Edison/powerpoint-toolbox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Heiko Joerg Schick
2025-03-07 19:22:02 +01:00
commit 4a98255d83
55743 changed files with 5280367 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/brokerOptions.d.ts
Generated Vendored
+44
View File
@@ -0,0 +1,44 @@
/**
* Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.
*/
export type BrokerOptions = BrokerEnabledOptions | BrokerDisabledOptions;
/**
* Parameters when WAM broker authentication is disabled.
*/
export interface BrokerDisabledOptions {
/**
* If set to true, broker will be enabled for WAM support on Windows.
*/
enabled: false;
/**
* If set to true, MSA account will be passed through, required for WAM authentication.
*/
legacyEnableMsaPassthrough?: undefined;
/**
* Window handle for parent window, required for WAM authentication.
*/
parentWindowHandle: undefined;
}
/**
* Parameters when WAM broker authentication is enabled.
*/
export interface BrokerEnabledOptions {
/**
* If set to true, broker will be enabled for WAM support on Windows.
*/
enabled: true;
/**
* If set to true, MSA account will be passed through, required for WAM authentication.
*/
legacyEnableMsaPassthrough?: boolean;
/**
* Window handle for parent window, required for WAM authentication.
*/
parentWindowHandle: Uint8Array;
/**
* If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication.
* Default is set to false.
*/
useDefaultBrokerAccount?: boolean;
}
//# sourceMappingURL=brokerOptions.d.ts.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/brokerOptions.d.ts.map
Generated Vendored
+1
View File
@@ -0,0 +1 @@
{"version":3,"file":"brokerOptions.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/brokerOptions.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,oBAAoB,GAAG,qBAAqB,CAAC;AAEzE;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,OAAO,EAAE,KAAK,CAAC;IAEf;;OAEG;IACH,0BAA0B,CAAC,EAAE,SAAS,CAAC;IACvC;;OAEG;IACH,kBAAkB,EAAE,SAAS,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;OAEG;IACH,OAAO,EAAE,IAAI,CAAC;IACd;;OAEG;IACH,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC;;OAEG;IACH,kBAAkB,EAAE,UAAU,CAAC;IAE/B;;;OAGG;IACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC"}
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/brokerOptions.js
Generated Vendored
+3
View File
@@ -0,0 +1,3 @@
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
//# sourceMappingURL=brokerOptions.js.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/brokerOptions.js.map
Generated Vendored
+1
View File
@@ -0,0 +1 @@
{"version":3,"file":"brokerOptions.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/brokerOptions.ts"],"names":[],"mappings":"","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n/**\n * Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.\n */\nexport type BrokerOptions = BrokerEnabledOptions | BrokerDisabledOptions;\n\n/**\n * Parameters when WAM broker authentication is disabled.\n */\nexport interface BrokerDisabledOptions {\n /**\n * If set to true, broker will be enabled for WAM support on Windows.\n */\n enabled: false;\n\n /**\n * If set to true, MSA account will be passed through, required for WAM authentication.\n */\n legacyEnableMsaPassthrough?: undefined;\n /**\n * Window handle for parent window, required for WAM authentication.\n */\n parentWindowHandle: undefined;\n}\n\n/**\n * Parameters when WAM broker authentication is enabled.\n */\nexport interface BrokerEnabledOptions {\n /**\n * If set to true, broker will be enabled for WAM support on Windows.\n */\n enabled: true;\n /**\n * If set to true, MSA account will be passed through, required for WAM authentication.\n */\n legacyEnableMsaPassthrough?: boolean;\n /**\n * Window handle for parent window, required for WAM authentication.\n */\n parentWindowHandle: Uint8Array;\n\n /**\n * If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication.\n * Default is set to false.\n */\n useDefaultBrokerAccount?: boolean;\n}\n"]}
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalClient.d.ts
Generated Vendored
+186
View File
@@ -0,0 +1,186 @@
import * as msal from "@azure/msal-node";
import type { AccessToken, GetTokenOptions } from "@azure/core-auth";
import type { AuthenticationRecord, CertificateParts } from "../types.js";
import type { CredentialLogger } from "../../util/logging.js";
import type { BrokerOptions } from "./brokerOptions.js";
import type { DeviceCodePromptCallback } from "../../credentials/deviceCodeCredentialOptions.js";
import { IdentityClient } from "../../client/identityClient.js";
import type { InteractiveBrowserCredentialNodeOptions } from "../../credentials/interactiveBrowserCredentialOptions.js";
import type { TokenCachePersistenceOptions } from "./tokenCachePersistenceOptions.js";
/**
* Represents the options for acquiring a token using flows that support silent authentication.
*/
export interface GetTokenWithSilentAuthOptions extends GetTokenOptions {
/**
* Disables automatic authentication. If set to true, the method will throw an error if the user needs to authenticate.
*
* @remarks
*
* This option will be set to `false` when the user calls `authenticate` directly on a credential that supports it.
*/
disableAutomaticAuthentication?: boolean;
}
/**
* Represents the options for acquiring a token interactively.
*/
export interface GetTokenInteractiveOptions extends GetTokenWithSilentAuthOptions {
/**
* Window handle for parent window, required for WAM authentication.
*/
parentWindowHandle?: Buffer;
/**
* Shared configuration options for browser customization
*/
browserCustomizationOptions?: InteractiveBrowserCredentialNodeOptions["browserCustomizationOptions"];
/**
* loginHint allows a user name to be pre-selected for interactive logins.
* Setting this option skips the account selection prompt and immediately attempts to login with the specified account.
*/
loginHint?: string;
}
/**
* Represents a client for interacting with the Microsoft Authentication Library (MSAL).
*/
export interface MsalClient {
/**
*
* Retrieves an access token by using the on-behalf-of flow and a client assertion callback of the calling service.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param userAssertionToken - The access token that was sent to the middle-tier API. This token must have an audience of the app making this OBO request.
