@equinor/fusion-framework-cli 14.2.7 → 15.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/CHANGELOG.md +19 -0
  2. package/bin/build/bin.mjs +1 -1
  3. package/bin/build/cli.mjs +3 -3
  4. package/dist/esm/version.js +1 -1
  5. package/dist/types/bin/framework.node.d.ts +10 -3
  6. package/dist/types/version.d.ts +1 -1
  7. package/docs/auth.md +9 -8
  8. package/package.json +3 -3
package/dist/esm/version.js CHANGED
@@ -1,3 +1,3 @@
1
1
  // Generated by genversion.
2
- export const version = '14.2.7';
2
+ export const version = '15.0.0';
3
3
  //# sourceMappingURL=version.js.map
package/dist/types/bin/framework.node.d.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { ModulesConfigurator, type ModulesInstance, type AnyModule } from '@equinor/fusion-framework-module';
2
- import { type MsalNodeModule } from '@equinor/fusion-framework-module-msal-node';
2
+ import { type AzureIdentityModule } from '@equinor/fusion-framework-module-azure-identity';
3
3
  import { type HttpModule } from '@equinor/fusion-framework-module-http';
4
4
  import { type ServiceDiscoveryModule } from '@equinor/fusion-framework-module-service-discovery';
5
- type Modules = [MsalNodeModule, HttpModule, ServiceDiscoveryModule];
5
+ type Modules = [AzureIdentityModule, HttpModule, ServiceDiscoveryModule];
6
6
  /**
7
7
  * Type representing the initialized Fusion Framework instance.
8
8
  * This is a composition of the modules defined in the Modules tuple.
@@ -53,13 +53,20 @@ interface AuthInteractiveOptions extends Omit<AuthSilentOptions, 'interactive'>
53
53
  onOpen?: (url: string) => void;
54
54
  };
55
55
  }
56
+ /**
57
+ * Auth option for Azure Identity's DefaultAzureCredential.
58
+ * No configuration needed — credentials are resolved from the environment.
59
+ */
60
+ interface AuthDefaultCredentialOptions {
61
+ defaultCredential: true;
62
+ }
56
63
  /**
57
64
  * Settings for initializing the Fusion Framework.
58
65
  * Includes environment, authentication, and service discovery options.
59
66
  */
60
67
  export type FusionFrameworkSettings = {
61
68
  env?: (typeof FusionEnv)[keyof typeof FusionEnv];
62
- auth: AuthTokenOptions | AuthSilentOptions | AuthInteractiveOptions;
69
+ auth: AuthTokenOptions | AuthSilentOptions | AuthInteractiveOptions | AuthDefaultCredentialOptions;
63
70
  serviceDiscovery?: {
64
71
  url?: string;
65
72
  scope?: string[];
package/dist/types/version.d.ts CHANGED
@@ -1 +1 @@
1
- export declare const version = "14.2.7";
1
+ export declare const version = "15.0.0";
package/docs/auth.md CHANGED
@@ -1,16 +1,16 @@
1
- The Fusion Framework CLI provides secure, robust authentication for both automation and interactive development scenarios by leveraging Microsoft's MSAL (Microsoft Authentication Library) and Azure Active Directory (Azure AD). Authentication is handled through the Fusion Framework for Node.js, using the `@equinor/fusion-framework-module-msal-node` package, which is built on top of Microsoft's official `msal-node` library. This ensures standards-compliant, up-to-date authentication flows and seamless integration across Fusion Framework applications and tools.
1
+ The Fusion Framework CLI provides secure, robust authentication for both automation and interactive development scenarios using Azure Identity and Azure Active Directory (Azure AD). Authentication is handled through the `@equinor/fusion-framework-module-azure-identity` package, which wraps `@azure/identity` credentials with OS-level token caching via `@azure/identity-cache-persistence`. This ensures standards-compliant, up-to-date authentication flows and seamless integration across Fusion Framework applications and tools.
2
2
 
3
- For detailed information about the underlying authentication module, see the [MSAL Node Module documentation](https://equinor.github.io/fusion-framework/modules/auth/msal-node/).
3
+ For detailed information about the underlying authentication module, see the [Azure Identity Module README](../../packages/modules/azure-identity/README.md).
4
4
 
