npm - @azure/keyvault-admin - Versions diffs - 4.2.0-alpha.20211213.2 → 4.2.0-alpha.20211214.4 - Mend

@azure/keyvault-admin 4.2.0-alpha.20211213.2 → 4.2.0-alpha.20211214.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist-esm/keyvault-common/src/challengeBasedAuthenticationPolicy.js CHANGED Viewed

@@ -1,10 +1,10 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
 /* eslint-disable @azure/azure-sdk/ts-use-interface-parameters */
-import { BaseRequestPolicy } from "@azure/core-http";
-import { Constants } from "@azure/core-http";
 import { ExpiringAccessTokenCache } from "@azure/core-http";
+import { BaseRequestPolicy } from "@azure/core-http";
 import { parseWWWAuthenticate } from "./parseWWWAuthenticate";
+import { Constants } from "@azure/core-http";
 /**
  * Representation of the Authentication Challenge
  */

package/dist-esm/keyvault-common/src/challengeBasedAuthenticationPolicy.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"challengeBasedAuthenticationPolicy.js","sourceRoot":"","sources":["../../../../keyvault-common/src/challengeBasedAuthenticationPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,iEAAiE;AAGjE,OAAO,EACL,iBAAiB,EAIlB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG7C,OAAO,EAAoB,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAC9E,OAAO,EAAE,oBAAoB,EAAyB,MAAM,wBAAwB,CAAC;AAErF;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAClC,YAAmB,aAAqB,EAAS,KAAa,EAAS,QAAiB;QAArE,kBAAa,GAAb,aAAa,CAAQ;QAAS,UAAK,GAAL,KAAK,CAAQ;QAAS,aAAQ,GAAR,QAAQ,CAAS;IAAG,CAAC;IAE5F;;;;;;OAMG;IACI,OAAO,CAAC,KAA0C;;QACvD,OAAO,KAAK;YACV,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE;gBACpD,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,aAAa,CAAC,WAAW,EAAE;gBACtE,CAAA,MAAA,IAAI,CAAC,QAAQ,0CAAE,WAAW,EAAE,OAAK,MAAA,KAAK,CAAC,QAAQ,0CAAE,WAAW,EAAE,CAAA;YAClE,CAAC,CAAC,KAAK,CAAC;IACZ,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IAGhC,kBAAkB,CAAC,SAAkC;QAC1D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,UAAU,kCAAkC,CAChD,UAA2B;IAE3B,MAAM,UAAU,GAAqB,IAAI,wBAAwB,EAAE,CAAC;IACpE,MAAM,cAAc,GAAG,IAAI,4BAA4B,EAAE,CAAC;IAC1D,OAAO;QACL,MAAM,EAAE,CAAC,UAAyB,EAAE,OAA6B,EAAE,EAAE;YACnE,OAAO,IAAI,kCAAkC,CAC3C,UAAU,EACV,OAAO,EACP,UAAU,EACV,UAAU,EACV,cAAc,CACf,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,kCAAmC,SAAQ,iBAAiB;IAKvE;;;;;;;OAOG;IACH,YACE,UAAyB,EACzB,OAA6B,EACrB,UAA2B,EAC3B,UAA4B,EAC5B,cAA4C;QAEpD,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAJnB,eAAU,GAAV,UAAU,CAAiB;QAC3B,eAAU,GAAV,UAAU,CAAkB;QAC5B,mBAAc,GAAd,cAAc,CAA8B;QAjB9C,yBAAoB,GAEC,oBAAoB,CAAC;IAkBlD,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS,CAAC,WAAwB;QAC9C,IAAI,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;QAEnD,oEAAoE;QACpE,IAAI,WAAW,KAAK,SAAS,EAAE;YAC7B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,KAAK,EAAE;gBACzF,QAAQ,EAAE,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,QAAQ;aAClD,CAAC,CAAC;YACH,WAAW,GAAG,aAAa,IAAI,SAAS,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;SAC7C;QAED,IAAI,WAAW,EAAE;YACf,WAAW,CAAC,OAAO,CAAC,GAAG,CACrB,SAAS,CAAC,eAAe,CAAC,aAAa,EACvC,UAAU,WAAW,CAAC,KAAK,EAAE,CAC9B,CAAC;SACH;IACH,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB,CAC/B,eAAuB,EACvB,WAAwB;;QAExB,wDAAwD;QACxD,uCAAuC;QACvC,+EAA+E;QAC/E,MAAM,aAAa,GAAG,IAAI,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,aAAa,GAAG,aAAa,CAAC,aAAc,CAAC;QACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAS,IAAI,aAAa,CAAC,KAAM,CAAC;QACjE,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;QAExC,IAAI,CAAC,CAAC,aAAa,IAAI,QAAQ,CAAC,EAAE;YAChC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAClD;QAED,MAAM,SAAS,GAAG,IAAI,uBAAuB,CAAC,aAAa,EAAE,QAAQ,GAAG,WAAW,EAAE,QAAQ,CAAC,CAAC;QAE/F,uFAAuF;QACvF,oDAAoD;QACpD,iGAAiG;QACjG,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,cAAc,CAAC,SAAS,0CAAE,OAAO,CAAC,SAAS,CAAC,CAAA,EAAE;YACtD,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAClD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;SAC3C;QAED,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAClC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IACnD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,WAAW,CAAC,WAAwB;QAC/C,sDAAsD;QACtD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YACzC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;SAC1F;QAED,+EAA+E;QAC/E,IAAI,QAA+B,CAAC;QAEpC,IACE,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS;YAC3C,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS,EAC3C;YACA,2EAA2E;YAC3E,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC;YACtC,WAAW,CAAC,IAAI,GAAG,EAAE,CAAC;YACtB,IAAI;gBACF,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;aAC5D;oBAAS;gBACR,WAAW,CAAC,IAAI,GAAG,YAAY,CAAC;aACjC;SACF;aAAM;YACL,wCAAwC;YACxC,kGAAkG;YAClG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YAClC,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAC5D;QAED,yDAAyD;QACzD,gGAAgG;QAChG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,OAAO,QAAQ,CAAC;SACjB;QAED,oGAAoG;QACpG,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACjE,IAAI,CAAC,eAAe,EAAE;YACpB,OAAO,QAAQ,CAAC;SACjB;QAED,sEAAsE;QACtE,OAAO,IAAI,CAAC,mBAAmB,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAChE,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n/* eslint-disable @azure/azure-sdk/ts-use-interface-parameters /\n\nimport { TokenCredential } from \"@azure/core-http\";\nimport {\n BaseRequestPolicy,\n RequestPolicy,\n RequestPolicyOptions,\n RequestPolicyFactory\n} from \"@azure/core-http\";\nimport { Constants } from \"@azure/core-http\";\nimport { HttpOperationResponse } from \"@azure/core-http\";\nimport { WebResource } from \"@azure/core-http\";\nimport { AccessTokenCache, ExpiringAccessTokenCache } from \"@azure/core-http\";\nimport { parseWWWAuthenticate, ParsedWWWAuthenticate } from \"./parseWWWAuthenticate\";\n\n/\n Representation of the Authentication Challenge\n /\nexport class AuthenticationChallenge {\n constructor(public authorization: string, public scope: string, public tenantId?: string) {}\n\n /\n Checks that this AuthenticationChallenge is equal to another one given.\n * Only compares the scope.\n * This is exactly what C# is doing, as we can see here:\n * https://github.com/Azure/azure-sdk-for-net/blob/70e54b878ff1d01a45266fb3674a396b4ab9c1d2/sdk/keyvault/Azure.Security.KeyVault.Shared/src/ChallengeBasedAuthenticationPolicy.cs#L143-L147\n * @param other - The other AuthenticationChallenge\n /\n public equalTo(other: AuthenticationChallenge \| undefined): boolean {\n return other\n ? this.scope.toLowerCase() === other.scope.toLowerCase() &&\n this.authorization.toLowerCase() === other.authorization.toLowerCase() &&\n this.tenantId?.toLowerCase() === other.tenantId?.toLowerCase()\n : false;\n }\n}\n\n/\n Helps keep a copy of any previous authentication challenges,\n * so that we can compare on any further request.\n /\nexport class AuthenticationChallengeCache {\n public challenge?: AuthenticationChallenge;\n\n public setCachedChallenge(challenge: AuthenticationChallenge): void {\n this.challenge = challenge;\n }\n}\n\n/\n Creates a new ChallengeBasedAuthenticationPolicy factory.\n \n @param credential - The TokenCredential implementation that can supply the challenge token.\n /\nexport function challengeBasedAuthenticationPolicy(\n credential: TokenCredential\n): RequestPolicyFactory {\n const tokenCache: AccessTokenCache = new ExpiringAccessTokenCache();\n const challengeCache = new AuthenticationChallengeCache();\n return {\n create: (nextPolicy: RequestPolicy, options: RequestPolicyOptions) => {\n return new ChallengeBasedAuthenticationPolicy(\n nextPolicy,\n options,\n credential,\n tokenCache,\n challengeCache\n );\n }\n };\n}\n\n/\n \n * Provides a RequestPolicy that can request a token from a TokenCredential\n * implementation and then apply it to the Authorization header of a request\n * as a Bearer token.\n \n /\nexport class ChallengeBasedAuthenticationPolicy extends BaseRequestPolicy {\n private parseWWWAuthenticate: (\n wwwAuthenticate: string\n ) => ParsedWWWAuthenticate = parseWWWAuthenticate;\n\n /*\n Creates a new ChallengeBasedAuthenticationPolicy object.