@microsoft/vscode-azext-azureauth 4.1.0 → 4.2.0

package/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Change Log
 
+## 4.2.0
+
+* [#2057](https://github.com/microsoft/vscode-azuretools/pull/2057) Support providing a challenge when getting sessions from VS Code
+
+## 4.1.1 - 2025-02-03
+
+* Fix `VSCodeAzureSubscriptionProvider` implementation of `getSubscriptions` filtering returned subscriptions by `getSubscriptionFilters()` when the `filter` parameter is a `GetSubscriptionsFilter` object.
+
 ## 4.1.0 - 2025-01-31
 
 * Add filtering `getSubscriptions` by a specific account and/or tenant.

package/README.md

@@ -1,7 +1,5 @@
 # VSCode Azure SDK for Node.js - Azure Auth
 
-[![Build Status](https://dev.azure.com/ms-azuretools/AzCode/_apis/build/status/vscode-azuretools)](https://dev.azure.com/ms-azuretools/AzCode/_build/latest?definitionId=17)
-
 This package provides a simple way to authenticate to Azure and receive Azure subscription information. It uses the [built-in Microsoft Authentication extension](https://github.com/microsoft/vscode/tree/main/extensions/microsoft-authentication) and does not rely on the [Azure Account extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode.azure-account) in any way.
 
 ## Azure Subscription Provider

package/l10n/bundle.l10n.json

@@ -0,0 +1,5 @@
+{
+  "Signing out programmatically is not supported. You must sign out by selecting the account in the Accounts menu and choosing Sign Out.": "Signing out programmatically is not supported. You must sign out by selecting the account in the Accounts menu and choosing Sign Out.",
+  "You are not signed in to an Azure account. Please sign in.": "You are not signed in to an Azure account. Please sign in.",
+  "The custom cloud choice is not configured. Please configure the setting `{0}.{1}`.": "The custom cloud choice is not configured. Please configure the setting `{0}.{1}`."
+}

package/out/src/AzureAuthentication.d.ts

@@ -17,5 +17,5 @@ export interface AzureAuthentication {
      *
      * @returns A VS Code authentication session or undefined, if none could be obtained.
      */
-    getSessionWithScopes(scopes: string[]): vscode.ProviderResult<vscode.AuthenticationSession>;
+    getSessionWithScopes(scopes: string[] | vscode.AuthenticationSessionRequest): vscode.ProviderResult<vscode.AuthenticationSession>;
 }

