npm - @microsoft/agents-hosting - Versions diffs - 1.1.0-alpha.9.g154c2c8a32 → 1.1.1 - Mend

@microsoft/agents-hosting 1.1.0-alpha.9.g154c2c8a32 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (152) hide show

package/dist/package.json +10 -6
package/dist/src/activityWireCompat.d.ts +1 -1
package/dist/src/activityWireCompat.js +11 -3
package/dist/src/activityWireCompat.js.map +1 -1
package/dist/src/agent-client/agentClient.js +7 -3
package/dist/src/agent-client/agentClient.js.map +1 -1
package/dist/src/agent-client/agentResponseHandler.js +6 -2
package/dist/src/agent-client/agentResponseHandler.js.map +1 -1
package/dist/src/app/agentApplication.d.ts +26 -11
package/dist/src/app/agentApplication.js +90 -79
package/dist/src/app/agentApplication.js.map +1 -1
package/dist/src/app/agentApplicationBuilder.d.ts +2 -2
package/dist/src/app/agentApplicationBuilder.js.map +1 -1
package/dist/src/app/agentApplicationOptions.d.ts +9 -2
package/dist/src/app/appRoute.d.ts +7 -0
package/dist/src/app/{authorization.d.ts → auth/authorization.d.ts} +41 -139
package/dist/src/app/auth/authorization.js +188 -0
package/dist/src/app/auth/authorization.js.map +1 -0
package/dist/src/app/auth/authorizationManager.d.ts +71 -0
package/dist/src/app/auth/authorizationManager.js +170 -0
package/dist/src/app/auth/authorizationManager.js.map +1 -0
package/dist/src/app/auth/handlerStorage.d.ts +36 -0
package/dist/src/app/auth/handlerStorage.js +62 -0
package/dist/src/app/auth/handlerStorage.js.map +1 -0
package/dist/src/app/auth/handlers/agenticAuthorization.d.ts +93 -0
package/dist/src/app/auth/handlers/agenticAuthorization.js +134 -0
package/dist/src/app/auth/handlers/agenticAuthorization.js.map +1 -0
package/dist/src/app/auth/handlers/azureBotAuthorization.d.ts +226 -0
package/dist/src/app/auth/handlers/azureBotAuthorization.js +429 -0
package/dist/src/app/auth/handlers/azureBotAuthorization.js.map +1 -0
package/dist/src/app/auth/handlers/index.d.ts +2 -0
package/dist/src/app/auth/handlers/index.js +19 -0
package/dist/src/app/auth/handlers/index.js.map +1 -0
package/dist/src/app/auth/index.d.ts +2 -0
package/dist/src/app/auth/index.js +19 -0
package/dist/src/app/auth/index.js.map +1 -0
package/dist/src/app/auth/types.d.ts +104 -0
package/dist/src/app/auth/types.js +24 -0
package/dist/src/app/auth/types.js.map +1 -0
package/dist/src/app/index.d.ts +3 -3
package/dist/src/app/index.js +2 -3
package/dist/src/app/index.js.map +1 -1
package/dist/src/app/routeList.d.ts +1 -1
package/dist/src/app/routeList.js +22 -5
package/dist/src/app/routeList.js.map +1 -1
package/dist/src/app/streaming/streamingResponse.js +2 -1
package/dist/src/app/streaming/streamingResponse.js.map +1 -1
package/dist/src/auth/MemoryCache.d.ts +16 -0
package/dist/src/auth/MemoryCache.js +58 -0
package/dist/src/auth/MemoryCache.js.map +1 -0
package/dist/src/auth/authConfiguration.d.ts +44 -2
package/dist/src/auth/authConfiguration.js +209 -53
package/dist/src/auth/authConfiguration.js.map +1 -1
package/dist/src/auth/authConstants.d.ts +11 -0
package/dist/src/auth/authConstants.js +15 -0
package/dist/src/auth/authConstants.js.map +1 -0
package/dist/src/auth/authProvider.d.ts +26 -0
package/dist/src/auth/connections.d.ts +41 -0
package/dist/src/auth/connections.js +7 -0
package/dist/src/auth/connections.js.map +1 -0
package/dist/src/auth/index.d.ts +2 -0
package/dist/src/auth/index.js +2 -0
package/dist/src/auth/index.js.map +1 -1
package/dist/src/auth/jwt-middleware.js +31 -18
package/dist/src/auth/jwt-middleware.js.map +1 -1
package/dist/src/auth/msalConnectionManager.d.ts +64 -0
package/dist/src/auth/msalConnectionManager.js +148 -0
package/dist/src/auth/msalConnectionManager.js.map +1 -0
package/dist/src/auth/msalTokenProvider.d.ts +38 -0
package/dist/src/auth/msalTokenProvider.js +186 -16
package/dist/src/auth/msalTokenProvider.js.map +1 -1
package/dist/src/baseAdapter.d.ts +10 -25
package/dist/src/baseAdapter.js +2 -15
package/dist/src/baseAdapter.js.map +1 -1
package/dist/src/cards/cardFactory.d.ts +2 -1
package/dist/src/cards/cardFactory.js +3 -2
package/dist/src/cards/cardFactory.js.map +1 -1
package/dist/src/cloudAdapter.d.ts +40 -23
package/dist/src/cloudAdapter.js +143 -63
package/dist/src/cloudAdapter.js.map +1 -1
package/dist/src/connector-client/connectorClient.d.ts +15 -0
package/dist/src/connector-client/connectorClient.js +49 -15
package/dist/src/connector-client/connectorClient.js.map +1 -1
package/dist/src/index.d.ts +0 -1
package/dist/src/index.js +0 -1
package/dist/src/index.js.map +1 -1
package/dist/src/oauth/customUserTokenAPI.d.ts +1 -0
package/dist/src/oauth/customUserTokenAPI.js +11 -0
package/dist/src/oauth/customUserTokenAPI.js.map +1 -0
package/dist/src/oauth/index.d.ts +0 -1
package/dist/src/oauth/index.js +0 -1
package/dist/src/oauth/index.js.map +1 -1
package/dist/src/oauth/userTokenClient.d.ts +30 -13
package/dist/src/oauth/userTokenClient.js +62 -26
package/dist/src/oauth/userTokenClient.js.map +1 -1
package/dist/src/oauth/userTokenClient.types.d.ts +19 -6
package/dist/src/transcript/fileTranscriptLogger.d.ts +109 -0
package/dist/src/transcript/fileTranscriptLogger.js +398 -0
package/dist/src/transcript/fileTranscriptLogger.js.map +1 -0
package/dist/src/turnContext.d.ts +7 -1
package/dist/src/turnContext.js +11 -4
package/dist/src/turnContext.js.map +1 -1
package/package.json +10 -6
package/src/activityWireCompat.ts +12 -4
package/src/agent-client/agentClient.ts +9 -3
package/src/agent-client/agentResponseHandler.ts +5 -2
package/src/app/agentApplication.ts +95 -74
package/src/app/agentApplicationBuilder.ts +2 -2
package/src/app/agentApplicationOptions.ts +10 -2
package/src/app/appRoute.ts +8 -0
package/src/app/auth/authorization.ts +261 -0
package/src/app/auth/authorizationManager.ts +213 -0
package/src/app/auth/handlerStorage.ts +61 -0
package/src/app/auth/handlers/agenticAuthorization.ts +183 -0
package/src/app/auth/handlers/azureBotAuthorization.ts +606 -0
package/src/app/auth/handlers/index.ts +2 -0
package/src/app/auth/index.ts +2 -0
package/src/app/auth/types.ts +111 -0
package/src/app/index.ts +3 -3
package/src/app/routeList.ts +24 -5
package/src/app/streaming/streamingResponse.ts +2 -1
package/src/auth/MemoryCache.ts +59 -0
package/src/auth/authConfiguration.ts +245 -52
package/src/auth/authConstants.ts +11 -0
package/src/auth/authProvider.ts +34 -0
package/src/auth/connections.ts +47 -0
package/src/auth/index.ts +2 -0
package/src/auth/jwt-middleware.ts +38 -21
package/src/auth/msalConnectionManager.ts +175 -0
package/src/auth/msalTokenProvider.ts +228 -9
package/src/baseAdapter.ts +10 -29
package/src/cards/cardFactory.ts +3 -2
package/src/cloudAdapter.ts +207 -72
package/src/connector-client/connectorClient.ts +59 -15
package/src/index.ts +0 -1
package/src/oauth/customUserTokenAPI.ts +5 -0
package/src/oauth/index.ts +0 -1
package/src/oauth/userTokenClient.ts +76 -22
package/src/oauth/userTokenClient.types.ts +20 -8
package/src/transcript/fileTranscriptLogger.ts +409 -0
package/src/turnContext.ts +16 -5
package/dist/src/app/authorization.js +0 -387
package/dist/src/app/authorization.js.map +0 -1
package/dist/src/claimsIdentity.d.ts +0 -35
package/dist/src/claimsIdentity.js +0 -43
package/dist/src/claimsIdentity.js.map +0 -1
package/dist/src/oauth/oAuthFlow.d.ts +0 -119
package/dist/src/oauth/oAuthFlow.js +0 -316
package/dist/src/oauth/oAuthFlow.js.map +0 -1
package/src/app/authorization.ts +0 -432
package/src/claimsIdentity.ts +0 -47
package/src/oauth/oAuthFlow.ts +0 -378