* @param clientCredentials - The client secret OR client certificate OR client `getAssertion` callback.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenOnBehalfOf(scopes: string[], userAssertionToken: string, clientCredentials: string | CertificateParts | (() => Promise<string>), options?: GetTokenOptions): Promise<AccessToken>;
/**
* Retrieves an access token by using an interactive prompt (InteractiveBrowserCredential).
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenByInteractiveRequest(scopes: string[], options: GetTokenInteractiveOptions): Promise<AccessToken>;
/**
* Retrieves an access token by using a user's username and password.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param username - The username provided by the developer.
* @param password - The user's password provided by the developer.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenByUsernamePassword(scopes: string[], username: string, password: string, options?: GetTokenOptions): Promise<AccessToken>;
/**
* Retrieves an access token by prompting the user to authenticate using a device code.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param userPromptCallback - The callback function that allows developers to customize the prompt message.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenByDeviceCode(scopes: string[], userPromptCallback: DeviceCodePromptCallback, options?: GetTokenWithSilentAuthOptions): Promise<AccessToken>;
/**
* Retrieves an access token by using a client certificate.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param certificate - The client certificate used for authentication.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenByClientCertificate(scopes: string[], certificate: CertificateParts, options?: GetTokenOptions): Promise<AccessToken>;
/**
* Retrieves an access token by using a client assertion.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param clientAssertion - The client `getAssertion` callback used for authentication.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenByClientAssertion(scopes: string[], clientAssertion: () => Promise<string>, options?: GetTokenOptions): Promise<AccessToken>;
/**
* Retrieves an access token by using a client secret.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param clientSecret - The client secret of the application. This is a credential that the application can use to authenticate itself.
* @param options - Additional options that may be provided to the method.
* @returns An access token.
*/
getTokenByClientSecret(scopes: string[], clientSecret: string, options?: GetTokenOptions): Promise<AccessToken>;
/**
* Retrieves an access token by using an authorization code flow.
*
* @param scopes - The scopes for which the access token is requested. These represent the resources that the application wants to access.
* @param authorizationCode - An authorization code that was received from following the
authorization code flow. This authorization code must not
have already been used to obtain an access token.
* @param redirectUri - The redirect URI that was used to request the authorization code.
Must be the same URI that is configured for the App Registration.
* @param clientSecret - An optional client secret that was generated for the App Registration.
* @param options - Additional options that may be provided to the method.
*/
getTokenByAuthorizationCode(scopes: string[], redirectUri: string, authorizationCode: string, clientSecret?: string, options?: GetTokenWithSilentAuthOptions): Promise<AccessToken>;
/**
* Retrieves the last authenticated account. This method expects an authentication record to have been previously loaded.
*
* An authentication record could be loaded by calling the `getToken` method, or by providing an `authenticationRecord` when creating a credential.
*/
getActiveAccount(): AuthenticationRecord | undefined;
}
/**
* Represents the options for configuring the MsalClient.
*/
export interface MsalClientOptions {
/**
* Parameters that enable WAM broker authentication in the InteractiveBrowserCredential.
*/
brokerOptions?: BrokerOptions;
/**
* Parameters that enable token cache persistence in the Identity credentials.
*/
tokenCachePersistenceOptions?: TokenCachePersistenceOptions;
/**
* A custom authority host.
*/
authorityHost?: IdentityClient["tokenCredentialOptions"]["authorityHost"];
/**
* Allows users to configure settings for logging policy options, allow logging account information and personally identifiable information for customer support.
*/
loggingOptions?: IdentityClient["tokenCredentialOptions"]["loggingOptions"];
/**
* The token credential options for the MsalClient.
*/
tokenCredentialOptions?: IdentityClient["tokenCredentialOptions"];
/**
* Determines whether instance discovery is disabled.
*/
disableInstanceDiscovery?: boolean;
/**
* The logger for the MsalClient.
*/
logger?: CredentialLogger;
/**
* The authentication record for the MsalClient.
*/
authenticationRecord?: AuthenticationRecord;
}
/**
* Generates the configuration for MSAL (Microsoft Authentication Library).
*
* @param clientId - The client ID of the application.
* @param tenantId - The tenant ID of the Azure Active Directory.
* @param msalClientOptions - Optional. Additional options for creating the MSAL client.
* @returns The MSAL configuration object.
*/
export declare function generateMsalConfiguration(clientId: string, tenantId: string, msalClientOptions?: MsalClientOptions): msal.Configuration;
/**
* Creates an instance of the MSAL (Microsoft Authentication Library) client.
*
* @param clientId - The client ID of the application.
* @param tenantId - The tenant ID of the Azure Active Directory.
* @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.
* @returns An instance of the MSAL client.
