@azure/keyvault-admin 4.2.0-beta.2 → 4.2.1-alpha.20220330.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +17 -1
- package/README.md +3 -0
- package/dist/index.js +218 -209
- package/dist/index.js.map +1 -1
- package/dist-esm/keyvault-admin/src/accessControlClient.js +14 -21
- package/dist-esm/keyvault-admin/src/accessControlClient.js.map +1 -1
- package/dist-esm/keyvault-admin/src/accessControlModels.js +1 -1
- package/dist-esm/keyvault-admin/src/accessControlModels.js.map +1 -1
- package/dist-esm/keyvault-admin/src/backupClient.js +7 -7
- package/dist-esm/keyvault-admin/src/backupClient.js.map +1 -1
- package/dist-esm/keyvault-admin/src/challengeAuthenticationCallbacks.js +5 -5
- package/dist-esm/keyvault-admin/src/challengeAuthenticationCallbacks.js.map +1 -1
- package/dist-esm/keyvault-admin/src/constants.js +2 -2
- package/dist-esm/keyvault-admin/src/constants.js.map +1 -1
- package/dist-esm/keyvault-admin/src/generated/keyVaultClient.js +2 -1
- package/dist-esm/keyvault-admin/src/generated/keyVaultClient.js.map +1 -1
- package/dist-esm/keyvault-admin/src/generated/keyVaultClientContext.js +2 -2
- package/dist-esm/keyvault-admin/src/generated/keyVaultClientContext.js.map +1 -1
- package/dist-esm/keyvault-admin/src/generated/models/index.js +6 -6
- package/dist-esm/keyvault-admin/src/generated/models/index.js.map +1 -1
- package/dist-esm/keyvault-admin/src/generated/operations/roleAssignments.js +1 -1
- package/dist-esm/keyvault-admin/src/generated/operations/roleAssignments.js.map +1 -1
- package/dist-esm/keyvault-admin/src/generated/operations/roleDefinitions.js +1 -1
- package/dist-esm/keyvault-admin/src/generated/operations/roleDefinitions.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/backup/operation.js +4 -4
- package/dist-esm/keyvault-admin/src/lro/backup/operation.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/backup/poller.js +2 -2
- package/dist-esm/keyvault-admin/src/lro/backup/poller.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/keyVaultAdminPoller.js +2 -2
- package/dist-esm/keyvault-admin/src/lro/keyVaultAdminPoller.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/restore/operation.js +5 -5
- package/dist-esm/keyvault-admin/src/lro/restore/operation.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/restore/poller.js +2 -2
- package/dist-esm/keyvault-admin/src/lro/restore/poller.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/selectiveKeyRestore/operation.js +4 -4
- package/dist-esm/keyvault-admin/src/lro/selectiveKeyRestore/operation.js.map +1 -1
- package/dist-esm/keyvault-admin/src/lro/selectiveKeyRestore/poller.js +2 -2
- package/dist-esm/keyvault-admin/src/lro/selectiveKeyRestore/poller.js.map +1 -1
- package/dist-esm/keyvault-admin/src/mappings.js +7 -7
- package/dist-esm/keyvault-admin/src/mappings.js.map +1 -1
- package/dist-esm/keyvault-admin/src/tracingHelpers.js +4 -4
- package/dist-esm/keyvault-admin/src/tracingHelpers.js.map +1 -1
- package/dist-esm/keyvault-common/src/challengeBasedAuthenticationPolicy.js +4 -4
- package/dist-esm/keyvault-common/src/challengeBasedAuthenticationPolicy.js.map +1 -1
- package/dist-esm/keyvault-common/src/parseKeyvaultIdentifier.js +1 -1
- package/dist-esm/keyvault-common/src/parseKeyvaultIdentifier.js.map +1 -1
- package/dist-esm/keyvault-common/src/parseWWWAuthenticate.js +1 -1
- package/dist-esm/keyvault-common/src/parseWWWAuthenticate.js.map +1 -1
- package/dist-esm/keyvault-common/src/tracingHelpers.js +4 -4
- package/dist-esm/keyvault-common/src/tracingHelpers.js.map +1 -1
- package/package.json +14 -30
- package/types/keyvault-admin.d.ts +36 -11
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"operation.js","sourceRoot":"","sources":["../../../../../src/lro/selectiveKeyRestore/operation.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;
|
|
1
|
+
{"version":3,"file":"operation.js","sourceRoot":"","sources":["../../../../../src/lro/selectiveKeyRestore/operation.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EACL,0BAA0B,GAE3B,MAAM,wBAAwB,CAAC;AAchC,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE3D;;GAEG;AACH,MAAM,SAAS,GAAG,mBAAmB,CAAC,wDAAwD,CAAC,CAAC;AA8BhG;;GAEG;AACH,MAAM,OAAO,wCAAyC,SAAQ,0BAG7D;IACC,YACS,KAAoD,EACnD,QAAgB,EAChB,MAAsB,EACtB,iBAA0D,EAAE;QAEpE,KAAK,CAAC,KAAK,EAAE,EAAE,aAAa,EAAE,4DAA4D,EAAE,CAAC,CAAC;QALvF,UAAK,GAAL,KAAK,CAA+C;QACnD,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAgB;QACtB,mBAAc,GAAd,cAAc,CAA8C;IAGtE,CAAC;IAED;;OAEG;IACK,gBAAgB,CACtB,OAAe,EACf,OAAmD;QAEnD,OAAO,SAAS,CAAC,kBAAkB,EAAE,OAAO,EAAE,CAAC,cAAc,EAAE,EAAE,CAC/D,IAAI,CAAC,MAAM,CAAC,4BAA4B,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,cAAc,CAAC,CACjF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,KAAa,EAAE,OAAyB;QAC5D,OAAO,SAAS,CAAC,eAAe,EAAE,OAAO,EAAE,CAAC,cAAc,EAAE,EAAE,CAC5D,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,cAAc,CAAC,CAChE,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,UAGI,EAAE;QAEN,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC;QAE3D,IAAI,OAAO,CAAC,WAAW,EAAE;YACvB,IAAI,CAAC,cAAc,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;SACvD;QAED,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE;YACpB,MAAM,yBAAyB,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,OAAO,kCAChE,IAAI,CAAC,cAAc,KACtB,kBAAkB,EAAE;oBAClB,MAAM,EAAE,UAAU;oBAClB,kBAAkB,EAAE;wBAClB,kBAAkB,EAAE,SAAS;wBAC7B,KAAK,EAAE,QAAQ;qBAChB;iBACF,IACD,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,yBAAyB,CAAC,CAAC;SAC1C;aAAM,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE;YAC7B,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE;gBAChB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;aACrE;YACD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;YACpF,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;SACjC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,QAAQ,CAAC,gBAAkC;QACjD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACzB,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,gBAAgB,CAAC;QAErF,IAAI,CAAC,SAAS,EAAE;YACd,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAC;SAC9E;QAED,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC;QACvB,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC;QACpB,KAAK,CAAC,OAAO,GAAG,OAAO,CAAC;QACxB,KAAK,CAAC,SAAS,GAAG,SAAS,CAAC;QAC5B,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;QACtB,KAAK,CAAC,aAAa,GAAG,aAAa,CAAC;QACpC,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC,OAAO,CAAC;QAE9B,IAAI,KAAK,CAAC,WAAW,KAAI,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,IAAI,CAAA,EAAE;YACpC,MAAM,IAAI,KAAK,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,KAAI,aAAa,CAAC,CAAC;SAClD;QAED,IAAI,KAAK,CAAC,WAAW,EAAE;YACrB,KAAK,CAAC,MAAM,GAAG;gBACb,SAAS;gBACT,OAAO;aACR,CAAC;SACH;IACH,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport {\n KeyVaultAdminPollOperation,\n KeyVaultAdminPollOperationState,\n} from \"../keyVaultAdminPoller\";\nimport {\n KeyVaultBeginSelectiveKeyRestoreOptions,\n KeyVaultSelectiveKeyRestoreResult,\n} from \"../../backupClientModels\";\nimport {\n RestoreOperation,\n RestoreStatusResponse,\n SelectiveKeyRestoreOperationOptionalParams,\n SelectiveKeyRestoreOperationResponse,\n} from \"../../generated/models\";\nimport { AbortSignalLike } from \"@azure/abort-controller\";\nimport { KeyVaultClient } from \"../../generated/keyVaultClient\";\nimport { OperationOptions } from \"@azure/core-client\";\nimport { createTraceFunction } from \"../../tracingHelpers\";\n\n/**\n * @internal\n */\nconst withTrace = createTraceFunction(\"Azure.KeyVault.Admin.KeyVaultSelectiveKeyRestorePoller\");\n/**\n * An interface representing the publicly available properties of the state of a restore Key Vault's poll operation.\n */\nexport interface KeyVaultSelectiveKeyRestoreOperationState\n extends KeyVaultAdminPollOperationState<KeyVaultSelectiveKeyRestoreResult> {}\n\n/**\n * An internal interface representing the state of a restore Key Vault's poll operation.\n */\nexport interface KeyVaultSelectiveKeyRestorePollOperationState\n extends KeyVaultAdminPollOperationState<KeyVaultSelectiveKeyRestoreResult> {\n /**\n * The name of a Key Vault Key.\n */\n keyName: string;\n /**\n * The Folder name of the blob where the previous successful full backup was stored\n */\n folderName: string;\n /**\n * The URI of the blob storage account where the previous successful full backup was stored.\n */\n folderUri: string;\n /**\n * The SAS token.\n */\n sasToken: string;\n}\n\n/**\n * The selective restore Key Vault's poll operation.\n */\nexport class KeyVaultSelectiveKeyRestorePollOperation extends KeyVaultAdminPollOperation<\n KeyVaultSelectiveKeyRestorePollOperationState,\n string\n> {\n constructor(\n public state: KeyVaultSelectiveKeyRestorePollOperationState,\n private vaultUrl: string,\n private client: KeyVaultClient,\n private requestOptions: KeyVaultBeginSelectiveKeyRestoreOptions = {}\n ) {\n super(state, { cancelMessage: \"Cancelling a selective Key Vault restore is not supported.\" });\n }\n\n /**\n * Tracing the selectiveRestore operation\n */\n private selectiveRestore(\n keyName: string,\n options: SelectiveKeyRestoreOperationOptionalParams\n ): Promise<SelectiveKeyRestoreOperationResponse> {\n return withTrace(\"selectiveRestore\", options, (updatedOptions) =>\n this.client.selectiveKeyRestoreOperation(this.vaultUrl, keyName, updatedOptions)\n );\n }\n\n /**\n * Tracing the restoreStatus operation.\n */\n private restoreStatus(jobId: string, options: OperationOptions): Promise<RestoreStatusResponse> {\n return withTrace(\"restoreStatus\", options, (updatedOptions) =>\n this.client.restoreStatus(this.vaultUrl, jobId, updatedOptions)\n );\n }\n\n /**\n * Reaches to the service and updates the selective restore poll operation.\n */\n async update(\n options: {\n abortSignal?: AbortSignalLike;\n fireProgress?: (state: KeyVaultSelectiveKeyRestorePollOperationState) => void;\n } = {}\n ): Promise<KeyVaultSelectiveKeyRestorePollOperation> {\n const state = this.state;\n const { keyName, folderUri, sasToken, folderName } = state;\n\n if (options.abortSignal) {\n this.requestOptions.abortSignal = options.abortSignal;\n }\n\n if (!state.isStarted) {\n const selectiveRestoreOperation = await this.selectiveRestore(keyName, {\n ...this.requestOptions,\n restoreBlobDetails: {\n folder: folderName,\n sasTokenParameters: {\n storageResourceUri: folderUri,\n token: sasToken,\n },\n },\n });\n this.mapState(selectiveRestoreOperation);\n } else if (!state.isCompleted) {\n if (!state.jobId) {\n throw new Error(`Missing \"jobId\" from the full restore operation.`);\n }\n const serviceOperation = await this.restoreStatus(state.jobId, this.requestOptions);\n this.mapState(serviceOperation);\n }\n\n return this;\n }\n\n private mapState(serviceOperation: RestoreOperation): void {\n const state = this.state;\n const { startTime, jobId, endTime, error, status, statusDetails } = serviceOperation;\n\n if (!startTime) {\n throw new Error(`Missing \"startTime\" from the selective restore operation.`);\n }\n\n state.isStarted = true;\n state.jobId = jobId;\n state.endTime = endTime;\n state.startTime = startTime;\n state.status = status;\n state.statusDetails = statusDetails;\n state.isCompleted = !!endTime;\n\n if (state.isCompleted && error?.code) {\n throw new Error(error?.message || statusDetails);\n }\n\n if (state.isCompleted) {\n state.result = {\n startTime,\n endTime,\n };\n }\n }\n}\n"]}
|
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
// Copyright (c) Microsoft Corporation.