package/dist/src/auth/authConstants.js ADDED Viewed

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApxGallatinScope = exports.ApxDoDScope = exports.ApxGCCHScope = exports.ApxGCCScope = exports.ApxProductionScope = exports.ApxDevScope = exports.ApxLocalScope = void 0;
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+exports.ApxLocalScope = 'c16e153d-5d2b-4c21-b7f4-b05ee5d516f1/.default';
+exports.ApxDevScope = '0d94caae-b412-4943-8a68-83135ad6d35f/.default';
+exports.ApxProductionScope = '5a807f24-c9de-44ee-a3a7-329e88a00ffc/.default';
+exports.ApxGCCScope = 'c9475445-9789-4fef-9ec5-cde4a9bcd446/.default';
+exports.ApxGCCHScope = '6f669b9e-7701-4e2b-b624-82c9207fde26/.default';
+exports.ApxDoDScope = '0a069c81-8c7c-4712-886b-9c542d673ffb/.default';
+exports.ApxGallatinScope = 'bd004c8e-5acf-4c48-8570-4e7d46b2f63b/.default';
+//# sourceMappingURL=authConstants.js.map

package/dist/src/auth/authConstants.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"authConstants.js","sourceRoot":"","sources":["../../../src/auth/authConstants.ts"],"names":[],"mappings":";;;AAAA;;;GAGG;AACU,QAAA,aAAa,GAAG,+CAA+C,CAAA;AAC/D,QAAA,WAAW,GAAG,+CAA+C,CAAA;AAC7D,QAAA,kBAAkB,GAAG,+CAA+C,CAAA;AACpE,QAAA,WAAW,GAAG,+CAA+C,CAAA;AAC7D,QAAA,YAAY,GAAG,+CAA+C,CAAA;AAC9D,QAAA,WAAW,GAAG,+CAA+C,CAAA;AAC7D,QAAA,gBAAgB,GAAG,+CAA+C,CAAA"}

