@equinor/fusion-framework-module-msal-node 4.1.1 → 4.1.2

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # @equinor/fusion-framework-module-msal-node
 
+## 4.1.2
+
+### Patch Changes
+
+- 3e82dee: Move `@azure/msal-node-extensions` to `optionalDependencies` and convert its static import to a dynamic loader.
+
+  The native `keytar` addon (required by `msal-node-extensions` for OS keychain access) previously caused `pnpm install` to fail on Linux environments without `libsecret-1`, and the static top-level import caused the module to fail to load entirely when the optional build did not succeed.
+
+  Token cache persistence remains fully functional in interactive desktop environments. When the optional dependency is absent, a clear, actionable error is thrown at call-time instead of a raw `ERR_MODULE_NOT_FOUND` at import-time.
+
 ## 4.1.1
 
 ### Patch Changes

package/dist/esm/create-auth-cache.js

@@ -1,6 +1,16 @@
-import { DataProtectionScope, Environment, PersistenceCreator, PersistenceCachePlugin, } from '@azure/msal-node-extensions';
 import { tmpdir } from 'node:os';
 import path from 'node:path';
+const importMsalNodeExtensions = async () => {
+    try {
+        return await import('@azure/msal-node-extensions');
+    }
+    catch (cause) {
+        throw new Error('Failed to load @azure/msal-node-extensions. ' +
+            'Token cache persistence requires a native module (keytar/libsecret) that is only ' +
+            'available in interactive desktop environments. Install the optional dependency or ' +
+            'use a non-caching auth mode.', { cause });
+    }
+};
 /**
  * Resolves the directory path for storing the authentication cache.
  *
@@ -8,7 +18,8 @@ import path from 'node:path';
  *
  * @returns The resolved cache directory path as a string.
  */
-const resolveCachePath = () => {
+const resolveCachePath = async () => {
+    const { Environment } = await importMsalNodeExtensions();
     return Environment?.getUserRootDirectory() ?? tmpdir();
 };
 /**
@@ -18,8 +29,8 @@ const resolveCachePath = () => {
  * @param clientId - The Azure AD client/application ID.
  * @returns The full file path for the cache file.
  */
-const resolveCacheFilePath = (tenantId, clientId) => {
-    return path.join(resolveCachePath(), `.token-cache-${tenantId}_${clientId}`);
+const resolveCacheFilePath = async (tenantId, clientId) => {
+    return path.join(await resolveCachePath(), `.token-cache-${tenantId}_${clientId}`);
 };
 /**
  * Creates a persistence cache for storing authentication data securely on disk.
@@ -27,13 +38,17 @@ const resolveCacheFilePath = (tenantId, clientId) => {
  * The cache is encrypted and scoped to the current user for security. It is uniquely identified
  * by the provided tenant and client IDs, and is associated with the 'fusion-framework' service.
  *
+ * Requires `@azure/msal-node-extensions` to be installed (optional dependency).
+ * Only available in interactive desktop environments with a system keychain.
+ *
  * @param tenantId - The Azure AD tenant ID used to identify the cache.
  * @param clientId - The Azure AD client/application ID used to identify the cache.
  * @returns A promise that resolves to the created persistence cache instance.
  */
 export const createPersistenceCache = async (tenantId, clientId) => {
+    const { DataProtectionScope, PersistenceCreator } = await importMsalNodeExtensions();
     return PersistenceCreator.createPersistence({
-        cachePath: resolveCacheFilePath(tenantId, clientId),
+        cachePath: await resolveCacheFilePath(tenantId, clientId),
         serviceName: 'fusion-framework',
         accountName: [tenantId, clientId].join('_'),
         dataProtectionScope: DataProtectionScope.CurrentUser,
@@ -62,6 +77,7 @@ export const clearPersistenceCache = async (tenantId, clientId) => {
  * @returns A promise that resolves to an instance of `PersistenceCachePlugin`.
  */
 export const createPersistenceCachePlugin = async (tenantId, clientId) => {
+    const { PersistenceCachePlugin } = await importMsalNodeExtensions();
     return new PersistenceCachePlugin(await createPersistenceCache(tenantId, clientId));
 };
 //# sourceMappingURL=create-auth-cache.js.map