*
* @public
*/
export declare function createMsalClient(clientId: string, tenantId: string, createMsalClientOptions?: MsalClientOptions): MsalClient;
//# sourceMappingURL=msalClient.d.ts.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalClient.d.ts.map
Generated Vendored
+1
View File
@@ -0,0 +1 @@
{"version":3,"file":"msalClient.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalClient.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,IAAI,MAAM,kBAAkB,CAAC;AAEzC,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,KAAK,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC1E,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAiB9D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,kDAAkD,CAAC;AACjG,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,KAAK,EAAE,uCAAuC,EAAE,MAAM,0DAA0D,CAAC;AACxH,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAUtF;;GAEG;AACH,MAAM,WAAW,6BAA8B,SAAQ,eAAe;IACpE;;;;;;OAMG;IACH,8BAA8B,CAAC,EAAE,OAAO,CAAC;CAC1C;AAED;;GAEG;AACH,MAAM,WAAW,0BAA2B,SAAQ,6BAA6B;IAC/E;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,2BAA2B,CAAC,EAAE,uCAAuC,CAAC,6BAA6B,CAAC,CAAC;IACrG;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;;;;;OASG;IACH,kBAAkB,CAChB,MAAM,EAAE,MAAM,EAAE,EAChB,kBAAkB,EAAE,MAAM,EAC1B,iBAAiB,EAAE,MAAM,GAAG,gBAAgB,GAAG,CAAC,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC,EACtE,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;OAKG;IACH,4BAA4B,CAC1B,MAAM,EAAE,MAAM,EAAE,EAChB,OAAO,EAAE,0BAA0B,GAClC,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;;OAQG;IACH,0BAA0B,CACxB,MAAM,EAAE,MAAM,EAAE,EAChB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;OAOG;IACH,oBAAoB,CAClB,MAAM,EAAE,MAAM,EAAE,EAChB,kBAAkB,EAAE,wBAAwB,EAC5C,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,WAAW,CAAC,CAAC;IACxB;;;;;;;OAOG;IACH,2BAA2B,CACzB,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,gBAAgB,EAC7B,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;OAOG;IACH,yBAAyB,CACvB,MAAM,EAAE,MAAM,EAAE,EAChB,eAAe,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,EACtC,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;OAOG;IACH,sBAAsB,CACpB,MAAM,EAAE,MAAM,EAAE,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;;;;;;;;OAWG;IACH,2BAA2B,CACzB,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,MAAM,EACnB,iBAAiB,EAAE,MAAM,EACzB,YAAY,CAAC,EAAE,MAAM,EACrB,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,WAAW,CAAC,CAAC;IAExB;;;;OAIG;IACH,gBAAgB,IAAI,oBAAoB,GAAG,SAAS,CAAC;CACtD;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;IAE9B;;OAEG;IACH,4BAA4B,CAAC,EAAE,4BAA4B,CAAC;IAE5D;;OAEG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC,wBAAwB,CAAC,CAAC,eAAe,CAAC,CAAC;IAE1E;;OAEG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC,wBAAwB,CAAC,CAAC,gBAAgB,CAAC,CAAC;IAE5E;;OAEG;IACH,sBAAsB,CAAC,EAAE,cAAc,CAAC,wBAAwB,CAAC,CAAC;IAElE;;OAEG;IACH,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC;;OAEG;IACH,MAAM,CAAC,EAAE,gBAAgB,CAAC;IAE1B;;OAEG;IACH,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;CAC7C;AAED;;;;;;;GAOG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,iBAAiB,GAAE,iBAAsB,GACxC,IAAI,CAAC,aAAa,CAoCpB;AAyBD;;;;;;;;;GASG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,uBAAuB,GAAE,iBAAsB,GAC9C,UAAU,CA0gBZ"}
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalClient.js
Generated Vendored
+474
View File
@@ -0,0 +1,474 @@
"use strict";
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
Object.defineProperty(exports, "__esModule", { value: true });
exports.generateMsalConfiguration = generateMsalConfiguration;
exports.createMsalClient = createMsalClient;
const tslib_1 = require("tslib");
const msal = tslib_1.__importStar(require("@azure/msal-node"));
const logging_js_1 = require("../../util/logging.js");
const msalPlugins_js_1 = require("./msalPlugins.js");
const utils_js_1 = require("../utils.js");
const errors_js_1 = require("../../errors.js");
const identityClient_js_1 = require("../../client/identityClient.js");
const regionalAuthority_js_1 = require("../../regionalAuthority.js");
const logger_1 = require("@azure/logger");
const tenantIdUtils_js_1 = require("../../util/tenantIdUtils.js");
/**
* The default logger used if no logger was passed in by the credential.
*/
const msalLogger = (0, logging_js_1.credentialLogger)("MsalClient");
/**
* Generates the configuration for MSAL (Microsoft Authentication Library).
*
* @param clientId - The client ID of the application.
* @param tenantId - The tenant ID of the Azure Active Directory.
* @param msalClientOptions - Optional. Additional options for creating the MSAL client.
* @returns The MSAL configuration object.
*/
function generateMsalConfiguration(clientId, tenantId, msalClientOptions = {}) {
var _a, _b, _c;
const resolvedTenant = (0, tenantIdUtils_js_1.resolveTenantId)((_a = msalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger, tenantId, clientId);
// TODO: move and reuse getIdentityClientAuthorityHost
const authority = (0, utils_js_1.getAuthority)(resolvedTenant, (0, utils_js_1.getAuthorityHost)(msalClientOptions));
const httpClient = new identityClient_js_1.IdentityClient(Object.assign(Object.assign({}, msalClientOptions.tokenCredentialOptions), { authorityHost: authority, loggingOptions: msalClientOptions.loggingOptions }));
const msalConfig = {
auth: {
clientId,
authority,
knownAuthorities: (0, utils_js_1.getKnownAuthorities)(resolvedTenant, authority, msalClientOptions.disableInstanceDiscovery),
},
system: {
networkClient: httpClient,
loggerOptions: {
loggerCallback: (0, utils_js_1.defaultLoggerCallback)((_b = msalClientOptions.logger) !== null && _b !== void 0 ? _b : msalLogger),
logLevel: (0, utils_js_1.getMSALLogLevel)((0, logger_1.getLogLevel)()),
piiLoggingEnabled: (_c = msalClientOptions.loggingOptions) === null || _c === void 0 ? void 0 : _c.enableUnsafeSupportLogging,
},
},
};
return msalConfig;
}
/**
* Creates an instance of the MSAL (Microsoft Authentication Library) client.
*
* @param clientId - The client ID of the application.
* @param tenantId - The tenant ID of the Azure Active Directory.
* @param createMsalClientOptions - Optional. Additional options for creating the MSAL client.
* @returns An instance of the MSAL client.
