npm - @equinor/fusion-framework-module-msal-node - Versions diffs - 4.0.2 → 4.1.1 - Mend

@equinor/fusion-framework-module-msal-node 4.0.2 → 4.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/CHANGELOG.md +16 -0
package/dist/esm/AuthConfigurator.js +17 -0
package/dist/esm/AuthConfigurator.js.map +1 -1
package/dist/esm/AuthProviderDeviceCode.js +94 -0
package/dist/esm/AuthProviderDeviceCode.js.map +1 -0
package/dist/esm/AuthProviderInteractive.js +9 -1
package/dist/esm/AuthProviderInteractive.js.map +1 -1
package/dist/esm/index.js +3 -1
package/dist/esm/index.js.map +1 -1
package/dist/esm/module.js +5 -0
package/dist/esm/module.js.map +1 -1
package/dist/esm/version.js +1 -1
package/dist/tsconfig.tsbuildinfo +1 -1
package/dist/types/AuthConfigurator.d.ts +9 -0
package/dist/types/AuthConfigurator.interface.d.ts +61 -7
package/dist/types/AuthProviderDeviceCode.d.ts +68 -0
package/dist/types/index.d.ts +3 -1
package/dist/types/module.d.ts +1 -0
package/dist/types/version.d.ts +1 -1
package/package.json +1 -1
package/src/AuthConfigurator.interface.ts +67 -7
package/src/AuthConfigurator.ts +19 -0
package/src/AuthProviderDeviceCode.ts +109 -0
package/src/AuthProviderInteractive.ts +8 -1
package/src/index.ts +4 -1
package/src/module.ts +7 -0
package/src/version.ts +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,21 @@
 # @equinor/fusion-framework-module-msal-node
+## 4.1.1
+### Patch Changes
+- 51e6e50: Internal: bump `@azure/msal-node` from `5.0.2` to `5.1.4` and `@azure/msal-node-extensions` from `5.0.2` to `5.1.4`.
+## 4.1.0
+### Minor Changes
+- ece8f42: Add `device_code` authentication mode for interactive CLI login.
+  The new `AuthProviderDeviceCode` class prompts the user to visit a URL and enter a code, then exchanges it for tokens. This enables CLI tools to authenticate without a client secret, using the standard MSAL device code flow.
+  Ref: https://github.com/equinor/fusion-framework/issues/1008
 ## 4.0.2
 ### Patch Changes

package/dist/esm/AuthConfigurator.js CHANGED Viewed

@@ -80,6 +80,16 @@ export class AuthConfigurator extends BaseConfigBuilder {
     setAccessToken(token) {
         this._set('accessToken', token);
     }
+    /**
+     * Sets the callback invoked with the device code response during `device_code` authentication.
+     *
+     * If not set, the default behaviour is `console.log(response.message)`.
+     *
+     * @param callback - The callback, or `undefined` to restore the default handler.
+     */
+    setDeviceCodeCallback(callback) {
+        this._set('deviceCodeCallback', callback ?? undefined);
+    }
     /**
      * Prepares and finalizes the authentication configuration before validation and use.
      *
@@ -140,6 +150,13 @@ export class AuthConfigurator extends BaseConfigBuilder {
                 }
                 break;
             }
+            case 'device_code': {
+                // Device code mode requires a valid MSAL client instance
+                if (config.client instanceof PublicClientApplication === false) {
+                    throw new Error('Client is required when mode is device_code');
+                }
+                break;
+            }
             case 'token_only': {
                 // Token only mode requires a string access token
                 if (typeof config.accessToken !== 'string') {

