@ms-cloudpack/remote-cache 0.9.14 → 0.9.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/{getCredential-4DBWPMN2.js → getCredential-KVHUWSLC.js} +226 -223
  2. package/dist/index.js +1 -1
  3. package/lib/authentication/lock-file/getAuthenticationLockFilePath.d.ts +11 -3
  4. package/package.json +6 -5
package/dist/{getCredential-4DBWPMN2.js → getCredential-KVHUWSLC.js} RENAMED
@@ -198,7 +198,7 @@ var init_Serializer = __esm({
198
198
  static serializeAccounts(accCache) {
199
199
  const accounts = {};
200
200
  Object.keys(accCache).map(function(key) {
201
- var _a2;
201
+ var _a;
202
202
  const accountEntity = accCache[key];
203
203
  accounts[key] = {
204
204
  home_account_id: accountEntity.homeAccountId,
@@ -211,7 +211,7 @@ var init_Serializer = __esm({
211
211
  client_info: accountEntity.clientInfo,
212
212
  last_modification_time: accountEntity.lastModificationTime,
213
213
  last_modification_app: accountEntity.lastModificationApp,
214
- tenantProfiles: (_a2 = accountEntity.tenantProfiles) == null ? void 0 : _a2.map((tenantProfile) => {
214
+ tenantProfiles: (_a = accountEntity.tenantProfiles) == null ? void 0 : _a.map((tenantProfile) => {
215
215
  return JSON.stringify(tenantProfile);
216
216
  })
217
217
  };
@@ -1495,12 +1495,12 @@ var init_UrlString = __esm({
1495
1495
 
1496
1496
  // ../../node_modules/.store/@azure-msal-common-npm-14.13.0-f77242c157/package/dist/authority/AuthorityMetadata.mjs
1497
1497
  function getAliasesFromStaticSources(staticAuthorityOptions, logger) {
1498
- var _a2;
1498
+ var _a;
1499
1499
  let staticAliases;
1500
1500
  const canonicalAuthority = staticAuthorityOptions.canonicalAuthority;
1501
1501
  if (canonicalAuthority) {
1502
1502
  const authorityHost = new UrlString(canonicalAuthority).getUrlComponents().HostNameAndPort;
1503
- staticAliases = getAliasesFromMetadata(authorityHost, (_a2 = staticAuthorityOptions.cloudDiscoveryMetadata) == null ? void 0 : _a2.metadata, AuthorityMetadataSource.CONFIG, logger) || getAliasesFromMetadata(authorityHost, InstanceDiscoveryMetadata.metadata, AuthorityMetadataSource.HARDCODED_VALUES, logger) || staticAuthorityOptions.knownAuthorities;
1503
+ staticAliases = getAliasesFromMetadata(authorityHost, (_a = staticAuthorityOptions.cloudDiscoveryMetadata) == null ? void 0 : _a.metadata, AuthorityMetadataSource.CONFIG, logger) || getAliasesFromMetadata(authorityHost, InstanceDiscoveryMetadata.metadata, AuthorityMetadataSource.HARDCODED_VALUES, logger) || staticAuthorityOptions.knownAuthorities;
1504
1504
  }
1505
1505
  return staticAliases || [];
1506
1506
  }
@@ -2213,8 +2213,8 @@ var init_RegionDiscovery = __esm({
2213
2213
  * @returns Promise<string | null>
2214
2214
  */
2215
2215
  async detectRegion(environmentRegion, regionDiscoveryMetadata) {
2216
- var _a2;
2217
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RegionDiscoveryDetectRegion, this.correlationId);
2216
+ var _a;
2217
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RegionDiscoveryDetectRegion, this.correlationId);
2218
2218
  let autodetectedRegionName = environmentRegion;
2219
2219
  if (!autodetectedRegionName) {
2220
2220
  const options = _RegionDiscovery.IMDS_OPTIONS;
@@ -2255,8 +2255,8 @@ var init_RegionDiscovery = __esm({
2255
2255
  * @returns Promise<NetworkResponse<string>>
2256
2256
  */
2257
2257
  async getRegionFromIMDS(version3, options) {
2258
- var _a2;
2259
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RegionDiscoveryGetRegionFromIMDS, this.correlationId);
2258
+ var _a;
2259
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RegionDiscoveryGetRegionFromIMDS, this.correlationId);
2260
2260
  return this.networkInterface.sendGetRequestAsync(`${Constants.IMDS_ENDPOINT}?api-version=${version3}&format=text`, options, Constants.IMDS_TIMEOUT);
2261
2261
  }
2262
2262
  /**
@@ -2265,8 +2265,8 @@ var init_RegionDiscovery = __esm({
2265
2265
  * @returns Promise<string | null>
2266
2266
  */
2267
2267
  async getCurrentVersion(options) {
2268
- var _a2;
2269
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RegionDiscoveryGetCurrentVersion, this.correlationId);
2268
+ var _a;
2269
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RegionDiscoveryGetCurrentVersion, this.correlationId);
2270
2270
  try {
2271
2271
  const response = await this.networkInterface.sendGetRequestAsync(`${Constants.IMDS_ENDPOINT}?format=json`, options);
2272
2272
  if (response.status === ResponseCodes.httpBadRequest && response.body && response.body["newest-versions"] && response.body["newest-versions"].length > 0) {
@@ -2364,7 +2364,7 @@ function createIdTokenEntity(homeAccountId, environment, idToken, clientId, tena
2364
2364
  return idTokenEntity;
2365
2365
  }
2366
2366
  function createAccessTokenEntity(homeAccountId, environment, accessToken, clientId, tenantId, scopes, expiresOn, extExpiresOn, base64Decode, refreshOn, tokenType, userAssertionHash, keyId, requestedClaims, requestedClaimsHash) {
2367
- var _a2, _b2;
2367
+ var _a, _b;
2368
2368
  const atEntity = {
2369
2369
  homeAccountId,
2370
2370
  credentialType: CredentialType.ACCESS_TOKEN,
@@ -2388,12 +2388,12 @@ function createAccessTokenEntity(homeAccountId, environment, accessToken, client
2388
2388
  atEntity.requestedClaims = requestedClaims;
2389
2389
  atEntity.requestedClaimsHash = requestedClaimsHash;
2390
2390
  }
2391
- if (((_a2 = atEntity.tokenType) == null ? void 0 : _a2.toLowerCase()) !== AuthenticationScheme.BEARER.toLowerCase()) {
2391
+ if (((_a = atEntity.tokenType) == null ? void 0 : _a.toLowerCase()) !== AuthenticationScheme.BEARER.toLowerCase()) {
2392
2392
  atEntity.credentialType = CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
2393
2393
  switch (atEntity.tokenType) {
2394
2394
  case AuthenticationScheme.POP:
2395
2395
  const tokenClaims = extractTokenClaims(accessToken, base64Decode);
2396
- if (!((_b2 = tokenClaims == null ? void 0 : tokenClaims.cnf) == null ? void 0 : _b2.kid)) {
2396
+ if (!((_b = tokenClaims == null ? void 0 : tokenClaims.cnf) == null ? void 0 : _b.kid)) {
2397
2397
  throw createClientAuthError(tokenClaimsCnfRequiredForSignedJwt);
2398
2398
  }
2399
2399
  atEntity.keyId = tokenClaims.cnf.kid;
@@ -2563,10 +2563,10 @@ var init_CacheHelpers = __esm({
2563
2563
 
2564
2564
  // ../../node_modules/.store/@azure-msal-common-npm-14.13.0-f77242c157/package/dist/authority/Authority.mjs
2565
2565
  function getTenantFromAuthorityString(authority) {
2566
- var _a2;
2566
+ var _a;
2567
2567
  const authorityUrl = new UrlString(authority);
2568
2568
  const authorityUrlComponents = authorityUrl.getUrlComponents();
2569
- const tenantId = (_a2 = authorityUrlComponents.PathSegments.slice(-1)[0]) == null ? void 0 : _a2.toLowerCase();
2569
+ const tenantId = (_a = authorityUrlComponents.PathSegments.slice(-1)[0]) == null ? void 0 : _a.toLowerCase();
2570
2570
  switch (tenantId) {
2571
2571
  case AADAuthorityConstants.COMMON:
2572
2572
  case AADAuthorityConstants.ORGANIZATIONS:
@@ -2827,8 +2827,8 @@ var init_Authority = __esm({
2827
2827
  * and the /authorize, /token and logout endpoints.
2828
2828
  */
2829
2829
  async resolveEndpointsAsync() {
2830
- var _a2, _b2;
2831
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthorityResolveEndpointsAsync, this.correlationId);
2830
+ var _a, _b;
2831
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthorityResolveEndpointsAsync, this.correlationId);
2832
2832
  const metadataEntity = this.getCurrentMetadataEntity();
2833
2833
  const cloudDiscoverySource = await invokeAsync(this.updateCloudDiscoveryMetadata.bind(this), PerformanceEvents.AuthorityUpdateCloudDiscoveryMetadata, this.logger, this.performanceClient, this.correlationId)(metadataEntity);
2834
2834
  this.canonicalAuthority = this.canonicalAuthority.replace(this.hostnameAndPort, metadataEntity.preferred_network);
@@ -2836,7 +2836,7 @@ var init_Authority = __esm({
2836
2836
  this.updateCachedMetadata(metadataEntity, cloudDiscoverySource, {
2837
2837
  source: endpointSource
2838
2838
  });
2839
- (_b2 = this.performanceClient) == null ? void 0 : _b2.addFields({
2839
+ (_b = this.performanceClient) == null ? void 0 : _b.addFields({
2840
2840
  cloudDiscoverySource,
2841
2841
  authorityEndpointSource: endpointSource
2842
2842
  }, this.correlationId);
@@ -2887,12 +2887,12 @@ var init_Authority = __esm({
2887
2887
  * @param metadataEntity
2888
2888
  */
2889
2889
  async updateEndpointMetadata(metadataEntity) {
2890
- var _a2, _b2, _c;
2891
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthorityUpdateEndpointMetadata, this.correlationId);
2890
+ var _a, _b, _c;
2891
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthorityUpdateEndpointMetadata, this.correlationId);
2892
2892
  const localMetadata = this.updateEndpointMetadataFromLocalSources(metadataEntity);
2893
2893
  if (localMetadata) {
2894
2894
  if (localMetadata.source === AuthorityMetadataSource.HARDCODED_VALUES) {
2895
- if ((_b2 = this.authorityOptions.azureRegionConfiguration) == null ? void 0 : _b2.azureRegion) {
2895
+ if ((_b = this.authorityOptions.azureRegionConfiguration) == null ? void 0 : _b.azureRegion) {
2896
2896
  if (localMetadata.metadata) {
2897
2897
  const hardcodedMetadata = await invokeAsync(this.updateMetadataWithRegionalInformation.bind(this), PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation, this.logger, this.performanceClient, this.correlationId)(localMetadata.metadata);
2898
2898
  updateAuthorityEndpointMetadata(metadataEntity, hardcodedMetadata, false);
@@ -2983,8 +2983,8 @@ var init_Authority = __esm({
2983
2983
  * @param hasHardcodedMetadata boolean
2984
2984
  */
2985
2985
  async getEndpointMetadataFromNetwork() {
2986
- var _a2;
2987
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthorityGetEndpointMetadataFromNetwork, this.correlationId);
2986
+ var _a;
2987
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthorityGetEndpointMetadataFromNetwork, this.correlationId);
2988
2988
  const options = {};
2989
2989
  const openIdConfigurationEndpoint = this.defaultOpenIdConfigurationEndpoint;
2990
2990
  this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: attempting to retrieve OAuth endpoints from ${openIdConfigurationEndpoint}`);
@@ -3016,9 +3016,9 @@ var init_Authority = __esm({
3016
3016
  * User selected Azure region will be used if configured.