*
* @public
*/
function createMsalClient(clientId, tenantId, createMsalClientOptions = {}) {
var _a;
const state = {
msalConfig: generateMsalConfiguration(clientId, tenantId, createMsalClientOptions),
cachedAccount: createMsalClientOptions.authenticationRecord
? (0, utils_js_1.publicToMsal)(createMsalClientOptions.authenticationRecord)
: null,
pluginConfiguration: msalPlugins_js_1.msalPlugins.generatePluginConfiguration(createMsalClientOptions),
logger: (_a = createMsalClientOptions.logger) !== null && _a !== void 0 ? _a : msalLogger,
};
const publicApps = new Map();
async function getPublicApp(options = {}) {
const appKey = options.enableCae ? "CAE" : "default";
let publicClientApp = publicApps.get(appKey);
if (publicClientApp) {
state.logger.getToken.info("Existing PublicClientApplication found in cache, returning it.");
return publicClientApp;
}
// Initialize a new app and cache it
state.logger.getToken.info(`Creating new PublicClientApplication with CAE ${options.enableCae ? "enabled" : "disabled"}.`);
const cachePlugin = options.enableCae
? state.pluginConfiguration.cache.cachePluginCae
: state.pluginConfiguration.cache.cachePlugin;
state.msalConfig.auth.clientCapabilities = options.enableCae ? ["cp1"] : undefined;
publicClientApp = new msal.PublicClientApplication(Object.assign(Object.assign({}, state.msalConfig), { broker: { nativeBrokerPlugin: state.pluginConfiguration.broker.nativeBrokerPlugin }, cache: { cachePlugin: await cachePlugin } }));
publicApps.set(appKey, publicClientApp);
return publicClientApp;
}
const confidentialApps = new Map();
async function getConfidentialApp(options = {}) {
const appKey = options.enableCae ? "CAE" : "default";
let confidentialClientApp = confidentialApps.get(appKey);
if (confidentialClientApp) {
state.logger.getToken.info("Existing ConfidentialClientApplication found in cache, returning it.");
return confidentialClientApp;
}
// Initialize a new app and cache it
state.logger.getToken.info(`Creating new ConfidentialClientApplication with CAE ${options.enableCae ? "enabled" : "disabled"}.`);
const cachePlugin = options.enableCae
? state.pluginConfiguration.cache.cachePluginCae
: state.pluginConfiguration.cache.cachePlugin;
state.msalConfig.auth.clientCapabilities = options.enableCae ? ["cp1"] : undefined;
confidentialClientApp = new msal.ConfidentialClientApplication(Object.assign(Object.assign({}, state.msalConfig), { broker: { nativeBrokerPlugin: state.pluginConfiguration.broker.nativeBrokerPlugin }, cache: { cachePlugin: await cachePlugin } }));
confidentialApps.set(appKey, confidentialClientApp);
return confidentialClientApp;
}
async function getTokenSilent(app, scopes, options = {}) {
if (state.cachedAccount === null) {
state.logger.getToken.info("No cached account found in local state.");
throw new errors_js_1.AuthenticationRequiredError({ scopes });
}
// Keep track and reuse the claims we received across challenges
if (options.claims) {
state.cachedClaims = options.claims;
}
const silentRequest = {
account: state.cachedAccount,
scopes,
claims: state.cachedClaims,
};
if (state.pluginConfiguration.broker.isEnabled) {
silentRequest.tokenQueryParameters || (silentRequest.tokenQueryParameters = {});
if (state.pluginConfiguration.broker.enableMsaPassthrough) {
silentRequest.tokenQueryParameters["msal_request_type"] = "consumer_passthrough";
}
}
if (options.proofOfPossessionOptions) {
silentRequest.shrNonce = options.proofOfPossessionOptions.nonce;
silentRequest.authenticationScheme = "pop";
silentRequest.resourceRequestMethod = options.proofOfPossessionOptions.resourceRequestMethod;
silentRequest.resourceRequestUri = options.proofOfPossessionOptions.resourceRequestUrl;
}
state.logger.getToken.info("Attempting to acquire token silently");
try {
return await app.acquireTokenSilent(silentRequest);
}
catch (err) {
throw (0, utils_js_1.handleMsalError)(scopes, err, options);
}
}
/**
* Builds an authority URL for the given request. The authority may be different than the one used when creating the MSAL client
* if the user is creating cross-tenant requests
*/
function calculateRequestAuthority(options) {
if (options === null || options === void 0 ? void 0 : options.tenantId) {
return (0, utils_js_1.getAuthority)(options.tenantId, (0, utils_js_1.getAuthorityHost)(createMsalClientOptions));
}
return state.msalConfig.auth.authority;
}
/**
* Performs silent authentication using MSAL to acquire an access token.
* If silent authentication fails, falls back to interactive authentication.
*
* @param msalApp - The MSAL application instance.
* @param scopes - The scopes for which to acquire the access token.
* @param options - The options for acquiring the access token.
* @param onAuthenticationRequired - A callback function to handle interactive authentication when silent authentication fails.
* @returns A promise that resolves to an AccessToken object containing the access token and its expiration timestamp.
