: string;
+    /**
+     * The trace identifier for this error occurrence.
+     */
+    traceId?: string;
+    /**
+     * The correlation ID to be used for tracking the source of the error.
+     */
+    correlationId?: string;
+}
+/**
+ * Used for internal deserialization of OAuth responses. Public model is ErrorResponse
+ * @internal
+ */
+export interface OAuthErrorResponse {
+    error: string;
+    error_description: string;
+    error_codes?: number[];
+    timestamp?: string;
+    trace_id?: string;
+    correlation_id?: string;
+}
+/**
+ * The Error.name value of an CredentialUnavailable
+ */
+export declare const CredentialUnavailableErrorName = "CredentialUnavailableError";
+/**
+ * This signifies that the credential that was tried in a chained credential
+ * was not available to be used as the credential. Rather than treating this as
+ * an error that should halt the chain, it's caught and the chain continues
+ */
+export declare class CredentialUnavailableError extends Error {
+    constructor(message?: string, options?: {
+        cause?: unknown;
+    });
+}
+/**
+ * The Error.name value of an AuthenticationError
+ */
+export declare const AuthenticationErrorName = "AuthenticationError";
+/**
+ * Provides details about a failure to authenticate with Azure Active
+ * Directory.  The `errorResponse` field contains more details about
+ * the specific failure.
+ */
+export declare class AuthenticationError extends Error {
+    /**
+     * The HTTP status code returned from the authentication request.
+     */
+    readonly statusCode: number;
+    /**
+     * The error response details.
+     */
+    readonly errorResponse: ErrorResponse;
+    constructor(statusCode: number, errorBody: object | string | undefined | null, options?: {
+        cause?: unknown;
+    });
+}
+/**
+ * The Error.name value of an AggregateAuthenticationError
+ */
+export declare const AggregateAuthenticationErrorName = "AggregateAuthenticationError";
+/**
+ * Provides an `errors` array containing {@link AuthenticationError} instance
+ * for authentication failures from credentials in a {@link ChainedTokenCredential}.
+ */
+export declare class AggregateAuthenticationError extends Error {
+    /**
+     * The array of error objects that were thrown while trying to authenticate
+     * with the credentials in a {@link ChainedTokenCredential}.
+     */
+    errors: any[];
+    constructor(errors: any[], errorMessage?: string);
+}
+/**
+ * Optional parameters to the {@link AuthenticationRequiredError}
+ */
+export interface AuthenticationRequiredErrorOptions {
+    /**
+     * The list of scopes for which the token will have access.
+     */
+    scopes: string[];
+    /**
+     * The options passed to the getToken request.
+     */
+    getTokenOptions?: GetTokenOptions;
+    /**
+     * The message of the error.
+     */
+    message?: string;
+    /**
+     * The underlying cause, if any, that caused the authentication to fail.
+     */
+    cause?: unknown;
+}
+/**
+ * Error used to enforce authentication after trying to retrieve a token silently.
+ */
+export declare class AuthenticationRequiredError extends Error {
+    /**
+     * The list of scopes for which the token will have access.
+     */
+    scopes: string[];
+    /**
+     * The options passed to the getToken request.
+     */
+    getTokenOptions?: GetTokenOptions;
+    constructor(
+    /**
+     * Optional parameters. A message can be specified. The {@link GetTokenOptions} of the request can also be specified to more easily associate the error with the received parameters.
+     */
+    options: AuthenticationRequiredErrorOptions);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/workerd/errors.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAExD;;;;;;;GAOG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;IAEd;;OAEG;IACH,gBAAgB,EAAE,MAAM,CAAC;IAEzB;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAEtB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB,EAAE,MAAM,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAUD;;GAEG;AACH,eAAO,MAAM,8BAA8B,+BAA+B,CAAC;AAE3E;;;;GAIG;AACH,qBAAa,0BAA2B,SAAQ,KAAK;gBACvC,OAAO,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CAK5D;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB,wBAAwB,CAAC;AAE7D;;;;GAIG;AACH,qBAAa,mBAAoB,SAAQ,KAAK;IAC5C;;OAEG;IACH,SAAgB,UAAU,EAAE,MAAM,CAAC;IAEnC;;OAEG;IACH,SAAgB,aAAa,EAAE,aAAa,CAAC;gBAG3C,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,GAAG,IAAI,EAC7C,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CA8ChC;AAED;;GAEG;AACH,eAAO,MAAM,gCAAgC,iCAAiC,CAAC;AAE/E;;;GAGG;AACH,qBAAa,4BAA6B,SAAQ,KAAK;IACrD;;;OAGG;IACI,MAAM,EAAE,GAAG,EAAE,CAAC;gBAET,MAAM,EAAE,GAAG,EAAE,EAAE,YAAY,CAAC,EAAE,MAAM;CAQjD;AAaD;;GAEG;AACH,MAAM,WAAW,kCAAkC;IACjD;;OAEG;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB;;OAEG;IACH,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC;;OAEG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,2BAA4B,SAAQ,KAAK;IACpD;;OAEG;IACI,MAAM,EAAE,MAAM,EAAE,CAAC;IACxB;;OAEG;IACI,eAAe,CAAC,EAAE,eAAe,CAAC;;IAGvC;;OAEG;IACH,OAAO,EAAE,kCAAkC;CAW9C"}

package/dist/workerd/errors.js ADDED Viewed

@@ -0,0 +1,123 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+function isErrorResponse(errorResponse) {
+    return (errorResponse &&
+        typeof errorResponse.error === "string" &&
+        typeof errorResponse.error_description === "string");
+}
+/**
+ * The Error.name value of an CredentialUnavailable
+ */
+export const CredentialUnavailableErrorName = "CredentialUnavailableError";
+/**
+ * This signifies that the credential that was tried in a chained credential
+ * was not available to be used as the credential. Rather than treating this as
+ * an error that should halt the chain, it's caught and the chain continues
+ */
+export class CredentialUnavailableError extends Error {
+    constructor(message, options) {
+        // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property
+        super(message, options);
+        this.name = CredentialUnavailableErrorName;
+    }
+}
+/**
+ * The Error.name value of an AuthenticationError
+ */
+export const AuthenticationErrorName = "AuthenticationError";
+/**
+ * Provides details about a failure to authenticate with Azure Active
+ * Directory.  The `errorResponse` field contains more details about
+ * the specific failure.