3017
3017
  */
3018
3018
  async updateMetadataWithRegionalInformation(metadata) {
3019
- var _a2, _b2, _c;
3020
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation, this.correlationId);
3021
- const userConfiguredAzureRegion = (_b2 = this.authorityOptions.azureRegionConfiguration) == null ? void 0 : _b2.azureRegion;
3019
+ var _a, _b, _c;
3020
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation, this.correlationId);
3021
+ const userConfiguredAzureRegion = (_b = this.authorityOptions.azureRegionConfiguration) == null ? void 0 : _b.azureRegion;
3022
3022
  if (userConfiguredAzureRegion) {
3023
3023
  if (userConfiguredAzureRegion !== Constants.AZURE_REGION_AUTO_DISCOVER_FLAG) {
3024
3024
  this.regionDiscoveryMetadata.region_outcome = RegionDiscoveryOutcomes.CONFIGURED_NO_AUTO_DETECTION;
@@ -3042,8 +3042,8 @@ var init_Authority = __esm({
3042
3042
  * @returns AuthorityMetadataSource
3043
3043
  */
3044
3044
  async updateCloudDiscoveryMetadata(metadataEntity) {
3045
- var _a2;
3046
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthorityUpdateCloudDiscoveryMetadata, this.correlationId);
3045
+ var _a;
3046
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthorityUpdateCloudDiscoveryMetadata, this.correlationId);
3047
3047
  const localMetadataSource = this.updateCloudDiscoveryMetadataFromLocalSources(metadataEntity);
3048
3048
  if (localMetadataSource) {
3049
3049
  return localMetadataSource;
@@ -3125,8 +3125,8 @@ var init_Authority = __esm({
3125
3125
  * @param hasHardcodedMetadata boolean
3126
3126
  */
3127
3127
  async getCloudDiscoveryMetadataFromNetwork() {
3128
- var _a2;
3129
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthorityGetCloudDiscoveryMetadataFromNetwork, this.correlationId);
3128
+ var _a;
3129
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthorityGetCloudDiscoveryMetadataFromNetwork, this.correlationId);
3130
3130
  const instanceDiscoveryEndpoint = `${Constants.AAD_INSTANCE_DISCOVERY_ENDPT}${this.canonicalAuthority}oauth2/v2.0/authorize`;
3131
3131
  const options = {};
3132
3132
  let match = null;
@@ -4062,7 +4062,7 @@ var init_AccountEntity = __esm({
4062
4062
  * @param accountDetails
4063
4063
  */
4064
4064
  static createAccount(accountDetails, authority, base64Decode) {
4065
- var _a2, _b2, _c, _d, _e, _f;
4065
+ var _a, _b, _c, _d, _e, _f;
4066
4066
  const account = new _AccountEntity();
4067
4067
  if (authority.authorityType === AuthorityType.Adfs) {
4068
4068
  account.authorityType = CacheAccountType.ADFS_ACCOUNT_TYPE;
@@ -4084,7 +4084,7 @@ var init_AccountEntity = __esm({
4084
4084
  }
4085
4085
  account.environment = env;
4086
4086
  account.realm = (clientInfo == null ? void 0 : clientInfo.utid) || getTenantIdFromIdTokenClaims(accountDetails.idTokenClaims) || "";
4087
- account.localAccountId = (clientInfo == null ? void 0 : clientInfo.uid) || ((_a2 = accountDetails.idTokenClaims) == null ? void 0 : _a2.oid) || ((_b2 = accountDetails.idTokenClaims) == null ? void 0 : _b2.sub) || "";
4087
+ account.localAccountId = (clientInfo == null ? void 0 : clientInfo.uid) || ((_a = accountDetails.idTokenClaims) == null ? void 0 : _a.oid) || ((_b = accountDetails.idTokenClaims) == null ? void 0 : _b.sub) || "";
4088
4088
  const preferredUsername = ((_c = accountDetails.idTokenClaims) == null ? void 0 : _c.preferred_username) || ((_d = accountDetails.idTokenClaims) == null ? void 0 : _d.upn);
4089
4089
  const email = ((_e = accountDetails.idTokenClaims) == null ? void 0 : _e.emails) ? accountDetails.idTokenClaims.emails[0] : null;
4090
4090
  account.username = preferredUsername || email || "";
@@ -4111,7 +4111,7 @@ var init_AccountEntity = __esm({
4111
4111
  * @returns
4112
4112
  */
4113
4113
  static createFromAccountInfo(accountInfo, cloudGraphHostName, msGraphHost) {
4114
- var _a2;
4114
+ var _a;
4115
4115
  const account = new _AccountEntity();
4116
4116
  account.authorityType = accountInfo.authorityType || CacheAccountType.GENERIC_ACCOUNT_TYPE;
4117
4117
  account.homeAccountId = accountInfo.homeAccountId;
@@ -4123,7 +4123,7 @@ var init_AccountEntity = __esm({
4123
4123
  account.name = accountInfo.name;
4124
4124
  account.cloudGraphHostName = cloudGraphHostName;
4125
4125
  account.msGraphHost = msGraphHost;
4126
- account.tenantProfiles = Array.from(((_a2 = accountInfo.tenantProfiles) == null ? void 0 : _a2.values()) || []);
4126
+ account.tenantProfiles = Array.from(((_a = accountInfo.tenantProfiles) == null ? void 0 : _a.values()) || []);
4127
4127
  return account;
4128
4128
  }
4129
4129
  /**
@@ -4371,7 +4371,7 @@ var init_CacheManager = __esm({
4371
4371
  * @param correlationId {?string} correlation id
4372
4372
  */
4373
4373
  async saveCacheRecord(cacheRecord, storeInCache, correlationId) {
4374
- var _a2, _b2, _c, _d;
4374
+ var _a, _b, _c, _d;
4375
4375
  if (!cacheRecord) {
4376
4376
  throw createClientAuthError(invalidCacheRecord);
4377
4377
  }
@@ -4392,9 +4392,9 @@ var init_CacheManager = __esm({
4392
4392
  this.setAppMetadata(cacheRecord.appMetadata);
4393
4393
  }
4394
4394
  } catch (e) {
4395
- (_a2 = this.commonLogger) == null ? void 0 : _a2.error(`CacheManager.saveCacheRecord: failed`);
4395
+ (_a = this.commonLogger) == null ? void 0 : _a.error(`CacheManager.saveCacheRecord: failed`);
4396
4396
  if (e instanceof Error) {
4397
- (_b2 = this.commonLogger) == null ? void 0 : _b2.errorPii(`CacheManager.saveCacheRecord: ${e.message}`, correlationId);
4397
+ (_b = this.commonLogger) == null ? void 0 : _b.errorPii(`CacheManager.saveCacheRecord: ${e.message}`, correlationId);
4398
4398
  if (e.name === "QuotaExceededError" || e.name === "NS_ERROR_DOM_QUOTA_REACHED" || e.message.includes("exceeded the quota")) {
4399
4399
  (_c = this.commonLogger) == null ? void 0 : _c.error(`CacheManager.saveCacheRecord: exceeded storage quota`, correlationId);
4400
4400
  throw new CacheError(cacheQuotaExceededErrorCode);
@@ -4448,7 +4448,7 @@ var init_CacheManager = __esm({
4448
4448
  const allAccountKeys = this.getAccountKeys();
4449
4449
  const matchingAccounts = [];
4450
4450
  allAccountKeys.forEach((cacheKey) => {
4451
- var _a2;
4451
+ var _a;
4452
4452
  if (!this.isAccountKey(cacheKey, accountFilter.homeAccountId)) {
4453
4453
  return;
4454
4454
  }
@@ -4478,7 +4478,7 @@ var init_CacheManager = __esm({
4478
4478
  localAccountId: accountFilter == null ? void 0 : accountFilter.localAccountId,
4479
4479
  name: accountFilter == null ? void 0 : accountFilter.name
4480
4480
  };
4481
- const matchingTenantProfiles = (_a2 = entity.tenantProfiles) == null ? void 0 : _a2.filter((tenantProfile) => {
4481
+ const matchingTenantProfiles = (_a = entity.tenantProfiles) == null ? void 0 : _a.filter((tenantProfile) => {
4482
4482
  return this.tenantProfileMatchesFilter(tenantProfile, tenantProfileFilter);
4483
4483
  });
4484
4484
  if (matchingTenantProfiles && matchingTenantProfiles.length === 0) {
@@ -4682,9 +4682,9 @@ var init_CacheManager = __esm({
4682
4682
  * @returns
4683
4683
  */
4684
4684
  updateOutdatedCachedAccount(accountKey, accountEntity, logger) {
4685
- var _a2;
4685
+ var _a;
4686
4686
  if (accountEntity && accountEntity.isSingleTenant()) {
4687
- (_a2 = this.commonLogger) == null ? void 0 : _a2.verbose("updateOutdatedCachedAccount: Found a single-tenant (outdated) account entity in the cache, migrating to multi-tenant account entity");
4687
+ (_a = this.commonLogger) == null ? void 0 : _a.verbose("updateOutdatedCachedAccount: Found a single-tenant (outdated) account entity in the cache, migrating to multi-tenant account entity");
4688
4688
  const matchingAccountKeys = this.getAccountKeys().filter((key) => {
4689
4689
  return key.startsWith(accountEntity.homeAccountId);
4690
4690
  });
@@ -5086,8 +5086,8 @@ var init_CacheManager = __esm({
5086
5086
  * @returns true if the downcased name properties are present and match in the filter and the entity
5087
5087
  */
5088
5088
  matchName(claims, name3) {
5089
- var _a2;
5090
- return !!(name3.toLowerCase() === ((_a2 = claims.name) == null ? void 0 : _a2.toLowerCase()));
5089
+ var _a;
5090
+ return !!(name3.toLowerCase() === ((_a = claims.name) == null ? void 0 : _a.toLowerCase()));
5091
5091
  }
5092
5092
  /**
5093
5093
  * helper to match usernames
@@ -5154,8 +5154,8 @@ var init_CacheManager = __esm({
5154
5154
  * @param realm
5155
5155
  */
5156
5156
  matchRealm(entity, realm) {
5157
- var _a2;
5158
- return !!(((_a2 = entity.realm) == null ? void 0 : _a2.toLowerCase()) === realm.toLowerCase());
5157
+ var _a;
5158
+ return !!(((_a = entity.realm) == null ? void 0 : _a.toLowerCase()) === realm.toLowerCase());
5159
5159
  }
5160
5160
  /**
5161
5161
  * helper to match nativeAccountId
@@ -5479,7 +5479,7 @@ var init_ThrottlingUtils = __esm({
5479
5479
  * @param thumbprint
5480
5480
  */
5481
5481
  static preProcess(cacheManager, thumbprint) {
5482
- var _a2;
5482
+ var _a;
5483
5483
  const key = _ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
5484
5484
  const value = cacheManager.getThrottlingCache(key);
5485
5485
  if (value) {
@@ -5487,7 +5487,7 @@ var init_ThrottlingUtils = __esm({
5487
5487
  cacheManager.removeItem(key);
5488
5488
  return;
5489
5489
  }
5490
- throw new ServerError(((_a2 = value.errorCodes) == null ? void 0 : _a2.join(" ")) || Constants.EMPTY_STRING, value.errorMessage, value.subError);
5490
+ throw new ServerError(((_a = value.errorCodes) == null ? void 0 : _a.join(" ")) || Constants.EMPTY_STRING, value.errorMessage, value.subError);
5491
5491
  }
5492
5492
  }
5493
5493
  /**
@@ -6116,13 +6116,13 @@ var init_BaseClient = __esm({
6116
6116
  * @param thumbprint
6117
6117
  */
6118
6118
  async executePostToTokenEndpoint(tokenEndpoint, queryString, headers, thumbprint, correlationId, queuedEvent) {
6119
- var _a2, _b2, _c, _d;
6119
+ var _a, _b, _c, _d;
6120
6120
  if (queuedEvent) {
6121
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(queuedEvent, correlationId);
6121
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(queuedEvent, correlationId);
6122
6122
  }
6123
6123
  const response = await this.networkManager.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers });
6124
6124
  (_d = this.performanceClient) == null ? void 0 : _d.addFields({
6125
- refreshTokenSize: ((_b2 = response.body.refresh_token) == null ? void 0 : _b2.length) || 0,
6125
+ refreshTokenSize: ((_b = response.body.refresh_token) == null ? void 0 : _b.length) || 0,
6126
6126
  httpVerToken: ((_c = response.headers) == null ? void 0 : _c[HeaderNames.X_MS_HTTP_VERSION]) || ""
6127
6127
  }, correlationId);
6128
6128
  if (this.config.serverTelemetryManager && response.status < 500 && response.status !== 429) {
@@ -6135,8 +6135,8 @@ var init_BaseClient = __esm({
6135
6135
  * @param updatedAuthority
6136
6136
  */
6137
6137
  async updateAuthority(cloudInstanceHostname, correlationId) {
6138
- var _a2;
6139
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.UpdateTokenEndpointAuthority, correlationId);
6138
+ var _a;
6139
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.UpdateTokenEndpointAuthority, correlationId);
6140
6140
  const cloudInstanceAuthorityUri = `https://${cloudInstanceHostname}/${this.authority.tenant}/`;
6141
6141
  const cloudInstanceAuthority = await createDiscoveredInstance(cloudInstanceAuthorityUri, this.networkClient, this.cacheManager, this.authority.options, this.logger, correlationId, this.performanceClient);
6142
6142
  this.authority = cloudInstanceAuthority;
@@ -6348,8 +6348,8 @@ var init_PopTokenGenerator = __esm({
6348
6348
  * @returns
6349
6349
  */
6350
6350
  async generateCnf(request, logger) {
6351
- var _a2;
6352
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.PopTokenGenerateCnf, request.correlationId);
6351
+ var _a;
6352
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.PopTokenGenerateCnf, request.correlationId);
6353
6353
  const reqCnf = await invokeAsync(this.generateKid.bind(this), PerformanceEvents.PopTokenGenerateCnf, logger, this.performanceClient, request.correlationId)(request);
6354
6354
  const reqCnfString = this.cryptoUtils.base64UrlEncode(JSON.stringify(reqCnf));
6355
6355
  return {
@@ -6363,8 +6363,8 @@ var init_PopTokenGenerator = __esm({
6363
6363
  * @returns
6364
6364
  */
6365
6365
  async generateKid(request) {
6366
- var _a2;
6367
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.PopTokenGenerateKid, request.correlationId);
6366
+ var _a;
6367
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.PopTokenGenerateKid, request.correlationId);
6368
6368
  const kidThumbprint = await this.cryptoUtils.getPublicKeyThumbprint(request);
6369
6369
  return {
6370
6370
  kid: kidThumbprint,
@@ -6440,10 +6440,10 @@ var init_TokenCacheContext = __esm({
6440
6440
 
6441
6441
  // ../../node_modules/.store/@azure-msal-common-npm-14.13.0-f77242c157/package/dist/response/ResponseHandler.mjs
6442
6442
  function parseServerErrorNo(serverResponse) {
6443
- var _a2, _b2;
6443
+ var _a, _b;
6444
6444
  const errorCodePrefix = "code=";
6445
- const errorCodePrefixIndex = (_a2 = serverResponse.error_uri) == null ? void 0 : _a2.lastIndexOf(errorCodePrefix);
6446
- return errorCodePrefixIndex && errorCodePrefixIndex >= 0 ? (_b2 = serverResponse.error_uri) == null ? void 0 : _b2.substring(errorCodePrefixIndex + errorCodePrefix.length) : void 0;
6445
+ const errorCodePrefixIndex = (_a = serverResponse.error_uri) == null ? void 0 : _a.lastIndexOf(errorCodePrefix);
6446
+ return errorCodePrefixIndex && errorCodePrefixIndex >= 0 ? (_b = serverResponse.error_uri) == null ? void 0 : _b.substring(errorCodePrefixIndex + errorCodePrefix.length) : void 0;
6447
6447
  }
6448
6448
  function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
6449
6449
  logger == null ? void 0 : logger.verbose("setCachedAccount called");
@@ -6543,10 +6543,10 @@ var init_ResponseHandler = __esm({
6543
6543
  * @param refreshAccessToken
6544
6544
  */
6545
6545
  validateTokenResponse(serverResponse, refreshAccessToken) {
6546
- var _a2;
6546
+ var _a;
6547
6547
  if (serverResponse.error || serverResponse.error_description || serverResponse.suberror) {
6548
6548
  const errString = `Error(s): ${serverResponse.error_codes || Constants.NOT_AVAILABLE} - Timestamp: ${serverResponse.timestamp || Constants.NOT_AVAILABLE} - Description: ${serverResponse.error_description || Constants.NOT_AVAILABLE} - Correlation ID: ${serverResponse.correlation_id || Constants.NOT_AVAILABLE} - Trace ID: ${serverResponse.trace_id || Constants.NOT_AVAILABLE}`;
6549
- const serverErrorNo = ((_a2 = serverResponse.error_codes) == null ? void 0 : _a2.length) ? serverResponse.error_codes[0] : void 0;
6549
+ const serverErrorNo = ((_a = serverResponse.error_codes) == null ? void 0 : _a.length) ? serverResponse.error_codes[0] : void 0;
6550
6550
  const serverError = new ServerError(serverResponse.error, errString, serverResponse.suberror, serverErrorNo, serverResponse.status);
6551
6551
  if (refreshAccessToken && serverResponse.status && serverResponse.status >= HttpStatus.SERVER_ERROR_RANGE_START && serverResponse.status <= HttpStatus.SERVER_ERROR_RANGE_END) {
6552
6552
  this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.