package/dist/esm/AuthConfigurator.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"AuthConfigurator.js","sourceRoot":"","sources":["../../src/AuthConfigurator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;~~AAC3D~~,OAAO,EACL,iBAAiB,GAGlB,MAAM,kCAAkC,CAAC;AAK1C;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,gBAAiB,SAAQ,iBAA6B;IACjE;QACE,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAC9B,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,IAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,CAAC,MAA4B;QACpC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED;;;;;;;;OAQG;IACH,eAAe,CAAC,QAAgB,EAAE,QAAgB;QAChD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;YAC7B,sFAAsF;YACtF,sDAAsD;YACtD,mGAAmG;YACnG,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,CAAC;YACrE,OAAO,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,aAAa,CAAC,IAAY;QACxB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACjC,CAAC;IAED;;;;;;OAMG;IACH,eAAe,CAAC,MAA2C;QACzD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IACrC,CAAC;IAED;;;;OAIG;IACH,cAAc,CAAC,KAAa;QAC1B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAClC,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACO,YAAY,CACpB,IAA+B,EAC/B,OAAyC;QAEzC,+EAA+E;QAC/E,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAG,IAAI,CAAC,GAAyC,EAAE,IAAI,CAAC,CAAC;QAC3E,+CAA+C;QAC/C,OAAO,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,cAAc,CAAC,MAAkB;QACrC,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;YACpB,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,yDAAyD;gBACzD,IAAI,MAAM,CAAC,MAAM,YAAY,uBAAuB,KAAK,KAAK,EAAE,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,uCAAuC;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,+BAA+B;gBAC/B,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;gBAC3E,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,oDAAoD;gBACpD,IAAI,MAAM,CAAC,MAAM,YAAY,uBAAuB,KAAK,KAAK,EAAE,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;gBAC5D,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,iDAAiD;gBACjD,IAAI,OAAO,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBACtE,CAAC;gBACD,MAAM;YACR,CAAC;YACD,gEAAgE;QAClE,CAAC;QACD,oDAAoD;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}
1	+ {"version":3,"file":"AuthConfigurator.js","sourceRoot":"","sources":["../../src/AuthConfigurator.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAE3D,OAAO,EACL,iBAAiB,GAGlB,MAAM,kCAAkC,CAAC;AAK1C;;;;;;;;;;;GAWG;AACH,MAAM,OAAO,gBAAiB,SAAQ,iBAA6B;IACjE;QACE,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAC9B,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,IAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED;;;;;;;OAOG;IACH,SAAS,CAAC,MAA4B;QACpC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED;;;;;;;;OAQG;IACH,eAAe,CAAC,QAAgB,EAAE,QAAgB;QAChD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;YAC7B,sFAAsF;YACtF,sDAAsD;YACtD,mGAAmG;YACnG,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,CAAC;YACrE,OAAO,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,aAAa,CAAC,IAAY;QACxB,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;IACjC,CAAC;IAED;;;;;;OAMG;IACH,eAAe,CAAC,MAA2C;QACzD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IACrC,CAAC;IAED;;;;OAIG;IACH,cAAc,CAAC,KAAa;QAC1B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;IAClC,CAAC;IAED;;;;;;OAMG;IACH,qBAAqB,CAAC,QAA6D;QACjF,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,QAAQ,IAAI,SAAS,CAAC,CAAC;IACzD,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACO,YAAY,CACpB,IAA+B,EAC/B,OAAyC;QAEzC,+EAA+E;QAC/E,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAG,IAAI,CAAC,GAAyC,EAAE,IAAI,CAAC,CAAC;QAC3E,+CAA+C;QAC/C,OAAO,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACH,KAAK,CAAC,cAAc,CAAC,MAAkB;QACrC,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;YACpB,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,yDAAyD;gBACzD,IAAI,MAAM,CAAC,MAAM,YAAY,uBAAuB,KAAK,KAAK,EAAE,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,uCAAuC;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,+BAA+B;gBAC/B,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;gBAC3E,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,oDAAoD;gBACpD,IAAI,MAAM,CAAC,MAAM,YAAY,uBAAuB,KAAK,KAAK,EAAE,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;gBAC5D,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,yDAAyD;gBACzD,IAAI,MAAM,CAAC,MAAM,YAAY,uBAAuB,KAAK,KAAK,EAAE,CAAC;oBAC/D,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;gBACjE,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,iDAAiD;gBACjD,IAAI,OAAO,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;oBAC3C,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;gBACtE,CAAC;gBACD,MAAM;YACR,CAAC;YACD,gEAAgE;QAClE,CAAC;QACD,oDAAoD;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/dist/esm/AuthProviderDeviceCode.js ADDED Viewed