package/dist/esm/create-auth-cache.js.map

@@ -1 +1 @@
-{"version":3,"file":"create-auth-cache.js","sourceRoot":"","sources":["../../src/create-auth-cache.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,WAAW,EACX,kBAAkB,EAClB,sBAAsB,GAEvB,MAAM,6BAA6B,CAAC;AAErC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAEjC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B;;;;;;GAMG;AACH,MAAM,gBAAgB,GAAG,GAAG,EAAE;IAC5B,OAAO,WAAW,EAAE,oBAAoB,EAAE,IAAI,MAAM,EAAE,CAAC;AACzD,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,oBAAoB,GAAG,CAAC,QAAgB,EAAE,QAAgB,EAAE,EAAE;IAClE,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,gBAAgB,QAAQ,IAAI,QAAQ,EAAE,CAAC,CAAC;AAC/E,CAAC,CAAC;AAEF;;;;;;;;;GASG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAK,EACzC,QAAgB,EAChB,QAAgB,EACO,EAAE;IACzB,OAAO,kBAAkB,CAAC,iBAAiB,CAAC;QAC1C,SAAS,EAAE,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,CAAC;QACnD,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,mBAAmB,EAAE,mBAAmB,CAAC,WAAW;KACrD,CAAC,CAAC;AACL,CAAC,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,QAAgB,EAAE,QAAgB,EAAiB,EAAE;IAC/F,MAAM,KAAK,GAAG,MAAM,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/D,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;AACvB,CAAC,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,KAAK,EAC/C,QAAgB,EAChB,QAAgB,EACiB,EAAE;IACnC,OAAO,IAAI,sBAAsB,CAAC,MAAM,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;AACtF,CAAC,CAAC"}
+{"version":3,"file":"create-auth-cache.js","sourceRoot":"","sources":["../../src/create-auth-cache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,MAAM,wBAAwB,GAAG,KAAK,IAEpC,EAAE;IACF,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,CAAC,6BAA6B,CAAC,CAAC;IACrD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CACb,8CAA8C;YAC5C,mFAAmF;YACnF,oFAAoF;YACpF,8BAA8B,EAChC,EAAE,KAAK,EAAE,CACV,CAAC;IACJ,CAAC;AACH,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,gBAAgB,GAAG,KAAK,IAAqB,EAAE;IACnD,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,wBAAwB,EAAE,CAAC;IACzD,OAAO,WAAW,EAAE,oBAAoB,EAAE,IAAI,MAAM,EAAE,CAAC;AACzD,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,oBAAoB,GAAG,KAAK,EAAE,QAAgB,EAAE,QAAgB,EAAmB,EAAE;IACzF,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,gBAAgB,EAAE,EAAE,gBAAgB,QAAQ,IAAI,QAAQ,EAAE,CAAC,CAAC;AACrF,CAAC,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAK,EAAE,QAAgB,EAAE,QAAgB,EAAE,EAAE;IACjF,MAAM,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,GAAG,MAAM,wBAAwB,EAAE,CAAC;IACrF,OAAO,kBAAkB,CAAC,iBAAiB,CAAC;QAC1C,SAAS,EAAE,MAAM,oBAAoB,CAAC,QAAQ,EAAE,QAAQ,CAAC;QACzD,WAAW,EAAE,kBAAkB;QAC/B,WAAW,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3C,mBAAmB,EAAE,mBAAmB,CAAC,WAAW;KACrD,CAAC,CAAC;AACL,CAAC,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,EAAE,QAAgB,EAAE,QAAgB,EAAiB,EAAE;IAC/F,MAAM,KAAK,GAAG,MAAM,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAC/D,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC;AACvB,CAAC,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,KAAK,EAAE,QAAgB,EAAE,QAAgB,EAAE,EAAE;IACvF,MAAM,EAAE,sBAAsB,EAAE,GAAG,MAAM,wBAAwB,EAAE,CAAC;IACpE,OAAO,IAAI,sBAAsB,CAAC,MAAM,sBAAsB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;AACtF,CAAC,CAAC"}

package/dist/esm/version.js

@@ -1,3 +1,3 @@
 // Generated by genversion.
-export const version = '4.1.1';
+export const version = '4.1.2';
 //# sourceMappingURL=version.js.map