@@ -6569,8 +6569,8 @@ ${serverError}`);
6569
6569
  * @param authority
6570
6570
  */
6571
6571
  async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
6572
- var _a2;
6573
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.HandleServerTokenResponse, serverTokenResponse.correlation_id);
6572
+ var _a;
6573
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.HandleServerTokenResponse, serverTokenResponse.correlation_id);
6574
6574
  let idTokenClaims;
6575
6575
  if (serverTokenResponse.id_token) {
6576
6576
  idTokenClaims = extractTokenClaims(serverTokenResponse.id_token || Constants.EMPTY_STRING, this.cryptoObj.base64Decode);
@@ -6696,7 +6696,7 @@ ${serverError}`);
6696
6696
  * @param stateString
6697
6697
  */
6698
6698
  static async generateAuthenticationResult(cryptoObj, authority, cacheRecord, fromTokenCache, request, idTokenClaims, requestState, serverTokenResponse, requestId) {
6699
- var _a2, _b2, _c, _d, _e;
6699
+ var _a, _b, _c, _d, _e;
6700
6700
  let accessToken = Constants.EMPTY_STRING;
6701
6701
  let responseScopes = [];
6702
6702
  let expiresOn = null;
@@ -6734,7 +6734,7 @@ ${serverError}`);
6734
6734
  void 0,
6735
6735
  // tenantProfile optional
6736
6736
  idTokenClaims,
6737
- (_a2 = cacheRecord.idToken) == null ? void 0 : _a2.secret
6737
+ (_a = cacheRecord.idToken) == null ? void 0 : _a.secret
6738
6738
  ) : null;
6739
6739
  return {
6740
6740
  authority: authority.canonicalAuthority,
@@ -6742,7 +6742,7 @@ ${serverError}`);
6742
6742
  tenantId: tid,
6743
6743
  scopes: responseScopes,
6744
6744
  account: accountInfo,
6745
- idToken: ((_b2 = cacheRecord == null ? void 0 : cacheRecord.idToken) == null ? void 0 : _b2.secret) || "",
6745
+ idToken: ((_b = cacheRecord == null ? void 0 : cacheRecord.idToken) == null ? void 0 : _b.secret) || "",
6746
6746
  idTokenClaims: idTokenClaims || {},
6747
6747
  accessToken,
6748
6748
  fromCache: fromTokenCache,
@@ -6794,10 +6794,10 @@ var init_AuthorizationCodeClient = __esm({
6794
6794
  init_ClientConfigurationErrorCodes();
6795
6795
  _AuthorizationCodeClient = class _AuthorizationCodeClient extends BaseClient {
6796
6796
  constructor(configuration, performanceClient) {
6797
- var _a2;
6797
+ var _a;
6798
6798
  super(configuration, performanceClient);
6799
6799
  this.includeRedirectUri = true;
6800
- this.oidcDefaultScopes = (_a2 = this.config.authOptions.authority.options.OIDCOptions) == null ? void 0 : _a2.defaultScopes;
6800
+ this.oidcDefaultScopes = (_a = this.config.authOptions.authority.options.OIDCOptions) == null ? void 0 : _a.defaultScopes;
6801
6801
  }
6802
6802
  /**
6803
6803
  * Creates the URL of the authorization request letting the user input credentials and consent to the
@@ -6810,8 +6810,8 @@ var init_AuthorizationCodeClient = __esm({
6810
6810
  * @param request
6811
6811
  */
6812
6812
  async getAuthCodeUrl(request) {
6813
- var _a2;
6814
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.GetAuthCodeUrl, request.correlationId);
6813
+ var _a;
6814
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.GetAuthCodeUrl, request.correlationId);
6815
6815
  const queryString = await invokeAsync(this.createAuthCodeUrlQueryString.bind(this), PerformanceEvents.AuthClientCreateQueryString, this.logger, this.performanceClient, request.correlationId)(request);
6816
6816
  return UrlString.appendQueryString(this.authority.authorizationEndpoint, queryString);
6817
6817
  }
@@ -6821,14 +6821,14 @@ var init_AuthorizationCodeClient = __esm({
6821
6821
  * @param request
6822
6822
  */
6823
6823
  async acquireToken(request, authCodePayload) {
6824
- var _a2, _b2;
6825
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthClientAcquireToken, request.correlationId);
6824
+ var _a, _b;
6825
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthClientAcquireToken, request.correlationId);
6826
6826
  if (!request.code) {
6827
6827
  throw createClientAuthError(requestCannotBeMade);
6828
6828
  }
6829
6829
  const reqTimestamp = nowSeconds();
6830
6830
  const response = await invokeAsync(this.executeTokenRequest.bind(this), PerformanceEvents.AuthClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(this.authority, request);
6831
- const requestId = (_b2 = response.headers) == null ? void 0 : _b2[HeaderNames.X_MS_REQUEST_ID];
6831
+ const requestId = (_b = response.headers) == null ? void 0 : _b[HeaderNames.X_MS_REQUEST_ID];
6832
6832
  const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin, this.performanceClient);
6833
6833
  responseHandler.validateTokenResponse(response.body);
6834
6834
  return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, authCodePayload, void 0, void 0, void 0, requestId);
@@ -6864,8 +6864,8 @@ var init_AuthorizationCodeClient = __esm({
6864
6864
  * @param request
6865
6865
  */
6866
6866
  async executeTokenRequest(authority, request) {
6867
- var _a2, _b2;
6868
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthClientExecuteTokenRequest, request.correlationId);
6867
+ var _a, _b;
6868
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthClientExecuteTokenRequest, request.correlationId);
6869
6869
  const queryParametersString = this.createTokenQueryParameters(request);
6870
6870
  const endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParametersString);
6871
6871
  const requestBody = await invokeAsync(this.createTokenRequestBody.bind(this), PerformanceEvents.AuthClientCreateTokenRequestBody, this.logger, this.performanceClient, request.correlationId)(request);
@@ -6883,7 +6883,7 @@ var init_AuthorizationCodeClient = __esm({
6883
6883
  }
6884
6884
  const headers = this.createTokenRequestHeaders(ccsCredential || request.ccsCredential);
6885
6885
  const thumbprint = {
6886
- clientId: ((_b2 = request.tokenBodyParameters) == null ? void 0 : _b2.clientId) || this.config.authOptions.clientId,
6886
+ clientId: ((_b = request.tokenBodyParameters) == null ? void 0 : _b.clientId) || this.config.authOptions.clientId,
6887
6887
  authority: authority.canonicalAuthority,
6888
6888
  scopes: request.scopes,
6889
6889
  claims: request.claims,
@@ -6900,10 +6900,10 @@ var init_AuthorizationCodeClient = __esm({
6900
6900
  * @param request
6901
6901
  */
6902
6902
  async createTokenRequestBody(request) {
6903
- var _a2, _b2;
6904
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthClientCreateTokenRequestBody, request.correlationId);
6903
+ var _a, _b;
6904
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthClientCreateTokenRequestBody, request.correlationId);
6905
6905
  const parameterBuilder = new RequestParameterBuilder();
6906
- parameterBuilder.addClientId(((_b2 = request.tokenBodyParameters) == null ? void 0 : _b2[CLIENT_ID]) || this.config.authOptions.clientId);
6906
+ parameterBuilder.addClientId(((_b = request.tokenBodyParameters) == null ? void 0 : _b[CLIENT_ID]) || this.config.authOptions.clientId);
6907
6907
  if (!this.includeRedirectUri) {
6908
6908
  RequestValidator.validateRedirectUri(request.redirectUri);
6909
6909
  } else {
@@ -6996,10 +6996,10 @@ var init_AuthorizationCodeClient = __esm({
6996
6996
  * @param request
6997
6997
  */
6998
6998
  async createAuthCodeUrlQueryString(request) {
6999
- var _a2, _b2;
7000
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, request.correlationId);
6999
+ var _a, _b;
7000
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, request.correlationId);
7001
7001
  const parameterBuilder = new RequestParameterBuilder();
7002
- parameterBuilder.addClientId(((_b2 = request.extraQueryParameters) == null ? void 0 : _b2[CLIENT_ID]) || this.config.authOptions.clientId);
7002
+ parameterBuilder.addClientId(((_b = request.extraQueryParameters) == null ? void 0 : _b[CLIENT_ID]) || this.config.authOptions.clientId);
7003
7003
  const requestScopes = [
7004
7004
  ...request.scopes || [],
7005
7005
  ...request.extraScopesToConsent || []
@@ -7134,12 +7134,12 @@ var init_AuthorizationCodeClient = __esm({
7134
7134
  * @param account
7135
7135
  */
7136
7136
  extractAccountSid(account) {
7137
- var _a2;
7138
- return ((_a2 = account.idTokenClaims) == null ? void 0 : _a2.sid) || null;
7137
+ var _a;
7138
+ return ((_a = account.idTokenClaims) == null ? void 0 : _a.sid) || null;
7139
7139
  }
7140
7140
  extractLoginHint(account) {
7141
- var _a2;
7142
- return ((_a2 = account.idTokenClaims) == null ? void 0 : _a2.login_hint) || null;
7141
+ var _a;
7142
+ return ((_a = account.idTokenClaims) == null ? void 0 : _a.login_hint) || null;
7143
7143
  }
7144
7144
  };
7145
7145
  __name(_AuthorizationCodeClient, "AuthorizationCodeClient");
@@ -7181,11 +7181,11 @@ var init_RefreshTokenClient = __esm({
7181
7181
  super(configuration, performanceClient);
7182
7182
  }
7183
7183
  async acquireToken(request) {
7184
- var _a2, _b2;
7185
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireToken, request.correlationId);
7184
+ var _a, _b;
7185
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireToken, request.correlationId);
7186
7186
  const reqTimestamp = nowSeconds();
7187
7187
  const response = await invokeAsync(this.executeTokenRequest.bind(this), PerformanceEvents.RefreshTokenClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(request, this.authority);
7188
- const requestId = (_b2 = response.headers) == null ? void 0 : _b2[HeaderNames.X_MS_REQUEST_ID];
7188
+ const requestId = (_b = response.headers) == null ? void 0 : _b[HeaderNames.X_MS_REQUEST_ID];
7189
7189
  const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.config.serializableCache, this.config.persistencePlugin);
7190
7190
  responseHandler.validateTokenResponse(response.body);
7191
7191
  return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), PerformanceEvents.HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, void 0, void 0, true, request.forceCache, requestId);
@@ -7195,11 +7195,11 @@ var init_RefreshTokenClient = __esm({
7195
7195
  * @param request
7196
7196
  */
7197
7197
  async acquireTokenByRefreshToken(request) {
7198
- var _a2;
7198
+ var _a;
7199
7199
  if (!request) {
7200
7200
  throw createClientConfigurationError(tokenRequestEmpty);
7201
7201
  }
7202
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, request.correlationId);
7202
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenByRefreshToken, request.correlationId);
7203
7203
  if (!request.account) {
7204
7204
  throw createClientAuthError(noAccountInSilentRequest);
7205
7205
  }
@@ -7224,8 +7224,8 @@ var init_RefreshTokenClient = __esm({
7224
7224
  * @param request
7225
7225
  */
7226
7226
  async acquireTokenWithCachedRefreshToken(request, foci) {
7227
- var _a2;
7228
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
7227
+ var _a;
7228
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
7229
7229