|
|
2
2
|
// Licensed under the MIT license.
|
|
3
|
-
import { KeyVaultSelectiveKeyRestorePollOperation } from "./operation";
|
|
4
3
|
import { KeyVaultAdminPoller } from "../keyVaultAdminPoller";
|
|
4
|
+
import { KeyVaultSelectiveKeyRestorePollOperation, } from "./operation";
|
|
5
5
|
/**
|
|
6
6
|
* Class that creates a poller that waits until a key of a Key Vault backup ends up being restored.
|
|
7
7
|
*/
|
|
8
8
|
export class KeyVaultSelectiveKeyRestorePoller extends KeyVaultAdminPoller {
|
|
9
9
|
constructor(options) {
|
|
10
|
-
const { client, vaultUrl, keyName, folderUri, sasToken, folderName, requestOptions, intervalInMs = 2000, resumeFrom } = options;
|
|
10
|
+
const { client, vaultUrl, keyName, folderUri, sasToken, folderName, requestOptions, intervalInMs = 2000, resumeFrom, } = options;
|
|
11
11
|
let state;
|
|
12
12
|
if (resumeFrom) {
|
|
13
13
|
state = JSON.parse(resumeFrom).state;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"poller.js","sourceRoot":"","sources":["../../../../../src/lro/selectiveKeyRestore/poller.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,
|
|
1
|
+
{"version":3,"file":"poller.js","sourceRoot":"","sources":["../../../../../src/lro/selectiveKeyRestore/poller.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,mBAAmB,EAA8B,MAAM,wBAAwB,CAAC;AACzF,OAAO,EAEL,wCAAwC,GAEzC,MAAM,aAAa,CAAC;AAUrB;;GAEG;AACH,MAAM,OAAO,iCAAkC,SAAQ,mBAGtD;IACC,YAAY,OAAiD;QAC3D,MAAM,EACJ,MAAM,EACN,QAAQ,EACR,OAAO,EACP,SAAS,EACT,QAAQ,EACR,UAAU,EACV,cAAc,EACd,YAAY,GAAG,IAAI,EACnB,UAAU,GACX,GAAG,OAAO,CAAC;QAEZ,IAAI,KAAgE,CAAC;QAErE,IAAI,UAAU,EAAE;YACd,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC;SACtC;QAED,MAAM,SAAS,GAAG,IAAI,wCAAwC,iCAEvD,KAAK,KACR,OAAO,EACP,SAAS,EAAE,SAAS,EACpB,QAAQ;YACR,UAAU,KAEZ,QAAQ,EACR,MAAM,EACN,cAAc,CACf,CAAC;QAEF,KAAK,CAAC,SAAS,CAAC,CAAC;QAEjB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { KeyVaultAdminPoller, KeyVaultAdminPollerOptions } from \"../keyVaultAdminPoller\";\nimport {\n KeyVaultSelectiveKeyRestoreOperationState,\n KeyVaultSelectiveKeyRestorePollOperation,\n KeyVaultSelectiveKeyRestorePollOperationState,\n} from \"./operation\";\nimport { KeyVaultSelectiveKeyRestoreResult } from \"../../backupClientModels\";\n\nexport interface KeyVaultSelectiveKeyRestorePollerOptions extends KeyVaultAdminPollerOptions {\n keyName: string;\n folderUri: string;\n sasToken: string;\n folderName: string;\n}\n\n/**\n * Class that creates a poller that waits until a key of a Key Vault backup ends up being restored.\n */\nexport class KeyVaultSelectiveKeyRestorePoller extends KeyVaultAdminPoller<\n KeyVaultSelectiveKeyRestoreOperationState,\n KeyVaultSelectiveKeyRestoreResult\n> {\n constructor(options: KeyVaultSelectiveKeyRestorePollerOptions) {\n const {\n client,\n vaultUrl,\n keyName,\n folderUri,\n sasToken,\n folderName,\n requestOptions,\n intervalInMs = 2000,\n resumeFrom,\n } = options;\n\n let state: KeyVaultSelectiveKeyRestorePollOperationState | undefined;\n\n if (resumeFrom) {\n state = JSON.parse(resumeFrom).state;\n }\n\n const operation = new KeyVaultSelectiveKeyRestorePollOperation(\n {\n ...state,\n keyName,\n folderUri: folderUri,\n sasToken,\n folderName,\n },\n vaultUrl,\n client,\n requestOptions\n );\n\n super(operation);\n\n this.intervalInMs = intervalInMs;\n }\n}\n"]}
|
|
@@ -12,10 +12,10 @@ export const mappings = {
|
|
|
12
12
|
properties: {
|
|
13
13
|
scope: scope,
|
|
14
14
|
roleDefinitionId: roleDefinitionId,
|
|
15
|
-
principalId: principalId
|
|
16
|
-
}
|
|
15
|
+
principalId: principalId,
|
|
16
|
+
},
|
|
17
17
|
};
|
|
18
|
-
}
|
|
18
|
+
},
|
|
19
19
|
},
|
|
20
20
|
roleDefinition: {
|
|
21
21
|
generatedToPublic(roleDefinition) {
|
|
@@ -28,9 +28,9 @@ export const mappings = {
|
|
|
28
28
|
description: description,
|
|
29
29
|
roleType: roleType,
|
|
30
30
|
permissions: permissions,
|
|
31
|
-
assignableScopes: assignableScopes
|
|
31
|
+
assignableScopes: assignableScopes,
|
|
32
32
|
};
|
|
33
|
-
}
|
|
33
|
+
},
|
|
34
34
|
},
|
|
35
35
|
folderUriParts(folderUri) {
|
|
36
36
|
const uriParts = folderUri.split("/");
|
|
@@ -41,8 +41,8 @@ export const mappings = {
|
|
|
41
41
|
}
|
|
42
42
|
return {
|
|
43
43
|
folderName,
|
|
44
|
-
folderUri: storageUri
|
|
44
|
+
folderUri: storageUri,
|
|
45
45
|
};
|
|
46
|
-
}
|
|
46
|
+
},
|
|
47
47
|
};
|
|
48
48
|
//# sourceMappingURL=mappings.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mappings.js","sourceRoot":"","sources":["../../../src/mappings.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AASlC,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,cAAc,EAAE;QACd,iBAAiB,CAAC,cAA8B;YAC9C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,cAAc,CAAC;YACtD,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,GAAG,UAAU,IAAI,EAAE,CAAC;YAClE,OAAO;gBACL,EAAE,EAAE,EAAG;gBACP,IAAI,EAAE,IAAK;gBACX,IAAI,EAAE,IAAK;gBACX,UAAU,EAAE;oBACV,KAAK,EAAE,KAA0B;oBACjC,gBAAgB,EAAE,gBAAiB;oBACnC,WAAW,EAAE,WAAY;iBAC1B;aACF,CAAC;QACJ,CAAC;KACF;IACD,cAAc,EAAE;QACd,iBAAiB,CAAC,cAA8B;YAC9C,MAAM,
|
|
1
|
+
{"version":3,"file":"mappings.js","sourceRoot":"","sources":["../../../src/mappings.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AASlC,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,cAAc,EAAE;QACd,iBAAiB,CAAC,cAA8B;YAC9C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,cAAc,CAAC;YACtD,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,WAAW,EAAE,GAAG,UAAU,IAAI,EAAE,CAAC;YAClE,OAAO;gBACL,EAAE,EAAE,EAAG;gBACP,IAAI,EAAE,IAAK;gBACX,IAAI,EAAE,IAAK;gBACX,UAAU,EAAE;oBACV,KAAK,EAAE,KAA0B;oBACjC,gBAAgB,EAAE,gBAAiB;oBACnC,WAAW,EAAE,WAAY;iBAC1B;aACF,CAAC;QACJ,CAAC;KACF;IACD,cAAc,EAAE;QACd,iBAAiB,CAAC,cAA8B;YAC9C,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,gBAAgB,EAAE,GACtF,cAAc,CAAC;YACjB,OAAO;gBACL,EAAE,EAAE,EAAG;gBACP,IAAI,EAAE,IAAK;gBACX,IAAI,EAAE,IAAK;gBACX,QAAQ,EAAE,QAAS;gBACnB,WAAW,EAAE,WAAY;gBACzB,QAAQ,EAAE,QAAS;gBACnB,WAAW,EAAE,WAAY;gBACzB,gBAAgB,EAAE,gBAAiB;aACpC,CAAC;QACJ,CAAC;KACF;IACD,cAAc,CAAC,SAAiB;QAC9B,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtC,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEtC,IAAI,CAAC,UAAU,EAAE;YACf,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;SACxE;QAED,OAAO;YACL,UAAU;YACV,SAAS,EAAE,UAAU;SACtB,CAAC;IACJ,CAAC;CACF,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport {\n KeyVaultRoleAssignment,\n KeyVaultRoleDefinition,\n KeyVaultRoleScope,\n} from \"./accessControlModels\";\nimport { RoleAssignment, RoleDefinition } from \"./generated/models\";\n\nexport const mappings = {\n roleAssignment: {\n generatedToPublic(roleAssignment: RoleAssignment): KeyVaultRoleAssignment {\n const { id, name, type, properties } = roleAssignment;\n const { scope, roleDefinitionId, principalId } = properties || {};\n return {\n id: id!,\n name: name!,\n kind: type!,\n properties: {\n scope: scope as KeyVaultRoleScope,\n roleDefinitionId: roleDefinitionId!,\n principalId: principalId!,\n },\n };\n },\n },\n roleDefinition: {\n generatedToPublic(roleDefinition: RoleDefinition): KeyVaultRoleDefinition {\n const { id, name, type, roleName, description, roleType, permissions, assignableScopes } =\n roleDefinition;\n return {\n id: id!,\n name: name!,\n kind: type!,\n roleName: roleName!,\n description: description!,\n roleType: roleType!,\n permissions: permissions!,\n assignableScopes: assignableScopes!,\n };\n },\n },\n folderUriParts(folderUri: string): { folderName: string; folderUri: string } {\n const uriParts = folderUri.split(\"/\");\n const folderName = uriParts.pop();\n const storageUri = uriParts.join(\"/\");\n\n if (!folderName) {\n throw new Error(\"The provided folder URI is missing the folder name.\");\n }\n\n return {\n folderName,\n folderUri: storageUri,\n };\n },\n};\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
// Copyright (c) Microsoft Corporation.