package/dist/src/auth/authProvider.d.ts CHANGED Viewed

@@ -14,4 +14,30 @@ export interface AuthProvider {
      * @returns A promise that resolves to the access token.
      */
     getAccessToken: (authConfig: AuthConfiguration, scope: string) => Promise<string>;
+    /**
+     * Get an access token for the agentic application
+     * @param tenantId
+     * @param agentAppInstanceId
+     * @returns a promise that resolves to the access token.
+     */
+    getAgenticApplicationToken: (tenantId: string, agentAppInstanceId: string) => Promise<string>;
+    /**
+     * Get an access token for the agentic instance
+     * @param tenantId
+     * @param agentAppInstanceId
+     * @returns a promise that resolves to the access token.
+     */
+    getAgenticInstanceToken: (tenantId: string, agentAppInstanceId: string) => Promise<string>;
+    /**
+     * Get an access token for the agentic user
+     * @param tenantId
+     * @param agentAppInstanceId
+     * @param upn
+     * @param scopes
+     * @returns a promise that resolves to the access token.
+     */
+    getAgenticUserToken: (tenantId: string, agentAppInstanceId: string, upn: string, scopes: string[]) => Promise<string>;
+    acquireTokenOnBehalfOf(scopes: string[], oboAssertion: string): Promise<string>;
+    acquireTokenOnBehalfOf(authConfig: AuthConfiguration, scopes: string[], oboAssertion: string): Promise<string>;
+    acquireTokenOnBehalfOf(authConfigOrScopes: AuthConfiguration | string[], scopesOrOboAssertion?: string[] | string, oboAssertion?: string): Promise<string>;
 }

package/dist/src/auth/connections.d.ts ADDED Viewed

@@ -0,0 +1,41 @@
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+import { Activity } from '@microsoft/agents-activity';
+import { AuthConfiguration } from './authConfiguration';
+import { AuthProvider } from './authProvider';
+import { JwtPayload } from 'jsonwebtoken';
+export interface Connections {
+    /**
+   * Get the OAuth connection for the agent.
+   * @param name - The connection name. Must match a configured OAuth connection.
+   * @returns An AuthProvider instance.
+   * @throws {Error} If the connection name is not found.
+   */
+    getConnection: (name: string) => AuthProvider;
+    /**
+     * Get the default OAuth connection for the agent.
+     * @returns An AuthProvider instance.
+     */
+    getDefaultConnection: () => AuthProvider;
+    /**
+     * Get the OAuth token provider for the agent.
+     * @param identity - The identity. Usually TurnContext.identity.
+     * @param serviceUrl - The service url.
+     * @returns An AuthProvider instance.
+     */
+    getTokenProvider: (identity: JwtPayload, serviceUrl: string) => AuthProvider;
+    /**
+     * Get the OAuth token provider for the agent.
+     * @param identity - The identity.  Usually TurnContext.identity.
+     * @param activity - The activity.
+     * @returns An AuthProvider instance.
+     */
+    getTokenProviderFromActivity: (identity: JwtPayload, activity: Activity) => AuthProvider;
+    /**
+     * Get the default connection configuration for the agent.
+     * @returns An Auth Configuration.
+     */
+    getDefaultConnectionConfiguration: () => AuthConfiguration;
+}

package/dist/src/auth/connections.js ADDED Viewed

@@ -0,0 +1,7 @@
+"use strict";
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=connections.js.map

package/dist/src/auth/connections.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"connections.js","sourceRoot":"","sources":["../../../src/auth/connections.ts"],"names":[],"mappings":";AAAA;;;GAGG"}

package/dist/src/auth/index.d.ts CHANGED Viewed

@@ -1,5 +1,7 @@
 export * from './authConfiguration';
+export * from './authConstants';
 export * from './authProvider';
 export * from './msalTokenProvider';
 export * from './request';
 export * from './msalTokenCredential';
+export * from './msalConnectionManager';

package/dist/src/auth/index.js CHANGED Viewed

@@ -15,8 +15,10 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./authConfiguration"), exports);
+__exportStar(require("./authConstants"), exports);
 __exportStar(require("./authProvider"), exports);
 __exportStar(require("./msalTokenProvider"), exports);
 __exportStar(require("./request"), exports);
 __exportStar(require("./msalTokenCredential"), exports);
+__exportStar(require("./msalConnectionManager"), exports);
 //# sourceMappingURL=index.js.map

package/dist/src/auth/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,sDAAmC;AACnC,iDAA8B;AAC9B,sDAAmC;AACnC,4CAAyB;AACzB,wDAAqC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,sDAAmC;AACnC,kDAA+B;AAC/B,iDAA8B;AAC9B,sDAAmC;AACnC,4CAAyB;AACzB,wDAAqC;AACrC,0DAAuC"}