  const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, void 0, this.performanceClient, request.correlationId);
7230
7230
  if (!refreshToken) {
7231
7231
  throw createInteractionRequiredAuthError(noTokensFound);
@@ -7259,14 +7259,14 @@ var init_RefreshTokenClient = __esm({
7259
7259
  * @param authority
7260
7260
  */
7261
7261
  async executeTokenRequest(request, authority) {
7262
- var _a2, _b2;
7263
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RefreshTokenClientExecuteTokenRequest, request.correlationId);
7262
+ var _a, _b;
7263
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RefreshTokenClientExecuteTokenRequest, request.correlationId);
7264
7264
  const queryParametersString = this.createTokenQueryParameters(request);
7265
7265
  const endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParametersString);
7266
7266
  const requestBody = await invokeAsync(this.createTokenRequestBody.bind(this), PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, this.logger, this.performanceClient, request.correlationId)(request);
7267
7267
  const headers = this.createTokenRequestHeaders(request.ccsCredential);
7268
7268
  const thumbprint = {
7269
- clientId: ((_b2 = request.tokenBodyParameters) == null ? void 0 : _b2.clientId) || this.config.authOptions.clientId,
7269
+ clientId: ((_b = request.tokenBodyParameters) == null ? void 0 : _b.clientId) || this.config.authOptions.clientId,
7270
7270
  authority: authority.canonicalAuthority,
7271
7271
  scopes: request.scopes,
7272
7272
  claims: request.claims,
@@ -7283,11 +7283,11 @@ var init_RefreshTokenClient = __esm({
7283
7283
  * @param request
7284
7284
  */
7285
7285
  async createTokenRequestBody(request) {
7286
- var _a2, _b2, _c;
7287
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, request.correlationId);
7286
+ var _a, _b, _c;
7287
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, request.correlationId);
7288
7288
  const correlationId = request.correlationId;
7289
7289
  const parameterBuilder = new RequestParameterBuilder();
7290
- parameterBuilder.addClientId(((_b2 = request.tokenBodyParameters) == null ? void 0 : _b2[CLIENT_ID]) || this.config.authOptions.clientId);
7290
+ parameterBuilder.addClientId(((_b = request.tokenBodyParameters) == null ? void 0 : _b[CLIENT_ID]) || this.config.authOptions.clientId);
7291
7291
  if (request.redirectUri) {
7292
7292
  parameterBuilder.addRedirectUri(request.redirectUri);
7293
7293
  }
@@ -7383,11 +7383,11 @@ var init_SilentFlowClient = __esm({
7383
7383
  * @param request
7384
7384
  */
7385
7385
  async acquireToken(request) {
7386
- var _a2;
7386
+ var _a;
7387
7387
  try {
7388
7388
  const [authResponse, cacheOutcome] = await this.acquireCachedToken({
7389
7389
  ...request,
7390
- scopes: ((_a2 = request.scopes) == null ? void 0 : _a2.length) ? request.scopes : [...OIDC_DEFAULT_SCOPES]
7390
+ scopes: ((_a = request.scopes) == null ? void 0 : _a.length) ? request.scopes : [...OIDC_DEFAULT_SCOPES]
7391
7391
  });
7392
7392
  if (cacheOutcome === CacheOutcome.PROACTIVELY_REFRESHED) {
7393
7393
  this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'. It's not expired, but must be refreshed.");
@@ -7410,8 +7410,8 @@ var init_SilentFlowClient = __esm({
7410
7410
  * @param request
7411
7411
  */
7412
7412
  async acquireCachedToken(request) {
7413
- var _a2;
7414
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.SilentFlowClientAcquireCachedToken, request.correlationId);
7413
+ var _a;
7414
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.SilentFlowClientAcquireCachedToken, request.correlationId);
7415
7415
  let lastCacheOutcome = CacheOutcome.NOT_APPLICABLE;
7416
7416
  if (request.forceRefresh || !this.config.cacheOptions.claimsBasedCachingEnabled && !StringUtils.isEmptyObj(request.claims)) {
7417
7417
  this.setCacheOutcome(CacheOutcome.FORCE_REFRESH_OR_CLAIMS, request.correlationId);
@@ -7450,9 +7450,9 @@ var init_SilentFlowClient = __esm({
7450
7450
  ];
7451
7451
  }
7452
7452
  setCacheOutcome(cacheOutcome, correlationId) {
7453
- var _a2, _b2;
7454
- (_a2 = this.serverTelemetryManager) == null ? void 0 : _a2.setCacheOutcome(cacheOutcome);
7455
- (_b2 = this.performanceClient) == null ? void 0 : _b2.addFields({
7453
+ var _a, _b;
7454
+ (_a = this.serverTelemetryManager) == null ? void 0 : _a.setCacheOutcome(cacheOutcome);
7455
+ (_b = this.performanceClient) == null ? void 0 : _b.addFields({
7456
7456
  cacheOutcome
7457
7457
  }, correlationId);
7458
7458
  if (cacheOutcome !== CacheOutcome.NOT_APPLICABLE) {
@@ -7464,8 +7464,8 @@ var init_SilentFlowClient = __esm({
7464
7464
  * @param cacheRecord
7465
7465
  */
7466
7466
  async generateResultFromCacheRecord(cacheRecord, request) {
7467
- var _a2;
7468
- (_a2 = this.performanceClient) == null ? void 0 : _a2.addQueueMeasurement(PerformanceEvents.SilentFlowClientGenerateResultFromCacheRecord, request.correlationId);
7467
+ var _a;
7468
+ (_a = this.performanceClient) == null ? void 0 : _a.addQueueMeasurement(PerformanceEvents.SilentFlowClientGenerateResultFromCacheRecord, request.correlationId);
7469
7469
  let idTokenClaims;
7470
7470
  if (cacheRecord.idToken) {
7471
7471
  idTokenClaims = extractTokenClaims(cacheRecord.idToken.secret, this.config.cryptoInterface.base64Decode);
@@ -7730,7 +7730,7 @@ var init_Deserializer = __esm({
7730
7730
  const accountObjects = {};
7731
7731
  if (accounts) {
7732
7732
  Object.keys(accounts).map(function(key) {
7733
- var _a2;
7733
+ var _a;
7734
7734
  const serializedAcc = accounts[key];
7735
7735
  const mappedAcc = {
7736
7736
  homeAccountId: serializedAcc.home_account_id,
@@ -7743,7 +7743,7 @@ var init_Deserializer = __esm({
7743
7743
  clientInfo: serializedAcc.client_info,
7744
7744
  lastModificationTime: serializedAcc.last_modification_time,
7745
7745
  lastModificationApp: serializedAcc.last_modification_app,
7746
- tenantProfiles: (_a2 = serializedAcc.tenantProfiles) == null ? void 0 : _a2.map((serializedTenantProfile) => {
7746
+ tenantProfiles: (_a = serializedAcc.tenantProfiles) == null ? void 0 : _a.map((serializedTenantProfile) => {
7747
7747
  return JSON.parse(serializedTenantProfile);
7748
7748
  })
7749
7749
  };
@@ -14235,7 +14235,7 @@ var init_PublicClientApplication = __esm({
14235
14235
  * Acquires a token interactively via the browser by requesting an authorization code then exchanging it for a token.
14236
14236
  */
14237
14237
  async acquireTokenInteractive(request) {
14238
- var _a2;
14238
+ var _a;
14239
14239
  const correlationId = request.correlationId || this.cryptoProvider.createNewGuid();
14240
14240
  this.logger.trace("acquireTokenInteractive called", correlationId);
14241
14241
  const { openBrowser, successTemplate, errorTemplate, windowHandle, loopbackClient: customLoopbackClient, ...remainingProperties } = request;
@@ -14251,7 +14251,7 @@ var init_PublicClientApplication = __esm({
14251
14251
  ...remainingProperties.extraQueryParameters,
14252
14252
  ...remainingProperties.tokenQueryParameters
14253
14253
  },
14254
- accountId: (_a2 = remainingProperties.account) == null ? void 0 : _a2.nativeAccountId
14254
+ accountId: (_a = remainingProperties.account) == null ? void 0 : _a.nativeAccountId
14255
14255
  };
14256
14256
  return this.nativeBrokerPlugin.acquireTokenInteractive(brokerRequest, windowHandle);
14257
14257
  }
@@ -14421,7 +14421,7 @@ var init_ClientCredentialClient = __esm({
14421
14421
  * looks up cache if the tokens are cached already
14422
14422
  */
14423
14423
  async getCachedAuthenticationResult(request, config, cryptoUtils, authority, cacheManager, serverTelemetryManager) {
14424
- var _a2, _b2;
14424
+ var _a, _b;
14425
14425
  const clientConfiguration = config;
14426
14426
  const managedIdentityConfiguration = config;
14427
14427
  let lastCacheOutcome = CacheOutcome.NOT_APPLICABLE;
@@ -14430,7 +14430,7 @@ var init_ClientCredentialClient = __esm({
14430
14430
  cacheContext = new TokenCacheContext(clientConfiguration.serializableCache, false);
14431
14431
  await clientConfiguration.persistencePlugin.beforeCacheAccess(cacheContext);
14432
14432
  }
14433
- const cachedAccessToken = this.readAccessTokenFromCache(authority, ((_a2 = managedIdentityConfiguration.managedIdentityId) == null ? void 0 : _a2.id) || clientConfiguration.authOptions.clientId, new ScopeSet(request.scopes || []), cacheManager);
14433
+ const cachedAccessToken = this.readAccessTokenFromCache(authority, ((_a = managedIdentityConfiguration.managedIdentityId) == null ? void 0 : _a.id) || clientConfiguration.authOptions.clientId, new ScopeSet(request.scopes || []), cacheManager);
14434
14434
  if (clientConfiguration.serializableCache && clientConfiguration.persistencePlugin && cacheContext) {
14435
14435
  await clientConfiguration.persistencePlugin.afterCacheAccess(cacheContext);
14436
14436
  }
@@ -14438,7 +14438,7 @@ var init_ClientCredentialClient = __esm({
14438
14438
  serverTelemetryManager == null ? void 0 : serverTelemetryManager.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN);
14439
14439
  return [null, CacheOutcome.NO_CACHED_ACCESS_TOKEN];
14440
14440
  }
14441
- if (TimeUtils_exports.isTokenExpired(cachedAccessToken.expiresOn, ((_b2 = clientConfiguration.systemOptions) == null ? void 0 : _b2.tokenRenewalOffsetSeconds) || DEFAULT_TOKEN_RENEWAL_OFFSET_SEC)) {
14441
+ if (TimeUtils_exports.isTokenExpired(cachedAccessToken.expiresOn, ((_b = clientConfiguration.systemOptions) == null ? void 0 : _b.tokenRenewalOffsetSeconds) || DEFAULT_TOKEN_RENEWAL_OFFSET_SEC)) {
14442
14442
  serverTelemetryManager == null ? void 0 : serverTelemetryManager.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED);
14443
14443
  return [null, CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED];
14444
14444
  }
@@ -14600,14 +14600,14 @@ var init_OnBehalfOfClient = __esm({
14600
14600
  * @param request
14601
14601
  */
14602
14602
  async getCachedAuthenticationResult(request) {
14603
- var _a2, _b2;
14603
+ var _a, _b;
14604
14604
  const cachedAccessToken = this.readAccessTokenFromCacheForOBO(this.config.authOptions.clientId, request);
14605
14605
  if (!cachedAccessToken) {
14606
- (_a2 = this.serverTelemetryManager) == null ? void 0 : _a2.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN);
14606
+ (_a = this.serverTelemetryManager) == null ? void 0 : _a.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN);
14607
14607
  this.logger.info("SilentFlowClient:acquireCachedToken - No access token found in cache for the given properties.");
14608
14608
  throw createClientAuthError(ClientAuthErrorCodes_exports.tokenRefreshRequired);
14609
14609
  } else if (TimeUtils_exports.isTokenExpired(cachedAccessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)) {
14610
- (_b2 = this.serverTelemetryManager) == null ? void 0 : _b2.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED);