|
|
2
2
|
// Licensed under the MIT license.
|
|
3
|
-
import {
|
|
3
|
+
import { SpanStatusCode, createSpanFunction } from "@azure/core-tracing";
|
|
4
4
|
/**
|
|
5
5
|
* Returns a function that can be used for tracing options.
|
|
6
6
|
*
|
|
@@ -13,7 +13,7 @@ import { createSpanFunction, SpanStatusCode } from "@azure/core-tracing";
|
|
|
13
13
|
export function createTraceFunction(prefix) {
|
|
14
14
|
const createSpan = createSpanFunction({
|
|
15
15
|
namespace: "Microsoft.KeyVault",
|
|
16
|
-
packagePrefix: prefix
|
|
16
|
+
packagePrefix: prefix,
|
|
17
17
|
});
|
|
18
18
|
return async function (operationName, options, cb) {
|
|
19
19
|
const { updatedOptions, span } = createSpan(operationName, options);
|
|
@@ -23,14 +23,14 @@ export function createTraceFunction(prefix) {
|
|
|
23
23
|
const result = await cb(updatedOptions, span);
|
|
24
24
|
// otel 0.16+ needs this or else the code ends up being set as UNSET
|
|
25
25
|
span.setStatus({
|
|
26
|
-
code: SpanStatusCode.OK
|
|
26
|
+
code: SpanStatusCode.OK,
|
|
27
27
|
});
|
|
28
28
|
return result;
|
|
29
29
|
}
|
|
30
30
|
catch (err) {
|
|
31
31
|
span.setStatus({
|
|
32
32
|
code: SpanStatusCode.ERROR,
|
|
33
|
-
message: err.message
|
|
33
|
+
message: err.message,
|
|
34
34
|
});
|
|
35
35
|
throw err;
|
|
36
36
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tracingHelpers.js","sourceRoot":"","sources":["../../../src/tracingHelpers.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;
|
|
1
|
+
{"version":3,"file":"tracingHelpers.js","sourceRoot":"","sources":["../../../src/tracingHelpers.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAQ,cAAc,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAsB/E;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC;QACpC,SAAS,EAAE,oBAAoB;QAC/B,aAAa,EAAE,MAAM;KACtB,CAAC,CAAC;IAEH,OAAO,KAAK,WAAW,aAAa,EAAE,OAAO,EAAE,EAAE;QAC/C,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAEpE,IAAI;YACF,6GAA6G;YAC7G,kBAAkB;YAClB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YAE9C,oEAAoE;YACpE,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,EAAE;aACxB,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;SACf;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,KAAK;gBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,GAAG,CAAC;SACX;gBAAS;YACR,IAAI,CAAC,GAAG,EAAE,CAAC;SACZ;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { Span, SpanStatusCode, createSpanFunction } from \"@azure/core-tracing\";\nimport { OperationOptions } from \"@azure/core-client\";\n\n/**\n * An interface representing a function that is traced.\n *\n * A traced function will automatically create and close tracing '\n * spans as needed and will handle setting the status / errors as a\n * result of calling the underlying callback.\n *\n * use {@link createTraceFunction} to add tracing to a block of code.\n *\n * @internal\n */\nexport interface TracedFunction {\n <TOptions extends OperationOptions, TReturn>(\n operationName: string,\n options: TOptions,\n cb: (options: TOptions, span: Span) => Promise<TReturn>\n ): Promise<TReturn>;\n}\n\n/**\n * Returns a function that can be used for tracing options.\n *\n * @param prefix - The prefix to use, likely the name of the class / client.\n *\n * @example const withTrace = createTraceFunction(\"Azure.KeyVault.Certificates.CertificateClient\")\n *\n * @internal\n */\nexport function createTraceFunction(prefix: string): TracedFunction {\n const createSpan = createSpanFunction({\n namespace: \"Microsoft.KeyVault\",\n packagePrefix: prefix,\n });\n\n return async function (operationName, options, cb) {\n const { updatedOptions, span } = createSpan(operationName, options);\n\n try {\n // NOTE: we really do need to await on this function here so we can handle any exceptions thrown and properly\n // close the span.\n const result = await cb(updatedOptions, span);\n\n // otel 0.16+ needs this or else the code ends up being set as UNSET\n span.setStatus({\n code: SpanStatusCode.OK,\n });\n return result;\n } catch (err) {\n span.setStatus({\n code: SpanStatusCode.ERROR,\n message: err.message,\n });\n throw err;\n } finally {\n span.end();\n }\n };\n}\n"]}
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
// Copyright (c) Microsoft Corporation.
|
|
2
2
|
// Licensed under the MIT license.
|
|
3
3
|
/* eslint-disable @azure/azure-sdk/ts-use-interface-parameters */
|
|
4
|
-
import { BaseRequestPolicy } from "@azure/core-http";
|
|
5
|
-
import { Constants } from "@azure/core-http";
|
|
6
4
|
import { ExpiringAccessTokenCache } from "@azure/core-http";
|
|
5
|
+
import { BaseRequestPolicy, } from "@azure/core-http";
|
|
7
6
|
import { parseWWWAuthenticate } from "./parseWWWAuthenticate";
|
|
7
|
+
import { Constants } from "@azure/core-http";
|
|
8
8
|
/**
|
|
9
9
|
* Representation of the Authentication Challenge
|
|
10
10
|
*/
|
|
@@ -50,7 +50,7 @@ export function challengeBasedAuthenticationPolicy(credential) {
|
|
|
50
50
|
return {
|
|
51
51
|
create: (nextPolicy, options) => {
|
|
52
52
|
return new ChallengeBasedAuthenticationPolicy(nextPolicy, options, credential, tokenCache, challengeCache);
|
|
53
|
-
}
|
|
53
|
+
},
|
|
54
54
|
};
|
|
55
55
|
}
|
|
56
56
|
/**
|
|
@@ -84,7 +84,7 @@ export class ChallengeBasedAuthenticationPolicy extends BaseRequestPolicy {
|
|
|
84
84
|
// If there's no cached token in the cache, we try to get a new one.