\n \n @param nextPolicy - The next RequestPolicy in the request pipeline.\n * @param options - Options for this RequestPolicy.\n * @param credential - The TokenCredential implementation that can supply the bearer token.\n * @param tokenCache - The cache for the most recent AccessToken returned by the TokenCredential.\n /\n constructor(\n nextPolicy: RequestPolicy,\n options: RequestPolicyOptions,\n private credential: TokenCredential,\n private tokenCache: AccessTokenCache,\n private challengeCache: AuthenticationChallengeCache\n ) {\n super(nextPolicy, options);\n }\n\n /\n Gets or updates the token from the token cache into the headers of the received web resource.\n /\n private async loadToken(webResource: WebResource): Promise<void> {\n let accessToken = this.tokenCache.getCachedToken();\n\n // If there's no cached token in the cache, we try to get a new one.\n if (accessToken === undefined) {\n const receivedToken = await this.credential.getToken(this.challengeCache.challenge!.scope, {\n tenantId: this.challengeCache.challenge!.tenantId\n });\n accessToken = receivedToken \|\| undefined;\n this.tokenCache.setCachedToken(accessToken);\n }\n\n if (accessToken) {\n webResource.headers.set(\n Constants.HeaderConstants.AUTHORIZATION,\n `Bearer ${accessToken.token}`\n );\n }\n }\n\n /\n Parses the given WWW-Authenticate header, generates a new AuthenticationChallenge,\n * then if the challenge is different from the one cached, resets the token and forces\n * a re-authentication, otherwise continues with the existing challenge and token.\n * @param wwwAuthenticate - Value of the incoming WWW-Authenticate header.\n * @param webResource - Ongoing HTTP request.\n /\n private async regenerateChallenge(\n wwwAuthenticate: string,\n webResource: WebResource\n ): Promise<HttpOperationResponse> {\n // The challenge based authentication will contain both:\n // - An authorization URI with a token,\n // - The resource to which that token is valid against (also called the scope).\n const parsedWWWAuth = this.parseWWWAuthenticate(wwwAuthenticate);\n const authorization = parsedWWWAuth.authorization!;\n const resource = parsedWWWAuth.resource! \|\| parsedWWWAuth.scope!;\n const tenantId = parsedWWWAuth.tenantId;\n\n if (!(authorization && resource)) {\n return this._nextPolicy.sendRequest(webResource);\n }\n\n const challenge = new AuthenticationChallenge(authorization, resource + \"/.default\", tenantId);\n\n // Either if there's no cached challenge at this point (could have happen in parallel),\n // or if the cached challenge has a different scope,\n // we store the just received challenge and reset the cached token, to force a re-authentication.\n if (!this.challengeCache.challenge?.equalTo(challenge)) {\n this.challengeCache.setCachedChallenge(challenge);\n this.tokenCache.setCachedToken(undefined);\n }\n\n await this.loadToken(webResource);\n return this._nextPolicy.sendRequest(webResource);\n }\n\n /\n Applies the Bearer token to the request through the Authorization header.\n * @param webResource - Ongoing HTTP request.\n */\n public async sendRequest(webResource: WebResource): Promise<HttpOperationResponse> {\n // Ensure that we're about to use a secure connection.\n if (!webResource.url.startsWith(\"https:\")) {\n throw new Error(\"The resource address for authorization must use the 'https' protocol.\");\n }\n\n // The next request will happen differently whether we have a challenge or not.\n let response: HttpOperationResponse;\n\n if (\n this.challengeCache.challenge === undefined \|\|\n this.challengeCache.challenge === undefined\n ) {\n // If there's no challenge in cache, a blank body will start the challenge.\n const originalBody = webResource.body;\n webResource.body = \"\";\n try {\n response = await this._nextPolicy.sendRequest(webResource);\n } finally {\n webResource.body = originalBody;\n }\n } else {\n // If we did have a challenge in memory,\n // we attempt to load the token from the cache into the request before we try to send the request.