14610
+ (_b = this.serverTelemetryManager) == null ? void 0 : _b.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED);
14611
14611
  this.logger.info(`OnbehalfofFlow:getCachedAuthenticationResult - Cached access token is expired or will expire within ${this.config.systemOptions.tokenRenewalOffsetSeconds} seconds.`);
14612
14612
  throw createClientAuthError(ClientAuthErrorCodes_exports.tokenRefreshRequired);
14613
14613
  }
@@ -14933,7 +14933,7 @@ var init_BaseManagedIdentitySource = __esm({
14933
14933
  return this.getServerTokenResponse(response);
14934
14934
  }
14935
14935
  getServerTokenResponse(response) {
14936
- var _a2, _b2;
14936
+ var _a, _b;
14937
14937
  let refreshIn, expiresIn;
14938
14938
  if (response.body.expires_on) {
14939
14939
  expiresIn = response.body.expires_on - TimeUtils_exports.nowSeconds();
@@ -14951,8 +14951,8 @@ var init_BaseManagedIdentitySource = __esm({
14951
14951
  refresh_in: refreshIn,
14952
14952
  // error
14953
14953
  correlation_id: response.body.correlation_id || response.body.correlationId,
14954
- error: typeof response.body.error === "string" ? response.body.error : (_a2 = response.body.error) == null ? void 0 : _a2.code,
14955
- error_description: response.body.message || (typeof response.body.error === "string" ? response.body.error_description : (_b2 = response.body.error) == null ? void 0 : _b2.message),
14954
+ error: typeof response.body.error === "string" ? response.body.error : (_a = response.body.error) == null ? void 0 : _a.code,
14955
+ error_description: response.body.message || (typeof response.body.error === "string" ? response.body.error_description : (_b = response.body.error) == null ? void 0 : _b.message),
14956
14956
  error_codes: response.body.error_codes,
14957
14957
  timestamp: response.body.timestamp,
14958
14958
  trace_id: response.body.trace_id
@@ -15628,14 +15628,14 @@ var require_package15 = __commonJS({
15628
15628
  var require_package16 = __commonJS({
15629
15629
  "../../node_modules/.store/is-wsl-npm-2.2.0-2ba10d6393/package/index.js"(exports, module) {
15630
15630
  "use strict";
15631
- var os = __require("os");
15631
+ var os2 = __require("os");
15632
15632
  var fs3 = __require("fs");
15633
15633
  var isDocker = require_package15();
15634
15634
  var isWsl = /* @__PURE__ */ __name(() => {
15635
15635
  if (process.platform !== "linux") {
15636
15636
  return false;
15637
15637
  }
15638
- if (os.release().toLowerCase().includes("microsoft")) {
15638
+ if (os2.release().toLowerCase().includes("microsoft")) {
15639
15639
  if (isDocker()) {
15640
15640
  return false;
15641
15641
  }
@@ -15948,7 +15948,7 @@ var require_dist2 = __commonJS({
15948
15948
  var abortController = require_dist();
15949
15949
  var coreTracing = require_commonjs3();
15950
15950
  var fs3 = __require("fs");
15951
- var os = __require("os");
15951
+ var os2 = __require("os");
15952
15952
  var path5 = __require("path");
15953
15953
  var msalCommon = (init_dist2(), __toCommonJS(dist_exports));
15954
15954
  var fs$1 = __require("node:fs");
@@ -16013,11 +16013,11 @@ var require_dist2 = __commonJS({
16013
16013
  }
16014
16014
  };
16015
16015
  function generatePluginConfiguration(options) {
16016
- var _a2, _b2, _c, _d, _e, _f, _g;
16016
+ var _a, _b, _c, _d, _e, _f, _g;
16017
16017
  const config = {
16018
16018
  cache: {},
16019
16019
  broker: {
16020
- isEnabled: (_b2 = (_a2 = options.brokerOptions) === null || _a2 === void 0 ? void 0 : _a2.enabled) !== null && _b2 !== void 0 ? _b2 : false,
16020
+ isEnabled: (_b = (_a = options.brokerOptions) === null || _a === void 0 ? void 0 : _a.enabled) !== null && _b !== void 0 ? _b : false,
16021
16021
  enableMsaPassthrough: (_d = (_c = options.brokerOptions) === null || _c === void 0 ? void 0 : _c.legacyEnableMsaPassthrough) !== null && _d !== void 0 ? _d : false,
16022
16022
  parentWindowHandle: (_e = options.brokerOptions) === null || _e === void 0 ? void 0 : _e.parentWindowHandle
16023
16023
  }
@@ -16205,14 +16205,14 @@ ${errorDetail}`);
16205
16205
  }
16206
16206
  __name(createConfigurationErrorMessage, "createConfigurationErrorMessage");
16207
16207
  function processMultiTenantRequest(tenantId, getTokenOptions, additionallyAllowedTenantIds = [], logger2) {
16208
- var _a2;
16208
+ var _a;
16209
16209
  let resolvedTenantId;
16210
16210
  if (process.env.AZURE_IDENTITY_DISABLE_MULTITENANTAUTH) {
16211
16211
  resolvedTenantId = tenantId;
16212
16212
  } else if (tenantId === "adfs") {
16213
16213
  resolvedTenantId = tenantId;
16214
16214
  } else {
16215
- resolvedTenantId = (_a2 = getTokenOptions === null || getTokenOptions === void 0 ? void 0 : getTokenOptions.tenantId) !== null && _a2 !== void 0 ? _a2 : tenantId;
16215
+ resolvedTenantId = (_a = getTokenOptions === null || getTokenOptions === void 0 ? void 0 : getTokenOptions.tenantId) !== null && _a !== void 0 ? _a : tenantId;
16216
16216
  }
16217
16217
  if (tenantId && resolvedTenantId !== tenantId && !additionallyAllowedTenantIds.includes("*") && !additionallyAllowedTenantIds.some((t) => t.localeCompare(resolvedTenantId) === 0)) {
16218
16218
  const message = createConfigurationErrorMessage(tenantId);
@@ -16320,9 +16320,9 @@ ${errorDetail}`);
16320
16320
  __name(getIdentityClientAuthorityHost, "getIdentityClientAuthorityHost");
16321
16321
  var _IdentityClient = class _IdentityClient extends coreClient.ServiceClient {
16322
16322
  constructor(options) {
16323
- var _a2, _b2;
16323
+ var _a, _b;
16324
16324
  const packageDetails = `azsdk-js-identity/${SDK_VERSION}`;
16325
- const userAgentPrefix = ((_a2 = options === null || options === void 0 ? void 0 : options.userAgentOptions) === null || _a2 === void 0 ? void 0 : _a2.userAgentPrefix) ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}` : `${packageDetails}`;
16325
+ const userAgentPrefix = ((_a = options === null || options === void 0 ? void 0 : options.userAgentOptions) === null || _a === void 0 ? void 0 : _a.userAgentPrefix) ? `${options.userAgentOptions.userAgentPrefix} ${packageDetails}` : `${packageDetails}`;
16326
16326
  const baseUri = getIdentityClientAuthorityHost(options);
16327
16327
  if (!baseUri.startsWith("https:")) {
16328
16328
  throw new Error("The authorityHost address must use the 'https' protocol.");
@@ -16334,7 +16334,7 @@ ${errorDetail}`);
16334
16334
  }, baseUri }));
16335
16335
  this.authorityHost = baseUri;
16336
16336
  this.abortControllers = /* @__PURE__ */ new Map();
16337
- this.allowLoggingAccountIdentifiers = (_b2 = options === null || options === void 0 ? void 0 : options.loggingOptions) === null || _b2 === void 0 ? void 0 : _b2.allowLoggingAccountIdentifiers;
16337
+ this.allowLoggingAccountIdentifiers = (_b = options === null || options === void 0 ? void 0 : options.loggingOptions) === null || _b === void 0 ? void 0 : _b.allowLoggingAccountIdentifiers;
16338
16338
  this.tokenCredentialOptions = Object.assign({}, options);
16339
16339
  }
16340
16340
  async sendTokenRequest(request) {
@@ -16436,8 +16436,8 @@ ${errorDetail}`);
16436
16436
  this.abortControllers.set(key, void 0);
16437
16437
  }
16438
16438
  getCorrelationId(options) {
16439
- var _a2;
16440
- const parameter = (_a2 = options === null || options === void 0 ? void 0 : options.body) === null || _a2 === void 0 ? void 0 : _a2.split("&").map((part) => part.split("=")).find(([key]) => key === "client-request-id");
16439
+ var _a;
16440
+ const parameter = (_a = options === null || options === void 0 ? void 0 : options.body) === null || _a === void 0 ? void 0 : _a.split("&").map((part) => part.split("=")).find(([key]) => key === "client-request-id");
16441
16441
  return parameter && parameter.length ? parameter[1] || noCorrelationId : noCorrelationId;
16442
16442
  }
16443
16443
  // The MSAL network module methods follow
@@ -16542,7 +16542,7 @@ ${errorDetail}`);
16542
16542
  function getPropertyFromVSCode(property) {
16543
16543
  const settingsPath = ["User", "settings.json"];
16544
16544
  const vsCodeFolder = "Code";
16545
- const homedir = os.homedir();
16545
+ const homedir = os2.homedir();
16546
16546
  function loadProperty(...pathSegments) {
16547
16547
  const fullPath = path5.join(...pathSegments, vsCodeFolder, ...settingsPath);
16548
16548
  const settings = JSON.parse(fs3.readFileSync(fullPath, { encoding: "utf8" }));
@@ -16620,7 +16620,7 @@ ${errorDetail}`);
16620
16620
  * `TokenCredential` implementation might make.
16621
16621
  */
16622
16622
  async getToken(scopes, options) {
16623
- var _a2, _b2;
16623
+ var _a, _b;
16624
16624
  await this.prepareOnce();
16625
16625
  const tenantId = processMultiTenantRequest(this.tenantId, options, this.additionallyAllowedTenantIds, logger$p) || this.tenantId;
16626
16626
  if (findCredentials === void 0) {
@@ -16642,7 +16642,7 @@ ${errorDetail}`);
16642
16642
  scopeString += " offline_access";
16643
16643
  }
16644
16644
  const credentials = await findCredentials();
16645
- const { password: refreshToken } = (_b2 = (_a2 = credentials.find(({ account }) => account === this.cloudName)) !== null && _a2 !== void 0 ? _a2 : credentials[0]) !== null && _b2 !== void 0 ? _b2 : {};
16645
+ const { password: refreshToken } = (_b = (_a = credentials.find(({ account }) => account === this.cloudName)) !== null && _a !== void 0 ? _a : credentials[0]) !== null && _b !== void 0 ? _b : {};
16646
16646
  if (refreshToken) {
16647
16647
  const tokenResponse = await this.identityClient.refreshAccessToken(tenantId, AzureAccountClientId, scopeString, refreshToken, void 0);
16648
16648
  if (tokenResponse) {
@@ -16886,7 +16886,7 @@ ${errorDetail}`);
16886
16886
  return result;
16887
16887
  },
16888
16888
  async getToken(configuration, getTokenOptions = {}) {
16889
- var _a2;
16889
+ var _a;
16890
16890
  const { identityClient, scopes, clientId, resourceId } = configuration;
16891
16891
  if (clientId) {
16892
16892
  logger$m.warning(`${msiName$4}: user-assigned identities not supported. The argument clientId might be ignored by the service.`);
@@ -16899,7 +16899,7 @@ ${errorDetail}`);
16899
16899
  const filePath = await filePathRequest(identityClient, requestOptions);
16900
16900
  validateKeyFile(filePath);
16901
16901
  const key = await fs$1.promises.readFile(filePath, { encoding: "utf-8" });
16902
- (_a2 = requestOptions.headers) === null || _a2 === void 0 ? void 0 : _a2.set("Authorization", `Basic ${key}`);
16902
+ (_a = requestOptions.headers) === null || _a === void 0 ? void 0 : _a.set("Authorization", `Basic ${key}`);
16903
16903
  const request = coreRestPipeline.createPipelineRequest(Object.assign(Object.assign({}, requestOptions), {
16904
16904
  // Generally, MSI endpoints use the HTTP protocol, without transport layer security (TLS).