|
|
85
85
|
if (accessToken === undefined) {
|
|
86
86
|
const receivedToken = await this.credential.getToken(this.challengeCache.challenge.scope, {
|
|
87
|
-
tenantId: this.challengeCache.challenge.tenantId
|
|
87
|
+
tenantId: this.challengeCache.challenge.tenantId,
|
|
88
88
|
});
|
|
89
89
|
accessToken = receivedToken || undefined;
|
|
90
90
|
this.tokenCache.setCachedToken(accessToken);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"challengeBasedAuthenticationPolicy.js","sourceRoot":"","sources":["../../../../keyvault-common/src/challengeBasedAuthenticationPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,iEAAiE;AAGjE,OAAO,EACL,iBAAiB,EAIlB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAG7C,OAAO,EAAoB,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAC9E,OAAO,EAAE,oBAAoB,EAAyB,MAAM,wBAAwB,CAAC;AAErF;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAClC,YAAmB,aAAqB,EAAS,KAAa,EAAS,QAAiB;QAArE,kBAAa,GAAb,aAAa,CAAQ;QAAS,UAAK,GAAL,KAAK,CAAQ;QAAS,aAAQ,GAAR,QAAQ,CAAS;IAAG,CAAC;IAE5F;;;;;;OAMG;IACI,OAAO,CAAC,KAA0C;;QACvD,OAAO,KAAK;YACV,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE;gBACpD,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,aAAa,CAAC,WAAW,EAAE;gBACtE,CAAA,MAAA,IAAI,CAAC,QAAQ,0CAAE,WAAW,EAAE,OAAK,MAAA,KAAK,CAAC,QAAQ,0CAAE,WAAW,EAAE,CAAA;YAClE,CAAC,CAAC,KAAK,CAAC;IACZ,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IAGhC,kBAAkB,CAAC,SAAkC;QAC1D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,UAAU,kCAAkC,CAChD,UAA2B;IAE3B,MAAM,UAAU,GAAqB,IAAI,wBAAwB,EAAE,CAAC;IACpE,MAAM,cAAc,GAAG,IAAI,4BAA4B,EAAE,CAAC;IAC1D,OAAO;QACL,MAAM,EAAE,CAAC,UAAyB,EAAE,OAA6B,EAAE,EAAE;YACnE,OAAO,IAAI,kCAAkC,CAC3C,UAAU,EACV,OAAO,EACP,UAAU,EACV,UAAU,EACV,cAAc,CACf,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,kCAAmC,SAAQ,iBAAiB;IAKvE;;;;;;;OAOG;IACH,YACE,UAAyB,EACzB,OAA6B,EACrB,UAA2B,EAC3B,UAA4B,EAC5B,cAA4C;QAEpD,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAJnB,eAAU,GAAV,UAAU,CAAiB;QAC3B,eAAU,GAAV,UAAU,CAAkB;QAC5B,mBAAc,GAAd,cAAc,CAA8B;QAjB9C,yBAAoB,GAEC,oBAAoB,CAAC;IAkBlD,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS,CAAC,WAAwB;QAC9C,IAAI,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;QAEnD,oEAAoE;QACpE,IAAI,WAAW,KAAK,SAAS,EAAE;YAC7B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,KAAK,EAAE;gBACzF,QAAQ,EAAE,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,QAAQ;aAClD,CAAC,CAAC;YACH,WAAW,GAAG,aAAa,IAAI,SAAS,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;SAC7C;QAED,IAAI,WAAW,EAAE;YACf,WAAW,CAAC,OAAO,CAAC,GAAG,CACrB,SAAS,CAAC,eAAe,CAAC,aAAa,EACvC,UAAU,WAAW,CAAC,KAAK,EAAE,CAC9B,CAAC;SACH;IACH,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB,CAC/B,eAAuB,EACvB,WAAwB;;QAExB,wDAAwD;QACxD,uCAAuC;QACvC,+EAA+E;QAC/E,MAAM,aAAa,GAAG,IAAI,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,aAAa,GAAG,aAAa,CAAC,aAAc,CAAC;QACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAS,IAAI,aAAa,CAAC,KAAM,CAAC;QACjE,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;QAExC,IAAI,CAAC,CAAC,aAAa,IAAI,QAAQ,CAAC,EAAE;YAChC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAClD;QAED,MAAM,SAAS,GAAG,IAAI,uBAAuB,CAAC,aAAa,EAAE,QAAQ,GAAG,WAAW,EAAE,QAAQ,CAAC,CAAC;QAE/F,uFAAuF;QACvF,oDAAoD;QACpD,iGAAiG;QACjG,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,cAAc,CAAC,SAAS,0CAAE,OAAO,CAAC,SAAS,CAAC,CAAA,EAAE;YACtD,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAClD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;SAC3C;QAED,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAClC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IACnD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,WAAW,CAAC,WAAwB;QAC/C,sDAAsD;QACtD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YACzC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;SAC1F;QAED,+EAA+E;QAC/E,IAAI,QAA+B,CAAC;QAEpC,IACE,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS;YAC3C,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS,EAC3C;YACA,2EAA2E;YAC3E,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC;YACtC,WAAW,CAAC,IAAI,GAAG,EAAE,CAAC;YACtB,IAAI;gBACF,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;aAC5D;oBAAS;gBACR,WAAW,CAAC,IAAI,GAAG,YAAY,CAAC;aACjC;SACF;aAAM;YACL,wCAAwC;YACxC,kGAAkG;YAClG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YAClC,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAC5D;QAED,yDAAyD;QACzD,gGAAgG;QAChG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,OAAO,QAAQ,CAAC;SACjB;QAED,oGAAoG;QACpG,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACjE,IAAI,CAAC,eAAe,EAAE;YACpB,OAAO,QAAQ,CAAC;SACjB;QAED,sEAAsE;QACtE,OAAO,IAAI,CAAC,mBAAmB,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAChE,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n/* eslint-disable @azure/azure-sdk/ts-use-interface-parameters */\n\nimport { TokenCredential } from \"@azure/core-http\";\nimport {\n BaseRequestPolicy,\n RequestPolicy,\n RequestPolicyOptions,\n RequestPolicyFactory\n} from \"@azure/core-http\";\nimport { Constants } from \"@azure/core-http\";\nimport { HttpOperationResponse } from \"@azure/core-http\";\nimport { WebResource } from \"@azure/core-http\";\nimport { AccessTokenCache, ExpiringAccessTokenCache } from \"@azure/core-http\";\nimport { parseWWWAuthenticate, ParsedWWWAuthenticate } from \"./parseWWWAuthenticate\";\n\n/**\n * Representation of the Authentication Challenge\n */\nexport class AuthenticationChallenge {\n constructor(public authorization: string, public scope: string, public tenantId?: string) {}\n\n /**\n * Checks that this AuthenticationChallenge is equal to another one given.\n * Only compares the scope.\n * This is exactly what C# is doing, as we can see here:\n * https://github.com/Azure/azure-sdk-for-net/blob/70e54b878ff1d01a45266fb3674a396b4ab9c1d2/sdk/keyvault/Azure.Security.KeyVault.Shared/src/ChallengeBasedAuthenticationPolicy.cs#L143-L147\n * @param other - The other AuthenticationChallenge\n */\n public equalTo(other: AuthenticationChallenge | undefined): boolean {\n return other\n ? this.scope.toLowerCase() === other.scope.toLowerCase() &&\n this.authorization.toLowerCase() === other.authorization.toLowerCase() &&\n this.tenantId?.toLowerCase() === other.tenantId?.toLowerCase()\n : false;\n }\n}\n\n/**\n * Helps keep a copy of any previous authentication challenges,\n * so that we can compare on any further request.\n */\nexport class AuthenticationChallengeCache {\n public challenge?: AuthenticationChallenge;\n\n public setCachedChallenge(challenge: AuthenticationChallenge): void {\n this.challenge = challenge;\n }\n}\n\n/**\n * Creates a new ChallengeBasedAuthenticationPolicy factory.\n *\n * @param credential - The TokenCredential implementation that can supply the challenge token.\n */\nexport function challengeBasedAuthenticationPolicy(\n credential: TokenCredential\n): RequestPolicyFactory {\n const tokenCache: AccessTokenCache = new ExpiringAccessTokenCache();\n const challengeCache = new AuthenticationChallengeCache();\n return {\n create: (nextPolicy: RequestPolicy, options: RequestPolicyOptions) => {\n return new ChallengeBasedAuthenticationPolicy(\n nextPolicy,\n options,\n credential,\n tokenCache,\n challengeCache\n );\n }\n };\n}\n\n/**\n *\n * Provides a RequestPolicy that can request a token from a TokenCredential\n * implementation and then apply it to the Authorization header of a request\n * as a Bearer token.\n *\n */\nexport class ChallengeBasedAuthenticationPolicy extends BaseRequestPolicy {\n private parseWWWAuthenticate: (\n wwwAuthenticate: string\n ) => ParsedWWWAuthenticate = parseWWWAuthenticate;\n\n /**\n * Creates a new ChallengeBasedAuthenticationPolicy object.\n *\n * @param nextPolicy - The next RequestPolicy in the request pipeline.\n * @param options - Options for this RequestPolicy.\n * @param credential - The TokenCredential implementation that can supply the bearer token.\n * @param tokenCache - The cache for the most recent AccessToken returned by the TokenCredential.\n */\n constructor(\n nextPolicy: RequestPolicy,\n options: RequestPolicyOptions,\n private credential: TokenCredential,\n private tokenCache: AccessTokenCache,\n private challengeCache: AuthenticationChallengeCache\n ) {\n super(nextPolicy, options);\n }\n\n /**\n * Gets or updates the token from the token cache into the headers of the received web resource.\n */\n private async loadToken(webResource: WebResource): Promise<void> {\n let accessToken = this.tokenCache.getCachedToken();\n\n // If there's no cached token in the cache, we try to get a new one.\n if (accessToken === undefined) {\n const receivedToken = await this.credential.getToken(this.challengeCache.challenge!.scope, {\n tenantId: this.challengeCache.challenge!.tenantId\n });\n accessToken = receivedToken || undefined;\n this.tokenCache.setCachedToken(accessToken);\n }\n\n if (accessToken) {\n webResource.headers.set(\n Constants.HeaderConstants.AUTHORIZATION,\n `Bearer ${accessToken.token}`\n );\n }\n }\n\n /**\n * Parses the given WWW-Authenticate header, generates a new AuthenticationChallenge,\n * then if the challenge is different from the one cached, resets the token and forces\n * a re-authentication, otherwise continues with the existing challenge and token.\n * @param wwwAuthenticate - Value of the incoming WWW-Authenticate header.\n * @param webResource - Ongoing HTTP request.\n */\n private async regenerateChallenge(\n wwwAuthenticate: string,\n webResource: WebResource\n ): Promise<HttpOperationResponse> {\n // The challenge based authentication will contain both:\n // - An authorization URI with a token,\n // - The resource to which that token is valid against (also called the scope).\n const parsedWWWAuth = this.parseWWWAuthenticate(wwwAuthenticate);\n const authorization = parsedWWWAuth.authorization!;\n const resource = parsedWWWAuth.resource! || parsedWWWAuth.scope!;\n const tenantId = parsedWWWAuth.tenantId;\n\n if (!