*/
async function withSilentAuthentication(msalApp, scopes, options, onAuthenticationRequired) {
var _a, _b;
let response = null;
try {
response = await getTokenSilent(msalApp, scopes, options);
}
catch (e) {
if (e.name !== "AuthenticationRequiredError") {
throw e;
}
if (options.disableAutomaticAuthentication) {
throw new errors_js_1.AuthenticationRequiredError({
scopes,
getTokenOptions: options,
message: "Automatic authentication has been disabled. You may call the authentication() method.",
});
}
}
// Silent authentication failed
if (response === null) {
try {
response = await onAuthenticationRequired();
}
catch (err) {
throw (0, utils_js_1.handleMsalError)(scopes, err, options);
}
}
// At this point we should have a token, process it
(0, utils_js_1.ensureValidMsalToken)(scopes, response, options);
state.cachedAccount = (_a = response === null || response === void 0 ? void 0 : response.account) !== null && _a !== void 0 ? _a : null;
state.logger.getToken.info((0, logging_js_1.formatSuccess)(scopes));
return {
token: response.accessToken,
expiresOnTimestamp: response.expiresOn.getTime(),
refreshAfterTimestamp: (_b = response.refreshOn) === null || _b === void 0 ? void 0 : _b.getTime(),
tokenType: response.tokenType,
};
}
async function getTokenByClientSecret(scopes, clientSecret, options = {}) {
var _a;
state.logger.getToken.info(`Attempting to acquire token using client secret`);
state.msalConfig.auth.clientSecret = clientSecret;
const msalApp = await getConfidentialApp(options);
try {
const response = await msalApp.acquireTokenByClientCredential({
scopes,
authority: calculateRequestAuthority(options),
azureRegion: (0, regionalAuthority_js_1.calculateRegionalAuthority)(),
claims: options === null || options === void 0 ? void 0 : options.claims,
});
(0, utils_js_1.ensureValidMsalToken)(scopes, response, options);
state.logger.getToken.info((0, logging_js_1.formatSuccess)(scopes));
return {
token: response.accessToken,
expiresOnTimestamp: response.expiresOn.getTime(),
refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
tokenType: response.tokenType,
};
}
catch (err) {
throw (0, utils_js_1.handleMsalError)(scopes, err, options);
}
}
async function getTokenByClientAssertion(scopes, clientAssertion, options = {}) {
var _a;
state.logger.getToken.info(`Attempting to acquire token using client assertion`);
state.msalConfig.auth.clientAssertion = clientAssertion;
const msalApp = await getConfidentialApp(options);
try {
const response = await msalApp.acquireTokenByClientCredential({
scopes,
authority: calculateRequestAuthority(options),
azureRegion: (0, regionalAuthority_js_1.calculateRegionalAuthority)(),
claims: options === null || options === void 0 ? void 0 : options.claims,
clientAssertion,
});
(0, utils_js_1.ensureValidMsalToken)(scopes, response, options);
state.logger.getToken.info((0, logging_js_1.formatSuccess)(scopes));
return {
token: response.accessToken,
expiresOnTimestamp: response.expiresOn.getTime(),
refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
tokenType: response.tokenType,
};
}
catch (err) {
throw (0, utils_js_1.handleMsalError)(scopes, err, options);
}
}
async function getTokenByClientCertificate(scopes, certificate, options = {}) {
var _a;
state.logger.getToken.info(`Attempting to acquire token using client certificate`);
state.msalConfig.auth.clientCertificate = certificate;
const msalApp = await getConfidentialApp(options);
try {
const response = await msalApp.acquireTokenByClientCredential({
scopes,
authority: calculateRequestAuthority(options),
azureRegion: (0, regionalAuthority_js_1.calculateRegionalAuthority)(),
claims: options === null || options === void 0 ? void 0 : options.claims,
});
(0, utils_js_1.ensureValidMsalToken)(scopes, response, options);
state.logger.getToken.info((0, logging_js_1.formatSuccess)(scopes));
return {
token: response.accessToken,
expiresOnTimestamp: response.expiresOn.getTime(),
refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
tokenType: response.tokenType,
};
}
catch (err) {
throw (0, utils_js_1.handleMsalError)(scopes, err, options);
}
}
async function getTokenByDeviceCode(scopes, deviceCodeCallback, options = {}) {
state.logger.getToken.info(`Attempting to acquire token using device code`);
const msalApp = await getPublicApp(options);
return withSilentAuthentication(msalApp, scopes, options, () => {
var _a, _b;
const requestOptions = {
scopes,
cancel: (_b = (_a = options === null || options === void 0 ? void 0 : options.abortSignal) === null || _a === void 0 ? void 0 : _a.aborted) !== null && _b !== void 0 ? _b : false,
deviceCodeCallback,
authority: calculateRequestAuthority(options),
claims: options === null || options === void 0 ? void 0 : options.claims,
};
const deviceCodeRequest = msalApp.acquireTokenByDeviceCode(requestOptions);
if (options.abortSignal) {
options.abortSignal.addEventListener("abort", () => {
requestOptions.cancel = true;
});
}
return deviceCodeRequest;
});
}
async function getTokenByUsernamePassword(scopes, username, password, options = {}) {
state.logger.getToken.info(`Attempting to acquire token using username and password`);
const msalApp = await getPublicApp(options);
return withSilentAuthentication(msalApp, scopes, options, () => {
const requestOptions = {
scopes,
username,
password,
authority: calculateRequestAuthority(options),
claims: options === null || options === void 0 ? void 0 : options.claims,
};
return msalApp.acquireTokenByUsernamePassword(requestOptions);
});
}
function getActiveAccount() {
if (!state.cachedAccount) {
return undefined;
}
return (0, utils_js_1.msalToPublic)(clientId, state.cachedAccount);
}
async function getTokenByAuthorizationCode(scopes, redirectUri, authorizationCode, clientSecret, options = {}) {
state.logger.getToken.info(`Attempting to acquire token using authorization code`);
let msalApp;
if (clientSecret) {
// If a client secret is provided, we need to use a confidential client application
// See https://learn.microsoft.com/entra/identity-platform/v2-oauth2-auth-code-flow#request-an-access-token-with-a-client_secret
state.msalConfig.auth.clientSecret = clientSecret;
msalApp = await getConfidentialApp(options);
}
else {
msalApp = await getPublicApp(options);
}
return withSilentAuthentication(msalApp, scopes, options, () => {
return msalApp.acquireTokenByCode({
scopes,
redirectUri,
code: authorizationCode,
