azure-kusto-data 7.0.0-alpha.2 → 7.0.0-alpha.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist-esm/src/kustoTrustedEndpoints.js +1 -1
  2. package/dist-esm/src/kustoTrustedEndpoints.js.map +1 -1
  3. package/dist-esm/src/{wellKnownKustoEndpoints.json → wellKnownKustoEndpoints.js} +5 -2
  4. package/dist-esm/src/wellKnownKustoEndpoints.js.map +1 -0
  5. package/package.json +2 -2
  6. package/types/src/wellKnownKustoEndpoints.d.ts +27 -0
package/dist-esm/src/kustoTrustedEndpoints.js CHANGED
@@ -1,7 +1,7 @@
1
1
  // Copyright (c) Microsoft Corporation.
2
2
  // Licensed under the MIT License.
3
3
  import { getStringTailLowerCase } from "./utils.js";
4
- import { default as endpointsData } from "./wellKnownKustoEndpoints.json";
4
+ import { default as endpointsData } from "./wellKnownKustoEndpoints.js";
5
5
  export class MatchRule {
6
6
  constructor(
7
7
  /**
package/dist-esm/src/kustoTrustedEndpoints.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"kustoTrustedEndpoints.js","sourceRoot":"","sources":["../../src/kustoTrustedEndpoints.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AACpD,OAAO,EAAE,OAAO,IAAI,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAE1E,MAAM,OAAO,SAAS;IAClB;IACI;;OAEG;IACI,MAAc;IACrB;;;OAGG;IACI,KAAc;QALd,WAAM,GAAN,MAAM,CAAQ;QAKd,UAAK,GAAL,KAAK,CAAS;IACtB,CAAC;CACP;AAED,MAAM,OAAO,iBAAiB;IAI1B,YAAY,KAAyB;QAFrC,UAAK,GAAoC,EAAE,CAAC;QAGxC,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3F,MAAM,cAAc,GAAoC,EAAE,CAAC;QAC3D,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;YACpB,MAAM,MAAM,GAAG,sBAAsB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;YACvE,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAChC,CAAC;YACD,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,GAAG,cAAc,CAAC;IAChC,CAAC;IAED,OAAO,CAAC,SAAiB;QACrB,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACjB,CAAC;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QAErF,IAAI,UAAU,EAAE,CAAC;YACb,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;gBAC5B,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAClC,IAAI,SAAS,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;wBACzD,OAAO,IAAI,CAAC;oBAChB,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,kBAAkB,CAAC,QAAkC,EAAE,KAAyB;QACnF,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;YACnD,OAAO,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,OAAO,QAAQ,CAAC;QACpB,CAAC;QAED,OAAO,IAAI,iBAAiB,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;CACJ;AAED,MAAM,yBAAyB;IAK3B;QAJA,aAAQ,GAA0C,EAAE,CAAC;QACrD,sBAAiB,GAA6B,IAAI,CAAC;QACnD,oBAAe,GAAuC,IAAI,CAAC,CAAC,2EAA2E;QAGnI,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC;QAClE,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC;YACvB,MAAM,KAAK,GAAgB,EAAE,CAAC;YAC9B,CAAC,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7F,CAAC,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,QAAgB,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;YACjG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACpD,CAAC;IACL,CAAC;IAED,iBAAiB,CAAC,OAA2C;QACzD,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC;IACnC,CAAC;IAED,uBAAuB,CAAC,GAAiB,EAAE,aAAqB;QAC5D,MAAM,GAAG,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACzD,MAAM,IAAI,GAAW,GAAG,CAAC,QAAQ,CAAC;QAClC,sEAAsE;QACtE,IAAI,CAAC,0BAA0B,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,aAAa,CAAC,CAAC;IACzF,CAAC;IAEM,eAAe,CAAC,KAAyB,EAAE,OAAgB;QAC9D,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,MAAM,CAAA,EAAE,CAAC;YACjB,IAAI,OAAO,EAAE,CAAC;gBACV,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAClC,CAAC;YACD,OAAO;QACX,CAAC;QAED,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;IAClH,CAAC;IAED,0BAA0B,CAAC,QAAgB,EAAE,aAAqB;QAC9D,qEAAqE;QACrE,IAAI,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO;QACX,CAAC;QAED,oDAAoD;QACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QACtC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;YACnB,IAAI,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACrB,OAAO;YACX,CAAC;QACL,CAAC;aAAM,CAAC;YACJ,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,WAAW,EAAE,CAAC,CAAC;YAC5D,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO;YACX,CAAC;QACL,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,CAAC;QACjD,IAAI,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,8FAA8F,CAAC,CAAC;IACvJ,CAAC;IAED,eAAe,CAAC,IAAY;QACxB,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;YACrE,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,EAAE,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACnE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBAC1B,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;oBACvC,OAAO,KAAK,CAAC;gBACjB,CAAC;YACL,CAAC;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;CACJ;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,yBAAyB,EAAE,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { getStringTailLowerCase } from \"./utils.js\";\nimport { default as endpointsData } from \"./wellKnownKustoEndpoints.json\";\n\nexport class MatchRule {\n constructor(\n /**\n * The suffix which the candidate must end with in order to match.\n */\n public suffix: string,\n /**\n * Indicates whether the match must be exact (the candidate must\n * not have any prefix) or not.\n */\n public exact: boolean,\n ) {}\n}\n\nexport class FastSuffixMatcher {\n _suffixLength: number;\n rules: { [host: string]: MatchRule[] } = {};\n\n constructor(rules: MatchRule[] | null) {\n this._suffixLength = rules ? Math.min(...rules.map((r: MatchRule) => r.suffix.length)) : 0;\n const processedRules: { [host: string]: MatchRule[] } = {};\n rules?.forEach((rule) => {\n const suffix = getStringTailLowerCase(rule.suffix, this._suffixLength);\n if (!processedRules[suffix]) {\n processedRules[suffix] = [];\n }\n processedRules[suffix].push(rule);\n });\n this.rules = processedRules;\n }\n\n isMatch(candidate: string): boolean {\n if (candidate.length < this._suffixLength) {\n return false;\n }\n const matchRules = this.rules[getStringTailLowerCase(candidate, this._suffixLength)];\n\n if (matchRules) {\n for (const rule of matchRules) {\n if (candidate.endsWith(rule.suffix)) {\n if (candidate.length === rule.suffix.length || !rule.exact) {\n return true;\n }\n }\n }\n }\n return false;\n }\n\n static createFromExisting(existing: FastSuffixMatcher | null, rules: MatchRule[] | null): FastSuffixMatcher | null {\n if (!existing || !Object.keys(existing.rules).length) {\n return new FastSuffixMatcher(rules);\n }\n\n if (!rules) {\n return existing;\n }\n\n return new FastSuffixMatcher(rules.concat(...Object.values(existing.rules)));\n }\n}\n\nclass KustoTrustedEndpointsImpl {\n matchers: { [host: string]: FastSuffixMatcher } = {};\n additionalMatcher: FastSuffixMatcher | null = null;\n overrideMatcher: ((host: string) => boolean) | null = null; // We could unify this with matchers, but separating makes debugging easier\n\n constructor() {\n const etr = Object.entries(endpointsData.AllowedEndpointsByLogin);\n for (const [k, v] of etr) {\n const rules: MatchRule[] = [];\n v.AllowedKustoSuffixes.forEach((suffix: string) => rules.push(new MatchRule(suffix, false)));\n v.AllowedKustoHostnames.forEach((hostname: string) => rules.push(new MatchRule(hostname, true)));\n this.matchers[k] = new FastSuffixMatcher(rules);\n }\n }\n\n setOverridePolicy(matcher: ((host: string) => boolean) | null): void {\n this.overrideMatcher = matcher;\n }\n\n validateTrustedEndpoint(url: URL | string, loginEndpoint: string) {\n const uri = typeof url === \"string\" ? new URL(url) : url;\n const host: string = uri.hostname;\n // Check that target hostname is trusted and can accept security token\n this._validateHostnameIsTrusted(host != null ? host : url.toString(), loginEndpoint);\n }\n\n public addTrustedHosts(rules: MatchRule[] | null, replace: boolean): void {\n if (!rules?.length) {\n if (replace) {\n this.additionalMatcher = null;\n }\n return;\n }\n\n this.additionalMatcher = FastSuffixMatcher.createFromExisting(replace ? null : this.additionalMatcher, rules);\n }\n\n _validateHostnameIsTrusted(hostname: string, loginEndpoint: string): void {\n // The loopback is unconditionally allowed (since we trust ourselves)\n if (this._isLocalAddress(hostname)) {\n return;\n }\n\n // Either check the override matcher OR the matcher:\n const override = this.overrideMatcher;\n if (override != null) {\n if (override(hostname)) {\n return;\n }\n } else {\n const matcher = this.matchers[loginEndpoint?.toLowerCase()];\n if (matcher?.isMatch(hostname)) {\n return;\n }\n }\n\n const additionalMatcher = this.additionalMatcher;\n if (additionalMatcher?.isMatch(hostname)) {\n return;\n }\n\n throw new Error(`Can't communicate with '${hostname}' as this hostname is currently not trusted; please see https://aka.ms/kustotrustedendpoints`);\n }\n\n _isLocalAddress(host: string): boolean {\n if ([\"localhost\", \"127.0.0.1\", \"::1\", \"[::1]\"].find((c) => c === host)) {\n return true;\n }\n\n if (host.startsWith(\"127.\") && host.length <= 15 && host.length >= 9) {\n for (let i = 0; i < host.length; i++) {\n const ch = host.charAt(i);\n if (ch !== \".\" && (ch < \"0\" || ch > \"9\")) {\n return false;\n }\n }\n return true;\n }\n\n return false;\n }\n}\n\nexport const kustoTrustedEndpoints = new KustoTrustedEndpointsImpl();\n"]}
1
+ {"version":3,"file":"kustoTrustedEndpoints.js","sourceRoot":"","sources":["../../src/kustoTrustedEndpoints.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAElC,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AACpD,OAAO,EAAE,OAAO,IAAI,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAExE,MAAM,OAAO,SAAS;IAClB;IACI;;OAEG;IACI,MAAc;IACrB;;;OAGG;IACI,KAAc;QALd,WAAM,GAAN,MAAM,CAAQ;QAKd,UAAK,GAAL,KAAK,CAAS;IACtB,CAAC;CACP;AAED,MAAM,OAAO,iBAAiB;IAI1B,YAAY,KAAyB;QAFrC,UAAK,GAAoC,EAAE,CAAC;QAGxC,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3F,MAAM,cAAc,GAAoC,EAAE,CAAC;QAC3D,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;YACpB,MAAM,MAAM,GAAG,sBAAsB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;YACvE,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,cAAc,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;YAChC,CAAC;YACD,cAAc,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,GAAG,cAAc,CAAC;IAChC,CAAC;IAED,OAAO,CAAC,SAAiB;QACrB,IAAI,SAAS,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACjB,CAAC;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QAErF,IAAI,UAAU,EAAE,CAAC;YACb,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;gBAC5B,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAClC,IAAI,SAAS,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;wBACzD,OAAO,IAAI,CAAC;oBAChB,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QACD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,CAAC,kBAAkB,CAAC,QAAkC,EAAE,KAAyB;QACnF,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;YACnD,OAAO,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,CAAC,KAAK,EAAE,CAAC;YACT,OAAO,QAAQ,CAAC;QACpB,CAAC;QAED,OAAO,IAAI,iBAAiB,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjF,CAAC;CACJ;AAED,MAAM,yBAAyB;IAK3B;QAJA,aAAQ,GAA0C,EAAE,CAAC;QACrD,sBAAiB,GAA6B,IAAI,CAAC;QACnD,oBAAe,GAAuC,IAAI,CAAC,CAAC,2EAA2E;QAGnI,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC;QAClE,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,EAAE,CAAC;YACvB,MAAM,KAAK,GAAgB,EAAE,CAAC;YAC9B,CAAC,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC,MAAc,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;YAC7F,CAAC,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,QAAgB,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;YACjG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,iBAAiB,CAAC,KAAK,CAAC,CAAC;QACpD,CAAC;IACL,CAAC;IAED,iBAAiB,CAAC,OAA2C;QACzD,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC;IACnC,CAAC;IAED,uBAAuB,CAAC,GAAiB,EAAE,aAAqB;QAC5D,MAAM,GAAG,GAAG,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACzD,MAAM,IAAI,GAAW,GAAG,CAAC,QAAQ,CAAC;QAClC,sEAAsE;QACtE,IAAI,CAAC,0BAA0B,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,aAAa,CAAC,CAAC;IACzF,CAAC;IAEM,eAAe,CAAC,KAAyB,EAAE,OAAgB;QAC9D,IAAI,CAAC,CAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,MAAM,CAAA,EAAE,CAAC;YACjB,IAAI,OAAO,EAAE,CAAC;gBACV,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;YAClC,CAAC;YACD,OAAO;QACX,CAAC;QAED,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,CAAC,CAAC;IAClH,CAAC;IAED,0BAA0B,CAAC,QAAgB,EAAE,aAAqB;QAC9D,qEAAqE;QACrE,IAAI,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO;QACX,CAAC;QAED,oDAAoD;QACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CAAC;QACtC,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;YACnB,IAAI,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACrB,OAAO;YACX,CAAC;QACL,CAAC;aAAM,CAAC;YACJ,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,aAAb,aAAa,uBAAb,aAAa,CAAE,WAAW,EAAE,CAAC,CAAC;YAC5D,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO;YACX,CAAC;QACL,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,CAAC;QACjD,IAAI,iBAAiB,aAAjB,iBAAiB,uBAAjB,iBAAiB,CAAE,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO;QACX,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,2BAA2B,QAAQ,8FAA8F,CAAC,CAAC;IACvJ,CAAC;IAED,eAAe,CAAC,IAAY;QACxB,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC;YACrE,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,EAAE,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACnE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,MAAM,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBAC1B,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,EAAE,GAAG,GAAG,IAAI,EAAE,GAAG,GAAG,CAAC,EAAE,CAAC;oBACvC,OAAO,KAAK,CAAC;gBACjB,CAAC;YACL,CAAC;YACD,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;CACJ;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,yBAAyB,EAAE,CAAC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\nimport { getStringTailLowerCase } from \"./utils.js\";\nimport { default as endpointsData } from \"./wellKnownKustoEndpoints.js\";\n\nexport class MatchRule {\n constructor(\n /**\n * The suffix which the candidate must end with in order to match.\n */\n public suffix: string,\n /**\n * Indicates whether the match must be exact (the candidate must\n * not have any prefix) or not.\n */\n public exact: boolean,\n ) {}\n}\n\nexport class FastSuffixMatcher {\n _suffixLength: number;\n rules: { [host: string]: MatchRule[] } = {};\n\n constructor(rules: MatchRule[] | null) {\n this._suffixLength = rules ? Math.min(...rules.map((r: MatchRule) => r.suffix.length)) : 0;\n const processedRules: { [host: string]: MatchRule[] } = {};\n rules?.forEach((rule) => {\n const suffix = getStringTailLowerCase(rule.suffix, this._suffixLength);\n if (!processedRules[suffix]) {\n processedRules[suffix] = [];\n }\n processedRules[suffix].push(rule);\n });\n this.rules = processedRules;\n }\n\n isMatch(candidate: string): boolean {\n if (candidate.length < this._suffixLength) {\n return false;\n }\n const matchRules = this.rules[getStringTailLowerCase(candidate, this._suffixLength)];\n\n if (matchRules) {\n for (const rule of matchRules) {\n if (candidate.endsWith(rule.suffix)) {\n if (candidate.length === rule.suffix.length || !rule.exact) {\n return true;\n }\n }\n }\n }\n return false;\n }\n\n static createFromExisting(existing: FastSuffixMatcher | null, rules: MatchRule[] | null): FastSuffixMatcher | null {\n if (!existing || !Object.keys(existing.rules).length) {\n return new FastSuffixMatcher(rules);\n }\n\n if (!rules) {\n return existing;\n }\n\n return new FastSuffixMatcher(rules.concat(...Object.values(existing.rules)));\n }\n}\n\nclass KustoTrustedEndpointsImpl {\n matchers: { [host: string]: FastSuffixMatcher } = {};\n additionalMatcher: FastSuffixMatcher | null = null;\n overrideMatcher: ((host: string) => boolean) | null = null; // We could unify this with matchers, but separating makes debugging easier\n\n constructor() {\n const etr = Object.entries(endpointsData.AllowedEndpointsByLogin);\n for (const [k, v] of etr) {\n const rules: MatchRule[] = [];\n v.AllowedKustoSuffixes.forEach((suffix: string) => rules.push(new MatchRule(suffix, false)));\n v.AllowedKustoHostnames.forEach((hostname: string) => rules.push(new MatchRule(hostname, true)));\n this.matchers[k] = new FastSuffixMatcher(rules);\n }\n }\n\n setOverridePolicy(matcher: ((host: string) => boolean) | null): void {\n this.overrideMatcher = matcher;\n }\n\n validateTrustedEndpoint(url: URL | string, loginEndpoint: string) {\n const uri = typeof url === \"string\" ? new URL(url) : url;\n const host: string = uri.hostname;\n // Check that target hostname is trusted and can accept security token\n this._validateHostnameIsTrusted(host != null ? host : url.toString(), loginEndpoint);\n }\n\n public addTrustedHosts(rules: MatchRule[] | null, replace: boolean): void {\n if (!rules?.length) {\n if (replace) {\n this.additionalMatcher = null;\n }\n return;\n }\n\n this.additionalMatcher = FastSuffixMatcher.createFromExisting(replace ? null : this.additionalMatcher, rules);\n }\n\n _validateHostnameIsTrusted(hostname: string, loginEndpoint: string): void {\n // The loopback is unconditionally allowed (since we trust ourselves)\n if (this._isLocalAddress(hostname)) {\n return;\n }\n\n // Either check the override matcher OR the matcher:\n const override = this.overrideMatcher;\n if (override != null) {\n if (override(hostname)) {\n return;\n }\n } else {\n const matcher = this.matchers[loginEndpoint?.toLowerCase()];\n if (matcher?.isMatch(hostname)) {\n return;\n }\n }\n\n const additionalMatcher = this.additionalMatcher;\n if (additionalMatcher?.isMatch(hostname)) {\n return;\n }\n\n throw new Error(`Can't communicate with '${hostname}' as this hostname is currently not trusted; please see https://aka.ms/kustotrustedendpoints`);\n }\n\n _isLocalAddress(host: string): boolean {\n if ([\"localhost\", \"127.0.0.1\", \"::1\", \"[::1]\"].find((c) => c === host)) {\n return true;\n }\n\n if (host.startsWith(\"127.\") && host.length <= 15 && host.length >= 9) {\n for (let i = 0; i < host.length; i++) {\n const ch = host.charAt(i);\n if (ch !== \".\" && (ch < \"0\" || ch > \"9\")) {\n return false;\n }\n }\n return true;\n }\n\n return false;\n }\n}\n\nexport const kustoTrustedEndpoints = new KustoTrustedEndpointsImpl();\n"]}
package/dist-esm/src/{wellKnownKustoEndpoints.json → wellKnownKustoEndpoints.js} RENAMED
@@ -1,4 +1,6 @@
1
- {
1
+ // Copyright (c) Microsoft Corporation.
2
+ // Licensed under the MIT License.