@@ -0,0 +1,94 @@
+import { AuthProvider } from './AuthProvider.js';
+import { SilentTokenAcquisitionError } from './error.js';
+/**
+ * Authentication provider that uses the OAuth 2.0 device code flow.
+ *
+ * When an access token cannot be acquired silently, the provider calls
+ * `acquireTokenByDeviceCode` and invokes `deviceCodeCallback` with the
+ * response containing `userCode`, `verificationUri`, and `message`.
+ * The user opens the URL on any device, enters the code, and authenticates.
+ * No local HTTP server is required, making this the recommended mode for CLI tools.
+ *
+ * @example
+ * ```ts
+ * const provider = new AuthProviderDeviceCode(msalClient, {
+ *   deviceCodeCallback: (response) => console.log(response.message),
+ * });
+ * ```
+ *
+ * @see AuthProviderInteractive - Browser-based login with a local callback server.
+ * @see AuthProvider - Silent-only provider (base class).
+ */
+export class AuthProviderDeviceCode extends AuthProvider {
+    #deviceCodeCallback;
+    /**
+     * Creates an instance of `AuthProviderDeviceCode`.
+     *
+     * @param client - The MSAL `PublicClientApplication` to use for token acquisition.
+     * @param options - Configuration options.
+     * @param options.deviceCodeCallback - Callback invoked with the device code response.
+     *   Defaults to printing `response.message` to `console.log`.
+     */
+    constructor(client, options) {
+        super(client);
+        this.#deviceCodeCallback =
+            options?.deviceCodeCallback ?? ((response) => console.log(response.message));
+    }
+    /**
+     * Acquires an access token for the specified scopes.
+     *
+     * First attempts silent acquisition using the cached account.
+     * If that fails (e.g. no account or new resource requiring consent),
+     * falls back to the device code flow — invoking `deviceCodeCallback` so
+     * the user can authenticate on any device.
+     *
+     * @param options - Token request options.
+     * @param options.request.scopes - OAuth 2.0 scopes to request.
+     * @returns A promise resolving to an `AuthenticationResult`.
+     * @throws {@link SilentTokenAcquisitionError} If device code acquisition also fails.
+     */
+    async acquireToken(options) {
+        // Attempt silent acquisition first (uses cached account / refresh token)
+        const account = await this.getAccount();
+        if (account) {
+            try {
+                return await this._client.acquireTokenSilent({
+                    scopes: options.request.scopes,
+                    account,
+                });
+            }
+            catch {
+                // Silent failed — fall through to device code flow below
+            }
+        }
+        // Fall back to device code flow
+        try {
+            const result = await this._client.acquireTokenByDeviceCode({
+                scopes: options.request.scopes,
+                deviceCodeCallback: this.#deviceCodeCallback,
+            });
+            if (!result) {
+                throw new SilentTokenAcquisitionError('Device code flow returned no result');
+            }
+            return result;
+        }
+        catch (error) {
+            throw new SilentTokenAcquisitionError('Device code token acquisition failed', {
+                cause: error,
+            });
+        }
+    }
+    /**
+     * Initiates the device code login flow explicitly.
+     *
+     * This is equivalent to calling `acquireToken` and is provided to satisfy
+     * the `IAuthProvider` contract.
+     *
+     * @param options - Login options containing the requested scopes.
+     * @returns A promise resolving to an `AuthenticationResult`.
+     */
+    async login(options) {
+        return this.acquireToken(options);
+    }
+}
+//# sourceMappingURL=AuthProviderDeviceCode.js.map

package/dist/esm/AuthProviderDeviceCode.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AuthProviderDeviceCode.js","sourceRoot":"","sources":["../../src/AuthProviderDeviceCode.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,2BAA2B,EAAE,MAAM,YAAY,CAAC;AAEzD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,OAAO,sBAAuB,SAAQ,YAAY;IAC7C,mBAAmB,CAA0C;IAEtE;;;;;;;OAOG;IACH,YACE,MAA+B,EAC/B,OAEC;QAED,KAAK,CAAC,MAAM,CAAC,CAAC;QACd,IAAI,CAAC,mBAAmB;YACtB,OAAO,EAAE,kBAAkB,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IACjF,CAAC;IAED;;;;;;;;;;;;OAYG;IACa,KAAK,CAAC,YAAY,CAAC,OAElC;QACC,yEAAyE;QACzE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC;QACxC,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC;oBAC3C,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM;oBAC9B,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,yDAAyD;YAC3D,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,wBAAwB,CAAC;gBACzD,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM;gBAC9B,kBAAkB,EAAE,IAAI,CAAC,mBAAmB;aAC7C,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,IAAI,2BAA2B,CAAC,qCAAqC,CAAC,CAAC;YAC/E,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,2BAA2B,CAAC,sCAAsC,EAAE;gBAC5E,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACa,KAAK,CAAC,KAAK,CAAC,OAE3B;QACC,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;CACF"}