authority: calculateRequestAuthority(options),
claims: options === null || options === void 0 ? void 0 : options.claims,
});
});
}
async function getTokenOnBehalfOf(scopes, userAssertionToken, clientCredentials, options = {}) {
var _a;
msalLogger.getToken.info(`Attempting to acquire token on behalf of another user`);
if (typeof clientCredentials === "string") {
// Client secret
msalLogger.getToken.info(`Using client secret for on behalf of flow`);
state.msalConfig.auth.clientSecret = clientCredentials;
}
else if (typeof clientCredentials === "function") {
// Client Assertion
msalLogger.getToken.info(`Using client assertion callback for on behalf of flow`);
state.msalConfig.auth.clientAssertion = clientCredentials;
}
else {
// Client certificate
msalLogger.getToken.info(`Using client certificate for on behalf of flow`);
state.msalConfig.auth.clientCertificate = clientCredentials;
}
const msalApp = await getConfidentialApp(options);
try {
const response = await msalApp.acquireTokenOnBehalfOf({
scopes,
authority: calculateRequestAuthority(options),
claims: options.claims,
oboAssertion: userAssertionToken,
});
(0, utils_js_1.ensureValidMsalToken)(scopes, response, options);
msalLogger.getToken.info((0, logging_js_1.formatSuccess)(scopes));
return {
token: response.accessToken,
expiresOnTimestamp: response.expiresOn.getTime(),
refreshAfterTimestamp: (_a = response.refreshOn) === null || _a === void 0 ? void 0 : _a.getTime(),
tokenType: response.tokenType,
};
}
catch (err) {
throw (0, utils_js_1.handleMsalError)(scopes, err, options);
}
}
async function getTokenByInteractiveRequest(scopes, options = {}) {
msalLogger.getToken.info(`Attempting to acquire token interactively`);
const app = await getPublicApp(options);
/**
* A helper function that supports brokered authentication through the MSAL's public application.
*
* When options.useDefaultBrokerAccount is true, the method will attempt to authenticate using the default broker account.
* If the default broker account is not available, the method will fall back to interactive authentication.
*/
async function getBrokeredToken(useDefaultBrokerAccount) {
var _a;
msalLogger.verbose("Authentication will resume through the broker");
const interactiveRequest = createBaseInteractiveRequest();
if (state.pluginConfiguration.broker.parentWindowHandle) {
interactiveRequest.windowHandle = Buffer.from(state.pluginConfiguration.broker.parentWindowHandle);
}
else {
// this is a bug, as the pluginConfiguration handler should validate this case.
msalLogger.warning("Parent window handle is not specified for the broker. This may cause unexpected behavior. Please provide the parentWindowHandle.");
}
if (state.pluginConfiguration.broker.enableMsaPassthrough) {
((_a = interactiveRequest.tokenQueryParameters) !== null && _a !== void 0 ? _a : (interactiveRequest.tokenQueryParameters = {}))["msal_request_type"] =
"consumer_passthrough";
}
if (useDefaultBrokerAccount) {
interactiveRequest.prompt = "none";
msalLogger.verbose("Attempting broker authentication using the default broker account");
}
else {
msalLogger.verbose("Attempting broker authentication without the default broker account");
}
if (options.proofOfPossessionOptions) {
interactiveRequest.shrNonce = options.proofOfPossessionOptions.nonce;
interactiveRequest.authenticationScheme = "pop";
interactiveRequest.resourceRequestMethod =
options.proofOfPossessionOptions.resourceRequestMethod;
interactiveRequest.resourceRequestUri = options.proofOfPossessionOptions.resourceRequestUrl;
}
try {
return await app.acquireTokenInteractive(interactiveRequest);
}
catch (e) {
msalLogger.verbose(`Failed to authenticate through the broker: ${e.message}`);
// If we tried to use the default broker account and failed, fall back to interactive authentication
if (useDefaultBrokerAccount) {
return getBrokeredToken(/* useDefaultBrokerAccount: */ false);
}
else {
throw e;
}
}
}
function createBaseInteractiveRequest() {
var _a, _b;
return {
openBrowser: async (url) => {
const open = await import("open");
await open.default(url, { wait: true, newInstance: true });
},
scopes,
authority: calculateRequestAuthority(options),
claims: options === null || options === void 0 ? void 0 : options.claims,
loginHint: options === null || options === void 0 ? void 0 : options.loginHint,
errorTemplate: (_a = options === null || options === void 0 ? void 0 : options.browserCustomizationOptions) === null || _a === void 0 ? void 0 : _a.errorMessage,
successTemplate: (_b = options === null || options === void 0 ? void 0 : options.browserCustomizationOptions) === null || _b === void 0 ? void 0 : _b.successMessage,
prompt: (options === null || options === void 0 ? void 0 : options.loginHint) ? "login" : "select_account",
};
}
return withSilentAuthentication(app, scopes, options, async () => {
var _a;
const interactiveRequest = createBaseInteractiveRequest();
if (state.pluginConfiguration.broker.isEnabled) {
return getBrokeredToken((_a = state.pluginConfiguration.broker.useDefaultBrokerAccount) !== null && _a !== void 0 ? _a : false);
}
if (options.proofOfPossessionOptions) {
interactiveRequest.shrNonce = options.proofOfPossessionOptions.nonce;
interactiveRequest.authenticationScheme = "pop";
interactiveRequest.resourceRequestMethod =
options.proofOfPossessionOptions.resourceRequestMethod;
interactiveRequest.resourceRequestUri = options.proofOfPossessionOptions.resourceRequestUrl;
}
return app.acquireTokenInteractive(interactiveRequest);
});
}
return {
getActiveAccount,
getTokenByClientSecret,
getTokenByClientAssertion,
getTokenByClientCertificate,
getTokenByDeviceCode,
getTokenByUsernamePassword,
getTokenByAuthorizationCode,
getTokenOnBehalfOf,
getTokenByInteractiveRequest,
};
}
//# sourceMappingURL=msalClient.js.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalClient.js.map
Generated Vendored
+1
View File
File diff suppressed because one or more lines are too long
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts
Generated Vendored
+91
View File
@@ -0,0 +1,91 @@
import type * as msalNode from "@azure/msal-node";
import type { MsalClientOptions } from "./msalClient.js";
import type { NativeBrokerPluginControl } from "../../plugins/provider.js";
import type { TokenCachePersistenceOptions } from "./tokenCachePersistenceOptions.js";
/**
* Configuration for the plugins used by the MSAL node client.