\n await this.loadToken(webResource);\n response = await this._nextPolicy.sendRequest(webResource);\n }\n\n // If we don't receive a response with a 401 status code,\n // then we can assume this response has nothing to do with the challenge authentication process.\n if (response.status !== 401) {\n return response;\n }\n\n // If the response status is 401, we only re-authenticate if the WWW-Authenticate header is present.\n const wwwAuthenticate = response.headers.get(\"WWW-Authenticate\");\n if (!wwwAuthenticate) {\n return response;\n }\n\n // We re-generate the challenge and see if we have to re-authenticate.\n return this.regenerateChallenge(wwwAuthenticate, webResource);\n }\n}\n"]}
1	+ {"version":3,"file":"challengeBasedAuthenticationPolicy.js","sourceRoot":"","sources":["../../../../keyvault-common/src/challengeBasedAuthenticationPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,iEAAiE;AAEjE,OAAO,EAAoB,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAC9E,OAAO,EACL,iBAAiB,EAIlB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAyB,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAK7C;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAClC,YAAmB,aAAqB,EAAS,KAAa,EAAS,QAAiB;QAArE,kBAAa,GAAb,aAAa,CAAQ;QAAS,UAAK,GAAL,KAAK,CAAQ;QAAS,aAAQ,GAAR,QAAQ,CAAS;IAAG,CAAC;IAE5F;;;;;;OAMG;IACI,OAAO,CAAC,KAA0C;;QACvD,OAAO,KAAK;YACV,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE;gBACpD,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,aAAa,CAAC,WAAW,EAAE;gBACtE,CAAA,MAAA,IAAI,CAAC,QAAQ,0CAAE,WAAW,EAAE,OAAK,MAAA,KAAK,CAAC,QAAQ,0CAAE,WAAW,EAAE,CAAA;YAClE,CAAC,CAAC,KAAK,CAAC;IACZ,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IAGhC,kBAAkB,CAAC,SAAkC;QAC1D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,UAAU,kCAAkC,CAChD,UAA2B;IAE3B,MAAM,UAAU,GAAqB,IAAI,wBAAwB,EAAE,CAAC;IACpE,MAAM,cAAc,GAAG,IAAI,4BAA4B,EAAE,CAAC;IAC1D,OAAO;QACL,MAAM,EAAE,CAAC,UAAyB,EAAE,OAA6B,EAAE,EAAE;YACnE,OAAO,IAAI,kCAAkC,CAC3C,UAAU,EACV,OAAO,EACP,UAAU,EACV,UAAU,EACV,cAAc,CACf,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,kCAAmC,SAAQ,iBAAiB;IAKvE;;;;;;;OAOG;IACH,YACE,UAAyB,EACzB,OAA6B,EACrB,UAA2B,EAC3B,UAA4B,EAC5B,cAA4C;QAEpD,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAJnB,eAAU,GAAV,UAAU,CAAiB;QAC3B,eAAU,GAAV,UAAU,CAAkB;QAC5B,mBAAc,GAAd,cAAc,CAA8B;QAjB9C,yBAAoB,GAEC,oBAAoB,CAAC;IAkBlD,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS,CAAC,WAAwB;QAC9C,IAAI,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;QAEnD,oEAAoE;QACpE,IAAI,WAAW,KAAK,SAAS,EAAE;YAC7B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,KAAK,EAAE;gBACzF,QAAQ,EAAE,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,QAAQ;aAClD,CAAC,CAAC;YACH,WAAW,GAAG,aAAa,IAAI,SAAS,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;SAC7C;QAED,IAAI,WAAW,EAAE;YACf,WAAW,CAAC,OAAO,CAAC,GAAG,CACrB,SAAS,CAAC,eAAe,CAAC,aAAa,EACvC,UAAU,WAAW,CAAC,KAAK,EAAE,CAC9B,CAAC;SACH;IACH,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB,CAC/B,eAAuB,EACvB,WAAwB;;QAExB,wDAAwD;QACxD,uCAAuC;QACvC,+EAA+E;QAC/E,MAAM,aAAa,GAAG,IAAI,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,aAAa,GAAG,aAAa,CAAC,aAAc,CAAC;QACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAS,IAAI,aAAa,CAAC,KAAM,CAAC;QACjE,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;QAExC,IAAI,CAAC,CAAC,aAAa,IAAI,QAAQ,CAAC,EAAE;YAChC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAClD;QAED,MAAM,SAAS,GAAG,IAAI,uBAAuB,CAAC,aAAa,EAAE,QAAQ,GAAG,WAAW,EAAE,QAAQ,CAAC,CAAC;QAE/F,uFAAuF;QACvF,oDAAoD;QACpD,iGAAiG;QACjG,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,cAAc,CAAC,SAAS,0CAAE,OAAO,CAAC,SAAS,CAAC,CAAA,EAAE;YACtD,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAClD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;SAC3C;QAED,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAClC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IACnD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