(authorization && resource)) {\n return this._nextPolicy.sendRequest(webResource);\n }\n\n const challenge = new AuthenticationChallenge(authorization, resource + \"/.default\", tenantId);\n\n // Either if there's no cached challenge at this point (could have happen in parallel),\n // or if the cached challenge has a different scope,\n // we store the just received challenge and reset the cached token, to force a re-authentication.\n if (!this.challengeCache.challenge?.equalTo(challenge)) {\n this.challengeCache.setCachedChallenge(challenge);\n this.tokenCache.setCachedToken(undefined);\n }\n\n await this.loadToken(webResource);\n return this._nextPolicy.sendRequest(webResource);\n }\n\n /**\n * Applies the Bearer token to the request through the Authorization header.\n * @param webResource - Ongoing HTTP request.\n */\n public async sendRequest(webResource: WebResource): Promise<HttpOperationResponse> {\n // Ensure that we're about to use a secure connection.\n if (!webResource.url.startsWith(\"https:\")) {\n throw new Error(\"The resource address for authorization must use the 'https' protocol.\");\n }\n\n // The next request will happen differently whether we have a challenge or not.\n let response: HttpOperationResponse;\n\n if (\n this.challengeCache.challenge === undefined ||\n this.challengeCache.challenge === undefined\n ) {\n // If there's no challenge in cache, a blank body will start the challenge.\n const originalBody = webResource.body;\n webResource.body = \"\";\n try {\n response = await this._nextPolicy.sendRequest(webResource);\n } finally {\n webResource.body = originalBody;\n }\n } else {\n // If we did have a challenge in memory,\n // we attempt to load the token from the cache into the request before we try to send the request.\n await this.loadToken(webResource);\n response = await this._nextPolicy.sendRequest(webResource);\n }\n\n // If we don't receive a response with a 401 status code,\n // then we can assume this response has nothing to do with the challenge authentication process.\n if (response.status !== 401) {\n return response;\n }\n\n // If the response status is 401, we only re-authenticate if the WWW-Authenticate header is present.\n const wwwAuthenticate = response.headers.get(\"WWW-Authenticate\");\n if (!wwwAuthenticate) {\n return response;\n }\n\n // We re-generate the challenge and see if we have to re-authenticate.\n return this.regenerateChallenge(wwwAuthenticate, webResource);\n }\n}\n"]}
|
|
1
|
+
{"version":3,"file":"challengeBasedAuthenticationPolicy.js","sourceRoot":"","sources":["../../../../keyvault-common/src/challengeBasedAuthenticationPolicy.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,iEAAiE;AAEjE,OAAO,EAAoB,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAC9E,OAAO,EACL,iBAAiB,GAIlB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAyB,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAK7C;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAClC,YAAmB,aAAqB,EAAS,KAAa,EAAS,QAAiB;QAArE,kBAAa,GAAb,aAAa,CAAQ;QAAS,UAAK,GAAL,KAAK,CAAQ;QAAS,aAAQ,GAAR,QAAQ,CAAS;IAAG,CAAC;IAE5F;;;;;;OAMG;IACI,OAAO,CAAC,KAA0C;;QACvD,OAAO,KAAK;YACV,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE;gBACpD,IAAI,CAAC,aAAa,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,aAAa,CAAC,WAAW,EAAE;gBACtE,CAAA,MAAA,IAAI,CAAC,QAAQ,0CAAE,WAAW,EAAE,OAAK,MAAA,KAAK,CAAC,QAAQ,0CAAE,WAAW,EAAE,CAAA;YAClE,CAAC,CAAC,KAAK,CAAC;IACZ,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,4BAA4B;IAGhC,kBAAkB,CAAC,SAAkC;QAC1D,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC7B,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,UAAU,kCAAkC,CAChD,UAA2B;IAE3B,MAAM,UAAU,GAAqB,IAAI,wBAAwB,EAAE,CAAC;IACpE,MAAM,cAAc,GAAG,IAAI,4BAA4B,EAAE,CAAC;IAC1D,OAAO;QACL,MAAM,EAAE,CAAC,UAAyB,EAAE,OAA6B,EAAE,EAAE;YACnE,OAAO,IAAI,kCAAkC,CAC3C,UAAU,EACV,OAAO,EACP,UAAU,EACV,UAAU,EACV,cAAc,CACf,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,kCAAmC,SAAQ,iBAAiB;IAIvE;;;;;;;OAOG;IACH,YACE,UAAyB,EACzB,OAA6B,EACrB,UAA2B,EAC3B,UAA4B,EAC5B,cAA4C;QAEpD,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAJnB,eAAU,GAAV,UAAU,CAAiB;QAC3B,eAAU,GAAV,UAAU,CAAkB;QAC5B,mBAAc,GAAd,cAAc,CAA8B;QAhB9C,yBAAoB,GAC1B,oBAAoB,CAAC;IAkBvB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS,CAAC,WAAwB;QAC9C,IAAI,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;QAEnD,oEAAoE;QACpE,IAAI,WAAW,KAAK,SAAS,EAAE;YAC7B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,KAAK,EAAE;gBACzF,QAAQ,EAAE,IAAI,CAAC,cAAc,CAAC,SAAU,CAAC,QAAQ;aAClD,CAAC,CAAC;YACH,WAAW,GAAG,aAAa,IAAI,SAAS,CAAC;YACzC,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;SAC7C;QAED,IAAI,WAAW,EAAE;YACf,WAAW,CAAC,OAAO,CAAC,GAAG,CACrB,SAAS,CAAC,eAAe,CAAC,aAAa,EACvC,UAAU,WAAW,CAAC,KAAK,EAAE,CAC9B,CAAC;SACH;IACH,CAAC;IAED;;;;;;OAMG;IACK,KAAK,CAAC,mBAAmB,CAC/B,eAAuB,EACvB,WAAwB;;QAExB,wDAAwD;QACxD,uCAAuC;QACvC,+EAA+E;QAC/E,MAAM,aAAa,GAAG,IAAI,CAAC,oBAAoB,CAAC,eAAe,CAAC,CAAC;QACjE,MAAM,aAAa,GAAG,aAAa,CAAC,aAAc,CAAC;QACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAS,IAAI,aAAa,CAAC,KAAM,CAAC;QACjE,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;QAExC,IAAI,CAAC,CAAC,aAAa,IAAI,QAAQ,CAAC,EAAE;YAChC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAClD;QAED,MAAM,SAAS,GAAG,IAAI,uBAAuB,CAAC,aAAa,EAAE,QAAQ,GAAG,WAAW,EAAE,QAAQ,CAAC,CAAC;QAE/F,uFAAuF;QACvF,oDAAoD;QACpD,iGAAiG;QACjG,IAAI,CAAC,CAAA,MAAA,IAAI,CAAC,cAAc,CAAC,SAAS,0CAAE,OAAO,CAAC,SAAS,CAAC,CAAA,EAAE;YACtD,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;YAClD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;SAC3C;QAED,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAClC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;IACnD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,WAAW,CAAC,WAAwB;QAC/C,sDAAsD;QACtD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YACzC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAC;SAC1F;QAED,+EAA+E;QAC/E,IAAI,QAA+B,CAAC;QAEpC,IACE,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS;YAC3C,IAAI,CAAC,cAAc,CAAC,SAAS,KAAK,SAAS,EAC3C;YACA,2EAA2E;YAC3E,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC;YACtC,WAAW,CAAC,IAAI,GAAG,EAAE,CAAC;YACtB,IAAI;gBACF,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;aAC5D;oBAAS;gBACR,WAAW,CAAC,IAAI,GAAG,YAAY,CAAC;aACjC;SACF;aAAM;YACL,wCAAwC;YACxC,kGAAkG;YAClG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YAClC,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;SAC5D;QAED,yDAAyD;QACzD,gGAAgG;QAChG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE;YAC3B,OAAO,QAAQ,CAAC;SACjB;QAED,oGAAoG;QACpG,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QACjE,IAAI,CAAC,eAAe,EAAE;YACpB,OAAO,QAAQ,CAAC;SACjB;QAED,sEAAsE;QACtE,OAAO,IAAI,CAAC,mBAAmB,CAAC,eAAe,EAAE,WAAW,CAAC,CAAC;IAChE,CAAC;CACF","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n/* eslint-disable @azure/azure-sdk/ts-use-interface-parameters */\n\nimport { AccessTokenCache, ExpiringAccessTokenCache } from \"@azure/core-http\";\nimport {\n BaseRequestPolicy,\n RequestPolicy,\n RequestPolicyFactory,\n RequestPolicyOptions,\n} from \"@azure/core-http\";\nimport { ParsedWWWAuthenticate, parseWWWAuthenticate } from \"./parseWWWAuthenticate\";\nimport { Constants } from \"@azure/core-http\";\nimport { HttpOperationResponse } from \"@azure/core-http\";\nimport { TokenCredential } from \"@azure/core-http\";\nimport { WebResource } from \"@azure/core-http\";\n\n/**\n * Representation of the Authentication Challenge\n */\nexport class AuthenticationChallenge {\n constructor(public authorization: string, public scope: string, public tenantId?: string) {}\n\n /**\n * Checks that this AuthenticationChallenge is equal to another one given.\n * Only compares the scope.\n * This is exactly what C# is doing, as we can see here:\n * https://github.com/Azure/azure-sdk-for-net/blob/70e54b878ff1d01a45266fb3674a396b4ab9c1d2/sdk/keyvault/Azure.Security.KeyVault.Shared/src/ChallengeBasedAuthenticationPolicy.cs#L143-L147\n * @param other - The other AuthenticationChallenge\n */\n public equalTo(other: AuthenticationChallenge | undefined): boolean {\n return other\n ? this.scope.toLowerCase() === other.scope.toLowerCase() &&\n this.authorization.toLowerCase() === other.authorization.toLowerCase() &&\n this.tenantId?.toLowerCase() === other.tenantId?.toLowerCase()\n : false;\n }\n}\n\n/**\n * Helps keep a copy of any previous authentication challenges,\n * so that we can compare on any further request.\n */\nexport class AuthenticationChallengeCache {\n public challenge?: AuthenticationChallenge;\n\n public setCachedChallenge(challenge: AuthenticationChallenge): void {\n this.challenge = challenge;\n }\n}\n\n/**\n * Creates a new ChallengeBasedAuthenticationPolicy factory.\n *\n * @param credential - The TokenCredential implementation that can supply the challenge token.\n */\nexport function challengeBasedAuthenticationPolicy(\n credential: TokenCredential\n): RequestPolicyFactory {\n const tokenCache: AccessTokenCache = new ExpiringAccessTokenCache();\n const challengeCache = new AuthenticationChallengeCache();\n return {\n create: (nextPolicy: RequestPolicy, options: RequestPolicyOptions) => {\n return new ChallengeBasedAuthenticationPolicy(\n nextPolicy,\n options,\n credential,\n tokenCache,\n challengeCache\n );\n },\n };\n}\n\n/**\n *\n * Provides a RequestPolicy that can request a token from a TokenCredential\n * implementation and then apply it to the Authorization header of a request\n * as a Bearer token.\n *\n */\nexport class ChallengeBasedAuthenticationPolicy extends BaseRequestPolicy {\n private parseWWWAuthenticate: (wwwAuthenticate: string) => ParsedWWWAuthenticate =\n parseWWWAuthenticate;\n\n /**\n * Creates a new ChallengeBasedAuthenticationPolicy object.