+ */
+export class AuthenticationError extends Error {
+    constructor(statusCode, errorBody, options) {
+        let errorResponse = {
+            error: "unknown",
+            errorDescription: "An unknown error occurred and no additional details are available.",
+        };
+        if (isErrorResponse(errorBody)) {
+            errorResponse = convertOAuthErrorResponseToErrorResponse(errorBody);
+        }
+        else if (typeof errorBody === "string") {
+            try {
+                // Most error responses will contain JSON-formatted error details
+                // in the response body
+                const oauthErrorResponse = JSON.parse(errorBody);
+                errorResponse = convertOAuthErrorResponseToErrorResponse(oauthErrorResponse);
+            }
+            catch (e) {
+                if (statusCode === 400) {
+                    errorResponse = {
+                        error: "invalid_request",
+                        errorDescription: `The service indicated that the request was invalid.\n\n${errorBody}`,
+                    };
+                }
+                else {
+                    errorResponse = {
+                        error: "unknown_error",
+                        errorDescription: `An unknown error has occurred. Response body:\n\n${errorBody}`,
+                    };
+                }
+            }
+        }
+        else {
+            errorResponse = {
+                error: "unknown_error",
+                errorDescription: "An unknown error occurred and no additional details are available.",
+            };
+        }
+        super(`${errorResponse.error} Status code: ${statusCode}\nMore details:\n${errorResponse.errorDescription},`,
+        // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property
+        options);
+        this.statusCode = statusCode;
+        this.errorResponse = errorResponse;
+        // Ensure that this type reports the correct name
+        this.name = AuthenticationErrorName;
+    }
+}
+/**
+ * The Error.name value of an AggregateAuthenticationError
+ */
+export const AggregateAuthenticationErrorName = "AggregateAuthenticationError";
+/**
+ * Provides an `errors` array containing {@link AuthenticationError} instance
+ * for authentication failures from credentials in a {@link ChainedTokenCredential}.
+ */
+export class AggregateAuthenticationError extends Error {
+    constructor(errors, errorMessage) {
+        const errorDetail = errors.join("\n");
+        super(`${errorMessage}\n${errorDetail}`);
+        this.errors = errors;
+        // Ensure that this type reports the correct name
+        this.name = AggregateAuthenticationErrorName;
+    }
+}
+function convertOAuthErrorResponseToErrorResponse(errorBody) {
+    return {
+        error: errorBody.error,
+        errorDescription: errorBody.error_description,
+        correlationId: errorBody.correlation_id,
+        errorCodes: errorBody.error_codes,
+        timestamp: errorBody.timestamp,
+        traceId: errorBody.trace_id,
+    };
+}
+/**
+ * Error used to enforce authentication after trying to retrieve a token silently.
+ */
+export class AuthenticationRequiredError extends Error {
+    constructor(
+    /**
+     * Optional parameters. A message can be specified. The {@link GetTokenOptions} of the request can also be specified to more easily associate the error with the received parameters.