*/
export interface PluginConfiguration {
/**
* Configuration for the cache plugin.
*/
cache: {
/**
* The non-CAE cache plugin handler.
*/
cachePlugin?: Promise<msalNode.ICachePlugin>;
/**
* The CAE cache plugin handler - persisted to a different file.
*/
cachePluginCae?: Promise<msalNode.ICachePlugin>;
};
/**
* Configuration for the broker plugin.
*/
broker: {
/**
* True if the broker plugin is enabled and available. False otherwise.
*
* It is a bug if this is true and the broker plugin is not available.
*/
isEnabled: boolean;
/**
* If true, MSA account will be passed through, required for WAM authentication.
*/
enableMsaPassthrough: boolean;
/**
* The parent window handle for the broker.
*/
parentWindowHandle?: Uint8Array;
/**
* The native broker plugin handler.
*/
nativeBrokerPlugin?: msalNode.INativeBrokerPlugin;
/**
* If set to true, the credential will attempt to use the default broker account for authentication before falling back to interactive authentication. Default is set to false.
*/
useDefaultBrokerAccount?: boolean;
};
}
/**
* The current persistence provider, undefined by default.
* @internal
*/
export declare let persistenceProvider: ((options?: TokenCachePersistenceOptions) => Promise<msalNode.ICachePlugin>) | undefined;
/**
* An object that allows setting the persistence provider.
* @internal
*/
export declare const msalNodeFlowCacheControl: {
setPersistence(pluginProvider: Exclude<typeof persistenceProvider, undefined>): void;
};
/**
* The current native broker provider, undefined by default.
* @internal
*/
export declare let nativeBrokerInfo: {
broker: msalNode.INativeBrokerPlugin;
} | undefined;
export declare function hasNativeBroker(): boolean;
/**
* An object that allows setting the native broker provider.
* @internal
*/
export declare const msalNodeFlowNativeBrokerControl: NativeBrokerPluginControl;
/**
* Configures plugins, validating that required plugins are available and enabled.
*
* Does not create the plugins themselves, but rather returns the configuration that will be used to create them.
*
* @param options - options for creating the MSAL client
* @returns plugin configuration
*/
declare function generatePluginConfiguration(options: MsalClientOptions): PluginConfiguration;
/**
* Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.
*/
export declare const msalPlugins: {
generatePluginConfiguration: typeof generatePluginConfiguration;
};
export {};
//# sourceMappingURL=msalPlugins.d.ts.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalPlugins.d.ts.map
Generated Vendored
+1
View File
@@ -0,0 +1 @@
{"version":3,"file":"msalPlugins.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/msalPlugins.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,KAAK,QAAQ,MAAM,kBAAkB,CAAC;AAQlD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AAC3E,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAEtF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC;;OAEG;IACH,KAAK,EAAE;QACL;;WAEG;QACH,WAAW,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAC7C;;WAEG;QACH,cAAc,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;KACjD,CAAC;IACF;;OAEG;IACH,MAAM,EAAE;QACN;;;;WAIG;QACH,SAAS,EAAE,OAAO,CAAC;QACnB;;WAEG;QACH,oBAAoB,EAAE,OAAO,CAAC;QAC9B;;WAEG;QACH,kBAAkB,CAAC,EAAE,UAAU,CAAC;QAChC;;WAEG;QACH,kBAAkB,CAAC,EAAE,QAAQ,CAAC,mBAAmB,CAAC;QAClD;;WAEG;QACH,uBAAuB,CAAC,EAAE,OAAO,CAAC;KACnC,CAAC;CACH;AAED;;;GAGG;AACH,eAAO,IAAI,mBAAmB,EAC1B,CAAC,CAAC,OAAO,CAAC,EAAE,4BAA4B,KAAK,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,GAC5E,SAAqB,CAAC;AAE1B;;;GAGG;AACH,eAAO,MAAM,wBAAwB;mCACJ,OAAO,CAAC,OAAO,mBAAmB,EAAE,SAAS,CAAC,GAAG,IAAI;CAGrF,CAAC;AAEF;;;GAGG;AACH,eAAO,IAAI,gBAAgB,EACvB;IACE,MAAM,EAAE,QAAQ,CAAC,mBAAmB,CAAC;CACtC,GACD,SAAqB,CAAC;AAE1B,wBAAgB,eAAe,IAAI,OAAO,CAEzC;AAED;;;GAGG;AACH,eAAO,MAAM,+BAA+B,EAAE,yBAM7C,CAAC;AAEF;;;;;;;GAOG;AACH,iBAAS,2BAA2B,CAAC,OAAO,EAAE,iBAAiB,GAAG,mBAAmB,CAgDpF;AAED;;GAEG;AACH,eAAO,MAAM,WAAW;;CAEvB,CAAC"}
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalPlugins.js
Generated Vendored
+91
View File
@@ -0,0 +1,91 @@
"use strict";
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
Object.defineProperty(exports, "__esModule", { value: true });
exports.msalPlugins = exports.msalNodeFlowNativeBrokerControl = exports.nativeBrokerInfo = exports.msalNodeFlowCacheControl = exports.persistenceProvider = void 0;
exports.hasNativeBroker = hasNativeBroker;
const constants_js_1 = require("../../constants.js");
/**
* The current persistence provider, undefined by default.
