npm - @microsoft/vscode-azext-azureauth - Versions diffs - 6.0.0-alpha.5 → 6.0.0-alpha.6 - Mend

@microsoft/vscode-azext-azureauth 6.0.0-alpha.5 → 6.0.0-alpha.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/cjs/src/index.js +1 -0
package/dist/cjs/src/providers/AzureSubscriptionProviderBase.js +9 -1
package/dist/cjs/src/utils/BearerChallengePolicy.js +41 -0
package/dist/esm/src/index.d.ts +1 -0
package/dist/esm/src/index.js +1 -0
package/dist/esm/src/providers/AzureSubscriptionProviderBase.js +9 -1
package/dist/esm/src/utils/BearerChallengePolicy.d.ts +10 -0
package/dist/esm/src/utils/BearerChallengePolicy.js +36 -0
package/package.json +2 -1

package/dist/cjs/src/index.js CHANGED Viewed

@@ -26,6 +26,7 @@ __exportStar(require("./contracts/AzureTenant"), exports);
 // The `AzureDevOpsSubscriptionProvider` is intentionally not exported, it must be imported from `'@microsoft/vscode-azext-azureauth/azdo'`
 __exportStar(require("./providers/AzureSubscriptionProviderBase"), exports);
 __exportStar(require("./providers/VSCodeAzureSubscriptionProvider"), exports);
+__exportStar(require("./utils/BearerChallengePolicy"), exports);
 __exportStar(require("./utils/configuredAzureEnv"), exports);
 __exportStar(require("./utils/dedupeSubscriptions"), exports);
 __exportStar(require("./utils/getMetricsForTelemetry"), exports);

package/dist/cjs/src/providers/AzureSubscriptionProviderBase.js CHANGED Viewed

@@ -38,6 +38,7 @@ var __importStar = (this && this.__importStar) || (function () {
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.AzureSubscriptionProviderBase = void 0;
+const BearerChallengePolicy_1 = require("../utils/BearerChallengePolicy");
 const util_1 = require("util");
 const vscode = __importStar(require("vscode"));
 const AzureSubscriptionProviderRequestOptions_1 = require("../contracts/AzureSubscriptionProviderRequestOptions");
@@ -347,8 +348,15 @@ class AzureSubscriptionProviderBase {
             }
         };
         armSubs ??= await import('@azure/arm-resources-subscriptions');
+        const endpoint = (0, configuredAzureEnv_1.getConfiguredAzureEnv)().resourceManagerEndpointUrl;
+        const client = new armSubs.SubscriptionClient(credential, { endpoint });
+        client.pipeline.addPolicy(new BearerChallengePolicy_1.BearerChallengePolicy(async (challenge) => {
+            this.silenceRefreshEvents();
+            const session = await (0, getSessionFromVSCode_1.getSessionFromVSCode)(challenge, tenant.tenantId, { createIfNone: true, account: tenant.account });
+            return session?.accessToken;
+        }, endpoint), { phase: 'Sign', afterPolicies: ['bearerTokenAuthenticationPolicy'] });
         return {
-            client: new armSubs.SubscriptionClient(credential, { endpoint: (0, configuredAzureEnv_1.getConfiguredAzureEnv)().resourceManagerEndpointUrl }),
+            client,
             credential: credential,
             authentication: {
                 getSession: async () => {

package/dist/cjs/src/utils/BearerChallengePolicy.js ADDED Viewed

@@ -0,0 +1,41 @@
+"use strict";
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BearerChallengePolicy = void 0;
+exports.getDefaultScopeFromEndpoint = getDefaultScopeFromEndpoint;
+function getDefaultScopeFromEndpoint(endpoint) {
+    let base = endpoint ?? 'https://management.azure.com/';
+    base = base.replace(/\/+$/, '');
+    return `${base}/.default`;
+}
+const challengeRetriedRequests = new WeakSet();
+class BearerChallengePolicy {
+    getTokenForChallenge;
+    endpoint;
+    name = 'BearerChallengePolicy';
+    constructor(getTokenForChallenge, endpoint) {
+        this.getTokenForChallenge = getTokenForChallenge;
+        this.endpoint = endpoint;
+    }
+    async sendRequest(request, next) {
+        const initial = await next(request);
+        if (initial.status === 401 && !challengeRetriedRequests.has(request)) {
+            const header = initial.headers.get('WWW-Authenticate') || initial.headers.get('www-authenticate');
+            if (header) {
+                const scopes = [getDefaultScopeFromEndpoint(this.endpoint)];
+                challengeRetriedRequests.add(request);
+                const token = await this.getTokenForChallenge({ wwwAuthenticate: header, fallbackScopes: scopes });
+                if (token) {
+                    request.headers.set('Authorization', `Bearer ${token}`);
+                    return await next(request);
+                }
+            }
+        }
+        return initial;
+    }
+}
+exports.BearerChallengePolicy = BearerChallengePolicy;
+//# sourceMappingURL=BearerChallengePolicy.js.map

package/dist/esm/src/index.d.ts CHANGED Viewed

@@ -6,6 +6,7 @@ export type * from './contracts/AzureSubscriptionProviderRequestOptions';
 export * from './contracts/AzureTenant';
 export * from './providers/AzureSubscriptionProviderBase';
 export * from './providers/VSCodeAzureSubscriptionProvider';
+export * from './utils/BearerChallengePolicy';
 export * from './utils/configuredAzureEnv';
 export * from './utils/dedupeSubscriptions';
 export * from './utils/getMetricsForTelemetry';