package/dist/src/auth/jwt-middleware.js CHANGED Viewed

@@ -19,16 +19,30 @@ const logger = (0, logger_1.debug)('agents:jwt-middleware');
  * @returns A promise that resolves to the JWT payload.
  */
 const verifyToken = async (raw, config) => {
+    const payload = jsonwebtoken_1.default.decode(raw);
+    logger.debug('jwt.decode ', JSON.stringify(payload));
+    if (!payload) {
+        throw new Error('invalid token');
+    }
+    const audience = payload.aud;
+    const matchingEntry = config.connections && config.connections.size > 0
+        ? [...config.connections.entries()].find(([_, configuration]) => configuration.clientId === audience)
+        : undefined;
+    if (!matchingEntry) {
+        const err = new Error('Audience mismatch');
+        logger.error(err.message, audience);
+        throw err;
+    }
+    const [key, authConfig] = matchingEntry;
+    logger.debug(`Audience found at key: ${key}`);
+    const jwksUri = payload.iss === 'https://api.botframework.com'
+        ? 'https://login.botframework.com/v1/.well-known/keys'
+        : `${authConfig.authority}/${authConfig.tenantId}/discovery/v2.0/keys`;
+    logger.debug(`fetching keys from ${jwksUri}`);
+    const jwksClient = (0, jwks_rsa_1.default)({ jwksUri });
     const getKey = (header, callback) => {
-        const payload = jsonwebtoken_1.default.decode(raw);
-        logger.debug('jwt.decode ', JSON.stringify(payload));
-        const jwksUri = payload.iss === 'https://api.botframework.com'
-            ? 'https://login.botframework.com/v1/.well-known/keys'
-            : `${config.authority}/${config.tenantId}/discovery/v2.0/keys`;
-        logger.debug(`fetching keys from ${jwksUri}`);
-        const jwksClient = (0, jwks_rsa_1.default)({ jwksUri });
         jwksClient.getSigningKey(header.kid, (err, key) => {
-            if (err != null) {
+            if (err) {
                 logger.error('jwksClient.getSigningKey ', JSON.stringify(err));
                 logger.error(JSON.stringify(err));
                 callback(err, undefined);
@@ -38,22 +52,21 @@ const verifyToken = async (raw, config) => {
             callback(null, signingKey);
         });
     };
+    const verifyOptions = {
+        issuer: authConfig.issuers,
+        audience: [authConfig.clientId, 'https://api.botframework.com'],
+        ignoreExpiration: false,
+        algorithms: ['RS256'],
+        clockTolerance: 300
+    };
     return await new Promise((resolve, reject) => {
-        const verifyOptions = {
-            issuer: config.issuers,
-            audience: [config.clientId, 'https://api.botframework.com'],
-            ignoreExpiration: false,
-            algorithms: ['RS256'],
-            clockTolerance: 300
-        };
         jsonwebtoken_1.default.verify(raw, getKey, verifyOptions, (err, user) => {
-            if (err != null) {
+            if (err) {
                 logger.error('jwt.verify ', JSON.stringify(err));
                 reject(err);
                 return;
             }
-            const tokenClaims = user;
-            resolve(tokenClaims);
+            resolve(user);
         });
     });
 };