,WAAW,CAAC,WAAwB;QAC/C,sDAAsD;QACtD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YACzC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;SAC1F;QAED,+EAA+E;QAC/E,IAAI,QAA+B,CAAC;QAEpC,IACE,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS;YAC3C,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS,EAC3C;YACA,2EAA2E;YAC3E,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC;YACtC,WAAW,CAAC,IAAI,GAAG,EAAE,CAAC;YACtB,IAAI;gBACF,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;aAC5D;oBAAS;gBACR,WAAW,CAAC,IAAI,GAAG,YAAY,CAAC;aACjC;SACF;aAAM;YACL,wCAAwC;YACxC,kGAAkG;YAClG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YAClC,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAC5D;QAED,yDAAyD;QACzD,gGAAgG;QAChG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,OAAO,QAAQ,CAAC;SACjB;QAED,oGAAoG;QACpG,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACjE,IAAI,CAAC,eAAe,EAAE;YACpB,OAAO,QAAQ,CAAC;SACjB;QAED,sEAAsE;QACtE,OAAO,IAAI,CAAC,mBAAmB,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAChE,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n/* eslint-disable @azure/azure-sdk/ts-use-interface-parameters /\n\nimport { AccessTokenCache, ExpiringAccessTokenCache } from \"@azure/core-http\";\nimport {\n BaseRequestPolicy,\n RequestPolicy,\n RequestPolicyFactory,\n RequestPolicyOptions\n} from \"@azure/core-http\";\nimport { ParsedWWWAuthenticate, parseWWWAuthenticate } from \"./parseWWWAuthenticate\";\nimport { Constants } from \"@azure/core-http\";\nimport { HttpOperationResponse } from \"@azure/core-http\";\nimport { TokenCredential } from \"@azure/core-http\";\nimport { WebResource } from \"@azure/core-http\";\n\n/\n Representation of the Authentication Challenge\n /\nexport class AuthenticationChallenge {\n constructor(public authorization: string, public scope: string, public tenantId?: string) {}\n\n /\n Checks that this AuthenticationChallenge is equal to another one given.\n * Only compares the scope.\n * This is exactly what C# is doing, as we can see here:\n * https://github.com/Azure/azure-sdk-for-net/blob/70e54b878ff1d01a45266fb3674a396b4ab9c1d2/sdk/keyvault/Azure.Security.KeyVault.Shared/src/ChallengeBasedAuthenticationPolicy.cs#L143-L147\n * @param other - The other AuthenticationChallenge\n /\n public equalTo(other: AuthenticationChallenge \| undefined): boolean {\n return other\n ? this.scope.toLowerCase() === other.scope.toLowerCase() &&\n this.authorization.toLowerCase() === other.authorization.toLowerCase() &&\n this.tenantId?.toLowerCase() === other.tenantId?.toLowerCase()\n : false;\n }\n}\n\n/\n Helps keep a copy of any previous authentication challenges,\n * so that we can compare on any further request.\n /\nexport class AuthenticationChallengeCache {\n public challenge?: AuthenticationChallenge;\n\n public setCachedChallenge(challenge: AuthenticationChallenge): void {\n this.challenge = challenge;\n }\n}\n\n/\n Creates a new ChallengeBasedAuthenticationPolicy factory.\n \n @param credential - The TokenCredential implementation that can supply the challenge token.\n /\nexport function challengeBasedAuthenticationPolicy(\n credential: TokenCredential\n): RequestPolicyFactory {\n const tokenCache: AccessTokenCache = new ExpiringAccessTokenCache();\n const challengeCache = new AuthenticationChallengeCache();\n return {\n create: (nextPolicy: RequestPolicy, options: RequestPolicyOptions) => {\n return new ChallengeBasedAuthenticationPolicy(\n nextPolicy,\n options,\n credential,\n tokenCache,\n challengeCache\n );\n }\n };\n}\n\n/\n \n * Provides a RequestPolicy that can request a token from a TokenCredential\n * implementation and then apply it to the Authorization header of a request\n * as a Bearer token.\n \n /\nexport class ChallengeBasedAuthenticationPolicy extends BaseRequestPolicy {\n private parseWWWAuthenticate: (\n wwwAuthenticate: string\n ) => ParsedWWWAuthenticate = parseWWWAuthenticate;\n\n /*\n Creates a new ChallengeBasedAuthenticationPolicy object.