+     */
+    options) {
+        super(options.message,
+        // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property
+        options.cause ? { cause: options.cause } : undefined);
+        this.scopes = options.scopes;
+        this.getTokenOptions = options.getTokenOptions;
+        this.name = "AuthenticationRequiredError";
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/workerd/errors.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/errors.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAyDlC,SAAS,eAAe,CAAC,aAAkB;IACzC,OAAO,CACL,aAAa;QACb,OAAO,aAAa,CAAC,KAAK,KAAK,QAAQ;QACvC,OAAO,aAAa,CAAC,iBAAiB,KAAK,QAAQ,CACpD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,8BAA8B,GAAG,4BAA4B,CAAC;AAE3E;;;;GAIG;AACH,MAAM,OAAO,0BAA2B,SAAQ,KAAK;IACnD,YAAY,OAAgB,EAAE,OAA6B;QACzD,2JAA2J;QAC3J,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;IAC7C,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,qBAAqB,CAAC;AAE7D;;;;GAIG;AACH,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAW5C,YACE,UAAkB,EAClB,SAA6C,EAC7C,OAA6B;QAE7B,IAAI,aAAa,GAAkB;YACjC,KAAK,EAAE,SAAS;YAChB,gBAAgB,EAAE,oEAAoE;SACvF,CAAC;QAEF,IAAI,eAAe,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/B,aAAa,GAAG,wCAAwC,CAAC,SAAS,CAAC,CAAC;QACtE,CAAC;aAAM,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC;gBACH,iEAAiE;gBACjE,uBAAuB;gBACvB,MAAM,kBAAkB,GAAuB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;gBACrE,aAAa,GAAG,wCAAwC,CAAC,kBAAkB,CAAC,CAAC;YAC/E,CAAC;YAAC,OAAO,CAAM,EAAE,CAAC;gBAChB,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;oBACvB,aAAa,GAAG;wBACd,KAAK,EAAE,iBAAiB;wBACxB,gBAAgB,EAAE,0DAA0D,SAAS,EAAE;qBACxF,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,aAAa,GAAG;wBACd,KAAK,EAAE,eAAe;wBACtB,gBAAgB,EAAE,oDAAoD,SAAS,EAAE;qBAClF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,aAAa,GAAG;gBACd,KAAK,EAAE,eAAe;gBACtB,gBAAgB,EAAE,oEAAoE;aACvF,CAAC;QACJ,CAAC;QAED,KAAK,CACH,GAAG,aAAa,CAAC,KAAK,iBAAiB,UAAU,oBAAoB,aAAa,CAAC,gBAAgB,GAAG;QACtG,2JAA2J;QAC3J,OAAO,CACR,CAAC;QACF,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QAEnC,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;IACtC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gCAAgC,GAAG,8BAA8B,CAAC;AAE/E;;;GAGG;AACH,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IAOrD,YAAY,MAAa,EAAE,YAAqB;QAC9C,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,KAAK,CAAC,GAAG,YAAY,KAAK,WAAW,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QAErB,iDAAiD;QACjD,IAAI,CAAC,IAAI,GAAG,gCAAgC,CAAC;IAC/C,CAAC;CACF;AAED,SAAS,wCAAwC,CAAC,SAA6B;IAC7E,OAAO;QACL,KAAK,EAAE,SAAS,CAAC,KAAK;QACtB,gBAAgB,EAAE,SAAS,CAAC,iBAAiB;QAC7C,aAAa,EAAE,SAAS,CAAC,cAAc;QACvC,UAAU,EAAE,SAAS,CAAC,WAAW;QACjC,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,OAAO,EAAE,SAAS,CAAC,QAAQ;KAC5B,CAAC;AACJ,CAAC;AAwBD;;GAEG;AACH,MAAM,OAAO,2BAA4B,SAAQ,KAAK;IAUpD;IACE;;OAEG;IACH,OAA2C;QAE3C,KAAK,CACH,OAAO,CAAC,OAAO;QACf,2JAA2J;QAC3J,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CACrD,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;QAC/C,IAAI,CAAC,IAAI,GAAG,6BAA6B,CAAC;IAC5C,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport type { GetTokenOptions } from \"@azure/core-auth\";\n\n/**\n * See the official documentation for more details:\n *\n * https://learn.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code#error-response-1\n *\n * NOTE: This documentation is for v1 OAuth support but the same error\n * response details still apply to v2.\n */\nexport interface ErrorResponse {\n /**\n * The string identifier for the error.\n */\n error: string;\n\n /**\n * The error's description.\n */\n errorDescription: string;\n\n /**\n * An array of codes pertaining to the error(s) that occurred.\n */\n errorCodes?: number[];\n\n /**\n * The timestamp at which the error occurred.\n */\n timestamp?: string;\n\n /**\n * The trace identifier for this error occurrence.\n */\n traceId?: string;\n\n /**\n * The correlation ID to be used for tracking the source of the error.\n */\n correlationId?: string;\n}\n\n/**\n * Used for internal deserialization of OAuth responses. Public model is ErrorResponse\n * @internal\n */\nexport interface OAuthErrorResponse {\n error: string;\n error_description: string;\n error_codes?: number[];\n timestamp?: string;\n trace_id?: string;\n correlation_id?: string;\n}\n\nfunction isErrorResponse(errorResponse: any): errorResponse is OAuthErrorResponse {\n return (\n errorResponse &&\n typeof errorResponse.error === \"string\" &&\n typeof errorResponse.error_description === \"string\"\n );\n}\n\n/**\n * The Error.name value of an CredentialUnavailable\n */\nexport const CredentialUnavailableErrorName = \"CredentialUnavailableError\";\n\n/**\n * This signifies that the credential that was tried in a chained credential\n * was not available to be used as the credential. Rather than treating this as\n * an error that should halt the chain, it's caught and the chain continues\n */\nexport class CredentialUnavailableError extends Error {\n constructor(message?: string, options?: { cause?: unknown }) {\n // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property\n super(message, options);\n this.name = CredentialUnavailableErrorName;\n }\n}\n\n/**\n * The Error.name value of an AuthenticationError\n */\nexport const AuthenticationErrorName = \"AuthenticationError\";\n\n/**\n * Provides details about a failure to authenticate with Azure Active\n * Directory. The `errorResponse` field contains more details about\n * the specific failure.