\n *\n * @param nextPolicy - The next RequestPolicy in the request pipeline.\n * @param options - Options for this RequestPolicy.\n * @param credential - The TokenCredential implementation that can supply the bearer token.\n * @param tokenCache - The cache for the most recent AccessToken returned by the TokenCredential.\n */\n constructor(\n nextPolicy: RequestPolicy,\n options: RequestPolicyOptions,\n private credential: TokenCredential,\n private tokenCache: AccessTokenCache,\n private challengeCache: AuthenticationChallengeCache\n ) {\n super(nextPolicy, options);\n }\n\n /**\n * Gets or updates the token from the token cache into the headers of the received web resource.\n */\n private async loadToken(webResource: WebResource): Promise<void> {\n let accessToken = this.tokenCache.getCachedToken();\n\n // If there's no cached token in the cache, we try to get a new one.\n if (accessToken === undefined) {\n const receivedToken = await this.credential.getToken(this.challengeCache.challenge!.scope, {\n tenantId: this.challengeCache.challenge!.tenantId,\n });\n accessToken = receivedToken || undefined;\n this.tokenCache.setCachedToken(accessToken);\n }\n\n if (accessToken) {\n webResource.headers.set(\n Constants.HeaderConstants.AUTHORIZATION,\n `Bearer ${accessToken.token}`\n );\n }\n }\n\n /**\n * Parses the given WWW-Authenticate header, generates a new AuthenticationChallenge,\n * then if the challenge is different from the one cached, resets the token and forces\n * a re-authentication, otherwise continues with the existing challenge and token.\n * @param wwwAuthenticate - Value of the incoming WWW-Authenticate header.\n * @param webResource - Ongoing HTTP request.\n */\n private async regenerateChallenge(\n wwwAuthenticate: string,\n webResource: WebResource\n ): Promise<HttpOperationResponse> {\n // The challenge based authentication will contain both:\n // - An authorization URI with a token,\n // - The resource to which that token is valid against (also called the scope).\n const parsedWWWAuth = this.parseWWWAuthenticate(wwwAuthenticate);\n const authorization = parsedWWWAuth.authorization!;\n const resource = parsedWWWAuth.resource! || parsedWWWAuth.scope!;\n const tenantId = parsedWWWAuth.tenantId;\n\n if (!(authorization && resource)) {\n return this._nextPolicy.sendRequest(webResource);\n }\n\n const challenge = new AuthenticationChallenge(authorization, resource + \"/.default\", tenantId);\n\n // Either if there's no cached challenge at this point (could have happen in parallel),\n // or if the cached challenge has a different scope,\n // we store the just received challenge and reset the cached token, to force a re-authentication.\n if (!this.challengeCache.challenge?.equalTo(challenge)) {\n this.challengeCache.setCachedChallenge(challenge);\n this.tokenCache.setCachedToken(undefined);\n }\n\n await this.loadToken(webResource);\n return this._nextPolicy.sendRequest(webResource);\n }\n\n /**\n * Applies the Bearer token to the request through the Authorization header.\n * @param webResource - Ongoing HTTP request.\n */\n public async sendRequest(webResource: WebResource): Promise<HttpOperationResponse> {\n // Ensure that we're about to use a secure connection.\n if (!webResource.url.startsWith(\"https:\")) {\n throw new Error(\"The resource address for authorization must use the 'https' protocol.\");\n }\n\n // The next request will happen differently whether we have a challenge or not.\n let response: HttpOperationResponse;\n\n if (\n this.challengeCache.challenge === undefined ||\n this.challengeCache.challenge === undefined\n ) {\n // If there's no challenge in cache, a blank body will start the challenge.\n const originalBody = webResource.body;\n webResource.body = \"\";\n try {\n response = await this._nextPolicy.sendRequest(webResource);\n } finally {\n webResource.body = originalBody;\n }\n } else {\n // If we did have a challenge in memory,\n // we attempt to load the token from the cache into the request before we try to send the request.\n await this.loadToken(webResource);\n response = await this._nextPolicy.sendRequest(webResource);\n }\n\n // If we don't receive a response with a 401 status code,\n // then we can assume this response has nothing to do with the challenge authentication process.\n if (response.status !== 401) {\n return response;\n }\n\n // If the response status is 401, we only re-authenticate if the WWW-Authenticate header is present.\n const wwwAuthenticate = response.headers.get(\"WWW-Authenticate\");\n if (!wwwAuthenticate) {\n return response;\n }\n\n // We re-generate the challenge and see if we have to re-authenticate.\n return this.regenerateChallenge(wwwAuthenticate, webResource);\n }\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parseKeyvaultIdentifier.js","sourceRoot":"","sources":["../../../../keyvault-common/src/parseKeyvaultIdentifier.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAgB3B,MAAM,UAAU,uBAAuB,CACrC,UAAkB,EAClB,UAA8B;IAE9B,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,EAAE;QACvE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,EAAE;QACvE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,CAAC;IACZ,IAAI;QACF,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;KAC7C;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,WAAW,UAAU,gBAAgB,UAAU,mBAAmB,CAAC,CAAC;KACrF;IAED,mDAAmD;IACnD,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CACb,WAAW,UAAU,gBAAgB,UAAU,6BAA6B,QAAQ,CAAC,MAAM,EAAE,CAC9F,CAAC;KACH;IAED,IAAI,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE;QAC9B,MAAM,IAAI,KAAK,CACb,WAAW,UAAU,gBAAgB,UAAU,4BAA4B,UAAU,aAAa,QAAQ,CAAC,CAAC,CAAC,GAAG,CACjH,CAAC;KACH;IAED,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChE,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,OAAO;KACR,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as url from \"url\";\n\nexport interface ParsedKeyVaultEntityIdentifier {\n /**\n * The vault URI.\n */\n vaultUrl: string;\n /**\n * The version of key/secret/certificate. May be undefined.\n */\n version?: string;\n /**\n * The name of key/secret/certificate.\n */\n name: string;\n}\nexport function parseKeyvaultIdentifier(\n collection: string,\n identifier: string | undefined\n): ParsedKeyVaultEntityIdentifier {\n if (typeof collection !== \"string\" || !(collection = collection.trim())) {\n throw new Error(\"Invalid collection argument\");\n }\n\n if (typeof identifier !== \"string\" || !(identifier = identifier.trim())) {\n throw new Error(\"Invalid identifier argument\");\n }\n\n let baseUri;\n try {\n baseUri = url.parse(identifier, true, true);\n } catch (e) {\n throw new Error(`Invalid ${collection} identifier: ${identifier}. Not a valid URI`);\n }\n\n // Path is of the form '/collection/name[/version]'\n const segments = (baseUri.pathname || \"\").split(\"/\");\n if (segments.length !== 3 && segments.length !== 4) {\n throw new Error(\n `Invalid ${collection} identifier: ${identifier}. Bad number of segments: ${segments.length}`\n );\n }\n\n if (collection !== segments[1]) {\n throw new Error(\n `Invalid ${collection} identifier: ${identifier}. segment [1] should be \"${collection}\", found \"${segments[1]}\"`\n );\n }\n\n const vaultUrl = `${baseUri.protocol}//${baseUri.host}`;\n const name = segments[2];\n const version = segments.length === 4 ? segments[3] : undefined;\n return {\n vaultUrl,\n name,\n version
|
|
1
|
+
{"version":3,"file":"parseKeyvaultIdentifier.js","sourceRoot":"","sources":["../../../../keyvault-common/src/parseKeyvaultIdentifier.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAgB3B,MAAM,UAAU,uBAAuB,CACrC,UAAkB,EAClB,UAA8B;IAE9B,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,EAAE;QACvE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,CAAC,CAAC,UAAU,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC,EAAE;QACvE,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;KAChD;IAED,IAAI,OAAO,CAAC;IACZ,IAAI;QACF,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;KAC7C;IAAC,OAAO,CAAC,EAAE;QACV,MAAM,IAAI,KAAK,CAAC,WAAW,UAAU,gBAAgB,UAAU,mBAAmB,CAAC,CAAC;KACrF;IAED,mDAAmD;IACnD,MAAM,QAAQ,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;QAClD,MAAM,IAAI,KAAK,CACb,WAAW,UAAU,gBAAgB,UAAU,6BAA6B,QAAQ,CAAC,MAAM,EAAE,CAC9F,CAAC;KACH;IAED,IAAI,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE;QAC9B,MAAM,IAAI,KAAK,CACb,WAAW,UAAU,gBAAgB,UAAU,4BAA4B,UAAU,aAAa,QAAQ,CAAC,CAAC,CAAC,GAAG,CACjH,CAAC;KACH;IAED,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,IAAI,EAAE,CAAC;IACxD,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAChE,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,OAAO;KACR,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport * as url from \"url\";\n\nexport interface ParsedKeyVaultEntityIdentifier {\n /**\n * The vault URI.\n */\n vaultUrl: string;\n /**\n * The version of key/secret/certificate. May be undefined.\n */\n version?: string;\n /**\n * The name of key/secret/certificate.\n */\n name: string;\n}\nexport function parseKeyvaultIdentifier(\n collection: string,\n identifier: string | undefined\n): ParsedKeyVaultEntityIdentifier {\n if (typeof collection !== \"string\" || !(collection = collection.trim())) {\n throw new Error(\"Invalid collection argument\");\n }\n\n if (typeof identifier !== \"string\" || !(identifier = identifier.trim())) {\n throw new Error(\"Invalid identifier argument\");\n }\n\n let baseUri;\n try {\n baseUri = url.parse(identifier, true, true);\n } catch (e) {\n throw new Error(`Invalid ${collection} identifier: ${identifier}. Not a valid URI`);\n }\n\n // Path is of the form '/collection/name[/version]'\n const segments = (baseUri.pathname || \"\").split(\"/\");\n if (segments.length !== 3 && segments.length !== 4) {\n throw new Error(\n `Invalid ${collection} identifier: ${identifier}. Bad number of segments: ${segments.length}`\n );\n }\n\n if (collection !