16905
16905
  allowInsecureConnection: true
@@ -17184,7 +17184,7 @@ ${errorDetail}`);
17184
17184
  var msiName$1 = "ManagedIdentityCredential - IMDS";
17185
17185
  var logger$i = credentialLogger(msiName$1);
17186
17186
  function prepareRequestOptions(scopes, clientId, resourceId, options) {
17187
- var _a2;
17187
+ var _a;
17188
17188
  const resource = mapScopesToResource(scopes);
17189
17189
  if (!resource) {
17190
17190
  throw new Error(`${msiName$1}: Multiple scopes are not supported.`);
@@ -17205,7 +17205,7 @@ ${errorDetail}`);
17205
17205
  const params = new URLSearchParams(queryParameters);
17206
17206
  query = `?${params.toString()}`;
17207
17207
  }
17208
- const url = new URL(imdsEndpointPath, (_a2 = process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) !== null && _a2 !== void 0 ? _a2 : imdsHost);
17208
+ const url = new URL(imdsEndpointPath, (_a = process.env.AZURE_POD_IDENTITY_AUTHORITY_HOST) !== null && _a !== void 0 ? _a : imdsHost);
17209
17209
  const rawHeaders = {
17210
17210
  Accept: "application/json",
17211
17211
  Metadata: "true"
@@ -17240,10 +17240,10 @@ ${errorDetail}`);
17240
17240
  skipQuery: true
17241
17241
  });
17242
17242
  return tracingClient.withSpan("ManagedIdentityCredential-pingImdsEndpoint", getTokenOptions, async (options) => {
17243
- var _a2, _b2;
17243
+ var _a, _b;
17244
17244
  requestOptions.tracingOptions = options.tracingOptions;
17245
17245
  const request = coreRestPipeline.createPipelineRequest(requestOptions);
17246
- request.timeout = ((_a2 = options.requestOptions) === null || _a2 === void 0 ? void 0 : _a2.timeout) || 1e3;
17246
+ request.timeout = ((_a = options.requestOptions) === null || _a === void 0 ? void 0 : _a.timeout) || 1e3;
17247
17247
  request.allowInsecureConnection = true;
17248
17248
  let response;
17249
17249
  try {
@@ -17257,7 +17257,7 @@ ${errorDetail}`);
17257
17257
  return false;
17258
17258
  }
17259
17259
  if (response.status === 403) {
17260
- if ((_b2 = response.bodyAsText) === null || _b2 === void 0 ? void 0 : _b2.includes("unreachable")) {
17260
+ if ((_b = response.bodyAsText) === null || _b === void 0 ? void 0 : _b.includes("unreachable")) {
17261
17261
  logger$i.info(`${msiName$1}: The Azure IMDS endpoint is unavailable`);
17262
17262
  logger$i.info(`${msiName$1}: ${response.bodyAsText}`);
17263
17263
  return false;
@@ -17349,9 +17349,9 @@ ${errorDetail}`);
17349
17349
  RegionalAuthority2["GovernmentUSDodCentral"] = "usdodcentral";
17350
17350
  })(RegionalAuthority || (RegionalAuthority = {}));
17351
17351
  function calculateRegionalAuthority(regionalAuthority) {
17352
- var _a2, _b2;
17352
+ var _a, _b;
17353
17353
  let azureRegion = regionalAuthority;
17354
- if (azureRegion === void 0 && ((_b2 = (_a2 = globalThis.process) === null || _a2 === void 0 ? void 0 : _a2.env) === null || _b2 === void 0 ? void 0 : _b2.AZURE_REGIONAL_AUTHORITY_NAME) !== void 0) {
17354
+ if (azureRegion === void 0 && ((_b = (_a = globalThis.process) === null || _a === void 0 ? void 0 : _a.env) === null || _b === void 0 ? void 0 : _b.AZURE_REGIONAL_AUTHORITY_NAME) !== void 0) {
17355
17355
  azureRegion = process.env.AZURE_REGIONAL_AUTHORITY_NAME;
17356
17356
  }
17357
17357
  if (azureRegion === RegionalAuthority.AutoDiscoverRegion) {
@@ -17362,9 +17362,9 @@ ${errorDetail}`);
17362
17362
  __name(calculateRegionalAuthority, "calculateRegionalAuthority");
17363
17363
  var msalLogger = credentialLogger("MsalClient");
17364
17364
  function generateMsalConfiguration(clientId, tenantId, msalClientOptions = {}) {
17365
- var _a2, _b2, _c, _d;
17366
- const resolvedTenant = resolveTenantId((_a2 = msalClientOptions.logger) !== null && _a2 !== void 0 ? _a2 : msalLogger, tenantId, clientId);
17367
- const authority = getAuthority(resolvedTenant, (_b2 = msalClientOptions.authorityHost) !== null && _b2 !== void 0 ? _b2 : process.env.AZURE_AUTHORITY_HOST);
17365
+ var _a, _b, _c, _d;
17366
+ const resolvedTenant = resolveTenantId((_a = msalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger, tenantId, clientId);
17367
+ const authority = getAuthority(resolvedTenant, (_b = msalClientOptions.authorityHost) !== null && _b !== void 0 ? _b : process.env.AZURE_AUTHORITY_HOST);
17368
17368
  const httpClient = new IdentityClient(Object.assign(Object.assign({}, msalClientOptions.tokenCredentialOptions), { authorityHost: authority, loggingOptions: msalClientOptions.loggingOptions }));
17369
17369
  const msalConfig = {
17370
17370
  auth: {
@@ -17385,12 +17385,12 @@ ${errorDetail}`);
17385
17385
  }
17386
17386
  __name(generateMsalConfiguration, "generateMsalConfiguration");
17387
17387
  function createMsalClient(clientId, tenantId, createMsalClientOptions = {}) {
17388
- var _a2;
17388
+ var _a;
17389
17389
  const state = {
17390
17390
  msalConfig: generateMsalConfiguration(clientId, tenantId, createMsalClientOptions),
17391
17391
  cachedAccount: createMsalClientOptions.authenticationRecord ? publicToMsal(createMsalClientOptions.authenticationRecord) : null,
17392
17392
  pluginConfiguration: msalPlugins.generatePluginConfiguration(createMsalClientOptions),
17393
- logger: (_a2 = createMsalClientOptions.logger) !== null && _a2 !== void 0 ? _a2 : msalLogger
17393
+ logger: (_a = createMsalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger
17394
17394
  };
17395
17395
  const publicApps = /* @__PURE__ */ new Map();
17396
17396
  async function getPublicApp(options = {}) {
@@ -17461,7 +17461,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
17461
17461
  }
17462
17462
  __name(getTokenSilent, "getTokenSilent");
17463
17463
  async function withSilentAuthentication(msalApp, scopes, options, onAuthenticationRequired) {
17464
- var _a3;
17464
+ var _a2;
17465
17465
  let response = null;
17466
17466
  try {
17467
17467
  response = await getTokenSilent(msalApp, scopes, options);
@@ -17485,7 +17485,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
17485
17485
  }
17486
17486
  }
17487
17487
  ensureValidMsalToken(scopes, response, options);
17488
- state.cachedAccount = (_a3 = response === null || response === void 0 ? void 0 : response.account) !== null && _a3 !== void 0 ? _a3 : null;
17488
+ state.cachedAccount = (_a2 = response === null || response === void 0 ? void 0 : response.account) !== null && _a2 !== void 0 ? _a2 : null;
17489
17489
  state.logger.getToken.info(formatSuccess(scopes));
17490
17490
  return {
17491
17491
  token: response.accessToken,
@@ -17564,10 +17564,10 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
17564
17564
  state.logger.getToken.info(`Attempting to acquire token using device code`);
17565
17565
  const msalApp = await getPublicApp(options);
17566
17566
  return withSilentAuthentication(msalApp, scopes, options, () => {
17567
- var _a3, _b2;
17567
+ var _a2, _b;
17568
17568
  const requestOptions = {
17569
17569
  scopes,
17570
- cancel: (_b2 = (_a3 = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a3 === void 0 ? void 0 : _a3.aborted) !== null && _b2 !== void 0 ? _b2 : false,
17570
+ cancel: (_b = (_a2 = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a2 === void 0 ? void 0 : _a2.aborted) !== null && _b !== void 0 ? _b : false,
17571
17571
  deviceCodeCallback,
17572
17572
  authority: state.msalConfig.auth.authority,
17573
17573
  claims: options === null || options === void 0 ? void 0 : options.claims
@@ -17779,7 +17779,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
17779
17779
  * @hidden
17780
17780
  */
17781
17781
  constructor(clientIdOrOptions, options) {
17782
- var _a2, _b2;
17782
+ var _a, _b;
17783
17783
  this.isEndpointUnavailable = null;
17784
17784
  this.isAppTokenProviderInitialized = false;
17785
17785
  this.msiRetryConfig = {
@@ -17799,7 +17799,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
17799
17799
  if (this.clientId && this.resourceId) {
17800
17800
  throw new Error(`${_ManagedIdentityCredential.name} - Client Id and Resource Id can't be provided at the same time.`);
17801
17801
  }
17802
- if (((_a2 = _options === null || _options === void 0 ? void 0 : _options.retryOptions) === null || _a2 === void 0 ? void 0 : _a2.maxRetries) !== void 0) {
17802
+ if (((_a = _options === null || _options === void 0 ? void 0 : _options.retryOptions) === null || _a === void 0 ? void 0 : _a.maxRetries) !== void 0) {
17803
17803
  this.msiRetryConfig.maxRetries = _options.retryOptions.maxRetries;
17804
17804
  }
17805
17805
  this.identityClient = new IdentityClient(_options);
@@ -17809,7 +17809,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
17809
17809
  this.confidentialApp = new msalCommon.ConfidentialClientApplication({
17810
17810
  auth: {
17811
17811
  authority: "https://login.microsoftonline.com/managed_identity",
17812
- clientId: (_b2 = this.clientId) !== null && _b2 !== void 0 ? _b2 : DeveloperSignOnClientId,
17812
+ clientId: (_b = this.clientId) !== null && _b !== void 0 ? _b : DeveloperSignOnClientId,
17813
17813
  clientSecret: "dummy-secret",
17814
17814
  cloudDiscoveryMetadata: '{"tenant_discovery_endpoint":"https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration","api-version":"1.1","metadata":[{"preferred_network":"login.microsoftonline.com","preferred_cache":"login.windows.net","aliases":["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{"preferred_network":"login.partner.microsoftonline.cn","preferred_cache":"login.partner.microsoftonline.cn","aliases":["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{"preferred_network":"login.microsoftonline.de","preferred_cache":"login.microsoftonline.de","aliases":["login.microsoftonline.de"]},{"preferred_network":"login.microsoftonline.us","preferred_cache":"login.microsoftonline.us","aliases":["login.microsoftonline.us","login.usgovcloudapi.net"]},{"preferred_network":"login-us.microsoftonline.com","preferred_cache":"login-us.microsoftonline.com","aliases":["login-us.microsoftonline.com"]}]}',
17815
17815
  authorityMetadata: '{"token_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/token","token_endpoint_auth_methods_supported":["client_secret_post","private_key_jwt","client_secret_basic"],"jwks_uri":"https://login.microsoftonline.com/common/discovery/v2.0/keys","response_modes_supported":["query","fragment","form_post"],"subject_types_supported":["pairwise"],"id_token_signing_alg_values_supported":["RS256"],"response_types_supported":["code","id_token","code id_token","id_token token"],"scopes_supported":["openid","profile","email","offline_access"],"issuer":"https://login.microsoftonline.com/{tenantid}/v2.0","request_uri_parameter_supported":false,"userinfo_endpoint":"https://graph.microsoft.com/oidc/userinfo","authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/authorize","device_authorization_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/devicecode","http_logout_supported":true,"frontchannel_logout_supported":true,"end_session_endpoint":"https://login.microsoftonline.com/common/oauth2/v2.0/logout","claims_supported":["sub","iss","cloud_instance_name","cloud_instance_host_name","cloud_graph_host_name","msgraph_host","aud","exp","iat","auth_time","acr","nonce","preferred_username","name","tid","ver","at_hash","c_hash","email"],"kerberos_endpoint":"https://login.microsoftonline.com/common/kerberos","tenant_region_scope":null,"cloud_instance_name":"microsoftonline.com","cloud_graph_host_name":"graph.windows.net","msgraph_host":"graph.microsoft.com","rbac_url":"https://pas.windows.net"}',
@@ -18107,13 +18107,13 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18107
18107
  const scope = typeof scopes === "string" ? scopes : scopes[0];
18108
18108
  logger$d.getToken.info(`Using the scope ${scope}`);
18109
18109
  return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
18110
- var _a2, _b2, _c, _d;
18110
+ var _a, _b, _c, _d;
18111
18111
  try {
18112
18112
  ensureValidScopeForDevTimeCreds(scope, logger$d);
18113
18113
  const resource = getScopeResource(scope);
18114
18114
  const obj = await cliCredentialInternals.getAzureCliAccessToken(resource, tenantId, this.timeout);
18115
- const specificScope = (_a2 = obj.stderr) === null || _a2 === void 0 ? void 0 : _a2.match("(.*)az login --scope(.*)");
18116
