npm - @microsoft/teamsfx - Versions diffs - 0.4.1-alpha.fa070464.0 → 0.4.2-alpha.4f9464b2.0 - Mend

@microsoft/teamsfx 0.4.1-alpha.fa070464.0 → 0.4.2-alpha.4f9464b2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md +2 -0
package/dist/index.esm2017.js +19 -158
package/dist/index.esm2017.js.map +1 -1
package/dist/index.esm2017.mjs +10 -2
package/dist/index.esm2017.mjs.map +1 -1
package/dist/index.esm5.js +19 -179
package/dist/index.esm5.js.map +1 -1
package/dist/index.node.cjs.js +10 -2
package/dist/index.node.cjs.js.map +1 -1
package/package.json +5 -6

package/README.md CHANGED Viewed

@@ -14,6 +14,8 @@ Use the library to:
 ## Getting started
+> Important: Please be advised that access tokens are stored in sessionStorage for you by default. This can make it possible for malicious code in your app (or code pasted into a console on your page) to access APIs at the same privilege level as your client application. Please ensure you only request the minimum necessary scopes from your client application, and perform any sensitive operations from server side code that your client has to authenticate with.
 TeamsFx SDK is pre-configured in scaffolded project using Teams Toolkit extension for Visual Studio and vscode, or the `teamsfx` cli from the `teamsfx-cli` npm package.
 Please check the [README](https://github.com/OfficeDev/TeamsFx/blob/main/packages/vscode-extension/README.md) to see how to create a Teams App project.