package/dist/esm/AuthProviderInteractive.js CHANGED Viewed

@@ -103,7 +103,15 @@ export class AuthProviderInteractive extends AuthProvider {
         if ((await this.getAccount()) === null) {
             return this.login({ request: { scopes } });
         }
-        return super.acquireToken(options);
+        try {
+            return await super.acquireToken(options);
+        }
+        catch {
+            // Silent acquisition failed (e.g. no cached token for this resource/audience).
+            // Fall back to interactive login so the user only needs one browser session
+            // rather than seeing an unhandled error or a separate prompted login elsewhere.
+            return this.login({ request: { scopes } });
+        }
     }
 }
 //# sourceMappingURL=AuthProviderInteractive.js.map

package/dist/esm/AuthProviderInteractive.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"AuthProviderInteractive.js","sourceRoot":"","sources":["../../src/AuthProviderInteractive.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,WAAW,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;;;;;;GAOG;AACH,MAAM,eAAe,GAAG,CAAC,MAAc,EAAU,EAAE,CACjD,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAExF;;;;;;;GAOG;AACH,MAAM,iBAAiB,GAAG,GAA4C,EAAE;IACtE,MAAM,QAAQ,GAAG,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,eAAe,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC,CAAC;AAkBF;;;;;;;;;;;;;GAaG;AACH,MAAM,OAAO,uBAAwB,SAAQ,YAAY;IACvD,QAAQ,CAAsB;IAE9B,YAAY,MAA+B,EAAE,OAA4B;QACvE,KAAK,CAAC,MAAM,CAAC,CAAC;QACd,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,KAAK,CAAC,OAA0C;QAC3D,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QACnC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QAE9C,kDAAkD;QAClD,kEAAkE;QAClE,yDAAyD;QACzD,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,iBAAiB,EAAE,CAAC;QACpD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YACpD,MAAM;YACN,WAAW,EAAE,oBAAoB,IAAI,EAAE;YACvC,aAAa,EAAE,SAAS;YACxB,mBAAmB,EAAE,MAAM;SAC5B,CAAC,CAAC;QAEH,uCAAuC;QACvC,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;QAE/B,qCAAqC;QACrC,IAAI,MAAM;YAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAEhC,OAAO,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE;YAC5C,YAAY,EAAE,QAAQ;YACtB,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACI,KAAK,CAAC,YAAY,CAAC,OAEzB;QACC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACrD,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;~~IACrC~~,CAAC;CACF"}
1	+ {"version":3,"file":"AuthProviderInteractive.js","sourceRoot":"","sources":["../../src/AuthProviderInteractive.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAEtD,OAAO,WAAW,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD;;;;;;;GAOG;AACH,MAAM,eAAe,GAAG,CAAC,MAAc,EAAU,EAAE,CACjD,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAExF;;;;;;;GAOG;AACH,MAAM,iBAAiB,GAAG,GAA4C,EAAE;IACtE,MAAM,QAAQ,GAAG,eAAe,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,eAAe,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;IAClF,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;AACjC,CAAC,CAAC;AAkBF;;;;;;;;;;;;;GAaG;AACH,MAAM,OAAO,uBAAwB,SAAQ,YAAY;IACvD,QAAQ,CAAsB;IAE9B,YAAY,MAA+B,EAAE,OAA4B;QACvE,KAAK,CAAC,MAAM,CAAC,CAAC;QACd,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC;IAC1B,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACI,KAAK,CAAC,KAAK,CAAC,OAA0C;QAC3D,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;QACnC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QAE9C,kDAAkD;QAClD,kEAAkE;QAClE,yDAAyD;QACzD,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,iBAAiB,EAAE,CAAC;QACpD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YACpD,MAAM;YACN,WAAW,EAAE,oBAAoB,IAAI,EAAE;YACvC,aAAa,EAAE,SAAS;YACxB,mBAAmB,EAAE,MAAM;SAC5B,CAAC,CAAC;QAEH,uCAAuC;QACvC,MAAM,WAAW,CAAC,WAAW,CAAC,CAAC;QAE/B,qCAAqC;QACrC,IAAI,MAAM;YAAE,MAAM,CAAC,WAAW,CAAC,CAAC;QAEhC,OAAO,gBAAgB,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE;YAC5C,YAAY,EAAE,QAAQ;YACtB,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACI,KAAK,CAAC,YAAY,CAAC,OAEzB;QACC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;QACrD,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,CAAC;YACH,OAAO,MAAM,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAC3C,CAAC;QAAC,MAAM,CAAC;YACP,+EAA+E;YAC/E,4EAA4E;YAC5E,gFAAgF;YAChF,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;CACF"}