== segments[1]) {\n throw new Error(\n `Invalid ${collection} identifier: ${identifier}. segment [1] should be \"${collection}\", found \"${segments[1]}\"`\n );\n }\n\n const vaultUrl = `${baseUri.protocol}//${baseUri.host}`;\n const name = segments[2];\n const version = segments.length === 4 ? segments[3] : undefined;\n return {\n vaultUrl,\n name,\n version,\n };\n}\n"]}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parseWWWAuthenticate.js","sourceRoot":"","sources":["../../../../keyvault-common/src/parseWWWAuthenticate.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;;;GAIG;AACH,MAAM,oCAAoC,GAAG;IAC3C,eAAe;IACf,mBAAmB;IACnB,UAAU;IACV,OAAO;IACP,UAAU;CACF,CAAC;AAmBX;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAAC,eAAuB;IAC1D,MAAM,aAAa,GAAG,MAAM,CAAC;IAC7B,MAAM,MAAM,GAAG,eAAe;SAC3B,KAAK,CAAC,aAAa,CAAC;SACpB,MAAM,CAAwB,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE;QAC5C,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACnB,2FAA2F;YAC3F,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,IACE,oCAAoC,CAAC,QAAQ,CAAC,GAA2C,CAAC,EAC1F;gBACA,uEAAuE;gBACvE,uCAAY,OAAO,KAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAG;aAClD;SACF;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,CAAC;IAET,sGAAsG;IACtG,IAAI,MAAM,CAAC,aAAa,EAAE;QACxB,IAAI;YACF,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YACrE,IAAI,QAAQ,EAAE;gBACZ,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAC;aAC5B;SACF;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,oCAAoC,MAAM,CAAC,aAAa,eAAe,CAAC,CAAC;SAC1F;KACF;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * @internal\n *\n * Valid key names in WWW-Authenticate header.\n */\nconst validParsedWWWAuthenticateProperties = [\n \"authorization\",\n \"authorization_url\",\n \"resource\",\n \"scope\",\n \"tenantId\"
|
|
1
|
+
{"version":3,"file":"parseWWWAuthenticate.js","sourceRoot":"","sources":["../../../../keyvault-common/src/parseWWWAuthenticate.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC;;;;GAIG;AACH,MAAM,oCAAoC,GAAG;IAC3C,eAAe;IACf,mBAAmB;IACnB,UAAU;IACV,OAAO;IACP,UAAU;CACF,CAAC;AAmBX;;;;;;;GAOG;AACH,MAAM,UAAU,oBAAoB,CAAC,eAAuB;IAC1D,MAAM,aAAa,GAAG,MAAM,CAAC;IAC7B,MAAM,MAAM,GAAG,eAAe;SAC3B,KAAK,CAAC,aAAa,CAAC;SACpB,MAAM,CAAwB,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE;QAC5C,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;YACnB,2FAA2F;YAC3F,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,IACE,oCAAoC,CAAC,QAAQ,CAAC,GAA2C,CAAC,EAC1F;gBACA,uEAAuE;gBACvE,uCAAY,OAAO,KAAE,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAG;aAClD;SACF;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,EAAE,EAAE,CAAC,CAAC;IAET,sGAAsG;IACtG,IAAI,MAAM,CAAC,aAAa,EAAE;QACxB,IAAI;YACF,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YACrE,IAAI,QAAQ,EAAE;gBACZ,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAC;aAC5B;SACF;QAAC,OAAO,CAAC,EAAE;YACV,MAAM,IAAI,KAAK,CAAC,oCAAoC,MAAM,CAAC,aAAa,eAAe,CAAC,CAAC;SAC1F;KACF;IAED,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\n/**\n * @internal\n *\n * Valid key names in WWW-Authenticate header.\n */\nconst validParsedWWWAuthenticateProperties = [\n \"authorization\",\n \"authorization_url\",\n \"resource\",\n \"scope\",\n \"tenantId\",\n] as const;\n\n/**\n * @internal\n *\n * A union type representing all valid key names in WWW-Authenticate header.\n */\ntype ValidParsedWWWAuthenticateProperties = typeof validParsedWWWAuthenticateProperties[number];\n\n/**\n * @internal\n *\n * Holds the known WWWAuthenticate keys and their values as a result of\n * parsing a WWW-Authenticate header.\n */\nexport type ParsedWWWAuthenticate = {\n [Key in ValidParsedWWWAuthenticateProperties]?: string;\n};\n\n/**\n * Parses an WWW-Authenticate response.\n * This transforms a string value like:\n * `Bearer authorization=\"https://some.url/tenantId\", resource=\"https://some.url\"`\n * into an object like:\n * `{ authorization: \"https://some.url/tenantId\", resource: \"https://some.url\" }`\n * @param wwwAuthenticate - String value in the WWW-Authenticate header\n */\nexport function parseWWWAuthenticate(wwwAuthenticate: string): ParsedWWWAuthenticate {\n const pairDelimiter = /,? +/;\n const parsed = wwwAuthenticate\n .split(pairDelimiter)\n .reduce<ParsedWWWAuthenticate>((kvPairs, p) => {\n if (p.match(/\\w=\"/)) {\n // 'sampleKey=\"sample_value\"' -> [sampleKey, \"sample_value\"] -> { sampleKey: sample_value }\n const [key, value] = p.split(\"=\");\n if (\n validParsedWWWAuthenticateProperties.includes(key as ValidParsedWWWAuthenticateProperties)\n ) {\n // The values will be wrapped in quotes, which need to be stripped out.\n return { ...kvPairs, [key]: value.slice(1, -1) };\n }\n }\n return kvPairs;\n }, {});\n\n // Finally, we pull the tenantId from the authorization header to support multi-tenant authentication.\n if (parsed.authorization) {\n try {\n const tenantId = new URL(parsed.authorization).pathname.substring(1);\n if (tenantId) {\n parsed.tenantId = tenantId;\n }\n } catch (_) {\n throw new Error(`The challenge authorization URI '${parsed.authorization}' is invalid.`);\n }\n }\n\n return parsed;\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
// Copyright (c) Microsoft Corporation.
|
|
2
2
|
// Licensed under the MIT license.
|
|
3
|
-
import {
|
|
3
|
+
import { SpanStatusCode, createSpanFunction } from "@azure/core-tracing";
|
|
4
4
|
/**
|
|
5
5
|
* Returns a function that can be used for tracing options.
|
|
6
6
|
*
|
|
@@ -13,7 +13,7 @@ import { createSpanFunction, SpanStatusCode } from "@azure/core-tracing";
|
|
|
13
13
|
export function createTraceFunction(prefix) {
|
|
14
14
|
const createSpan = createSpanFunction({
|
|
15
15
|
namespace: "Microsoft.KeyVault",
|
|
16
|
-
packagePrefix: prefix
|
|
16
|
+
packagePrefix: prefix,
|
|
17
17
|
});
|
|
18
18
|
return async function (operationName, options, cb) {
|
|
19
19
|
const { updatedOptions, span } = createSpan(operationName, options);
|
|
@@ -23,14 +23,14 @@ export function createTraceFunction(prefix) {
|
|
|
23
23
|
const result = await cb(updatedOptions, span);
|
|
24
24
|
// otel 0.16+ needs this or else the code ends up being set as UNSET
|
|
25
25
|
span.setStatus({
|
|
26
|
-
code: SpanStatusCode.OK
|
|
26
|
+
code: SpanStatusCode.OK,
|
|
27
27
|
});
|
|
28
28
|
return result;
|
|
29
29
|
}
|
|
30
30
|
catch (err) {
|
|
31
31
|
span.setStatus({
|
|
32
32
|
code: SpanStatusCode.ERROR,
|
|
33
|
-
message: err.message
|
|
33
|
+
message: err.message,
|
|
34
34
|
});
|
|
35
35
|
throw err;
|
|
36
36
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tracingHelpers.js","sourceRoot":"","sources":["../../../../keyvault-common/src/tracingHelpers.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;
|
|
1
|
+
{"version":3,"file":"tracingHelpers.js","sourceRoot":"","sources":["../../../../keyvault-common/src/tracingHelpers.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAQ,cAAc,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAsB/E;;;;;;;;GAQG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAc;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC;QACpC,SAAS,EAAE,oBAAoB;QAC/B,aAAa,EAAE,MAAM;KACtB,CAAC,CAAC;IAEH,OAAO,KAAK,WAAW,aAAa,EAAE,OAAO,EAAE,EAAE;QAC/C,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QAEpE,IAAI;YACF,6GAA6G;YAC7G,kBAAkB;YAClB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;YAE9C,oEAAoE;YACpE,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,EAAE;aACxB,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;SACf;QAAC,OAAO,GAAG,EAAE;YACZ,IAAI,CAAC,SAAS,CAAC;gBACb,IAAI,EAAE,cAAc,CAAC,KAAK;gBAC1B,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,GAAG,CAAC;SACX;gBAAS;YACR,IAAI,CAAC,GAAG,EAAE,CAAC;SACZ;IACH,CAAC,CAAC;AACJ,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT license.\n\nimport { Span, SpanStatusCode, createSpanFunction } from \"@azure/core-tracing\";\nimport { OperationOptions } from \"@azure/core-http\";\n\n/**\n * An interface representing a function that is traced.\n *\n * A traced function will automatically create and close tracing '\n * spans as needed and will handle setting the status / errors as a\n * result of calling the underlying callback.\n *\n * use {@link createTraceFunction} to add tracing to a block of code.\n *\n * @internal\n */\nexport interface TracedFunction {\n <TOptions extends OperationOptions, TReturn>(\n operationName: string,\n options: TOptions,\n cb: (options: TOptions, span: Span) => Promise<TReturn>\n ): Promise<TReturn>;\n}\n\n/**\n * Returns a function that can be used for tracing options.\n *\n * @param prefix - The prefix to use, likely the name of the class / client.\n *\n * @example const withTrace = createTraceFunction(\"Azure.KeyVault.Certificates.CertificateClient\")\n *\n * @internal\n */\nexport function createTraceFunction(prefix: string): TracedFunction {\n const createSpan = createSpanFunction({\n namespace: \"Microsoft.KeyVault\",\n packagePrefix: prefix,\n });\n\n return async function (operationName, options, cb) {\n const { updatedOptions, span } = createSpan(operationName, options);\n\n try {\n // NOTE: we really do need to await on this function here so we can handle any exceptions thrown and properly\n // close the span.\n const result = await cb(updatedOptions, span);\n\n // otel 0.16+ needs this or else the code ends up being set as UNSET\n span.setStatus({\n code: SpanStatusCode.OK,\n });\n return result;\n } catch (err) {\n span.setStatus({\n code: SpanStatusCode.ERROR,\n message: err.message,\n });\n throw err;\n } finally {\n span.end();\n }\n };\n}\n"]}
|
package/package.json
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
"name": "@azure/keyvault-admin",
|
|
3
3
|
"sdk-type": "client",
|
|
4
4
|
"author": "Microsoft Corporation",
|
|
5
|
-
"version": "4.2.