package/out/src/AzureDevOpsSubscriptionProvider.js

@@ -20,7 +20,8 @@ var __asyncValues = (this && this.__asyncValues) || function (o) {
     function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.AzureDevOpsSubscriptionProvider = exports.createAzureDevOpsSubscriptionProviderFactory = void 0;
+exports.AzureDevOpsSubscriptionProvider = void 0;
+exports.createAzureDevOpsSubscriptionProviderFactory = createAzureDevOpsSubscriptionProviderFactory;
 const vscode_1 = require("vscode");
 const configuredAzureEnv_1 = require("./utils/configuredAzureEnv");
 let azureDevOpsSubscriptionProvider;
@@ -30,7 +31,6 @@ function createAzureDevOpsSubscriptionProviderFactory(initializer) {
         return azureDevOpsSubscriptionProvider;
     });
 }
-exports.createAzureDevOpsSubscriptionProviderFactory = createAzureDevOpsSubscriptionProviderFactory;
 /**
  * AzureSubscriptionProvider implemented to authenticate via federated DevOps service connection, using workflow identity federation
  * To learn how to configure your DevOps environment to use this provider, refer to the README.md
@@ -83,8 +83,8 @@ class AzureDevOpsSubscriptionProvider {
         });
     }
     getTenants() {
-        var _a;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a;
             return [{
                     tenantId: (_a = this._tokenCredential) === null || _a === void 0 ? void 0 : _a.tenantId,
                     account: {
@@ -102,36 +102,31 @@ class AzureDevOpsSubscriptionProvider {
      * @returns The list of subscriptions for the tenant.
      */
     getSubscriptionsForTenant(tenantId) {
-        var _a, e_1, _b, _c;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, e_1, _b, _c;
             const { client, credential, authentication } = yield this.getSubscriptionClient(tenantId);
             const environment = (0, configuredAzureEnv_1.getConfiguredAzureEnv)();
             const subscriptions = [];
             try {
-                for (var _d = true, _e = __asyncValues(client.subscriptions.list()), _f; _f = yield _e.next(), _a = _f.done, !_a;) {
+                for (var _d = true, _e = __asyncValues(client.subscriptions.list()), _f; _f = yield _e.next(), _a = _f.done, !_a; _d = true) {
                     _c = _f.value;
                     _d = false;
-                    try {
-                        const subscription = _c;
-                        subscriptions.push({
-                            authentication,
-                            environment: environment,
-                            credential: credential,
-                            isCustomCloud: environment.isCustomCloud,
-                            /* eslint-disable @typescript-eslint/no-non-null-assertion */
-                            name: subscription.displayName,
-                            subscriptionId: subscription.subscriptionId,
-                            /* eslint-enable @typescript-eslint/no-non-null-assertion */
-                            tenantId,
-                            account: {
-                                id: "test-account-id",
-                                label: "test-account",
-                            },
-                        });
-                    }
-                    finally {
-                        _d = true;
-                    }
+                    const subscription = _c;
+                    subscriptions.push({
+                        authentication,
+                        environment: environment,
+                        credential: credential,
+                        isCustomCloud: environment.isCustomCloud,
+                        /* eslint-disable @typescript-eslint/no-non-null-assertion */
+                        name: subscription.displayName,
+                        subscriptionId: subscription.subscriptionId,
+                        /* eslint-enable @typescript-eslint/no-non-null-assertion */
+                        tenantId,
+                        account: {
+                            id: "test-account-id",
+                            label: "test-account",
+                        },
+                    });
                 }
             }
             catch (e_1_1) { e_1 = { error: e_1_1 }; }
@@ -152,8 +147,8 @@ class AzureDevOpsSubscriptionProvider {
      * @returns A client, the credential used by the client, and the authentication function
      */
     getSubscriptionClient(_tenantId, scopes) {
-        var _a, _b;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
             const armSubs = yield Promise.resolve().then(() => require('@azure/arm-resources-subscriptions'));
             if (!this._tokenCredential) {
                 throw new Error('Not signed in');
@@ -226,8 +221,8 @@ function getTokenCredential(serviceConnectionId, domain, clientId) {
  * API reference: https://learn.microsoft.com/en-us/rest/api/azure/devops/distributedtask/oidctoken/create
  */
 function requestOidcToken(oidcRequestUrl, systemAccessToken) {
-    var _a;
     return __awaiter(this, void 0, void 0, function* () {
+        var _a;
         const { ServiceClient } = yield Promise.resolve().then(() => require('@azure/core-client'));
         const { createHttpHeaders, createPipelineRequest } = yield Promise.resolve().then(() => require('@azure/core-rest-pipeline'));
         const genericClient = new ServiceClient();

package/out/src/NotSignedInError.js

@@ -4,7 +4,8 @@
  *  Licensed under the MIT License. See License.txt in the project root for license information.
  *--------------------------------------------------------------------------------------------*/
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isNotSignedInError = exports.NotSignedInError = void 0;
+exports.NotSignedInError = void 0;
+exports.isNotSignedInError = isNotSignedInError;
 const vscode = require("vscode");
 /**
  * An error indicating the user is not signed in.
@@ -26,5 +27,4 @@ exports.NotSignedInError = NotSignedInError;
 function isNotSignedInError(error) {
     return !!error && typeof error === 'object' && error.isNotSignedInError === true;
 }
-exports.isNotSignedInError = isNotSignedInError;
 //# sourceMappingURL=NotSignedInError.js.map