\n */\nexport class AuthenticationError extends Error {\n /**\n * The HTTP status code returned from the authentication request.\n */\n public readonly statusCode: number;\n\n /**\n * The error response details.\n */\n public readonly errorResponse: ErrorResponse;\n\n constructor(\n statusCode: number,\n errorBody: object | string | undefined | null,\n options?: { cause?: unknown },\n ) {\n let errorResponse: ErrorResponse = {\n error: \"unknown\",\n errorDescription: \"An unknown error occurred and no additional details are available.\",\n };\n\n if (isErrorResponse(errorBody)) {\n errorResponse = convertOAuthErrorResponseToErrorResponse(errorBody);\n } else if (typeof errorBody === \"string\") {\n try {\n // Most error responses will contain JSON-formatted error details\n // in the response body\n const oauthErrorResponse: OAuthErrorResponse = JSON.parse(errorBody);\n errorResponse = convertOAuthErrorResponseToErrorResponse(oauthErrorResponse);\n } catch (e: any) {\n if (statusCode === 400) {\n errorResponse = {\n error: \"invalid_request\",\n errorDescription: `The service indicated that the request was invalid.\\n\\n${errorBody}`,\n };\n } else {\n errorResponse = {\n error: \"unknown_error\",\n errorDescription: `An unknown error has occurred. Response body:\\n\\n${errorBody}`,\n };\n }\n }\n } else {\n errorResponse = {\n error: \"unknown_error\",\n errorDescription: \"An unknown error occurred and no additional details are available.\",\n };\n }\n\n super(\n `${errorResponse.error} Status code: ${statusCode}\\nMore details:\\n${errorResponse.errorDescription},`,\n // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property\n options,\n );\n this.statusCode = statusCode;\n this.errorResponse = errorResponse;\n\n // Ensure that this type reports the correct name\n this.name = AuthenticationErrorName;\n }\n}\n\n/**\n * The Error.name value of an AggregateAuthenticationError\n */\nexport const AggregateAuthenticationErrorName = \"AggregateAuthenticationError\";\n\n/**\n * Provides an `errors` array containing {@link AuthenticationError} instance\n * for authentication failures from credentials in a {@link ChainedTokenCredential}.\n */\nexport class AggregateAuthenticationError extends Error {\n /**\n * The array of error objects that were thrown while trying to authenticate\n * with the credentials in a {@link ChainedTokenCredential}.\n */\n public errors: any[];\n\n constructor(errors: any[], errorMessage?: string) {\n const errorDetail = errors.join(\"\\n\");\n super(`${errorMessage}\\n${errorDetail}`);\n this.errors = errors;\n\n // Ensure that this type reports the correct name\n this.name = AggregateAuthenticationErrorName;\n }\n}\n\nfunction convertOAuthErrorResponseToErrorResponse(errorBody: OAuthErrorResponse): ErrorResponse {\n return {\n error: errorBody.error,\n errorDescription: errorBody.error_description,\n correlationId: errorBody.correlation_id,\n errorCodes: errorBody.error_codes,\n timestamp: errorBody.timestamp,\n traceId: errorBody.trace_id,\n };\n}\n\n/**\n * Optional parameters to the {@link AuthenticationRequiredError}\n */\nexport interface AuthenticationRequiredErrorOptions {\n /**\n * The list of scopes for which the token will have access.\n */\n scopes: string[];\n /**\n * The options passed to the getToken request.\n */\n getTokenOptions?: GetTokenOptions;\n /**\n * The message of the error.\n */\n message?: string;\n /**\n * The underlying cause, if any, that caused the authentication to fail.\n */\n cause?: unknown;\n}\n\n/**\n * Error used to enforce authentication after trying to retrieve a token silently.\n */\nexport class AuthenticationRequiredError extends Error {\n /**\n * The list of scopes for which the token will have access.\n */\n public scopes: string[];\n /**\n * The options passed to the getToken request.\n */\n public getTokenOptions?: GetTokenOptions;\n\n constructor(\n /**\n * Optional parameters. A message can be specified. The {@link GetTokenOptions} of the request can also be specified to more easily associate the error with the received parameters.\n */\n options: AuthenticationRequiredErrorOptions,\n ) {\n super(\n options.message,\n // @ts-expect-error - TypeScript does not recognize this until we use ES2022 as the target; however, all our major runtimes do support the `cause` property\n options.cause ? { cause: options.cause } : undefined,\n );\n this.scopes = options.scopes;\n this.getTokenOptions = options.getTokenOptions;\n this.name = \"AuthenticationRequiredError\";\n }\n}\n"]}

package/dist/workerd/index.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+export * from "./plugins/consumer.js";
+export { IdentityPlugin } from "./plugins/provider.js";
+import type { TokenCredential } from "@azure/core-auth";
+export { AuthenticationError, ErrorResponse, AggregateAuthenticationError, AuthenticationErrorName, AggregateAuthenticationErrorName, CredentialUnavailableError, CredentialUnavailableErrorName, AuthenticationRequiredError, AuthenticationRequiredErrorOptions, } from "./errors.js";