\n \n @param nextPolicy - The next RequestPolicy in the request pipeline.\n * @param options - Options for this RequestPolicy.\n * @param credential - The TokenCredential implementation that can supply the bearer token.\n * @param tokenCache - The cache for the most recent AccessToken returned by the TokenCredential.\n /\n constructor(\n nextPolicy: RequestPolicy,\n options: RequestPolicyOptions,\n private credential: TokenCredential,\n private tokenCache: AccessTokenCache,\n private challengeCache: AuthenticationChallengeCache\n ) {\n super(nextPolicy, options);\n }\n\n /\n Gets or updates the token from the token cache into the headers of the received web resource.\n /\n private async loadToken(webResource: WebResource): Promise<void> {\n let accessToken = this.tokenCache.getCachedToken();\n\n // If there's no cached token in the cache, we try to get a new one.\n if (accessToken === undefined) {\n const receivedToken = await this.credential.getToken(this.challengeCache.challenge!.scope, {\n tenantId: this.challengeCache.challenge!.tenantId\n });\n accessToken = receivedToken \|\| undefined;\n this.tokenCache.setCachedToken(accessToken);\n }\n\n if (accessToken) {\n webResource.headers.set(\n Constants.HeaderConstants.AUTHORIZATION,\n `Bearer ${accessToken.token}`\n );\n }\n }\n\n /\n Parses the given WWW-Authenticate header, generates a new AuthenticationChallenge,\n * then if the challenge is different from the one cached, resets the token and forces\n * a re-authentication, otherwise continues with the existing challenge and token.\n * @param wwwAuthenticate - Value of the incoming WWW-Authenticate header.\n * @param webResource - Ongoing HTTP request.\n /\n private async regenerateChallenge(\n wwwAuthenticate: string,\n webResource: WebResource\n ): Promise<HttpOperationResponse> {\n // The challenge based authentication will contain both:\n // - An authorization URI with a token,\n // - The resource to which that token is valid against (also called the scope).\n const parsedWWWAuth = this.parseWWWAuthenticate(wwwAuthenticate);\n const authorization = parsedWWWAuth.authorization!;\n const resource = parsedWWWAuth.resource! \|\| parsedWWWAuth.scope!;\n const tenantId = parsedWWWAuth.tenantId;\n\n if (!(authorization && resource)) {\n return this._nextPolicy.sendRequest(webResource);\n }\n\n const challenge = new AuthenticationChallenge(authorization, resource + \"/.default\", tenantId);\n\n // Either if there's no cached challenge at this point (could have happen in parallel),\n // or if the cached challenge has a different scope,\n // we store the just received challenge and reset the cached token, to force a re-authentication.\n if (!this.challengeCache.challenge?.equalTo(challenge)) {\n this.challengeCache.setCachedChallenge(challenge);\n this.tokenCache.setCachedToken(undefined);\n }\n\n await this.loadToken(webResource);\n return this._nextPolicy.sendRequest(webResource);\n }\n\n /\n Applies the Bearer token to the request through the Authorization header.\n * @param webResource - Ongoing HTTP request.\n */\n public async sendRequest(webResource: WebResource): Promise<HttpOperationResponse> {\n // Ensure that we're about to use a secure connection.\n if (!webResource.url.startsWith(\"https:\")) {\n throw new Error(\"The resource address for authorization must use the 'https' protocol.\");\n }\n\n // The next request will happen differently whether we have a challenge or not.\n let response: HttpOperationResponse;\n\n if (\n this.challengeCache.challenge === undefined \|\|\n this.challengeCache.challenge === undefined\n ) {\n // If there's no challenge in cache, a blank body will start the challenge.\n const originalBody = webResource.body;\n webResource.body = \"\";\n try {\n response = await this._nextPolicy.sendRequest(webResource);\n } finally {\n webResource.body = originalBody;\n }\n } else {\n // If we did have a challenge in memory,\n // we attempt to load the token from the cache into the request before we try to send the request.