package/out/src/VSCodeAzureSubscriptionProvider.js

@@ -25,6 +25,7 @@ const vscode = require("vscode");
 const getSessionFromVSCode_1 = require("./getSessionFromVSCode");
 const NotSignedInError_1 = require("./NotSignedInError");
 const configuredAzureEnv_1 = require("./utils/configuredAzureEnv");
+const isAuthenticationSessionRequest_1 = require("./utils/isAuthenticationSessionRequest");
 const EventDebounce = 5 * 1000; // 5 seconds
 /**
  * A class for obtaining Azure subscription information using VSCode's built-in authentication
@@ -78,45 +79,35 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      * @returns A list of tenants.
      */
     getTenants(account) {
-        var _a, e_1, _b, _c, _d, e_2, _e, _f;
-        var _g;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, e_1, _b, _c, _d, e_2, _e, _f;
+            var _g;
             const startTimeMs = Date.now();
             const results = [];
             try {
-                for (var _h = true, _j = __asyncValues(account ? [account] : yield vscode.authentication.getAccounts((0, configuredAzureEnv_1.getConfiguredAuthProviderId)())), _k; _k = yield _j.next(), _a = _k.done, !_a;) {
+                for (var _h = true, _j = __asyncValues(account ? [account] : yield vscode.authentication.getAccounts((0, configuredAzureEnv_1.getConfiguredAuthProviderId)())), _k; _k = yield _j.next(), _a = _k.done, !_a; _h = true) {
                     _c = _k.value;
                     _h = false;
-                    try {
-                        account = _c;
-                        // Added check. Without this the getSubscriptionClient function throws the NotSignedInError
-                        if (yield this.isSignedIn(undefined, account)) {
-                            const { client } = yield this.getSubscriptionClient(account, undefined, undefined);
-                            try {
-                                for (var _l = true, _m = (e_2 = void 0, __asyncValues(client.tenants.list())), _o; _o = yield _m.next(), _d = _o.done, !_d;) {
-                                    _f = _o.value;
-                                    _l = false;
-                                    try {
-                                        const tenant = _f;
-                                        results.push(Object.assign(Object.assign({}, tenant), { account }));
-                                    }
-                                    finally {
-                                        _l = true;
-                                    }
-                                }
+                    account = _c;
+                    // Added check. Without this the getSubscriptionClient function throws the NotSignedInError
+                    if (yield this.isSignedIn(undefined, account)) {
+                        const { client } = yield this.getSubscriptionClient(account, undefined, undefined);
+                        try {
+                            for (var _l = true, _m = (e_2 = void 0, __asyncValues(client.tenants.list())), _o; _o = yield _m.next(), _d = _o.done, !_d; _l = true) {
+                                _f = _o.value;
+                                _l = false;
+                                const tenant = _f;
+                                results.push(Object.assign(Object.assign({}, tenant), { account }));
                             }
-                            catch (e_2_1) { e_2 = { error: e_2_1 }; }
-                            finally {
-                                try {
-                                    if (!_l && !_d && (_e = _m.return)) yield _e.call(_m);
-                                }
-                                finally { if (e_2) throw e_2.error; }
+                        }
+                        catch (e_2_1) { e_2 = { error: e_2_1 }; }
+                        finally {
+                            try {
+                                if (!_l && !_d && (_e = _m.return)) yield _e.call(_m);
                             }
+                            finally { if (e_2) throw e_2.error; }
                         }
                     }
-                    finally {
-                        _h = true;
-                    }
                 }
             }
             catch (e_1_1) { e_1 = { error: e_1_1 }; }
@@ -148,9 +139,9 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      * Use {@link isSignedIn} and/or {@link signIn} before this method to ensure
      * the user is signed in.
      */
-    getSubscriptions(filter = true) {
-        var _a, _b;
-        return __awaiter(this, void 0, void 0, function* () {
+    getSubscriptions() {
+        return __awaiter(this, arguments, void 0, function* (filter = true) {
+            var _a, _b;
             (_a = this.logger) === null || _a === void 0 ? void 0 : _a.debug('auth: Loading subscriptions...');
             const startTime = Date.now();
             const configuredTenantFilter = yield this.getTenantFilters();
@@ -193,7 +184,7 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
             (_b = this.logger) === null || _b === void 0 ? void 0 : _b.debug(`auth: Got ${uniqueSubscriptions.length} subscriptions from ${accountCount} accounts in ${endTime - startTime}ms`);
             const sortSubscriptions = (subscriptions) => subscriptions.sort((a, b) => a.name.localeCompare(b.name));
             const subscriptionIds = yield this.getSubscriptionFilters();
-            if (filter && !!subscriptionIds.length) { // If the list is empty it is treated as "no filter"