- const isLoginError2 = ((_b2 = obj.stderr) === null || _b2 === void 0 ? void 0 : _b2.match("(.*)az login(.*)")) && !specificScope;
18115
+ const specificScope = (_a = obj.stderr) === null || _a === void 0 ? void 0 : _a.match("(.*)az login --scope(.*)");
18116
+ const isLoginError2 = ((_b = obj.stderr) === null || _b === void 0 ? void 0 : _b.match("(.*)az login(.*)")) && !specificScope;
18117
18117
  const isNotInstallError = ((_c = obj.stderr) === null || _c === void 0 ? void 0 : _c.match("az:(.*)not found")) || ((_d = obj.stderr) === null || _d === void 0 ? void 0 : _d.startsWith("'az' is not recognized"));
18118
18118
  if (isNotInstallError) {
18119
18119
  const error = new CredentialUnavailableError("Azure CLI could not be found. Please visit https://aka.ms/azure-cli for installation instructions and then, once installed, authenticate to your Azure account using 'az login'.");
@@ -18260,13 +18260,13 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18260
18260
  }
18261
18261
  logger$c.getToken.info(`Using the scopes ${scopes}`);
18262
18262
  return tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async () => {
18263
- var _a2, _b2, _c, _d;
18263
+ var _a, _b, _c, _d;
18264
18264
  try {
18265
18265
  scopeList.forEach((scope) => {
18266
18266
  ensureValidScopeForDevTimeCreds(scope, logger$c);
18267
18267
  });
18268
18268
  const obj = await developerCliCredentialInternals.getAzdAccessToken(scopeList, tenantId, this.timeout);
18269
- const isNotLoggedInError = ((_a2 = obj.stderr) === null || _a2 === void 0 ? void 0 : _a2.match("not logged in, run `azd login` to login")) || ((_b2 = obj.stderr) === null || _b2 === void 0 ? void 0 : _b2.match("not logged in, run `azd auth login` to login"));
18269
+ const isNotLoggedInError = ((_a = obj.stderr) === null || _a === void 0 ? void 0 : _a.match("not logged in, run `azd login` to login")) || ((_b = obj.stderr) === null || _b === void 0 ? void 0 : _b.match("not logged in, run `azd auth login` to login"));
18270
18270
  const isNotInstallError = ((_c = obj.stderr) === null || _c === void 0 ? void 0 : _c.match("azd:(.*)not found")) || ((_d = obj.stderr) === null || _d === void 0 ? void 0 : _d.startsWith("'azd' is not recognized"));
18271
18271
  if (isNotInstallError || obj.error && obj.error.code === "ENOENT") {
18272
18272
  const error = new CredentialUnavailableError("Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.");
@@ -18716,8 +18716,8 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18716
18716
  "AZURE_ADDITIONALLY_ALLOWED_TENANTS"
18717
18717
  ];
18718
18718
  function getAdditionallyAllowedTenants() {
18719
- var _a2;
18720
- const additionallyAllowedValues = (_a2 = process.env.AZURE_ADDITIONALLY_ALLOWED_TENANTS) !== null && _a2 !== void 0 ? _a2 : "";
18719
+ var _a;
18720
+ const additionallyAllowedValues = (_a = process.env.AZURE_ADDITIONALLY_ALLOWED_TENANTS) !== null && _a !== void 0 ? _a : "";
18721
18721
  return additionallyAllowedValues.split(";");
18722
18722
  }
18723
18723
  __name(getAdditionallyAllowedTenants, "getAdditionallyAllowedTenants");
@@ -18807,12 +18807,12 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18807
18807
  var EnvironmentCredential = _EnvironmentCredential;
18808
18808
  var logger$5 = credentialLogger("DefaultAzureCredential");
18809
18809
  function createDefaultManagedIdentityCredential(options = {}) {
18810
- var _a2, _b2, _c, _d;
18811
- (_a2 = options.retryOptions) !== null && _a2 !== void 0 ? _a2 : options.retryOptions = {
18810
+ var _a, _b, _c, _d;
18811
+ (_a = options.retryOptions) !== null && _a !== void 0 ? _a : options.retryOptions = {
18812
18812
  maxRetries: 5,
18813
18813
  retryDelayInMs: 800
18814
18814
  };
18815
- const managedIdentityClientId = (_b2 = options === null || options === void 0 ? void 0 : options.managedIdentityClientId) !== null && _b2 !== void 0 ? _b2 : process.env.AZURE_CLIENT_ID;
18815
+ const managedIdentityClientId = (_b = options === null || options === void 0 ? void 0 : options.managedIdentityClientId) !== null && _b !== void 0 ? _b : process.env.AZURE_CLIENT_ID;
18816
18816
  const workloadIdentityClientId = (_c = options === null || options === void 0 ? void 0 : options.workloadIdentityClientId) !== null && _c !== void 0 ? _c : managedIdentityClientId;
18817
18817
  const managedResourceId = options === null || options === void 0 ? void 0 : options.managedIdentityResourceId;
18818
18818
  const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
@@ -18833,9 +18833,9 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18833
18833
  }
18834
18834
  __name(createDefaultManagedIdentityCredential, "createDefaultManagedIdentityCredential");
18835
18835
  function createDefaultWorkloadIdentityCredential(options) {
18836
- var _a2, _b2, _c;
18837
- const managedIdentityClientId = (_a2 = options === null || options === void 0 ? void 0 : options.managedIdentityClientId) !== null && _a2 !== void 0 ? _a2 : process.env.AZURE_CLIENT_ID;
18838
- const workloadIdentityClientId = (_b2 = options === null || options === void 0 ? void 0 : options.workloadIdentityClientId) !== null && _b2 !== void 0 ? _b2 : managedIdentityClientId;
18836
+ var _a, _b, _c;
18837
+ const managedIdentityClientId = (_a = options === null || options === void 0 ? void 0 : options.managedIdentityClientId) !== null && _a !== void 0 ? _a : process.env.AZURE_CLIENT_ID;
18838
+ const workloadIdentityClientId = (_b = options === null || options === void 0 ? void 0 : options.workloadIdentityClientId) !== null && _b !== void 0 ? _b : managedIdentityClientId;
18839
18839
  const workloadFile = process.env.AZURE_FEDERATED_TOKEN_FILE;
18840
18840
  const tenantId = (_c = options === null || options === void 0 ? void 0 : options.tenantId) !== null && _c !== void 0 ? _c : process.env.AZURE_TENANT_ID;
18841
18841
  if (workloadFile && workloadIdentityClientId) {
@@ -18905,19 +18905,19 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18905
18905
  var DefaultAzureCredential = _DefaultAzureCredential;
18906
18906
  var _MsalNode = class _MsalNode {
18907
18907
  constructor(options) {
18908
- var _a2, _b2, _c, _d, _e, _f;
18908
+ var _a, _b, _c, _d, _e, _f;
18909
18909
  this.app = {};
18910
18910
  this.caeApp = {};
18911
18911
  this.requiresConfidential = false;
18912
18912
  this.logger = options.logger;
18913
18913
  this.msalConfig = this.defaultNodeMsalConfig(options);
18914
18914
  this.tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);
18915
- this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds((_a2 = options === null || options === void 0 ? void 0 : options.tokenCredentialOptions) === null || _a2 === void 0 ? void 0 : _a2.additionallyAllowedTenants);
18915
+ this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds((_a = options === null || options === void 0 ? void 0 : options.tokenCredentialOptions) === null || _a === void 0 ? void 0 : _a.additionallyAllowedTenants);
18916
18916
  this.clientId = this.msalConfig.auth.clientId;
18917
18917
  if (options === null || options === void 0 ? void 0 : options.getAssertion) {
18918
18918
  this.getAssertion = options.getAssertion;
18919
18919
  }
18920
- this.enableBroker = (_b2 = options === null || options === void 0 ? void 0 : options.brokerOptions) === null || _b2 === void 0 ? void 0 : _b2.enabled;
18920
+ this.enableBroker = (_b = options === null || options === void 0 ? void 0 : options.brokerOptions) === null || _b === void 0 ? void 0 : _b.enabled;
18921
18921
  this.enableMsaPassthrough = (_c = options === null || options === void 0 ? void 0 : options.brokerOptions) === null || _c === void 0 ? void 0 : _c.legacyEnableMsaPassthrough;
18922
18922
  this.parentWindowHandle = (_d = options.brokerOptions) === null || _d === void 0 ? void 0 : _d.parentWindowHandle;
18923
18923
  if (persistenceProvider !== void 0 && ((_e = options.tokenCachePersistenceOptions) === null || _e === void 0 ? void 0 : _e.enabled)) {
@@ -18948,7 +18948,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18948
18948
  * Generates a MSAL configuration that generally works for Node.js
18949
18949
  */
18950
18950
  defaultNodeMsalConfig(options) {
18951
- var _a2;
18951
+ var _a;
18952
18952
  const clientId = options.clientId || DeveloperSignOnClientId;
18953
18953
  const tenantId = resolveTenantId(options.logger, options.tenantId, options.clientId);
18954
18954
  this.authorityHost = options.authorityHost || process.env.AZURE_AUTHORITY_HOST;
@@ -18968,7 +18968,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
18968
18968
  loggerOptions: {
18969
18969
  loggerCallback: defaultLoggerCallback(options.logger),
18970
18970
  logLevel: getMSALLogLevel(logger$r.getLogLevel()),
18971
- piiLoggingEnabled: (_a2 = options.loggingOptions) === null || _a2 === void 0 ? void 0 : _a2.enableUnsafeSupportLogging
18971
+ piiLoggingEnabled: (_a = options.loggingOptions) === null || _a === void 0 ? void 0 : _a.enableUnsafeSupportLogging
18972
18972
  }
18973
18973
  }
18974
18974
  };
@@ -19082,7 +19082,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19082
19082
  * Attempts to retrieve a token from cache.
19083
19083
  */
19084
19084
  async getTokenSilent(scopes, options) {
19085
- var _a2, _b2, _c;
19085
+ var _a, _b, _c;
19086
19086
  await this.getActiveAccount(options === null || options === void 0 ? void 0 : options.enableCae);
19087
19087
  if (!this.account) {
19088
19088
  throw new AuthenticationRequiredError({
@@ -19112,8 +19112,8 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19112
19112
  }
19113
19113
  try {
19114
19114
  this.logger.info("Attempting to acquire token silently");
19115
- await ((_a2 = this.getApp("publicFirst", options === null || options === void 0 ? void 0 : options.enableCae)) === null || _a2 === void 0 ? void 0 : _a2.getTokenCache().getAllAccounts());
19116
- const response = (_c = await ((_b2 = this.getApp("confidential", options === null || options === void 0 ? void 0 : options.enableCae)) === null || _b2 === void 0 ? void 0 : _b2.acquireTokenSilent(silentRequest))) !== null && _c !== void 0 ? _c : await this.getApp("public", options === null || options === void 0 ? void 0 : options.enableCae).acquireTokenSilent(silentRequest);
19115
+ await ((_a = this.getApp("publicFirst", options === null || options === void 0 ? void 0 : options.enableCae)) === null || _a === void 0 ? void 0 : _a.getTokenCache().getAllAccounts());
19116
+ const response = (_c = await ((_b = this.getApp("confidential", options === null || options === void 0 ? void 0 : options.enableCae)) === null || _b === void 0 ? void 0 : _b.acquireTokenSilent(silentRequest))) !== null && _c !== void 0 ? _c : await this.getApp("public", options === null || options === void 0 ? void 0 : options.enableCae).acquireTokenSilent(silentRequest);
19117
19117
  return this.handleResult(scopes, response || void 0);
19118
19118
  } catch (err) {
19119
19119
  throw handleMsalError(scopes, err, options);
@@ -19176,11 +19176,11 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19176
19176
  };
19177
19177
  var _MsalOpenBrowser = class _MsalOpenBrowser extends MsalNode {
19178
19178
  constructor(options) {
19179
- var _a2, _b2, _c, _d;
19179
+ var _a, _b, _c, _d;
19180
19180
  super(options);
19181
19181
  this.loginHint = options.loginHint;
19182
- this.errorTemplate = (_a2 = options.browserCustomizationOptions) === null || _a2 === void 0 ? void 0 : _a2.errorMessage;
19183
- this.successTemplate = (_b2 = options.browserCustomizationOptions) === null || _b2 === void 0 ? void 0 : _b2.successMessage;
19182
+ this.errorTemplate = (_a = options.browserCustomizationOptions) === null || _a === void 0 ? void 0 : _a.errorMessage;
19183
+ this.successTemplate = (_b = options.browserCustomizationOptions) === null || _b === void 0 ? void 0 : _b.successMessage;
19184
19184
  this.logger = credentialLogger("Node.js MSAL Open Browser");
19185
19185
  this.useDefaultBrokerAccount = ((_c = options.brokerOptions) === null || _c === void 0 ? void 0 : _c.enabled) && ((_d = options.brokerOptions) === null || _d === void 0 ? void 0 : _d.useDefaultBrokerAccount);
19186
19186
  }
@@ -19221,7 +19221,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19221
19221
  * If the default broker account is not available, the method will fall back to interactive authentication.