+export { AuthenticationRecord } from "./msal/types.js";
+export { serializeAuthenticationRecord, deserializeAuthenticationRecord } from "./msal/utils.js";
+export { TokenCredentialOptions } from "./tokenCredentialOptions.js";
+export { MultiTenantTokenCredentialOptions } from "./credentials/multiTenantTokenCredentialOptions.js";
+export { AuthorityValidationOptions } from "./credentials/authorityValidationOptions.js";
+export { BrokerAuthOptions } from "./credentials/brokerAuthOptions.js";
+export { BrokerOptions, BrokerEnabledOptions, BrokerDisabledOptions, } from "./msal/nodeFlows/brokerOptions.js";
+export { InteractiveCredentialOptions } from "./credentials/interactiveCredentialOptions.js";
+export { ChainedTokenCredential } from "./credentials/chainedTokenCredential.js";
+export { ClientSecretCredential } from "./credentials/clientSecretCredential.js";
+export { ClientSecretCredentialOptions } from "./credentials/clientSecretCredentialOptions.js";
+export { DefaultAzureCredential } from "./credentials/defaultAzureCredential.js";
+export { DefaultAzureCredentialOptions, DefaultAzureCredentialClientIdOptions, DefaultAzureCredentialResourceIdOptions, } from "./credentials/defaultAzureCredentialOptions.js";
+export { EnvironmentCredential } from "./credentials/environmentCredential.js";
+export { EnvironmentCredentialOptions } from "./credentials/environmentCredentialOptions.js";
+export { ClientCertificateCredential } from "./credentials/clientCertificateCredential.js";
+export { ClientCertificateCredentialPEMConfiguration, ClientCertificatePEMCertificatePath, ClientCertificatePEMCertificate, } from "./credentials/clientCertificateCredentialModels.js";
+export { ClientCertificateCredentialOptions } from "./credentials/clientCertificateCredentialOptions.js";
+export { ClientAssertionCredential } from "./credentials/clientAssertionCredential.js";
+export { ClientAssertionCredentialOptions } from "./credentials/clientAssertionCredentialOptions.js";
+export { CredentialPersistenceOptions } from "./credentials/credentialPersistenceOptions.js";
+export { AzureCliCredential } from "./credentials/azureCliCredential.js";
+export { AzureCliCredentialOptions } from "./credentials/azureCliCredentialOptions.js";
+export { AzureDeveloperCliCredential } from "./credentials/azureDeveloperCliCredential.js";
+export { AzureDeveloperCliCredentialOptions } from "./credentials/azureDeveloperCliCredentialOptions.js";
+export { InteractiveBrowserCredential } from "./credentials/interactiveBrowserCredential.js";
+export { InteractiveBrowserCredentialNodeOptions, InteractiveBrowserCredentialInBrowserOptions, BrowserLoginStyle, } from "./credentials/interactiveBrowserCredentialOptions.js";
+export { ManagedIdentityCredential } from "./credentials/managedIdentityCredential/index.js";
+export { ManagedIdentityCredentialClientIdOptions, ManagedIdentityCredentialResourceIdOptions, ManagedIdentityCredentialObjectIdOptions, } from "./credentials/managedIdentityCredential/options.js";
+export { DeviceCodeCredential } from "./credentials/deviceCodeCredential.js";
+export { DeviceCodePromptCallback, DeviceCodeInfo, } from "./credentials/deviceCodeCredentialOptions.js";
+export { DeviceCodeCredentialOptions } from "./credentials/deviceCodeCredentialOptions.js";
+export { AzurePipelinesCredential as AzurePipelinesCredential } from "./credentials/azurePipelinesCredential.js";
+export { AzurePipelinesCredentialOptions as AzurePipelinesCredentialOptions } from "./credentials/azurePipelinesCredentialOptions.js";
+export { AuthorizationCodeCredential } from "./credentials/authorizationCodeCredential.js";
+export { AuthorizationCodeCredentialOptions } from "./credentials/authorizationCodeCredentialOptions.js";
+export { AzurePowerShellCredential } from "./credentials/azurePowerShellCredential.js";
+export { AzurePowerShellCredentialOptions } from "./credentials/azurePowerShellCredentialOptions.js";
+export { OnBehalfOfCredentialOptions, OnBehalfOfCredentialSecretOptions, OnBehalfOfCredentialCertificateOptions, OnBehalfOfCredentialAssertionOptions, } from "./credentials/onBehalfOfCredentialOptions.js";
+export { UsernamePasswordCredential } from "./credentials/usernamePasswordCredential.js";
+export { UsernamePasswordCredentialOptions } from "./credentials/usernamePasswordCredentialOptions.js";
+export { VisualStudioCodeCredential } from "./credentials/visualStudioCodeCredential.js";
+export { VisualStudioCodeCredentialOptions } from "./credentials/visualStudioCodeCredentialOptions.js";
+export { OnBehalfOfCredential } from "./credentials/onBehalfOfCredential.js";
+export { WorkloadIdentityCredential } from "./credentials/workloadIdentityCredential.js";
+export { WorkloadIdentityCredentialOptions } from "./credentials/workloadIdentityCredentialOptions.js";
+export { BrowserCustomizationOptions } from "./credentials/browserCustomizationOptions.js";
+export { TokenCachePersistenceOptions } from "./msal/nodeFlows/tokenCachePersistenceOptions.js";
+export { TokenCredential, GetTokenOptions, AccessToken } from "@azure/core-auth";
+export { logger } from "./util/logging.js";
+export { AzureAuthorityHosts } from "./constants.js";
+/**
+ * Returns a new instance of the {@link DefaultAzureCredential}.