+            if (filter === true && !!subscriptionIds.length) { // If the list is empty it is treated as "no filter"
                 return sortSubscriptions(uniqueSubscriptions.filter(sub => subscriptionIds.includes(sub.subscriptionId)));
             }
             return sortSubscriptions(uniqueSubscriptions);
@@ -211,8 +202,8 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      * checks all accounts for a session.
      */
     isSignedIn(tenantId, account) {
-        var _a, _b;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
             function silentlyCheckForSession(tenantId, account) {
                 return __awaiter(this, void 0, void 0, function* () {
                     return !!(yield (0, getSessionFromVSCode_1.getSessionFromVSCode)([], tenantId, { createIfNone: false, silent: true, account }));
@@ -248,8 +239,8 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      * @returns True if the user is signed in, false otherwise.
      */
     signIn(tenantId, account) {
-        var _a, _b;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, _b;
             (_a = this.logger) === null || _a === void 0 ? void 0 : _a.debug(`auth: Signing in (account="${(_b = account === null || account === void 0 ? void 0 : account.label) !== null && _b !== void 0 ? _b : 'none'}") (tenantId="${tenantId !== null && tenantId !== void 0 ? tenantId : 'none'}")`);
             const session = yield (0, getSessionFromVSCode_1.getSessionFromVSCode)([], tenantId, {
                 createIfNone: true,
@@ -309,8 +300,8 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
      * @returns The list of subscriptions for the tenant.
      */
     getSubscriptionsForTenant(account, tenantId) {
-        var _a, e_3, _b, _c;
         return __awaiter(this, void 0, void 0, function* () {
+            var _a, e_3, _b, _c;
             // If the user is not signed in to this tenant or account, then return an empty list
             // This is to prevent the NotSignedInError from being thrown in getSubscriptionClient
             if (!(yield this.isSignedIn(tenantId, account))) {
@@ -320,27 +311,22 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
             const environment = (0, configuredAzureEnv_1.getConfiguredAzureEnv)();
             const subscriptions = [];
             try {
-                for (var _d = true, _e = __asyncValues(client.subscriptions.list()), _f; _f = yield _e.next(), _a = _f.done, !_a;) {
+                for (var _d = true, _e = __asyncValues(client.subscriptions.list()), _f; _f = yield _e.next(), _a = _f.done, !_a; _d = true) {
                     _c = _f.value;
                     _d = false;
-                    try {
-                        const subscription = _c;
-                        subscriptions.push({
-                            authentication: authentication,
-                            environment: environment,
-                            credential: credential,
-                            isCustomCloud: environment.isCustomCloud,
-                            /* eslint-disable @typescript-eslint/no-non-null-assertion */
-                            name: subscription.displayName,
-                            subscriptionId: subscription.subscriptionId,
-                            tenantId: tenantId !== null && tenantId !== void 0 ? tenantId : subscription.tenantId,
-                            /* eslint-enable @typescript-eslint/no-non-null-assertion */
-                            account: account
-                        });
-                    }
-                    finally {
-                        _d = true;
-                    }
+                    const subscription = _c;
+                    subscriptions.push({
+                        authentication: authentication,
+                        environment: environment,
+                        credential: credential,
+                        isCustomCloud: environment.isCustomCloud,
+                        /* eslint-disable @typescript-eslint/no-non-null-assertion */
+                        name: subscription.displayName,
+                        subscriptionId: subscription.subscriptionId,
+                        tenantId: tenantId !== null && tenantId !== void 0 ? tenantId : subscription.tenantId,
+                        /* eslint-enable @typescript-eslint/no-non-null-assertion */
+                        account: account
+                    });
                 }
             }
             catch (e_3_1) { e_3 = { error: e_3_1 }; }
@@ -384,7 +370,10 @@ class VSCodeAzureSubscriptionProvider extends vscode.Disposable {
                 authentication: {
                     getSession: () => session,
                     getSessionWithScopes: (scopes) => {
-                        return (0, getSessionFromVSCode_1.getSessionFromVSCode)(scopes, tenantId, { createIfNone: false, silent: true, account });
+                        // in order to handle a challenge, we must enable createIfNone so
+                        // that we can prompt the user to step-up their session with MFA
+                        // otherwise, never prompt the user
+                        return (0, getSessionFromVSCode_1.getSessionFromVSCode)(scopes, tenantId, Object.assign(Object.assign({}, ((0, isAuthenticationSessionRequest_1.isAuthenticationSessionRequest)(scopes) ? { createIfNone: true } : { silent: true })), { account }));
                     },
                 }
             };