package/dist/src/auth/jwt-middleware.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"jwt-middleware.js","sourceRoot":"","sources":["../../../src/auth/jwt-middleware.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;AAKH,wDAA0D;AAC1D,gEAA6F;AAC7F,8DAAyD;AAEzD,MAAM,MAAM,GAAG,IAAA,cAAK,EAAC,uBAAuB,CAAC,CAAA;AAE7C;;;;;GAKG;AACH,MAAM,WAAW,GAAG,KAAK,EAAE,GAAW,EAAE,MAAyB,EAAuB,EAAE;IACxF,MAAM,MAAM,~~GAAyB~~,CAAC,~~MAAiB~~,EAAE,~~QAAsB~~,EAAE,~~EAAE~~;~~QACjF~~,MAAM,OAAO,GAAG,~~sBAAG~~,CAAC,MAAM,CAAC,GAAG,~~CAAe,CAAA~~;~~QAC7C~~,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,~~SAAS~~,CAAC,OAAO,CAAC,CAAC,CAAA;~~QACpD~~,MAAM,OAAO,~~GAAW~~,OAAO,CAAC,GAAG,KAAK,8BAA8B;~~YACpE~~,CAAC,CAAC,oDAAoD;~~YACtD~~,CAAC,CAAC,GAAG,~~MAAM~~,CAAC,SAAS,IAAI,~~MAAM~~,CAAC,QAAQ,sBAAsB,CAAA;~~QAEhE~~,MAAM,CAAC,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAA;~~QAC7C~~,MAAM,UAAU,GAAe,IAAA,kBAAO,EAAC,EAAE,OAAO,EAAE,CAAC,CAAA;~~QAEnD~~,UAAU,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAiB,EAAE,GAA2B,EAAQ,EAAE;YAC5F,IAAI,GAAG,~~IAAI,IAAI,~~EAAE,CAAC;~~gBAChB~~,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;gBAC9D,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;gBACjC,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBACxB,OAAM;YACR,CAAC;YACD,MAAM,UAAU,GAAG,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,YAAY,EAAE,CAAA;YACtC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;QAC5B,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;IAED,~~OAAO,~~MAAM,~~IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC3C,MAAM,~~aAAa,GAAsB;~~YACvC~~,MAAM,EAAE,~~MAAM~~,CAAC,OAAgC;~~YAC/C~~,QAAQ,EAAE,CAAC,~~MAAM~~,CAAC,QAAS,EAAE,8BAA8B,CAAC;~~YAC5D~~,gBAAgB,EAAE,KAAK;~~YACvB~~,UAAU,EAAE,CAAC,OAAO,CAAC;~~YACrB~~,cAAc,EAAE,GAAG;~~SACpB~~,CAAA;~~QAED~~,sBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;YACnD,IAAI,GAAG,~~IAAI,IAAI,~~EAAE,CAAC;~~gBAChB~~,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;gBAChD,MAAM,CAAC,GAAG,CAAC,CAAA;gBACX,OAAM;YACR,CAAC;YACD,~~MAAM,WAAW,GAAG,IAAkB,CAAA;YAEtC,~~OAAO,CAAC,~~WAAW~~,CAAC,CAAA;~~QACtB~~,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA;AAED;;;;GAIG;AACI,MAAM,YAAY,GAAG,CAAC,UAA6B,EAAE,EAAE;IAC5D,OAAO,KAAK,WAAW,GAAY,EAAE,GAAa,EAAE,IAAkB;QACpE,IAAI,MAAM,GAAG,KAAK,CAAA;QAClB,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAC/B,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAClD,MAAM,GAAG,IAAI,CAAA;YACb,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;YAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,CAAC,CAAA;QAClE,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAuB,CAAA;YACtD,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,KAAK,GAAW,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA,CAAC,2CAA2C;gBAC1F,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;oBACjD,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAA;oBACzC,GAAG,CAAC,IAAI,GAAG,IAAI,CAAA;gBACjB,CAAC;gBAAC,OAAO,GAAgB,EAAE,CAAC;oBAC1B,MAAM,GAAG,IAAI,CAAA;oBACb,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,gBAAgB,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;gBACzD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;oBAClE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAA;oBACnC,GAAG,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,CAAA;gBAClC,CAAC;qBAAM,CAAC;oBACN,MAAM,GAAG,IAAI,CAAA;oBACb,MAAM,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAA;oBAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,gBAAgB,EAAE,gCAAgC,EAAE,CAAC,CAAA;gBAC9E,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,EAAE,CAAA;QACR,CAAC;IACH,CAAC,CAAA;AACH,CAAC,CAAA;AApCY,QAAA,YAAY,gBAoCxB"}
1	+ {"version":3,"file":"jwt-middleware.js","sourceRoot":"","sources":["../../../src/auth/jwt-middleware.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;AAKH,wDAA0D;AAC1D,gEAA6F;AAC7F,8DAAyD;AAEzD,MAAM,MAAM,GAAG,IAAA,cAAK,EAAC,uBAAuB,CAAC,CAAA;AAE7C;;;;;GAKG;AACH,MAAM,WAAW,GAAG,KAAK,EAAE,GAAW,EAAE,MAAyB,EAAuB,EAAE;IACxF,MAAM,OAAO,GAAG,sBAAG,CAAC,MAAM,CAAC,GAAG,CAAe,CAAA;IAC7C,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAA;IAEpD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAA;IAClC,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAA;IAE5B,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC;QACrE,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,aAAa,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACrG,CAAC,CAAC,SAAS,CAAA;IAEb,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAA;QAC1C,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAA;QACnC,MAAM,GAAG,CAAA;IACX,CAAC;IAED,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,GAAG,aAAa,CAAA;IACvC,MAAM,CAAC,KAAK,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;IAE7C,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,KAAK,8BAA8B;QAC5D,CAAC,CAAC,oDAAoD;QACtD,CAAC,CAAC,GAAG,UAAU,CAAC,SAAS,IAAI,UAAU,CAAC,QAAQ,sBAAsB,CAAA;IAExE,MAAM,CAAC,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAA;IAC7C,MAAM,UAAU,GAAe,IAAA,kBAAO,EAAC,EAAE,OAAO,EAAE,CAAC,CAAA;IAEnD,MAAM,MAAM,GAAyB,CAAC,MAAiB,EAAE,QAAsB,EAAE,EAAE;QACjF,UAAU,CAAC,aAAa,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC,GAAiB,EAAE,GAA2B,EAAQ,EAAE;YAC5F,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,CAAC,KAAK,CAAC,2BAA2B,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;gBAC9D,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;gBACjC,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC,CAAA;gBACxB,OAAM;YACR,CAAC;YACD,MAAM,UAAU,GAAG,GAAG,aAAH,GAAG,uBAAH,GAAG,CAAE,YAAY,EAAE,CAAA;YACtC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;QAC5B,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;IAED,MAAM,aAAa,GAAsB;QACvC,MAAM,EAAE,UAAU,CAAC,OAAgC;QACnD,QAAQ,EAAE,CAAC,UAAU,CAAC,QAAS,EAAE,8BAA8B,CAAC;QAChE,gBAAgB,EAAE,KAAK;QACvB,UAAU,EAAE,CAAC,OAAO,CAAC;QACrB,cAAc,EAAE,GAAG;KACpB,CAAA;IAED,OAAO,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC3C,sBAAG,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;YACnD,IAAI,GAAG,EAAE,CAAC;gBACR,MAAM,CAAC,KAAK,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAA;gBAChD,MAAM,CAAC,GAAG,CAAC,CAAA;gBACX,OAAM;YACR,CAAC;YACD,OAAO,CAAC,IAAkB,CAAC,CAAA;QAC7B,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;AACJ,CAAC,CAAA;AAED;;;;GAIG;AACI,MAAM,YAAY,GAAG,CAAC,UAA6B,EAAE,EAAE;IAC5D,OAAO,KAAK,WAAW,GAAY,EAAE,GAAa,EAAE,IAAkB;QACpE,IAAI,MAAM,GAAG,KAAK,CAAA;QAClB,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAA;QAC/B,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAClD,MAAM,GAAG,IAAI,CAAA;YACb,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAA;YAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,CAAC,CAAA;QAClE,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAuB,CAAA;YACtD,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,KAAK,GAAW,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA,CAAC,2CAA2C;gBAC1F,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;oBACjD,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAA;oBACzC,GAAG,CAAC,IAAI,GAAG,IAAI,CAAA;gBACjB,CAAC;gBAAC,OAAO,GAAgB,EAAE,CAAC;oBAC1B,MAAM,GAAG,IAAI,CAAA;oBACb,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;oBACjB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,gBAAgB,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;gBACzD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,UAAU,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;oBAClE,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAA;oBACnC,GAAG,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,WAAW,EAAE,CAAA;gBAClC,CAAC;qBAAM,CAAC;oBACN,MAAM,GAAG,IAAI,CAAA;oBACb,MAAM,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAA;oBAC9C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,gBAAgB,EAAE,gCAAgC,EAAE,CAAC,CAAA;gBAC9E,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,EAAE,CAAA;QACR,CAAC;IACH,CAAC,CAAA;AACH,CAAC,CAAA;AApCY,QAAA,YAAY,gBAoCxB"}