\n await this.loadToken(webResource);\n response = await this._nextPolicy.sendRequest(webResource);\n }\n\n // If we don't receive a response with a 401 status code,\n // then we can assume this response has nothing to do with the challenge authentication process.\n if (response.status !== 401) {\n return response;\n }\n\n // If the response status is 401, we only re-authenticate if the WWW-Authenticate header is present.\n const wwwAuthenticate = response.headers.get(\"WWW-Authenticate\");\n if (!wwwAuthenticate) {\n return response;\n }\n\n // We re-generate the challenge and see if we have to re-authenticate.\n return this.regenerateChallenge(wwwAuthenticate, webResource);\n }\n}\n"]}

package/dist-esm/keyvault-common/src/tracingHelpers.js CHANGED Viewed

@@ -1,6 +1,6 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
-import { createSpanFunction, SpanStatusCode } from "@azure/core-tracing";
+import { SpanStatusCode, createSpanFunction } from "@azure/core-tracing";
 /**
  * Returns a function that can be used for tracing options.
  *

package/dist-esm/keyvault-common/src/tracingHelpers.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"tracingHelpers.js","sourceRoot":"","sources":["../../../../keyvault-common/src/tracingHelpers.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;~~AAGlC~~,OAAO,~~EAAE,kBAAkB,~~EAAQ,cAAc,EAAE,MAAM,qBAAqB,CAAC;~~AAqB~~/E;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC;QACpC,SAAS,EAAE,oBAAoB;QAC/B,aAAa,EAAE,MAAM;KACtB,CAAC,CAAC;IAEH,OAAO,KAAK,WAAU,aAAa,EAAE,OAAO,EAAE,EAAE;QAC9C,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAEpE,IAAI;YACF,6GAA6G;YAC7G,kBAAkB;YAClB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YAE9C,oEAAoE;YACpE,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,EAAE;aACxB,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;SACf;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,KAAK;gBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,GAAG,CAAC;SACX;gBAAS;YACR,IAAI,CAAC,GAAG,EAAE,CAAC;SACZ;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { ~~OperationOptions~~ } from \"@azure/core-~~http~~\";\nimport { ~~createSpanFunction,~~ ~~Span, SpanStatusCode~~ } from \"@azure/core-~~tracing~~\";\n\n/*\n An interface representing a function that is traced.\n \n A traced function will automatically create and close tracing '\n * spans as needed and will handle setting the status / errors as a\n * result of calling the underlying callback.\n \n use {@link createTraceFunction} to add tracing to a block of code.\n \n @internal\n /\nexport interface TracedFunction {\n <TOptions extends OperationOptions, TReturn>(\n operationName: string,\n options: TOptions,\n cb: (options: TOptions, span: Span) => Promise<TReturn>\n ): Promise<TReturn>;\n}\n\n/\n Returns a function that can be used for tracing options.\n \n @param prefix - The prefix to use, likely the name of the class / client.\n \n @example const withTrace = createTraceFunction(\"Azure.KeyVault.Certificates.CertificateClient\")\n \n @internal\n */\nexport function createTraceFunction(prefix: string): TracedFunction {\n const createSpan = createSpanFunction({\n namespace: \"Microsoft.KeyVault\",\n packagePrefix: prefix\n });\n\n return async function(operationName, options, cb) {\n const { updatedOptions, span } = createSpan(operationName, options);\n\n try {\n // NOTE: we really do need to await on this function here so we can handle any exceptions thrown and properly\n // close the span.\n const result = await cb(updatedOptions, span);\n\n // otel 0.16+ needs this or else the code ends up being set as UNSET\n span.setStatus({\n code: SpanStatusCode.OK\n });\n return result;\n } catch (err) {\n span.setStatus({\n code: SpanStatusCode.ERROR,\n message: err.message\n });\n throw err;\n } finally {\n span.end();\n }\n };\n}\n"]}