package/out/src/getSessionFromVSCode.d.ts

@@ -5,8 +5,9 @@ import * as vscode from "vscode";
  * * Getting the list of scopes, adding the tenant id to the scope list if needed
  *
  * @param scopes - top-level resource scopes (e.g. http://management.azure.com, http://storage.azure.com) or .default scopes. All resources/scopes will be normalized to the `.default` scope for each resource.
+ * Use `vscode.AuthenticationSessionRequest` if you need to pass in a challenge (WWW-Authenticate header). Note: Use of `vscode.AuthenticationSessionRequest` requires VS Code 1.104 or newer.
  * @param tenantId - (Optional) The tenant ID, will be added to the scopes
  * @param options - see {@link vscode.AuthenticationGetSessionOptions}
  * @returns An authentication session if available, or undefined if there are no sessions
  */
-export declare function getSessionFromVSCode(scopes?: string | string[], tenantId?: string, options?: vscode.AuthenticationGetSessionOptions): Promise<vscode.AuthenticationSession | undefined>;
+export declare function getSessionFromVSCode(scopes?: string | string[] | vscode.AuthenticationSessionRequest, tenantId?: string, options?: vscode.AuthenticationGetSessionOptions): Promise<vscode.AuthenticationSession | undefined>;

package/out/src/getSessionFromVSCode.js

@@ -13,9 +13,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getSessionFromVSCode = void 0;
+exports.getSessionFromVSCode = getSessionFromVSCode;
 const vscode = require("vscode");
 const configuredAzureEnv_1 = require("./utils/configuredAzureEnv");
+const isAuthenticationSessionRequest_1 = require("./utils/isAuthenticationSessionRequest");
 function ensureEndingSlash(value) {
     return value.endsWith('/') ? value : `${value}/`;
 }
@@ -46,20 +47,30 @@ function getScopes(scopes, tenantId) {
     }
     return scopeArr;
 }
+/**
+ * Deconstructs and rebuilds the scopes arg in order to use the above utils to modify the scopes array.
+ * And then returns the proper type to pass directly to vscode.authentication.getSession
+ */
+function formScopesArg(scopes, tenantId) {
+    var _a;
+    const initialScopeList = typeof scopes === 'string' ? [scopes] : Array.isArray(scopes) ? scopes : Array.from((_a = scopes === null || scopes === void 0 ? void 0 : scopes.scopes) !== null && _a !== void 0 ? _a : []);
+    const scopeList = getScopes(initialScopeList, tenantId);
+    return (0, isAuthenticationSessionRequest_1.isAuthenticationSessionRequest)(scopes) ? { scopes: scopeList, challenge: scopes.challenge } : scopeList;
+}
 /**
  * Wraps {@link vscode.authentication.getSession} and handles:
  * * Passing the configured auth provider id
  * * Getting the list of scopes, adding the tenant id to the scope list if needed
  *
  * @param scopes - top-level resource scopes (e.g. http://management.azure.com, http://storage.azure.com) or .default scopes. All resources/scopes will be normalized to the `.default` scope for each resource.
+ * Use `vscode.AuthenticationSessionRequest` if you need to pass in a challenge (WWW-Authenticate header). Note: Use of `vscode.AuthenticationSessionRequest` requires VS Code 1.104 or newer.
  * @param tenantId - (Optional) The tenant ID, will be added to the scopes
  * @param options - see {@link vscode.AuthenticationGetSessionOptions}
  * @returns An authentication session if available, or undefined if there are no sessions
  */
 function getSessionFromVSCode(scopes, tenantId, options) {
     return __awaiter(this, void 0, void 0, function* () {
-        return yield vscode.authentication.getSession((0, configuredAzureEnv_1.getConfiguredAuthProviderId)(), getScopes(scopes, tenantId), options);
+        return yield vscode.authentication.getSession((0, configuredAzureEnv_1.getConfiguredAuthProviderId)(), formScopesArg(scopes, tenantId), options);
     });
 }
-exports.getSessionFromVSCode = getSessionFromVSCode;
 //# sourceMappingURL=getSessionFromVSCode.js.map