|
|
5
|
+
"version": "4.2.1-alpha.20220330.1",
|
|
6
6
|
"license": "MIT",
|
|
7
7
|
"description": "Isomorphic client library for Azure KeyVault's administrative functions.",
|
|
8
8
|
"homepage": "https://github.com/Azure/azure-sdk-for-js/blob/main/sdk/keyvault/keyvault-admin/README.md",
|
|
@@ -44,11 +44,12 @@
|
|
|
44
44
|
"scripts": {
|
|
45
45
|
"audit": "node ../../../common/scripts/rush-audit.js && rimraf node_modules package-lock.json && npm i --package-lock-only 2>&1 && npm audit",
|
|
46
46
|
"build:samples": "echo Obsolete.",
|
|
47
|
-
"build:node": "tsc -p . &&
|
|
48
|
-
"build:browser": "tsc -p . &&
|
|
49
|
-
"build:nodebrowser": "
|
|
50
|
-
"build:test": "tsc -p . &&
|
|
47
|
+
"build:node": "tsc -p . && npm run bundle",
|
|
48
|
+
"build:browser": "tsc -p . && npm run bundle",
|
|
49
|
+
"build:nodebrowser": "npm run bundle",
|
|
50
|
+
"build:test": "tsc -p . && npm run bundle",
|
|
51
51
|
"build": "npm run clean && tsc -p . && npm run build:nodebrowser && api-extractor run --local",
|
|
52
|
+
"bundle": "dev-tool run bundle --polyfill-node=false",
|
|
52
53
|
"check-format": "prettier --list-different --config ../../../.prettierrc.json --ignore-path ../../../.prettierignore \"src/**/*.ts\" \"test/**/*.ts\" \"samples-dev/**/*.ts\" \"*.{js,json}\"",
|
|
53
54
|
"clean": "rimraf dist dist-* types *.tgz *.log statistics.html coverage && rimraf src/**/*.js && rimraf test/**/*.js",
|
|
54
55
|
"execute:samples": "dev-tool samples run samples-dev",
|
|
@@ -66,9 +67,8 @@
|
|
|
66
67
|
"test:node": "npm run clean && npm run build:test && npm run unit-test:node",
|
|
67
68
|
"test": "npm run clean && npm run build:test && npm run unit-test",
|
|
68
69
|
"unit-test:browser": "echo skipped",
|
|
69
|
-
"unit-test:node": "mocha --require
|
|
70
|
-
"unit-test": "npm run unit-test:node && npm run unit-test:browser"
|
|
71
|
-
"docs": "typedoc --excludePrivate --excludeNotExported --excludeExternals --stripInternal --mode file --out ./dist/docs ./src"
|
|
70
|
+
"unit-test:node": "mocha -r esm --require ts-node/register --reporter ../../../common/tools/mocha-multi-reporter.js --timeout 180000 --full-trace \"test/{,!(browser)/**/}*.spec.ts\"",
|
|
71
|
+
"unit-test": "npm run unit-test:node && npm run unit-test:browser"
|
|
72
72
|
},
|
|
73
73
|
"//metadata": {
|
|
74
74
|
"constantPaths": [
|
|
@@ -118,43 +118,27 @@
|
|
|
118
118
|
"devDependencies": {
|
|
119
119
|
"@azure/abort-controller": "^1.0.0",
|
|
120
120
|
"@azure/core-util": "^1.0.0-beta.1",
|
|
121
|
-
"@azure/dev-tool": "
|
|
122
|
-
"@azure/eslint-plugin-azure-sdk": "
|
|
121
|
+
"@azure/dev-tool": ">=1.0.0-alpha <1.0.0-alphb",
|
|
122
|
+
"@azure/eslint-plugin-azure-sdk": ">=3.0.0-alpha <3.0.0-alphb",
|
|
123
123
|
"@azure/identity": "^2.0.1",
|
|
124
124
|
"@azure/keyvault-keys": "^4.2.1",
|
|
125
|
-
"@azure/test-utils": "
|
|
125
|
+
"@azure/test-utils": ">=1.0.0-alpha <1.0.0-alphb",
|
|
126
126
|
"@azure-tools/test-recorder": "^1.0.0",
|
|
127
127
|
"@microsoft/api-extractor": "^7.18.11",
|
|
128
|
-
"@rollup/plugin-commonjs": "11.0.2",
|
|
129
|
-
"@rollup/plugin-json": "^4.0.0",
|
|
130
|
-
"@rollup/plugin-multi-entry": "^3.0.0",
|
|
131
|
-
"@rollup/plugin-node-resolve": "^8.0.0",
|
|
132
|
-
"@rollup/plugin-replace": "^2.2.0",
|
|
133
|
-
"@types/chai": "^4.1.6",
|
|
134
|
-
"@types/chai-as-promised": "^7.1.0",
|
|
135
128
|
"@types/mocha": "^7.0.2",
|
|
136
129
|
"@types/node": "^12.0.0",
|
|
137
130
|
"@types/sinon": "^9.0.4",
|
|
138
|
-
"assert": "^1.4.1",
|
|
139
|
-
"chai": "^4.2.0",
|
|
140
|
-
"chai-as-promised": "^7.1.1",
|
|
141
131
|
"cross-env": "^7.0.2",
|
|
142
132
|
"dotenv": "^8.2.0",
|
|
143
133
|
"eslint": "^7.15.0",
|
|
144
134
|
"esm": "^3.2.18",
|
|
145
135
|
"mocha": "^7.1.1",
|
|
146
|
-
"mocha-junit-reporter": "^
|
|
147
|
-
"nyc": "^
|
|
148
|
-
"prettier": "^
|
|
136
|
+
"mocha-junit-reporter": "^2.0.0",
|
|
137
|
+
"nyc": "^15.0.0",
|
|
138
|
+
"prettier": "^2.5.1",
|
|
149
139
|
"rimraf": "^3.0.0",
|
|
150
|
-
"rollup": "^1.16.3",
|
|
151
|
-
"rollup-plugin-shim": "^1.0.0",
|
|
152
|
-
"rollup-plugin-sourcemaps": "^0.4.2",
|
|
153
|
-
"rollup-plugin-terser": "^5.1.1",
|
|
154
|
-
"rollup-plugin-visualizer": "^4.0.4",
|
|
155
140
|
"sinon": "^9.0.2",
|
|
156
141
|
"source-map-support": "^0.5.9",
|
|
157
|
-
"typedoc": "0.15.2",
|
|
158
142
|
"typescript": "~4.2.0"
|
|
159
143
|
}
|
|
160
144
|
}
|
|
@@ -60,7 +60,10 @@ export declare class KeyVaultAccessControlClient {
|
|
|
60
60
|
* The base URL to the vault
|
|
61
61
|
*/
|
|
62
62
|
readonly vaultUrl: string;
|
|
63
|
-
|
|
63
|
+
/**
|
|
64
|
+
* A reference to the auto-generated Key Vault HTTP client.
|
|
65
|
+
*/
|
|
66
|
+
private readonly client;
|
|
64
67
|
/**
|
|
65
68
|
* Creates an instance of the KeyVaultAccessControlClient.
|
|
66
69
|
*
|
|
@@ -128,8 +131,19 @@ export declare class KeyVaultAccessControlClient {
|
|
|
128
131
|
* @param options - The optional parameters.
|
|
129
132
|
*/
|
|
130
133
|
getRoleAssignment(roleScope: KeyVaultRoleScope, name: string, options?: GetRoleAssignmentOptions): Promise<KeyVaultRoleAssignment>;
|
|
131
|
-
|
|
132
|
-
|
|
134
|
+
/**
|
|
135
|
+
* Deals with the pagination of {@link listRoleAssignments}.
|
|
136
|
+
* @param roleScope - The scope of the role assignments.
|
|
137
|
+
* @param continuationState - An object that indicates the position of the paginated request.
|
|
138
|
+
* @param options - Common options for the iterative endpoints.
|
|
139
|
+
*/
|
|
140
|
+
private listRoleAssignmentsPage;
|
|
141
|
+
/**
|
|
142
|
+
* Deals with the iteration of all the available results of {@link listRoleAssignments}.
|
|
143
|
+
* @param roleScope - The scope of the role assignments.
|
|
144
|
+
* @param options - Common options for the iterative endpoints.
|
|
145
|
+
*/
|
|
146
|
+
private listRoleAssignmentsAll;
|
|
133
147
|
/**
|
|
134
148
|
* Iterates over all of the available role assignments in an Azure Key Vault.
|
|
135
149
|
*
|
|
@@ -145,8 +159,19 @@ export declare class KeyVaultAccessControlClient {
|
|
|
145
159
|
* @param options - The optional parameters.
|
|
146
160
|
*/
|
|
147
161
|
listRoleAssignments(roleScope: KeyVaultRoleScope, options?: ListRoleAssignmentsOptions): PagedAsyncIterableIterator<KeyVaultRoleAssignment>;
|
|
148
|
-
|
|
149
|
-
|
|
162
|
+
/**
|
|
163
|
+
* Deals with the pagination of {@link listRoleDefinitions}.
|
|
164
|
+
* @param roleScope - The scope of the role definition.
|
|
165
|
+
* @param continuationState - An object that indicates the position of the paginated request.
|
|
166
|
+
* @param options - Common options for the iterative endpoints.
|
|
167
|
+
*/
|
|
168
|
+
private listRoleDefinitionsPage;
|
|
169
|
+
/**
|
|
170
|
+
* Deals with the iteration of all the available results of {@link listRoleDefinitions}.
|
|
171
|
+
* @param roleScope - The scope of the role definition.
|
|
172
|
+
* @param options - Common options for the iterative endpoints.
|
|
173
|
+
*/
|
|
174
|
+
private listRoleDefinitionsAll;
|
|
150
175
|
/**
|
|
151
176
|
* Iterates over all of the available role definitions in an Azure Key Vault.
|
|
152
177
|
*
|
|
@@ -188,9 +213,6 @@ export declare class KeyVaultAccessControlClient {
|
|
|
188
213
|
* console.log(roleDefinition);
|
|
189
214
|
* ```
|
|
190
215
|
* @param roleScope - The scope of the role definition.
|
|
191
|
-
* @param name - The name of the role definition. Must be a UUID.
|
|
192
|
-
* @param permissions - The set of {@link KeyVaultPermission} for this role definition.
|
|
193
|
-
* @param description - The role definition description.
|
|
194
216
|
* @param options - The optional parameters.
|
|
195
217
|
*/
|
|
196
218
|
setRoleDefinition(roleScope: KeyVaultRoleScope, options?: SetRoleDefinitionOptions): Promise<KeyVaultRoleDefinition>;
|
|
@@ -247,7 +269,10 @@ export declare class KeyVaultBackupClient {
|
|
|
247
269
|
* The base URL to the vault
|
|
248
270
|
*/
|
|
249
271
|
readonly vaultUrl: string;
|
|
250
|
-
|
|
272
|
+
/**
|
|
273
|
+
* A reference to the auto-generated Key Vault HTTP client.
|
|
274
|
+
*/
|
|
275
|
+
private readonly client;
|
|
251
276
|
/**
|
|
252
277
|
* Creates an instance of the KeyVaultBackupClient.
|
|
253
278
|
*
|
|
@@ -711,7 +736,7 @@ export declare enum KnownKeyVaultRoleScope {
|
|
|
711
736
|
/**
|
|
712
737
|
* The latest supported Key Vault service API version.
|
|
713
738
|
*/
|
|
714
|
-
export declare const LATEST_API_VERSION = "7.3
|
|
739
|
+
export declare const LATEST_API_VERSION = "7.3";
|
|
715
740
|
|
|
716
741
|
/**
|
|
717
742
|
* An interface representing optional parameters passed to {@link listRoleAssignments}.
|
|
@@ -781,6 +806,6 @@ export declare interface SetRoleDefinitionOptions extends OperationOptions {
|
|
|
781
806
|
/**
|
|
782
807
|
* Supported API versions
|
|
783
808
|
*/
|
|
784
|
-
export declare type SUPPORTED_API_VERSIONS = "7.2" | "7.3
|
|
809
|
+
export declare type SUPPORTED_API_VERSIONS = "7.2" | "7.3";
|
|
785
810
|
|
|
786
811
|
export { }
|