5
5
  > [!TIP]
6
6
  > The CLI exposes two binary aliases: `fusion-framework-cli` and `ffc`. All examples below use the long form, but you can substitute `ffc` anywhere — e.g. `ffc auth login`, `ffc auth token`.
7
7
 
8
8
  ## Key features
9
9
  - **Multiple authentication modes:**
10
+ - `interactive`: Browser-based Azure AD login with OS-level token caching (CLI tools, development).
11
+ - `default_credential`: Ambient credential chain — environment variables, managed identity, Azure CLI (CI/CD, infrastructure).
10
12
  - `token_only`: Use a pre-provided token (e.g., for CI/CD and automation).
11
- - `silent`: Acquire tokens silently using cached or refresh tokens (background services, scripts).
12
- - `interactive`: Prompt for authentication via a local HTTP server (CLI tools, development).
13
- - **Secure token storage:** Tokens are encrypted at rest using platform-specific mechanisms (e.g., Secure Enclave on macOS, DPAPI on Windows).
13
+ - **Secure token storage:** Tokens and authentication records are encrypted at rest using platform-specific mechanisms (Keychain on macOS, DPAPI on Windows, libsecret on Linux) via `@azure/msal-node-extensions`.
14
14
  - **Consistent experience:** The same authentication logic and token handling is used across CLI and app environments.
15
15
 
16
16
  ## Azure AD Concepts: Tenant, Client App, and Scopes
@@ -95,7 +95,7 @@ ffc auth token
95
95
  > # or: export FUSION_TOKEN=$(ffc auth token --silent)
96
96
  > ```
97
97
 
98
- > [!Note] This command requires an interactive user context and MSAL Node. It is not suitable for CI/CD environments, as there is no user available in those scenarios. Use it for local development, testing, or whenever you need to preserve a Fusion token for your own scripts or tools.
98
+ > [!Note] This command requires an interactive user context. It is not suitable for CI/CD environments, as there is no user available in those scenarios. Use it for local development, testing, or whenever you need to preserve a Fusion token for your own scripts or tools.
99
99
 
100
100
  ## CI/CD
101
101
 
@@ -174,6 +174,7 @@ runs:
174
174
 
175
175
  ## Additional Resources
176
176
 
177
- - [MSAL Node Module Documentation](https://equinor.github.io/fusion-framework/modules/auth/msal-node/) - Complete reference for the underlying authentication module
178
- - [libsecret Setup Guide](https://equinor.github.io/fusion-framework/modules/auth/msal-node/docs/libsecret.html) - Platform-specific setup for secure credential storage on Linux systems
177
+ - [Azure Identity Module README](../../packages/modules/azure-identity/README.md) - Complete reference for the underlying authentication module
178
+ - [Azure Identity documentation](https://learn.microsoft.com/en-us/javascript/api/overview/azure/identity-readme) - Microsoft's official Azure Identity SDK docs
179
+ - [libsecret Setup Guide](https://learn.microsoft.com/en-us/javascript/api/overview/azure/identity-cache-persistence-readme) - Platform-specific setup for secure credential storage
179
180
  ```
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@equinor/fusion-framework-cli",
3
- "version": "14.2.7",
3
+ "version": "15.0.0",
4
4
  "keywords": [
5
5
  "Fusion",
6
6
  "Fusion Framework",
@@ -111,9 +111,9 @@
111
111
  "vite": "^8.0.0",
112
112
  "vite-tsconfig-paths": "^6.0.4",
113
113
  "zod": "^4.3.6",
114
- "@equinor/fusion-framework-dev-server": "2.0.4",
115
114
  "@equinor/fusion-framework-dev-portal": "5.1.7",
116
- "@equinor/fusion-framework-module-msal-node": "4.1.0",
115
+ "@equinor/fusion-framework-dev-server": "2.0.4",
116
+ "@equinor/fusion-framework-module-azure-identity": "0.2.0",
117
117
  "@equinor/fusion-framework-vite-plugin-raw-imports": "2.0.0",
118
118
  "@equinor/fusion-imports": "2.0.0"
119
119
  },