package/dist/src/auth/msalConnectionManager.d.ts ADDED Viewed

@@ -0,0 +1,64 @@
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+import { Activity } from '@microsoft/agents-activity';
+import { AuthConfiguration } from './authConfiguration';
+import { Connections } from './connections';
+import { MsalTokenProvider } from './msalTokenProvider';
+import { JwtPayload } from 'jsonwebtoken';
+export interface ConnectionMapItem {
+    audience?: string;
+    serviceUrl: string;
+    connection: string;
+}
+export declare class MsalConnectionManager implements Connections {
+    private _connections;
+    private _connectionsMap;
+    private _serviceConnectionConfiguration;
+    private static readonly DEFAULT_CONNECTION;
+    constructor(connectionsConfigurations?: Map<string, AuthConfiguration>, connectionsMap?: ConnectionMapItem[], configuration?: AuthConfiguration);
+    /**
+     * Get the OAuth connection for the agent.
+     * @param connectionName The name of the connection.
+     * @returns The OAuth connection for the agent.
+     */
+    getConnection(connectionName: string): MsalTokenProvider;
+    /**
+     * Get the default OAuth connection for the agent.
+     * @returns The default OAuth connection for the agent.
+     */
+    getDefaultConnection(): MsalTokenProvider;
+    /**
+     * Finds a connection based on a map.
+     *
+     * @param identity - The identity.  Usually TurnContext.identity.
+     * @param serviceUrl The service URL.
+     * @returns The TokenProvider for the connection.
+     *
+     * @remarks
+     * Example environment variables:
+     * connectionsMap__0__connection=seviceConnection
+     * connectionsMap__0__serviceUrl=http://*..botframework.com/*
+     * connectionsMap__0__audience=optional
+     * connectionsMap__1__connection=agentic
+     * connectionsMap__1__serviceUrl=agentic
+     *
+     * ServiceUrl is:  A regex to match with, or "*" for any serviceUrl value.
+     * Connection is: A name in the 'Connections' list.
+     */
+    getTokenProvider(identity: JwtPayload, serviceUrl: string): MsalTokenProvider;
+    /**
+     * Finds a connection based on an activity's blueprint.
+     * @param identity - The identity.  Usually TurnContext.identity.
+     * @param activity The activity.
+     * @returns The TokenProvider for the connection.
+     */
+    getTokenProviderFromActivity(identity: JwtPayload, activity: Activity): MsalTokenProvider;
+    /**
+     * Get the default connection configuration for the agent.
+     * @returns The default connection configuration for the agent.
+     */
+    getDefaultConnectionConfiguration(): AuthConfiguration;
+    private applyConnectionDefaults;
+}