+ */
+export declare function getDefaultAzureCredential(): TokenCredential;
+export { getBearerTokenProvider, GetBearerTokenProviderOptions } from "./tokenProvider.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/workerd/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAGA,cAAc,uBAAuB,CAAC;AAEtC,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAEvD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGxD,OAAO,EACL,mBAAmB,EACnB,aAAa,EACb,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC9B,2BAA2B,EAC3B,kCAAkC,GACnC,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AACvD,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,iBAAiB,CAAC;AACjG,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AAIzF,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAE7F,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAEjF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EAAE,6BAA6B,EAAE,MAAM,gDAAgD,CAAC;AAE/F,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EACL,6BAA6B,EAC7B,qCAAqC,EACrC,uCAAuC,GACxC,MAAM,gDAAgD,CAAC;AAExD,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAC/E,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAE7F,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EACL,2CAA2C,EAC3C,mCAAmC,EACnC,+BAA+B,GAChC,MAAM,oDAAoD,CAAC;AAC5D,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,mDAAmD,CAAC;AACrG,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAC7F,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AACzE,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAC7F,OAAO,EACL,uCAAuC,EACvC,4CAA4C,EAC5C,iBAAiB,GAClB,MAAM,sDAAsD,CAAC;AAC9D,OAAO,EAAE,yBAAyB,EAAE,MAAM,kDAAkD,CAAC;AAC7F,OAAO,EACL,wCAAwC,EACxC,0CAA0C,EAC1C,wCAAwC,GACzC,MAAM,oDAAoD,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EACL,wBAAwB,EACxB,cAAc,GACf,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,wBAAwB,IAAI,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AACjH,OAAO,EAAE,+BAA+B,IAAI,+BAA+B,EAAE,MAAM,kDAAkD,CAAC;AACtI,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,kCAAkC,EAAE,MAAM,qDAAqD,CAAC;AACzG,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AACvF,OAAO,EAAE,gCAAgC,EAAE,MAAM,mDAAmD,CAAC;AACrG,OAAO,EACL,2BAA2B,EAC3B,iCAAiC,EACjC,sCAAsC,EACtC,oCAAoC,GACrC,MAAM,8CAA8C,CAAC;AACtD,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AACzF,OAAO,EAAE,iCAAiC,EAAE,MAAM,oDAAoD,CAAC;AACvG,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAC3F,OAAO,EAAE,4BAA4B,EAAE,MAAM,kDAAkD,CAAC;AAEhG,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AACjF,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD;;GAEG;AACH,wBAAgB,yBAAyB,IAAI,eAAe,CAE3D;AAED,OAAO,EAAE,sBAAsB,EAAE,6BAA6B,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/workerd/index.js ADDED Viewed

@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+export * from "./plugins/consumer.js";
+import { DefaultAzureCredential } from "./credentials/defaultAzureCredential.js";
+export { AuthenticationError, AggregateAuthenticationError, AuthenticationErrorName, AggregateAuthenticationErrorName, CredentialUnavailableError, CredentialUnavailableErrorName, AuthenticationRequiredError, } from "./errors.js";
+export { serializeAuthenticationRecord, deserializeAuthenticationRecord } from "./msal/utils.js";
+export { ChainedTokenCredential } from "./credentials/chainedTokenCredential.js";
+export { ClientSecretCredential } from "./credentials/clientSecretCredential.js";
+export { DefaultAzureCredential } from "./credentials/defaultAzureCredential.js";
+export { EnvironmentCredential } from "./credentials/environmentCredential.js";
+export { ClientCertificateCredential } from "./credentials/clientCertificateCredential.js";
+export { ClientAssertionCredential } from "./credentials/clientAssertionCredential.js";
+export { AzureCliCredential } from "./credentials/azureCliCredential.js";
+export { AzureDeveloperCliCredential } from "./credentials/azureDeveloperCliCredential.js";
+export { InteractiveBrowserCredential } from "./credentials/interactiveBrowserCredential.js";
+export { ManagedIdentityCredential } from "./credentials/managedIdentityCredential/index.js";
+export { DeviceCodeCredential } from "./credentials/deviceCodeCredential.js";
+export { AzurePipelinesCredential as AzurePipelinesCredential } from "./credentials/azurePipelinesCredential.js";
+export { AuthorizationCodeCredential } from "./credentials/authorizationCodeCredential.js";
+export { AzurePowerShellCredential } from "./credentials/azurePowerShellCredential.js";
+export { UsernamePasswordCredential } from "./credentials/usernamePasswordCredential.js";
+export { VisualStudioCodeCredential } from "./credentials/visualStudioCodeCredential.js";
+export { OnBehalfOfCredential } from "./credentials/onBehalfOfCredential.js";
+export { WorkloadIdentityCredential } from "./credentials/workloadIdentityCredential.js";
+export { logger } from "./util/logging.js";
+export { AzureAuthorityHosts } from "./constants.js";
+/**
+ * Returns a new instance of the {@link DefaultAzureCredential}.