19222
19222
  */
19223
19223
  async doGetBrokeredToken(scopes, interactiveRequest, options) {
19224
- var _a2;
19224
+ var _a;
19225
19225
  this.logger.verbose("Authentication will resume through the broker");
19226
19226
  if (this.parentWindowHandle) {
19227
19227
  interactiveRequest.windowHandle = Buffer.from(this.parentWindowHandle);
@@ -19229,7 +19229,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19229
19229
  this.logger.warning("Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.");
19230
19230
  }
19231
19231
  if (this.enableMsaPassthrough) {
19232
- ((_a2 = interactiveRequest.tokenQueryParameters) !== null && _a2 !== void 0 ? _a2 : interactiveRequest.tokenQueryParameters = {})["msal_request_type"] = "consumer_passthrough";
19232
+ ((_a = interactiveRequest.tokenQueryParameters) !== null && _a !== void 0 ? _a : interactiveRequest.tokenQueryParameters = {})["msal_request_type"] = "consumer_passthrough";
19233
19233
  }
19234
19234
  if (options.useDefaultBrokerAccount) {
19235
19235
  interactiveRequest.prompt = "none";
@@ -19274,13 +19274,13 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19274
19274
  * @param options - Options for configuring the client which makes the authentication requests.
19275
19275
  */
19276
19276
  constructor(options) {
19277
- var _a2, _b2, _c, _d;
19277
+ var _a, _b, _c, _d;
19278
19278
  const redirectUri = typeof options.redirectUri === "function" ? options.redirectUri() : options.redirectUri || "http://localhost";
19279
19279
  this.tenantId = options === null || options === void 0 ? void 0 : options.tenantId;
19280
19280
  this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
19281
19281
  const ibcNodeOptions = options;
19282
- if ((_a2 = ibcNodeOptions === null || ibcNodeOptions === void 0 ? void 0 : ibcNodeOptions.brokerOptions) === null || _a2 === void 0 ? void 0 : _a2.enabled) {
19283
- if (!((_b2 = ibcNodeOptions === null || ibcNodeOptions === void 0 ? void 0 : ibcNodeOptions.brokerOptions) === null || _b2 === void 0 ? void 0 : _b2.parentWindowHandle)) {
19282
+ if ((_a = ibcNodeOptions === null || ibcNodeOptions === void 0 ? void 0 : ibcNodeOptions.brokerOptions) === null || _a === void 0 ? void 0 : _a.enabled) {
19283
+ if (!((_b = ibcNodeOptions === null || ibcNodeOptions === void 0 ? void 0 : ibcNodeOptions.brokerOptions) === null || _b === void 0 ? void 0 : _b.parentWindowHandle)) {
19284
19284
  throw new Error("In order to do WAM authentication, `parentWindowHandle` under `brokerOptions` is a required parameter");
19285
19285
  } else {
19286
19286
  this.msalFlow = new MsalOpenBrowser(Object.assign(Object.assign({}, options), {
@@ -19375,12 +19375,12 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19375
19375
  * @param options - Options for configuring the client which makes the authentication requests.
19376
19376
  */
19377
19377
  constructor(options) {
19378
- var _a2, _b2;
19378
+ var _a, _b;
19379
19379
  this.tenantId = options === null || options === void 0 ? void 0 : options.tenantId;
19380
19380
  this.additionallyAllowedTenantIds = resolveAdditionallyAllowedTenantIds(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants);
19381
- const clientId = (_a2 = options === null || options === void 0 ? void 0 : options.clientId) !== null && _a2 !== void 0 ? _a2 : DeveloperSignOnClientId;
19381
+ const clientId = (_a = options === null || options === void 0 ? void 0 : options.clientId) !== null && _a !== void 0 ? _a : DeveloperSignOnClientId;
19382
19382
  const tenantId = resolveTenantId(logger$3, options === null || options === void 0 ? void 0 : options.tenantId, clientId);
19383
- this.userPromptCallback = (_b2 = options === null || options === void 0 ? void 0 : options.userPromptCallback) !== null && _b2 !== void 0 ? _b2 : defaultDeviceCodePromptCallback;
19383
+ this.userPromptCallback = (_b = options === null || options === void 0 ? void 0 : options.userPromptCallback) !== null && _b !== void 0 ? _b : defaultDeviceCodePromptCallback;
19384
19384
  this.msalClient = createMsalClient(clientId, tenantId, Object.assign(Object.assign({}, options), { logger: logger$3, tokenCredentialOptions: options || {} }));
19385
19385
  this.disableAutomaticAuthentication = options === null || options === void 0 ? void 0 : options.disableAutomaticAuthentication;
19386
19386
  }
@@ -19665,7 +19665,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19665
19665
  const pipeline = coreRestPipeline.createEmptyPipeline();
19666
19666
  pipeline.addPolicy(coreRestPipeline.bearerTokenAuthenticationPolicy({ credential, scopes }));
19667
19667
  async function getRefreshedToken() {
19668
- var _a2;
19668
+ var _a;
19669
19669
  const res = await pipeline.sendRequest({
19670
19670
  sendRequest: /* @__PURE__ */ __name((request) => Promise.resolve({
19671
19671
  request,
@@ -19677,7 +19677,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19677
19677
  abortSignal,
19678
19678
  tracingOptions
19679
19679
  }));
19680
- const accessToken = (_a2 = res.headers.get("authorization")) === null || _a2 === void 0 ? void 0 : _a2.split(" ")[1];
19680
+ const accessToken = (_a = res.headers.get("authorization")) === null || _a === void 0 ? void 0 : _a.split(" ")[1];
19681
19681
  if (!accessToken) {
19682
19682
  throw new Error("Failed to get access token");
19683
19683
  }
@@ -19729,7 +19729,7 @@ To work with multiple accounts for the same Client ID and Tenant ID, please prov
19729
19729
  var import_identity3 = __toESM(require_dist2(), 1);
19730
19730
 
19731
19731
  // src/authentication/forks/identity-cache-persistence/platforms.ts
19732
- import * as path2 from "path";
19732
+ import * as path3 from "path";
19733
19733
 
19734
19734
  // src/authentication/forks/msal-node-extensions/persistence/NapiRsKeyRingPersistence.ts
19735
19735
  import { Entry } from "@napi-rs/keyring";
@@ -20114,17 +20114,37 @@ var _FilePersistenceWithDataProtection = class _FilePersistenceWithDataProtectio
20114
20114
  __name(_FilePersistenceWithDataProtection, "FilePersistenceWithDataProtection");
20115
20115
  var FilePersistenceWithDataProtection = _FilePersistenceWithDataProtection;
20116
20116
 
20117
+ // src/authentication/lock-file/getAuthenticationLockFilePath.ts
20118
+ import path2 from "path";
20119
+ import os from "os";
20120
+
20121
+ // src/authentication/tokenCachePersistenceOptions.ts
20122
+ var tokenCachePersistenceOptions = {
20123
+ enabled: true,
20124
+ name: "Cloudpack"
20125
+ };
20126
+
20127
+ // src/authentication/lock-file/getAuthenticationLockFilePath.ts
20128
+ import { environmentInfo } from "@ms-cloudpack/environment";
20129
+ function getAuthenticationLockFilePath() {
20130
+ return path2.join(getIdentityServiceCachePath(), tokenCachePersistenceOptions.name + ".lockfile");
20131
+ }
20132
+ __name(getAuthenticationLockFilePath, "getAuthenticationLockFilePath");
20133
+ function getIdentityServiceCachePath() {
20134
+ var _a, _b;
20135
+ return path2.join(
20136
+ ((_b = (_a = environmentInfo.windows) == null ? void 0 : _a.appData) == null ? void 0 : _b.replace(/(.Roaming)*$/, "\\Local")) ?? os.homedir(),
20137
+ ".IdentityService"
20138
+ );
20139
+ }
20140
+ __name(getIdentityServiceCachePath, "getIdentityServiceCachePath");
20141
+
20117
20142
  // src/authentication/forks/identity-cache-persistence/platforms.ts
20118
- var _a, _b;
20119
- var localApplicationDataFolder = ((_b = (_a = process.env.APPDATA) == null ? void 0 : _a.replace) == null ? void 0 : _b.call(_a, /(.Roaming)*$/, "\\Local")) ?? process.env.HOME;
20120
20143
  var defaultMsalValues = {
20121
20144
  tokenCache: {
20122
20145
  name: "msal.cache",
20123
- // Expected values:
20124
- // - Darwin: '/Users/user/.IdentityService'
20125
- // - Windows 8+: 'C:\Users\user\AppData\Local\.IdentityService'
20126
- // - Linux: '/home/user/.IdentityService'
20127
- directory: path2.join(localApplicationDataFolder, ".IdentityService")
20146
+ // the original package code calculated this directly, but use a shared helper while it's in cloudpack
20147
+ directory: getIdentityServiceCachePath()
20128
20148
  },
20129
20149
  keyRing: {
20130
20150
  label: "MSALCache",
@@ -20143,7 +20163,7 @@ var defaultMsalValues = {
20143
20163
  }
20144
20164
  };
20145
20165
  function getPersistencePath(name3) {
20146
- return path2.join(defaultMsalValues.tokenCache.directory, name3);
20166
+ return path3.join(defaultMsalValues.tokenCache.directory, name3);
20147
20167
  }
20148
20168
  __name(getPersistencePath, "getPersistencePath");
20149
20169
  async function persistanceFactory(options = {}) {
@@ -20317,8 +20337,8 @@ var PersistenceCachePlugin = _PersistenceCachePlugin;
20317
20337
 
20318
20338
  // src/authentication/forks/identity-cache-persistence/provider.ts
20319
20339
  async function createPersistence(options) {
20320
- var _a2, _b2;
20321
- const persistence = await ((_b2 = (_a2 = msalPersistencePlatforms)[process.platform]) == null ? void 0 : _b2.call(_a2, options));
20340
+ var _a, _b;
20341
+ const persistence = await ((_b = (_a = msalPersistencePlatforms)[process.platform]) == null ? void 0 : _b.call(_a, options));
20322
20342
  if (persistence === void 0) {
20323
20343
  throw new Error("no persistence providers are available on this platform");
20324
20344
  }
@@ -20345,9 +20365,9 @@ var import_identity = __toESM(require_dist2(), 1);
20345
20365
  import { existsSync, readFileSync as readFileSync2 } from "fs";
20346
20366
 
20347
20367
  // src/authentication/getAuthenticationRecordPath.ts
20348
- import path3 from "path";
20368
+ import path4 from "path";
20349
20369
  function getAuthenticationRecordPath(cachePath) {
20350
- return path3.join(cachePath, "tokencache.bin");
20370
+ return path4.join(cachePath, "tokencache.bin");
20351
20371
  }
20352
20372
  __name(getAuthenticationRecordPath, "getAuthenticationRecordPath");
20353
20373
 
@@ -20374,12 +20394,6 @@ function saveAuthenticationRecord(cachePath, authRecord) {
20374
20394
  }
20375
20395
  __name(saveAuthenticationRecord, "saveAuthenticationRecord");
20376
20396
 
20377
- // src/authentication/tokenCachePersistenceOptions.ts
20378
- var tokenCachePersistenceOptions = {
20379
- enabled: true,
20380
- name: "Cloudpack"
20381
- };
20382
-
20383
20397
  // src/utils/isProcessRunning.ts
20384
20398
  function isErrorWithCode(error) {
20385
20399
  return error instanceof Error && "code" in error;
@@ -20410,17 +20424,6 @@ __name(isProcessRunning, "isProcessRunning");
20410
20424
 
20411
20425
  // src/authentication/lock-file/deleteAuthenticationLockFile.ts
20412
20426
  import { unlinkSync } from "fs";
20413
-
20414
- // src/authentication/lock-file/getAuthenticationLockFilePath.ts
20415
- import path4 from "path";
20416
- function getAuthenticationLockFilePath() {
20417
- var _a2, _b2;
20418
- const localApplicationDataFolder2 = ((_b2 = (_a2 = process.env.APPDATA) == null ? void 0 : _a2.replace) == null ? void 0 : _b2.call(_a2, /(.Roaming)*$/, "\\Local")) ?? (process.env.HOME || "");
20419
- return path4.join(localApplicationDataFolder2, ".IdentityService", tokenCachePersistenceOptions.name + ".lockfile");
20420
- }
20421
- __name(getAuthenticationLockFilePath, "getAuthenticationLockFilePath");
20422
-
20423
- // src/authentication/lock-file/deleteAuthenticationLockFile.ts
20424
20427
  function deleteAuthenticationLockFile() {
20425
20428
  const lockFilePath = getAuthenticationLockFilePath();
20426
20429
  try {
@@ -20505,7 +20508,7 @@ async function getCredential(options, context) {
20505
20508
  const { loginMethod, cachePath, tenantId } = options;
20506
20509
  const { reporter, azureLogger, telemetryClient } = context;
20507
20510
  return telemetryClient.tracer.startActiveSpan("GET_CREDENTIAL", async (span) => {
20508
- var _a2;
20511
+ var _a;
20509
20512
  if (loginMethod == "azure-cli") {
20510
20513
  return new import_identity3.AzureCliCredential();
20511
20514
  }
@@ -20527,7 +20530,7 @@ async function getCredential(options, context) {
20527
20530
  if (authenticationRecord) {
20528
20531
  saveAuthenticationRecord(cachePath, authenticationRecord);
20529
20532
  }
20530
- (_a2 = tasks.interactiveAuthentication) == null ? void 0 : _a2.complete({
20533
+ (_a = tasks.interactiveAuthentication) == null ? void 0 : _a.complete({
20531
20534
  message: "You have successfully signed in."
20532
20535
  });
20533
20536
  span.setAttributes({