package/dist/src/auth/msalConnectionManager.js ADDED Viewed

@@ -0,0 +1,148 @@
+"use strict";
+/**
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MsalConnectionManager = void 0;
+const agents_activity_1 = require("@microsoft/agents-activity");
+const msalTokenProvider_1 = require("./msalTokenProvider");
+class MsalConnectionManager {
+    constructor(connectionsConfigurations = new Map(), connectionsMap = [], configuration = {}) {
+        this._connections = new Map();
+        this._connectionsMap = connectionsMap.length > 0 ? connectionsMap : (configuration.connectionsMap || []);
+        this._serviceConnectionConfiguration = {};
+        const providedConnections = connectionsConfigurations.size > 0 ? connectionsConfigurations : (configuration.connections || new Map());
+        for (const [name, config] of providedConnections) {
+            // Instantiate MsalTokenProvider for each connection
+            this._connections.set(name, new msalTokenProvider_1.MsalTokenProvider(config));
+            if (name === MsalConnectionManager.DEFAULT_CONNECTION) {
+                this._serviceConnectionConfiguration = config;
+            }
+        }
+    }
+    /**
+     * Get the OAuth connection for the agent.
+     * @param connectionName The name of the connection.
+     * @returns The OAuth connection for the agent.
+     */
+    getConnection(connectionName) {
+        const conn = this._connections.get(connectionName);
+        if (!conn) {
+            throw new Error(`Connection not found: ${connectionName}`);
+        }
+        return this.applyConnectionDefaults(conn);
+    }
+    /**
+     * Get the default OAuth connection for the agent.
+     * @returns The default OAuth connection for the agent.
+     */
+    getDefaultConnection() {
+        if (this._connections.size === 0) {
+            throw new Error('No connections found for this Agent in the Connections Configuration.');
+        }
+        // Return the wildcard map item instance.
+        for (const item of this._connectionsMap) {
+            if (item.serviceUrl === '*' && !item.audience) {
+                return this.getConnection(item.connection);
+            }
+        }
+        const conn = this._connections.values().next().value;
+        return this.applyConnectionDefaults(conn);
+    }
+    /**
+     * Finds a connection based on a map.
+     *
+     * @param identity - The identity.  Usually TurnContext.identity.
+     * @param serviceUrl The service URL.
+     * @returns The TokenProvider for the connection.
+     *
+     * @remarks
+     * Example environment variables:
+     * connectionsMap__0__connection=seviceConnection
+     * connectionsMap__0__serviceUrl=http://*..botframework.com/*
+     * connectionsMap__0__audience=optional
+     * connectionsMap__1__connection=agentic
+     * connectionsMap__1__serviceUrl=agentic
+     *
+     * ServiceUrl is:  A regex to match with, or "*" for any serviceUrl value.
+     * Connection is: A name in the 'Connections' list.
+     */
+    getTokenProvider(identity, serviceUrl) {
+        if (!identity) {
+            throw new Error('Identity is required to get the token provider.');
+        }
+        let audience;
+        if (Array.isArray(identity === null || identity === void 0 ? void 0 : identity.aud)) {
+            audience = identity.aud[0];
+        }
+        else {
+            audience = identity.aud;
+        }
+        if (!audience || !serviceUrl)
+            throw new Error('Audience and Service URL are required to get the token provider.');
+        if (this._connectionsMap.length === 0) {
+            return this.getDefaultConnection();
+        }
+        for (const item of this._connectionsMap) {
+            let audienceMatch = true;
+            // if we have an audience to match against, match it.
+            if (item.audience && audience) {
+                audienceMatch = item.audience === audience;
+            }
+            if (audienceMatch) {
+                if (item.serviceUrl === '*' || !item.serviceUrl) {
+                    return this.getConnection(item.connection);
+                }
+                const regex = new RegExp(item.serviceUrl, 'i');
+                if (regex.test(serviceUrl)) {
+                    return this.getConnection(item.connection);
+                }
+            }
+        }
+        throw new Error(`No connection found for audience: ${audience} and serviceUrl: ${serviceUrl}`);
+    }
+    /**
+     * Finds a connection based on an activity's blueprint.
+     * @param identity - The identity.  Usually TurnContext.identity.
+     * @param activity The activity.
+     * @returns The TokenProvider for the connection.
+     */
+    getTokenProviderFromActivity(identity, activity) {
+        var _a, _b, _c, _d;
+        let connection = this.getTokenProvider(identity, activity.serviceUrl || '');
+        // This is for the case where the Agentic BlueprintId is not the same as the AppId
+        if (connection &&
+            (((_a = activity.recipient) === null || _a === void 0 ? void 0 : _a.role) === agents_activity_1.RoleTypes.AgenticIdentity ||
+                ((_b = activity.recipient) === null || _b === void 0 ? void 0 : _b.role) === agents_activity_1.RoleTypes.AgenticUser)) {
+            if (((_c = connection.connectionSettings) === null || _c === void 0 ? void 0 : _c.altBlueprintConnectionName) &&
+                connection.connectionSettings.altBlueprintConnectionName.trim() !== '') {
+                connection = this.getConnection((_d = connection.connectionSettings) === null || _d === void 0 ? void 0 : _d.altBlueprintConnectionName);
+            }
+        }
+        return connection;
+    }
+    /**
+     * Get the default connection configuration for the agent.
+     * @returns The default connection configuration for the agent.
+     */
+    getDefaultConnectionConfiguration() {
+        return this._serviceConnectionConfiguration;
+    }
+    applyConnectionDefaults(conn) {
+        var _a, _b;
+        var _c, _d;
+        if (conn.connectionSettings) {
+            (_a = (_c = conn.connectionSettings).authority) !== null && _a !== void 0 ? _a : (_c.authority = 'https://login.microsoftonline.com');
+            (_b = (_d = conn.connectionSettings).issuers) !== null && _b !== void 0 ? _b : (_d.issuers = [
+                'https://api.botframework.com',
+                `https://sts.windows.net/${conn.connectionSettings.tenantId}/`,
+                `${conn.connectionSettings.authority}/${conn.connectionSettings.tenantId}/v2.0`
+            ]);
+        }
+        return conn;
+    }
+}
+exports.MsalConnectionManager = MsalConnectionManager;
+MsalConnectionManager.DEFAULT_CONNECTION = 'serviceConnection';
+//# sourceMappingURL=msalConnectionManager.js.map