3
+ export default {
2
4
  "_Comments": [
3
5
  "KWE .linkedin.com suffix is excluded from list pending a more specific suffix",
4
6
  "LogAnalytics, AppInsigts & AzureMonitor are taken from https://msazure.visualstudio.com/One/_wiki/wikis/One.wiki/138095/Calling-the-ADX-Proxy following talk with Raz Ronen",
@@ -59,4 +61,5 @@
59
61
  ]
60
62
  }
61
63
  }
62
- }
64
+ };
65
+ //# sourceMappingURL=wellKnownKustoEndpoints.js.map
package/dist-esm/src/wellKnownKustoEndpoints.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"wellKnownKustoEndpoints.js","sourceRoot":"","sources":["../../src/wellKnownKustoEndpoints.ts"],"names":[],"mappings":"AAAA,uCAAuC;AACvC,kCAAkC;AAClC,eAAe;IACX,WAAW,EAAE;QACT,+EAA+E;QAC/E,6KAA6K;QAC7K,yCAAyC;QACzC,6EAA6E;QAC7E,wBAAwB;KAC3B;IACD,yBAAyB,EAAE;QACvB,mCAAmC,EAAE;YACjC,sBAAsB,EAAE;gBACpB,oBAAoB;gBACpB,wBAAwB;gBACxB,yBAAyB;gBACzB,oBAAoB;gBACpB,oCAAoC;gBACpC,uBAAuB;gBACvB,uBAAuB;gBACvB,iBAAiB;gBACjB,mBAAmB;gBACnB,cAAc;gBACd,2BAA2B;gBAC3B,6BAA6B;gBAC7B,qCAAqC;gBACrC,6BAA6B;aAChC;YACD,uBAAuB,EAAE;gBACrB,4BAA4B;gBAC5B,qBAAqB;gBACrB,yCAAyC;gBACzC,mCAAmC;gBACnC,uCAAuC;gBACvC,gCAAgC;gBAChC,2BAA2B;gBAC3B,4BAA4B;gBAC5B,uBAAuB;gBACvB,0BAA0B;gBAC1B,6BAA6B;aAChC;SACJ;QACD,kCAAkC,EAAE;YAChC,sBAAsB,EAAE,CAAC,0BAA0B,EAAE,6BAA6B,CAAC;YACnF,uBAAuB,EAAE,CAAC,kCAAkC,EAAE,2BAA2B,EAAE,sBAAsB,CAAC;SACrH;QACD,0CAA0C,EAAE;YACxC,sBAAsB,EAAE,CAAC,8BAA8B,EAAE,yBAAyB,EAAE,4BAA4B,EAAE,aAAa,CAAC;YAChI,uBAAuB,EAAE,CAAC,kCAAkC,EAAE,2BAA2B,EAAE,sBAAsB,CAAC;SACrH;QACD,6CAA6C,EAAE;YAC3C,sBAAsB,EAAE,CAAC,2BAA2B,EAAE,8BAA8B,CAAC;YACrF,uBAAuB,EAAE,CAAC,6CAA6C,EAAE,sCAAsC,EAAE,iCAAiC,CAAC;SACtJ;QACD,gDAAgD,EAAE;YAC9C,sBAAsB,EAAE,CAAC,8BAA8B,EAAE,iCAAiC,CAAC;YAC3F,uBAAuB,EAAE;gBACrB,gDAAgD;gBAChD,yCAAyC;gBACzC,oCAAoC;aACvC;SACJ;KACJ;CACJ,CAAA","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\nexport default {\n \"_Comments\": [\n \"KWE .linkedin.com suffix is excluded from list pending a more specific suffix\",\n \"LogAnalytics, AppInsigts & AzureMonitor are taken from https://msazure.visualstudio.com/One/_wiki/wikis/One.wiki/138095/Calling-the-ADX-Proxy following talk with Raz Ronen\",\n \"The two DXP suffixes come from KWE code\",\n \"The PlayFab suffixes are a superset of KWE and PowerBI Kusto Connector code\",\n \"Aria hostname is fixed\"\n ],\n \"AllowedEndpointsByLogin\": {\n \"https://login.microsoftonline.com\": {\n \"AllowedKustoSuffixes\": [\n \".dxp.aad.azure.com\",\n \".dxp-dev.aad.azure.com\",\n \".kusto.azuresynapse.net\",\n \".kusto.windows.net\",\n \".kustodev.azuresynapse-dogfood.net\",\n \".kustodev.windows.net\",\n \".kustomfa.windows.net\",\n \".playfabapi.com\",\n \".azureplayfab.com\",\n \".playfab.com\",\n \".kusto.data.microsoft.com\",\n \".kusto.fabric.microsoft.com\",\n \".api.securityplatform.microsoft.com\",\n \".securitycenter.windows.com\"\n ],\n \"AllowedKustoHostnames\": [\n \"ade.applicationinsights.io\",\n \"ade.loganalytics.io\",\n \"adx.aimon.applicationinsights.azure.com\",\n \"adx.applicationinsights.azure.com\",\n \"adx.int.applicationinsights.azure.com\",\n \"adx.int.loganalytics.azure.com\",\n \"adx.int.monitor.azure.com\",\n \"adx.loganalytics.azure.com\",\n \"adx.monitor.azure.com\",\n \"kusto.aria.microsoft.com\",\n \"eu.kusto.aria.microsoft.com\"\n ]\n },\n \"https://login.microsoftonline.us\": {\n \"AllowedKustoSuffixes\": [\".kusto.usgovcloudapi.net\", \".kustomfa.usgovcloudapi.net\"],\n \"AllowedKustoHostnames\": [\"adx.applicationinsights.azure.us\", \"adx.loganalytics.azure.us\", \"adx.monitor.azure.us\"]\n },\n \"https://login.partner.microsoftonline.cn\": {\n \"AllowedKustoSuffixes\": [\".kusto.azuresynapse.azure.cn\", \".kusto.chinacloudapi.cn\", \".kustomfa.chinacloudapi.cn\", \".playfab.cn\"],\n \"AllowedKustoHostnames\": [\"adx.applicationinsights.azure.cn\", \"adx.loganalytics.azure.cn\", \"adx.monitor.azure.cn\"]\n },\n \"https://login.microsoftonline.eaglex.ic.gov\": {\n \"AllowedKustoSuffixes\": [\".kusto.core.eaglex.ic.gov\", \".kustomfa.core.eaglex.ic.gov\"],\n \"AllowedKustoHostnames\": [\"adx.applicationinsights.azure.eaglex.ic.gov\", \"adx.loganalytics.azure.eaglex.ic.gov\", \"adx.monitor.azure.eaglex.ic.gov\"]\n },\n \"https://login.microsoftonline.microsoft.scloud\": {\n \"AllowedKustoSuffixes\": [\".kusto.core.microsoft.scloud\", \".kustomfa.core.microsoft.scloud\"],\n \"AllowedKustoHostnames\": [\n \"adx.applicationinsights.azure.microsoft.scloud\",\n \"adx.loganalytics.azure.microsoft.scloud\",\n \"adx.monitor.azure.microsoft.scloud\"\n ]\n }\n }\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "azure-kusto-data",
3
- "version": "7.0.0-alpha.2",
3
+ "version": "7.0.0-alpha.3",
4
4
  "description": "Azure Data Explorer Query SDK",
5
5
  "type": "module",
6
6
  "main": "dist-esm/src/index.js",
@@ -71,5 +71,5 @@
71
71
  "stream-http": "^3.2.0",
72
72
  "uuid": "^8.3.2"
73
73
  },
74
- "gitHead": "f43595ebf3fa6f6237c607c1a9df09f17f34f991"
74
+ "gitHead": "8e0c59af3a327f169e85115866537d8229509b02"
75
75
  }
package/types/src/wellKnownKustoEndpoints.d.ts ADDED
@@ -0,0 +1,27 @@
1
+ declare const _default: {
2
+ _Comments: string[];
3
+ AllowedEndpointsByLogin: {
4
+ "https://login.microsoftonline.com": {
5
+ AllowedKustoSuffixes: string[];
6
+ AllowedKustoHostnames: string[];
7
+ };
8
+ "https://login.microsoftonline.us": {
9
+ AllowedKustoSuffixes: string[];
10
+ AllowedKustoHostnames: string[];
11
+ };
12
+ "https://login.partner.microsoftonline.cn": {
13
+ AllowedKustoSuffixes: string[];
14
+ AllowedKustoHostnames: string[];
15
+ };
16
+ "https://login.microsoftonline.eaglex.ic.gov": {
17
+ AllowedKustoSuffixes: string[];
18
+ AllowedKustoHostnames: string[];
19
+ };
20
+ "https://login.microsoftonline.microsoft.scloud": {
21
+ AllowedKustoSuffixes: string[];
22
+ AllowedKustoHostnames: string[];
23
+ };
24
+ };
25
+ };
26
+ export default _default;
27
+ //# sourceMappingURL=wellKnownKustoEndpoints.d.ts.map