package/dist/esm/index.js CHANGED Viewed

@@ -2,8 +2,9 @@
  * `@equinor/fusion-framework-module-msal-node` provides Azure AD authentication
  * for Node.js applications using Microsoft's MSAL library.
  *
- * Supports three authentication modes:
+ * Supports four authentication modes:
  * - **interactive** — browser-based login with a local callback server (CLI tools, development)
+ * - **device_code** — prints a short code for the user to enter at a URL; no server needed (**recommended for CLI tools**)
  * - **silent** — cached credential reuse without user interaction (background services)
  * - **token_only** — static pre-obtained token passthrough (CI/CD, automation)
  *
@@ -20,6 +21,7 @@
  * @packageDocumentation
  */
 export { AuthProvider } from './AuthProvider.js';
+export { AuthProviderDeviceCode } from './AuthProviderDeviceCode.js';
 export { module as authModule } from './module.js';
 export { enableModule as enableAuthModule } from './enable-module.js';
 //# sourceMappingURL=index.js.map

package/dist/esm/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA~~;;;;;;;;;;;;;;;;;;;;GAoBG~~;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;~~AAMjD~~,OAAO,EAAE,MAAM,IAAI,UAAU,EAAuB,MAAM,aAAa,CAAC;AAExE,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAMrE,OAAO,EAAE,MAAM,IAAI,UAAU,EAAuB,MAAM,aAAa,CAAC;AAExE,OAAO,EAAE,YAAY,IAAI,gBAAgB,EAAE,MAAM,oBAAoB,CAAC"}

package/dist/esm/module.js CHANGED Viewed

@@ -2,6 +2,7 @@ import { AuthConfigurator } from './AuthConfigurator.js';
 import { AuthProvider } from './AuthProvider.js';
 import { AuthTokenProvider } from './AuthTokenProvider.js';
 import { AuthProviderInteractive } from './AuthProviderInteractive.js';
+import { AuthProviderDeviceCode } from './AuthProviderDeviceCode.js';
 export const module = {
     name: 'auth',
     configure: () => new AuthConfigurator(),
@@ -17,6 +18,10 @@ export const module = {
                 }
                 return new AuthProviderInteractive(client, { server });
             }
+            case 'device_code': {
+                const { client, deviceCodeCallback } = config;
+                return new AuthProviderDeviceCode(client, { deviceCodeCallback });
+            }
             default:
                 return new AuthProvider(config.client);
         }

package/dist/esm/module.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"module.js","sourceRoot":"","sources":["../../src/module.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;~~AAuBvE~~,MAAM,CAAC,MAAM,MAAM,GAAmB;IACpC,IAAI,EAAE,MAAM;IACZ,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI,gBAAgB,EAAE;IACvC,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAEzD,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;YACpB,KAAK,YAAY;gBACf,OAAO,IAAI,iBAAiB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEnD,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;gBAClC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;gBAC3E,CAAC;gBACD,OAAO,IAAI,uBAAuB,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;YACzD,CAAC;YAED;gBACE,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;CACF,CAAC;AAEF,eAAe,MAAM,CAAC"}
1	+ {"version":3,"file":"module.js","sourceRoot":"","sources":["../../src/module.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AACvE,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAwBrE,MAAM,CAAC,MAAM,MAAM,GAAmB;IACpC,IAAI,EAAE,MAAM;IACZ,SAAS,EAAE,GAAG,EAAE,CAAC,IAAI,gBAAgB,EAAE;IACvC,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;QACzB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAEzD,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;YACpB,KAAK,YAAY;gBACf,OAAO,IAAI,iBAAiB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEnD,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC;gBAClC,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,uDAAuD,CAAC,CAAC;gBAC3E,CAAC;gBACD,OAAO,IAAI,uBAAuB,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;YACzD,CAAC;YAED,KAAK,aAAa,CAAC,CAAC,CAAC;gBACnB,MAAM,EAAE,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,CAAC;gBAC9C,OAAO,IAAI,sBAAsB,CAAC,MAAM,EAAE,EAAE,kBAAkB,EAAE,CAAC,CAAC;YACpE,CAAC;YAED;gBACE,OAAO,IAAI,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;CACF,CAAC;AAEF,eAAe,MAAM,CAAC"}

package/dist/esm/version.js CHANGED Viewed

@@ -1,3 +1,3 @@
 // Generated by genversion.
-export const version = '4.0.2';
+export const version = '4.1.1';
 //# sourceMappingURL=version.js.map