1	+ {"version":3,"file":"tracingHelpers.js","sourceRoot":"","sources":["../../../../keyvault-common/src/tracingHelpers.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAQ,cAAc,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAsB/E;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC;QACpC,SAAS,EAAE,oBAAoB;QAC/B,aAAa,EAAE,MAAM;KACtB,CAAC,CAAC;IAEH,OAAO,KAAK,WAAU,aAAa,EAAE,OAAO,EAAE,EAAE;QAC9C,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAEpE,IAAI;YACF,6GAA6G;YAC7G,kBAAkB;YAClB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YAE9C,oEAAoE;YACpE,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,EAAE;aACxB,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;SACf;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,KAAK;gBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,GAAG,CAAC;SACX;gBAAS;YACR,IAAI,CAAC,GAAG,EAAE,CAAC;SACZ;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { Span, SpanStatusCode, createSpanFunction } from \"@azure/core-tracing\";\nimport { OperationOptions } from \"@azure/core-http\";\n\n/*\n An interface representing a function that is traced.\n \n A traced function will automatically create and close tracing '\n * spans as needed and will handle setting the status / errors as a\n * result of calling the underlying callback.\n \n use {@link createTraceFunction} to add tracing to a block of code.\n \n @internal\n /\nexport interface TracedFunction {\n <TOptions extends OperationOptions, TReturn>(\n operationName: string,\n options: TOptions,\n cb: (options: TOptions, span: Span) => Promise<TReturn>\n ): Promise<TReturn>;\n}\n\n/\n Returns a function that can be used for tracing options.\n \n @param prefix - The prefix to use, likely the name of the class / client.\n \n @example const withTrace = createTraceFunction(\"Azure.KeyVault.Certificates.CertificateClient\")\n \n @internal\n */\nexport function createTraceFunction(prefix: string): TracedFunction {\n const createSpan = createSpanFunction({\n namespace: \"Microsoft.KeyVault\",\n packagePrefix: prefix\n });\n\n return async function(operationName, options, cb) {\n const { updatedOptions, span } = createSpan(operationName, options);\n\n try {\n // NOTE: we really do need to await on this function here so we can handle any exceptions thrown and properly\n // close the span.\n const result = await cb(updatedOptions, span);\n\n // otel 0.16+ needs this or else the code ends up being set as UNSET\n span.setStatus({\n code: SpanStatusCode.OK\n });\n return result;\n } catch (err) {\n span.setStatus({\n code: SpanStatusCode.ERROR,\n message: err.message\n });\n throw err;\n } finally {\n span.end();\n }\n };\n}\n"]}

package/package.json CHANGED Viewed

@@ -2,7 +2,7 @@
   "name": "@azure/keyvault-admin",
   "sdk-type": "client",
   "author": "Microsoft Corporation",
-  "version": "4.2.0-alpha.20211213.2",
+  "version": "4.2.0-alpha.20211214.4",
   "license": "MIT",
   "description": "Isomorphic client library for Azure KeyVault's administrative functions.",
   "homepage": "https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/keyvault/keyvault-admin/README.md",
@@ -67,8 +67,7 @@
     "test": "npm run clean && npm run build:test && npm run unit-test",
     "unit-test:browser": "echo skipped",
     "unit-test:node": "mocha -r esm --require ts-node/register --reporter ../../../common/tools/mocha-multi-reporter.js --timeout 180000 --full-trace \"test/{,!(browser)/**/}*.spec.ts\"",
-    "unit-test": "npm run unit-test:node && npm run unit-test:browser",
-    "docs": "typedoc --excludePrivate --excludeNotExported --excludeExternals --stripInternal --mode file --out ./dist/docs ./src"
+    "unit-test": "npm run unit-test:node && npm run unit-test:browser"
   },
   "//metadata": {
     "constantPaths": [
@@ -138,14 +137,13 @@
     "eslint": "^7.15.0",
     "esm": "^3.2.18",
     "mocha": "^7.1.1",
-    "mocha-junit-reporter": "^1.18.0",
+    "mocha-junit-reporter": "^2.0.0",
     "nyc": "^15.0.0",
     "prettier": "^1.16.4",
     "rimraf": "^3.0.0",
     "rollup": "^1.16.3",
     "sinon": "^9.0.2",
     "source-map-support": "^0.5.9",
-    "typedoc": "0.15.2",
     "typescript": "~4.2.0"
   }
 }