package/dist/src/auth/msalConnectionManager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"msalConnectionManager.js","sourceRoot":"","sources":["../../../src/auth/msalConnectionManager.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,gEAAgE;AAGhE,2DAAuD;AASvD,MAAa,qBAAqB;IAMhC,YACE,4BAA4D,IAAI,GAAG,EAAE,EACrE,iBAAsC,EAAE,EACxC,gBAAmC,EAAE;QACrC,IAAI,CAAC,YAAY,GAAG,IAAI,GAAG,EAAE,CAAA;QAC7B,IAAI,CAAC,eAAe,GAAG,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,cAAc,IAAI,EAAE,CAAC,CAAA;QACxG,IAAI,CAAC,+BAA+B,GAAG,EAAE,CAAA;QAEzC,MAAM,mBAAmB,GAAG,yBAAyB,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,WAAW,IAAI,IAAI,GAAG,EAAE,CAAC,CAAA;QAErI,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,mBAAmB,EAAE,CAAC;YACjD,oDAAoD;YACpD,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,qCAAiB,CAAC,MAAM,CAAC,CAAC,CAAA;YAC1D,IAAI,IAAI,KAAK,qBAAqB,CAAC,kBAAkB,EAAE,CAAC;gBACtD,IAAI,CAAC,+BAA+B,GAAG,MAAM,CAAA;YAC/C,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;OAIG;IACH,aAAa,CAAE,cAAsB;QACnC,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;QAClD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,yBAAyB,cAAc,EAAE,CAAC,CAAA;QAC5D,CAAC;QACD,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;IAC3C,CAAC;IAED;;;OAGG;IACH,oBAAoB;QAClB,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,uEAAuE,CAAC,CAAA;QAC1F,CAAC;QAED,yCAAyC;QACzC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACxC,IAAI,IAAI,CAAC,UAAU,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC9C,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAC5C,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,KAA0B,CAAA;QAEzE,OAAO,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,CAAA;IAC3C,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACH,gBAAgB,CAAE,QAAoB,EAAE,UAAkB;QACxD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAA;QACpE,CAAC;QAED,IAAI,QAAQ,CAAA;QACZ,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,GAAG,CAAC,EAAE,CAAC;YACjC,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAC5B,CAAC;aAAM,CAAC;YACN,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAA;QACzB,CAAC;QAED,IAAI,CAAC,QAAQ,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,KAAK,CAAC,kEAAkE,CAAC,CAAA;QAEjH,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAA;QACpC,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACxC,IAAI,aAAa,GAAG,IAAI,CAAA;YAExB,qDAAqD;YACrD,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,EAAE,CAAC;gBAC9B,aAAa,GAAG,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAA;YAC5C,CAAC;YAED,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,IAAI,CAAC,UAAU,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChD,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;gBAC5C,CAAC;gBAED,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,CAAA;gBAC9C,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC3B,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,qCAAqC,QAAQ,oBAAoB,UAAU,EAAE,CAAC,CAAA;IAChG,CAAC;IAED;;;;;OAKG;IACH,4BAA4B,CAAE,QAAoB,EAAE,QAAkB;;QACpE,IAAI,UAAU,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QAE3E,kFAAkF;QAClF,IAAI,UAAU;YACZ,CAAC,CAAA,MAAA,QAAQ,CAAC,SAAS,0CAAE,IAAI,MAAK,2BAAS,CAAC,eAAe;gBACrD,CAAA,MAAA,QAAQ,CAAC,SAAS,0CAAE,IAAI,MAAK,2BAAS,CAAC,WAAW,CAAC,EAAE,CAAC;YACxD,IAAI,CAAA,MAAA,UAAU,CAAC,kBAAkB,0CAAE,0BAA0B;gBACzD,UAAU,CAAC,kBAAkB,CAAC,0BAA0B,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;gBAC3E,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,MAAA,UAAU,CAAC,kBAAkB,0CAAE,0BAAoC,CAAC,CAAA;YACtG,CAAC;QACH,CAAC;QACD,OAAO,UAAU,CAAA;IACnB,CAAC;IAED;;;OAGG;IACH,iCAAiC;QAC/B,OAAO,IAAI,CAAC,+BAA+B,CAAA;IAC7C,CAAC;IAEO,uBAAuB,CAAE,IAAuB;;;QACtD,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,YAAA,IAAI,CAAC,kBAAkB,EAAC,SAAS,uCAAT,SAAS,GAAK,mCAAmC,EAAA;YACzE,YAAA,IAAI,CAAC,kBAAkB,EAAC,OAAO,uCAAP,OAAO,GAAK;gBAClC,8BAA8B;gBAC9B,2BAA2B,IAAI,CAAC,kBAAkB,CAAC,QAAQ,GAAG;gBAC9D,GAAG,IAAI,CAAC,kBAAkB,CAAC,SAAS,IAAI,IAAI,CAAC,kBAAkB,CAAC,QAAQ,OAAO;aAChF,EAAA;QACH,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;;AA5JH,sDA6JC;AAzJyB,wCAAkB,GAAG,mBAAmB,CAAA"}

package/dist/src/auth/msalTokenProvider.d.ts CHANGED Viewed

@@ -8,6 +8,15 @@ import { AuthProvider } from './authProvider';
  * Provides tokens using MSAL.
  */
 export declare class MsalTokenProvider implements AuthProvider {
+    private readonly _agenticTokenCache;
+    readonly connectionSettings?: AuthConfiguration;
+    constructor(connectionSettings?: AuthConfiguration);
+    /**
+     * Gets an access token using the auth configuration from the MsalTokenProvider instance and the provided scope.
+     * @param scope The scope for the token.
+     * @returns A promise that resolves to the access token.
+     */
+    getAccessToken(scope: string): Promise<string>;
     /**
      * Gets an access token.
      * @param authConfig The authentication configuration.
@@ -15,7 +24,29 @@ export declare class MsalTokenProvider implements AuthProvider {
      * @returns A promise that resolves to the access token.
      */
     getAccessToken(authConfig: AuthConfiguration, scope: string): Promise<string>;
+    acquireTokenOnBehalfOf(scopes: string[], oboAssertion: string): Promise<string>;
     acquireTokenOnBehalfOf(authConfig: AuthConfiguration, scopes: string[], oboAssertion: string): Promise<string>;
+    getAgenticInstanceToken(tenantId: string, agentAppInstanceId: string): Promise<string>;
+    /**
+     * This method can optionally accept a tenant ID that overrides the tenant ID in the connection settings, if the connection settings authority contains "common".
+     * @param tenantId
+     * @returns
+     */
+    private resolveAuthority;
+    /**
+     * Does a direct HTTP call to acquire a token for agentic scenarios - do not use this directly!
+     * This method will be removed once MSAL is updated with the necessary features.
+     * (This is required in order to pass additional parameters into the auth call)
+     * @param tenantId
+     * @param clientId
+     * @param clientAssertion
+     * @param scopes
+     * @param tokenBodyParameters
+     * @returns
+     */
+    private acquireTokenByForAgenticScenarios;
+    getAgenticUserToken(tenantId: string, agentAppInstanceId: string, agenticUserId: string, scopes: string[]): Promise<string>;
+    getAgenticApplicationToken(tenantId: string, agentAppInstanceId: string): Promise<string>;
     private readonly sysOptions;
     /**
      * Acquires a token using a user-assigned identity.
@@ -45,6 +76,13 @@ export declare class MsalTokenProvider implements AuthProvider {
      * @returns A promise that resolves to the access token.
      */
     private acquireAccessTokenViaFIC;
+    /**
+     * Acquires a token using a Workload Identity client assertion.
+     * @param authConfig The authentication configuration.
+     * @param scope The scope for the token.
+     * @returns A promise that resolves to the access token.
+     */
+    private acquireAccessTokenViaWID;
     /**
      * Fetches an external token.
      * @param FICClientId The FIC client ID.