package/dist/index.esm2017.js CHANGED Viewed

@@ -2,7 +2,6 @@ import jwt_decode from 'jwt-decode';
 import * as microsoftTeams from '@microsoft/teams-js';
 import axios from 'axios';
 import { Client } from '@microsoft/microsoft-graph-client';
-import { ManagedIdentityCredential } from '@azure/identity';
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
@@ -168,7 +167,7 @@ function getLogLevel() {
     return internalLogger.level;
 }
 class InternalLogger {
-    constructor() {
+    constructor(name, logLevel) {
         this.level = undefined;
         this.defaultLogger = {
             verbose: console.debug,
@@ -176,6 +175,8 @@ class InternalLogger {
             warn: console.warn,
             error: console.error,
         };
+        this.name = name;
+        this.level = logLevel;
     }
     error(message) {
         this.log(LogLevel.Error, (x) => x.error, message);
@@ -194,7 +195,13 @@ class InternalLogger {
             return;
         }
         const timestamp = new Date().toUTCString();
-        const logHeader = `[${timestamp}] : @microsoft/teamsfx : ${LogLevel[logLevel]} - `;
+        let logHeader;
+        if (this.name) {
+            logHeader = `[${timestamp}] : @microsoft/teamsfx - ${this.name} : ${LogLevel[logLevel]} - `;
+        }
+        else {
+            logHeader = `[${timestamp}] : @microsoft/teamsfx : ${LogLevel[logLevel]} - `;
+        }
         const logMessage = `${logHeader}${message}`;
         if (this.level !== undefined && this.level <= logLevel) {
             if (this.customLogger) {
@@ -675,6 +682,8 @@ class TeamsUserCredential {
     /**
      * Get access token from credential.
      *
+     * Important: Access tokens are stored in sessionStorage, read more here: https://aka.ms/teamsfx-session-storage-notice
+     *
      * @example
      * ```typescript
      * await credential.getToken([]) // Get SSO token using empty string array
@@ -769,6 +778,7 @@ class TeamsUserCredential {
                 });
                 const tokenResult = response.data;
                 const key = await this.getAccessTokenCacheKey(scopesStr);
+                // Important: tokens are stored in sessionStorage, read more here: https://aka.ms/teamsfx-session-storage-notice
                 this.setTokenCache(key, {
                     token: tokenResult.access_token,
                     expiresOnTimestamp: tokenResult.expires_on,
@@ -1130,174 +1140,25 @@ function createMicrosoftGraphClient(credential, scopes) {
 // Copyright (c) Microsoft Corporation.
 /**
- * SQL connection configuration instance.
+ * Generate connection configuration consumed by tedious.
  * @remarks
  * Only works in in server side.
- *
  * @beta
- *
  */
 class DefaultTediousConnectionConfiguration {
     constructor() {
-        /**
-         * MSSQL default scope
-         * https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-connect-msi
-         */
-        this.defaultSQLScope = "https://database.windows.net/";
+        throw new ErrorWithCode(formatString(ErrorMessage.BrowserRuntimeNotSupported, "DefaultTediousConnectionConfiguration"), ErrorCode.RuntimeNotSupported);
     }
     /**
      * Generate connection configuration consumed by tedious.
-     *
-     * @returns Connection configuration of tedious for the SQL.
-     *
-     * @throws {@link ErrorCode|InvalidConfiguration} when SQL config resource configuration is invalid.
-     * @throws {@link ErrorCode|InternalError} when get user MSI token failed or MSI token is invalid.
-     * @throws {@link ErrorCode|RuntimeNotSupported} when runtime is browser.
-     *
+     * @remarks
+     * Only works in in server side.
      * @beta
      */
     async getConfig() {
-        internalLogger.info("Get SQL configuration");
-        const configuration = getResourceConfiguration(ResourceType.SQL);
-        if (!configuration) {
-            const errMsg = "SQL resource configuration not exist";
-            internalLogger.error(errMsg);
-            throw new ErrorWithCode(errMsg, ErrorCode.InvalidConfiguration);
-        }
-        try {
-            this.isSQLConfigurationValid(configuration);
-        }
-        catch (err) {
-            throw err;
-        }
-        if (!this.isMsiAuthentication()) {
-            const configWithUPS = this.generateDefaultConfig(configuration);
-            internalLogger.verbose("SQL configuration with username and password generated");
-            return configWithUPS;
-        }
-        try {
-            const configWithToken = await this.generateTokenConfig(configuration);
-            internalLogger.verbose("SQL configuration with MSI token generated");
-            return configWithToken;
-        }
-        catch (error) {
-            throw error;
-        }
-    }
-    /**
-     * Check SQL use MSI identity or username and password.
-     *
-     * @returns false - login with SQL MSI identity, true - login with username and password.
-     * @internal
-     */
-    isMsiAuthentication() {
-        internalLogger.verbose("Check connection config using MSI access token or username and password");
-        const configuration = getResourceConfiguration(ResourceType.SQL);
-        if ((configuration === null || configuration === void 0 ? void 0 : configuration.sqlUsername) != null && (configuration === null || configuration === void 0 ? void 0 : configuration.sqlPassword) != null) {
-            internalLogger.verbose("Login with username and password");
-            return false;
-        }
-        internalLogger.verbose("Login with MSI identity");
-        return true;
-    }
-    /**
-     * check configuration is an available configurations.
-     * @param { SqlConfiguration } sqlConfig
-     *
-     * @returns true - SQL configuration has a valid SQL endpoints, SQL username with password or identity ID.
-     *          false - configuration is not valid.
-     * @internal
-     */
-    isSQLConfigurationValid(sqlConfig) {
-        internalLogger.verbose("Check SQL configuration if valid");
-        if (!sqlConfig.sqlServerEndpoint) {
-            internalLogger.error("SQL configuration is not valid without SQL server endpoint exist");
-            throw new ErrorWithCode("SQL configuration error without SQL server endpoint exist", ErrorCode.InvalidConfiguration);
-        }
-        if (!(sqlConfig.sqlUsername && sqlConfig.sqlPassword) && !sqlConfig.sqlIdentityId) {
-            const errMsg = `SQL configuration is not valid without ${sqlConfig.sqlIdentityId ? "" : "identity id "} ${sqlConfig.sqlUsername ? "" : "SQL username "} ${sqlConfig.sqlPassword ? "" : "SQL password"} exist`;
-            internalLogger.error(errMsg);
-            throw new ErrorWithCode(errMsg, ErrorCode.InvalidConfiguration);
-        }
-        internalLogger.verbose("SQL configuration is valid");
+        throw new ErrorWithCode(formatString(ErrorMessage.BrowserRuntimeNotSupported, "DefaultTediousConnectionConfiguration"), ErrorCode.RuntimeNotSupported);
     }
-    /**
-     * Generate tedious connection configuration with default authentication type.
-     *
-     * @param { SqlConfiguration } SQL configuration with username and password.
-     *
-     * @returns Tedious connection configuration with username and password.
-     * @internal
-     */
-    generateDefaultConfig(sqlConfig) {
-        internalLogger.verbose(`SQL server ${sqlConfig.sqlServerEndpoint}, user name ${sqlConfig.sqlUsername}, database name ${sqlConfig.sqlDatabaseName}`);
-        const config = {
-            server: sqlConfig.sqlServerEndpoint,
-            authentication: {
-                type: TediousAuthenticationType.default,
-                options: {
-                    userName: sqlConfig.sqlUsername,
-                    password: sqlConfig.sqlPassword,
-                },
-            },
-            options: {
-                database: sqlConfig.sqlDatabaseName,
-                encrypt: true,
-            },
-        };
-        return config;
-    }
-    /**
-     * Generate tedious connection configuration with azure-active-directory-access-token authentication type.
-     *
-     * @param { SqlConfiguration } SQL configuration with AAD access token.
-     *
-     * @returns Tedious connection configuration with access token.
-     * @internal
-     */
-    async generateTokenConfig(sqlConfig) {
-        internalLogger.verbose("Generate tedious config with MSI token");
-        let token;
-        try {
-            const credential = new ManagedIdentityCredential(sqlConfig.sqlIdentityId);
-            token = await credential.getToken(this.defaultSQLScope);
-        }
-        catch (error) {
-            const errMsg = "Get user MSI token failed";
-            internalLogger.error(errMsg);
-            throw new ErrorWithCode(errMsg, ErrorCode.InternalError);
-        }
-        if (token) {
-            const config = {
-                server: sqlConfig.sqlServerEndpoint,
-                authentication: {
-                    type: TediousAuthenticationType.MSI,
-                    options: {
-                        token: token.token,
-                    },
-                },
-                options: {
-                    database: sqlConfig.sqlDatabaseName,
-                    encrypt: true,
-                },
-            };
-            internalLogger.verbose(`Generate token configuration success, server endpoint is ${sqlConfig.sqlServerEndpoint}, database name is ${sqlConfig.sqlDatabaseName}`);
-            return config;
-        }
-        internalLogger.error(`Generate token configuration, server endpoint is ${sqlConfig.sqlServerEndpoint}, MSI token is not valid`);
-        throw new ErrorWithCode("MSI token is not valid", ErrorCode.InternalError);
-    }
-}
-/**
- * tedious connection config authentication type.
- * https://tediousjs.github.io/tedious/api-connection.html
- * @internal
- */
-var TediousAuthenticationType;
-(function (TediousAuthenticationType) {
-    TediousAuthenticationType["default"] = "default";
-    TediousAuthenticationType["MSI"] = "azure-active-directory-access-token";
-})(TediousAuthenticationType || (TediousAuthenticationType = {}));
+}
 // Copyright (c) Microsoft Corporation.
 /**