package/out/src/signInToTenant.js

@@ -13,7 +13,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.signInToTenant = void 0;
+exports.signInToTenant = signInToTenant;
 const vscode = require("vscode");
 const getUnauthenticatedTenants_1 = require("./utils/getUnauthenticatedTenants");
 /**
@@ -28,12 +28,11 @@ function signInToTenant(subscriptionProvider) {
         }
     });
 }
-exports.signInToTenant = signInToTenant;
 function pickTenant(subscriptionProvider) {
     return __awaiter(this, void 0, void 0, function* () {
         const pick = yield vscode.window.showQuickPick(getPicks(subscriptionProvider), {
-            placeHolder: 'Select a Tenant (Directory) to Sign In To',
-            matchOnDescription: true,
+            placeHolder: 'Select a Tenant (Directory) to Sign In To', // TODO: localize
+            matchOnDescription: true, // allow searching by tenantId
             ignoreFocusOut: true,
         });
         return pick === null || pick === void 0 ? void 0 : pick.tenant.tenantId;

package/out/src/utils/configuredAzureEnv.js

@@ -13,7 +13,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getConfiguredAuthProviderId = exports.setConfiguredAzureEnv = exports.getConfiguredAzureEnv = void 0;
+exports.getConfiguredAzureEnv = getConfiguredAzureEnv;
+exports.setConfiguredAzureEnv = setConfiguredAzureEnv;
+exports.getConfiguredAuthProviderId = getConfiguredAuthProviderId;
 const azureEnv = require("@azure/ms-rest-azure-env"); // This package is so small that it's not worth lazy loading
 const vscode = require("vscode");
 // These strings come from https://github.com/microsoft/vscode/blob/eac16e9b63a11885b538db3e0b533a02a2fb8143/extensions/microsoft-authentication/package.json#L40-L99
@@ -49,7 +51,6 @@ function getConfiguredAzureEnv() {
     }
     return Object.assign(Object.assign({}, azureEnv.Environment.get(azureEnv.Environment.AzureCloud.name)), { isCustomCloud: false });
 }
-exports.getConfiguredAzureEnv = getConfiguredAzureEnv;
 /**
  * Sets the configured Azure cloud.
  *
@@ -58,8 +59,8 @@ exports.getConfiguredAzureEnv = getConfiguredAzureEnv;
  *
  * @param target (Optional) The configuration target to use, by default {@link vscode.ConfigurationTarget.Global}.
  */
-function setConfiguredAzureEnv(cloud, target = vscode.ConfigurationTarget.Global) {
-    return __awaiter(this, void 0, void 0, function* () {
+function setConfiguredAzureEnv(cloud_1) {
+    return __awaiter(this, arguments, void 0, function* (cloud, target = vscode.ConfigurationTarget.Global) {
         const authProviderConfig = vscode.workspace.getConfiguration(CustomCloudConfigurationSection);
         if (typeof cloud === 'undefined' || !cloud) {
             // Use public cloud implicitly--set `environment` setting to `undefined`
@@ -83,7 +84,6 @@ function setConfiguredAzureEnv(cloud, target = vscode.ConfigurationTarget.Global
         }
     });
 }
-exports.setConfiguredAzureEnv = setConfiguredAzureEnv;
 /**
  * Gets the ID of the authentication provider configured to be used
  * @returns The provider ID to use, either `'microsoft'` or `'microsoft-sovereign-cloud'`
@@ -91,5 +91,4 @@ exports.setConfiguredAzureEnv = setConfiguredAzureEnv;
 function getConfiguredAuthProviderId() {
     return getConfiguredAzureEnv().name === azureEnv.Environment.AzureCloud.name ? 'microsoft' : 'microsoft-sovereign-cloud';
 }
-exports.getConfiguredAuthProviderId = getConfiguredAuthProviderId;
 //# sourceMappingURL=configuredAzureEnv.js.map