+ */
+export function getDefaultAzureCredential() {
+    return new DefaultAzureCredential();
+}
+export { getBearerTokenProvider } from "./tokenProvider.js";
+//# sourceMappingURL=index.js.map

package/dist/workerd/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,cAAc,uBAAuB,CAAC;AAKtC,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAEjF,OAAO,EACL,mBAAmB,EAEnB,4BAA4B,EAC5B,uBAAuB,EACvB,gCAAgC,EAChC,0BAA0B,EAC1B,8BAA8B,EAC9B,2BAA2B,GAE5B,MAAM,aAAa,CAAC;AAGrB,OAAO,EAAE,6BAA6B,EAAE,+BAA+B,EAAE,MAAM,iBAAiB,CAAC;AAejG,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAEjF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAGjF,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AAOjF,OAAO,EAAE,qBAAqB,EAAE,MAAM,wCAAwC,CAAC;AAG/E,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAO3F,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAGvF,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAEzE,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAE3F,OAAO,EAAE,4BAA4B,EAAE,MAAM,+CAA+C,CAAC;AAM7F,OAAO,EAAE,yBAAyB,EAAE,MAAM,kDAAkD,CAAC;AAM7F,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAM7E,OAAO,EAAE,wBAAwB,IAAI,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AAEjH,OAAO,EAAE,2BAA2B,EAAE,MAAM,8CAA8C,CAAC;AAE3F,OAAO,EAAE,yBAAyB,EAAE,MAAM,4CAA4C,CAAC;AAQvF,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AAEzF,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AAEzF,OAAO,EAAE,oBAAoB,EAAE,MAAM,uCAAuC,CAAC;AAC7E,OAAO,EAAE,0BAA0B,EAAE,MAAM,6CAA6C,CAAC;AAMzF,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAErD;;GAEG;AACH,MAAM,UAAU,yBAAyB;IACvC,OAAO,IAAI,sBAAsB,EAAE,CAAC;AACtC,CAAC;AAED,OAAO,EAAE,sBAAsB,EAAiC,MAAM,oBAAoB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nexport * from \"./plugins/consumer.js\";\n\nexport { IdentityPlugin } from \"./plugins/provider.js\";\n\nimport type { TokenCredential } from \"@azure/core-auth\";\nimport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential.js\";\n\nexport {\n AuthenticationError,\n ErrorResponse,\n AggregateAuthenticationError,\n AuthenticationErrorName,\n AggregateAuthenticationErrorName,\n CredentialUnavailableError,\n CredentialUnavailableErrorName,\n AuthenticationRequiredError,\n AuthenticationRequiredErrorOptions,\n} from \"./errors.js\";\n\nexport { AuthenticationRecord } from \"./msal/types.js\";\nexport { serializeAuthenticationRecord, deserializeAuthenticationRecord } from \"./msal/utils.js\";\nexport { TokenCredentialOptions } from \"./tokenCredentialOptions.js\";\nexport { MultiTenantTokenCredentialOptions } from \"./credentials/multiTenantTokenCredentialOptions.js\";\nexport { AuthorityValidationOptions } from \"./credentials/authorityValidationOptions.js\";\n// TODO: Export again once we're ready to release this feature.\n// export { RegionalAuthority } from \"./regionalAuthority\";\n\nexport { BrokerAuthOptions } from \"./credentials/brokerAuthOptions.js\";\nexport {\n BrokerOptions,\n BrokerEnabledOptions,\n BrokerDisabledOptions,\n} from \"./msal/nodeFlows/brokerOptions.js\";\nexport { InteractiveCredentialOptions } from \"./credentials/interactiveCredentialOptions.js\";\n\nexport { ChainedTokenCredential } from \"./credentials/chainedTokenCredential.js\";\n\nexport { ClientSecretCredential } from \"./credentials/clientSecretCredential.js\";\nexport { ClientSecretCredentialOptions } from \"./credentials/clientSecretCredentialOptions.js\";\n\nexport { DefaultAzureCredential } from \"./credentials/defaultAzureCredential.js\";\nexport {\n DefaultAzureCredentialOptions,\n DefaultAzureCredentialClientIdOptions,\n DefaultAzureCredentialResourceIdOptions,\n} from \"./credentials/defaultAzureCredentialOptions.js\";\n\nexport { EnvironmentCredential } from \"./credentials/environmentCredential.js\";\nexport { EnvironmentCredentialOptions } from \"./credentials/environmentCredentialOptions.js\";\n\nexport { ClientCertificateCredential } from \"./credentials/clientCertificateCredential.js\";\nexport {\n ClientCertificateCredentialPEMConfiguration,\n ClientCertificatePEMCertificatePath,\n ClientCertificatePEMCertificate,\n} from \"./credentials/clientCertificateCredentialModels.js\";\nexport { ClientCertificateCredentialOptions } from \"./credentials/clientCertificateCredentialOptions.js\";\nexport { ClientAssertionCredential } from \"./credentials/clientAssertionCredential.js\";\nexport { ClientAssertionCredentialOptions } from \"./credentials/clientAssertionCredentialOptions.js\";\nexport { CredentialPersistenceOptions } from \"./credentials/credentialPersistenceOptions.js\";\nexport { AzureCliCredential } from \"./credentials/azureCliCredential.js\";\nexport { AzureCliCredentialOptions } from \"./credentials/azureCliCredentialOptions.js\";\nexport { AzureDeveloperCliCredential } from \"./credentials/azureDeveloperCliCredential.js\";\nexport { AzureDeveloperCliCredentialOptions } from \"./credentials/azureDeveloperCliCredentialOptions.js\";\nexport { InteractiveBrowserCredential } from \"./credentials/interactiveBrowserCredential.js\";\nexport {\n InteractiveBrowserCredentialNodeOptions,\n InteractiveBrowserCredentialInBrowserOptions,\n BrowserLoginStyle,\n} from \"./credentials/interactiveBrowserCredentialOptions.js\";\nexport { ManagedIdentityCredential } from \"./credentials/managedIdentityCredential/index.js\";\nexport {\n ManagedIdentityCredentialClientIdOptions,\n ManagedIdentityCredentialResourceIdOptions,\n ManagedIdentityCredentialObjectIdOptions,\n} from \"./credentials/managedIdentityCredential/options.js\";\nexport { DeviceCodeCredential } from \"./credentials/deviceCodeCredential.js\";\nexport {\n DeviceCodePromptCallback,\n DeviceCodeInfo,\n} from \"./credentials/deviceCodeCredentialOptions.js\";\nexport { DeviceCodeCredentialOptions } from \"./credentials/deviceCodeCredentialOptions.js\";\nexport { AzurePipelinesCredential as AzurePipelinesCredential } from \"./credentials/azurePipelinesCredential.js\";\nexport { AzurePipelinesCredentialOptions as AzurePipelinesCredentialOptions } from \"./credentials/azurePipelinesCredentialOptions.js\";\nexport { AuthorizationCodeCredential } from \"./credentials/authorizationCodeCredential.js\";\nexport { AuthorizationCodeCredentialOptions } from \"./credentials/authorizationCodeCredentialOptions.js\";\nexport { AzurePowerShellCredential } from \"./credentials/azurePowerShellCredential.js\";\nexport { AzurePowerShellCredentialOptions } from \"./credentials/azurePowerShellCredentialOptions.js\";\nexport {\n OnBehalfOfCredentialOptions,\n OnBehalfOfCredentialSecretOptions,\n OnBehalfOfCredentialCertificateOptions,\n OnBehalfOfCredentialAssertionOptions,\n} from \"./credentials/onBehalfOfCredentialOptions.js\";\nexport { UsernamePasswordCredential } from \"./credentials/usernamePasswordCredential.js\";\nexport { UsernamePasswordCredentialOptions } from \"./credentials/usernamePasswordCredentialOptions.js\";\nexport { VisualStudioCodeCredential } from \"./credentials/visualStudioCodeCredential.js\";\nexport { VisualStudioCodeCredentialOptions } from \"./credentials/visualStudioCodeCredentialOptions.js\";\nexport { OnBehalfOfCredential } from \"./credentials/onBehalfOfCredential.js\";\nexport { WorkloadIdentityCredential } from \"./credentials/workloadIdentityCredential.js\";\nexport { WorkloadIdentityCredentialOptions } from \"./credentials/workloadIdentityCredentialOptions.js\";\nexport { BrowserCustomizationOptions } from \"./credentials/browserCustomizationOptions.js\";\nexport { TokenCachePersistenceOptions } from \"./msal/nodeFlows/tokenCachePersistenceOptions.js\";\n\nexport { TokenCredential, GetTokenOptions, AccessToken } from \"@azure/core-auth\";\nexport { logger } from \"./util/logging.js\";\n\nexport { AzureAuthorityHosts } from \"./constants.js\";\n\n/**\n * Returns a new instance of the {@link DefaultAzureCredential}.\n */\nexport function getDefaultAzureCredential(): TokenCredential {\n return new DefaultAzureCredential();\n}\n\nexport { getBearerTokenProvider, GetBearerTokenProviderOptions } from \"./tokenProvider.js\";\n"]}

package/dist/workerd/msal/browserFlows/msalBrowserCommon.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+import type { MsalBrowserFlowOptions } from "./msalBrowserOptions.js";
+import type { AccessToken } from "@azure/core-auth";
+import type { AuthenticationRecord } from "../types.js";
+import type { CredentialFlowGetTokenOptions } from "../credentials.js";
+/**
+ * Methods that are used by InteractiveBrowserCredential
+ * @internal
+ */
+export interface MsalBrowserClient {
+    getActiveAccount(): Promise<AuthenticationRecord | undefined>;
+    getToken(scopes: string[], options: CredentialFlowGetTokenOptions): Promise<AccessToken>;
+}
+/**
+ * Uses MSAL Browser 2.X for browser authentication,
+ * which uses the [Auth Code Flow](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow).
+ * @internal
+ */
+export declare function createMsalBrowserClient(options: MsalBrowserFlowOptions): MsalBrowserClient;
+//# sourceMappingURL=msalBrowserCommon.d.ts.map

package/dist/workerd/msal/browserFlows/msalBrowserCommon.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"msalBrowserCommon.d.ts","sourceRoot":"","sources":["../../../../src/msal/browserFlows/msalBrowserCommon.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,yBAAyB,CAAC;AAYtE,OAAO,KAAK,EAAE,WAAW,EAAmB,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAc,MAAM,aAAa,CAAC;AAEpE,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,mBAAmB,CAAC;AA2CvE;;;GAGG;AACH,MAAM,WAAW,iBAAiB;IAChC,gBAAgB,IAAI,OAAO,CAAC,oBAAoB,GAAG,SAAS,CAAC,CAAC;IAC9D,QAAQ,CAAC,MAAM,EAAE,MAAM,EAAE,EAAE,OAAO,EAAE,6BAA6B,GAAG,OAAO,CAAC,WAAW,CAAC,CAAC;CAC1F;AAKD;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,sBAAsB,GAAG,iBAAiB,CA+R1F"}