package/dist/esm/src/index.js CHANGED Viewed

@@ -10,6 +10,7 @@ export * from './contracts/AzureTenant';
 // The `AzureDevOpsSubscriptionProvider` is intentionally not exported, it must be imported from `'@microsoft/vscode-azext-azureauth/azdo'`
 export * from './providers/AzureSubscriptionProviderBase';
 export * from './providers/VSCodeAzureSubscriptionProvider';
+export * from './utils/BearerChallengePolicy';
 export * from './utils/configuredAzureEnv';
 export * from './utils/dedupeSubscriptions';
 export * from './utils/getMetricsForTelemetry';

package/dist/esm/src/providers/AzureSubscriptionProviderBase.js CHANGED Viewed

@@ -2,6 +2,7 @@
  *  Copyright (c) Microsoft Corporation. All rights reserved.
  *  Licensed under the MIT License. See License.txt in the project root for license information.
  *--------------------------------------------------------------------------------------------*/
+import { BearerChallengePolicy } from '../utils/BearerChallengePolicy';
 import { inspect } from 'util';
 import * as vscode from 'vscode';
 import { DefaultOptions, DefaultSignInOptions } from '../contracts/AzureSubscriptionProviderRequestOptions';
@@ -311,8 +312,15 @@ export class AzureSubscriptionProviderBase {
             }
         };
         armSubs ??= await import('@azure/arm-resources-subscriptions');
+        const endpoint = getConfiguredAzureEnv().resourceManagerEndpointUrl;
+        const client = new armSubs.SubscriptionClient(credential, { endpoint });
+        client.pipeline.addPolicy(new BearerChallengePolicy(async (challenge) => {
+            this.silenceRefreshEvents();
+            const session = await getSessionFromVSCode(challenge, tenant.tenantId, { createIfNone: true, account: tenant.account });
+            return session?.accessToken;
+        }, endpoint), { phase: 'Sign', afterPolicies: ['bearerTokenAuthenticationPolicy'] });
         return {
-            client: new armSubs.SubscriptionClient(credential, { endpoint: getConfiguredAzureEnv().resourceManagerEndpointUrl }),
+            client,
             credential: credential,
             authentication: {
                 getSession: async () => {

package/dist/esm/src/utils/BearerChallengePolicy.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import type { PipelinePolicy, PipelineRequest, PipelineResponse, SendRequest } from '@azure/core-rest-pipeline';
+import type * as vscode from 'vscode';
+export declare function getDefaultScopeFromEndpoint(endpoint?: string): string;
+export declare class BearerChallengePolicy implements PipelinePolicy {
+    private readonly getTokenForChallenge;
+    private readonly endpoint?;
+    readonly name = "BearerChallengePolicy";
+    constructor(getTokenForChallenge: (request: vscode.AuthenticationWwwAuthenticateRequest) => Promise<string | undefined>, endpoint?: string | undefined);
+    sendRequest(request: PipelineRequest, next: SendRequest): Promise<PipelineResponse>;
+}

package/dist/esm/src/utils/BearerChallengePolicy.js ADDED Viewed

@@ -0,0 +1,36 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+export function getDefaultScopeFromEndpoint(endpoint) {
+    let base = endpoint ?? 'https://management.azure.com/';
+    base = base.replace(/\/+$/, '');
+    return `${base}/.default`;
+}
+const challengeRetriedRequests = new WeakSet();
+export class BearerChallengePolicy {
+    getTokenForChallenge;
+    endpoint;
+    name = 'BearerChallengePolicy';
+    constructor(getTokenForChallenge, endpoint) {
+        this.getTokenForChallenge = getTokenForChallenge;
+        this.endpoint = endpoint;
+    }
+    async sendRequest(request, next) {
+        const initial = await next(request);
+        if (initial.status === 401 && !challengeRetriedRequests.has(request)) {
+            const header = initial.headers.get('WWW-Authenticate') || initial.headers.get('www-authenticate');
+            if (header) {
+                const scopes = [getDefaultScopeFromEndpoint(this.endpoint)];
+                challengeRetriedRequests.add(request);
+                const token = await this.getTokenForChallenge({ wwwAuthenticate: header, fallbackScopes: scopes });
+                if (token) {
+                    request.headers.set('Authorization', `Bearer ${token}`);
+                    return await next(request);
+                }
+            }
+        }
+        return initial;
+    }
+}
+//# sourceMappingURL=BearerChallengePolicy.js.map

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
     "name": "@microsoft/vscode-azext-azureauth",
     "author": "Microsoft Corporation",
-    "version": "6.0.0-alpha.5",
+    "version": "6.0.0-alpha.6",
     "description": "Azure authentication helpers for Visual Studio Code",
     "tags": [
         "azure",
@@ -55,6 +55,7 @@
     },
     "dependencies": {
         "@azure/arm-resources-subscriptions": "^2.1.0",
+        "@azure/core-rest-pipeline": "^1.22.2",
         "@azure/identity": "^4.13.0",
         "@azure/ms-rest-azure-env": "^2.0.0"
     },