package/out/src/utils/getUnauthenticatedTenants.js

@@ -20,27 +20,22 @@ var __asyncValues = (this && this.__asyncValues) || function (o) {
     function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getUnauthenticatedTenants = void 0;
+exports.getUnauthenticatedTenants = getUnauthenticatedTenants;
 /**
  * @returns list of tenants that VS Code doesn't have sessions for
  */
 function getUnauthenticatedTenants(subscriptionProvider) {
-    var _a, e_1, _b, _c;
     return __awaiter(this, void 0, void 0, function* () {
+        var _a, e_1, _b, _c;
         const tenants = yield subscriptionProvider.getTenants();
         const unauthenticatedTenants = [];
         try {
-            for (var _d = true, tenants_1 = __asyncValues(tenants), tenants_1_1; tenants_1_1 = yield tenants_1.next(), _a = tenants_1_1.done, !_a;) {
+            for (var _d = true, tenants_1 = __asyncValues(tenants), tenants_1_1; tenants_1_1 = yield tenants_1.next(), _a = tenants_1_1.done, !_a; _d = true) {
                 _c = tenants_1_1.value;
                 _d = false;
-                try {
-                    const tenant = _c;
-                    if (!(yield subscriptionProvider.isSignedIn(tenant.tenantId, tenant.account))) {
-                        unauthenticatedTenants.push(tenant);
-                    }
-                }
-                finally {
-                    _d = true;
+                const tenant = _c;
+                if (!(yield subscriptionProvider.isSignedIn(tenant.tenantId, tenant.account))) {
+                    unauthenticatedTenants.push(tenant);
                 }
             }
         }
@@ -54,5 +49,4 @@ function getUnauthenticatedTenants(subscriptionProvider) {
         return unauthenticatedTenants;
     });
 }
-exports.getUnauthenticatedTenants = getUnauthenticatedTenants;
 //# sourceMappingURL=getUnauthenticatedTenants.js.map

package/out/src/utils/isAuthenticationSessionRequest.d.ts

@@ -0,0 +1,2 @@
+import * as vscode from 'vscode';
+export declare function isAuthenticationSessionRequest(scopes?: string | string[] | vscode.AuthenticationSessionRequest): scopes is vscode.AuthenticationSessionRequest;

package/out/src/utils/isAuthenticationSessionRequest.js

@@ -0,0 +1,11 @@
+"use strict";
+/*---------------------------------------------------------------------------------------------
+*  Copyright (c) Microsoft Corporation. All rights reserved.
+*  Licensed under the MIT License. See License.txt in the project root for license information.
+*--------------------------------------------------------------------------------------------*/
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isAuthenticationSessionRequest = isAuthenticationSessionRequest;
+function isAuthenticationSessionRequest(scopes) {
+    return !!(scopes && typeof scopes === 'object' && 'challenge' in scopes);
+}
+//# sourceMappingURL=isAuthenticationSessionRequest.js.map

package/package.json

@@ -1,7 +1,7 @@
 {
     "name": "@microsoft/vscode-azext-azureauth",
     "author": "Microsoft Corporation",
-    "version": "4.1.0",
+    "version": "4.2.0",
     "description": "Azure authentication helpers for Visual Studio Code",
     "tags": [
         "azure",
@@ -28,7 +28,8 @@
         "lint": "eslint --ext .ts .",
         "lint-fix": "eslint --ext .ts . --fix",
         "test": "node ./out/test/runTest.js",
-        "package": "npm pack"
+        "package": "npm pack",
+        "l10n": "npx @vscode/l10n-dev export --outDir ./l10n ./src"
     },
     "devDependencies": {
         "@azure/core-auth": "^1.4.0",
@@ -41,16 +42,16 @@
         "@types/node-fetch": "2.6.7",
         "@types/semver": "^7.3.9",
         "@types/uuid": "^9.0.1",
-        "@types/vscode": "1.93.0",
+        "@types/vscode": "^1.94.0",
         "@typescript-eslint/eslint-plugin": "^5.53.0",
         "@vscode/test-electron": "^2.3.8",
         "eslint": "^8.34.0",
         "eslint-plugin-import": "^2.22.1",
         "glob": "^7.1.6",
-        "mocha": "^9.1.3",
+        "mocha": "^11.1.0",
         "mocha-junit-reporter": "^2.0.2",
         "mocha-multi-reporters": "^1.1.7",
-        "typescript": "^4.9.4"
+        "typescript": "^5.8.2"
     },
     "dependencies": {
         "@azure/arm-resources-subscriptions": "^2.1.0",