* @internal
*/
exports.persistenceProvider = undefined;
/**
* An object that allows setting the persistence provider.
* @internal
*/
exports.msalNodeFlowCacheControl = {
setPersistence(pluginProvider) {
exports.persistenceProvider = pluginProvider;
},
};
/**
* The current native broker provider, undefined by default.
* @internal
*/
exports.nativeBrokerInfo = undefined;
function hasNativeBroker() {
return exports.nativeBrokerInfo !== undefined;
}
/**
* An object that allows setting the native broker provider.
* @internal
*/
exports.msalNodeFlowNativeBrokerControl = {
setNativeBroker(broker) {
exports.nativeBrokerInfo = {
broker,
};
},
};
/**
* Configures plugins, validating that required plugins are available and enabled.
*
* Does not create the plugins themselves, but rather returns the configuration that will be used to create them.
*
* @param options - options for creating the MSAL client
* @returns plugin configuration
*/
function generatePluginConfiguration(options) {
var _a, _b, _c, _d, _e, _f, _g;
const config = {
cache: {},
broker: {
isEnabled: (_b = (_a = options.brokerOptions) === null || _a === void 0 ? void 0 : _a.enabled) !== null && _b !== void 0 ? _b : false,
enableMsaPassthrough: (_d = (_c = options.brokerOptions) === null || _c === void 0 ? void 0 : _c.legacyEnableMsaPassthrough) !== null && _d !== void 0 ? _d : false,
parentWindowHandle: (_e = options.brokerOptions) === null || _e === void 0 ? void 0 : _e.parentWindowHandle,
},
};
if ((_f = options.tokenCachePersistenceOptions) === null || _f === void 0 ? void 0 : _f.enabled) {
if (exports.persistenceProvider === undefined) {
throw new Error([
"Persistent token caching was requested, but no persistence provider was configured.",
"You must install the identity-cache-persistence plugin package (`npm install --save @azure/identity-cache-persistence`)",
"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling",
"`useIdentityPlugin(cachePersistencePlugin)` before using `tokenCachePersistenceOptions`.",
].join(" "));
}
const cacheBaseName = options.tokenCachePersistenceOptions.name || constants_js_1.DEFAULT_TOKEN_CACHE_NAME;
config.cache.cachePlugin = (0, exports.persistenceProvider)(Object.assign({ name: `${cacheBaseName}.${constants_js_1.CACHE_NON_CAE_SUFFIX}` }, options.tokenCachePersistenceOptions));
config.cache.cachePluginCae = (0, exports.persistenceProvider)(Object.assign({ name: `${cacheBaseName}.${constants_js_1.CACHE_CAE_SUFFIX}` }, options.tokenCachePersistenceOptions));
}
if ((_g = options.brokerOptions) === null || _g === void 0 ? void 0 : _g.enabled) {
if (exports.nativeBrokerInfo === undefined) {
throw new Error([
"Broker for WAM was requested to be enabled, but no native broker was configured.",
"You must install the identity-broker plugin package (`npm install --save @azure/identity-broker`)",
"and enable it by importing `useIdentityPlugin` from `@azure/identity` and calling",
"`useIdentityPlugin(createNativeBrokerPlugin())` before using `enableBroker`.",
].join(" "));
}
config.broker.nativeBrokerPlugin = exports.nativeBrokerInfo.broker;
}
return config;
}
/**
* Wraps generatePluginConfiguration as a writeable property for test stubbing purposes.
*/
exports.msalPlugins = {
generatePluginConfiguration,
};
//# sourceMappingURL=msalPlugins.js.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/msalPlugins.js.map
Generated Vendored
+1
View File
File diff suppressed because one or more lines are too long
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.d.ts
Generated Vendored
+24
View File
@@ -0,0 +1,24 @@
/**
* Parameters that enable token cache persistence in the Identity credentials.
*/
export interface TokenCachePersistenceOptions {
/**
* If set to true, persistent token caching will be enabled for this credential instance.
*/
enabled: boolean;
/**
* Unique identifier for the persistent token cache.
*
* Based on this identifier, the persistence file will be located in any of the following places:
* - Darwin: '/Users/user/.IdentityService/<name>'
* - Windows 8+: 'C:\\Users\\user\\AppData\\Local\\.IdentityService\\<name>'
* - Linux: '/home/user/.IdentityService/<name>'
*/
name?: string;
/**
* If set to true, the cache will be stored without encryption if no OS level user encryption is available.
* When set to false, the PersistentTokenCache will throw an error if no OS level user encryption is available.
*/
unsafeAllowUnencryptedStorage?: boolean;
}
//# sourceMappingURL=tokenCachePersistenceOptions.d.ts.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.d.ts.map
Generated Vendored
+1
View File
@@ -0,0 +1 @@
{"version":3,"file":"tokenCachePersistenceOptions.d.ts","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/tokenCachePersistenceOptions.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C;;OAEG;IACH,OAAO,EAAE,OAAO,CAAC;IACjB;;;;;;;OAOG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,6BAA6B,CAAC,EAAE,OAAO,CAAC;CACzC"}
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js
Generated Vendored
+5
View File
@@ -0,0 +1,5 @@
"use strict";
// Copyright (c) Microsoft Corporation.
// Licensed under the MIT License.
Object.defineProperty(exports, "__esModule", { value: true });
//# sourceMappingURL=tokenCachePersistenceOptions.js.map
node_modules/@azure/identity/dist/commonjs/msal/nodeFlows/tokenCachePersistenceOptions.js.map
Generated Vendored
+1
View File
@@ -0,0 +1 @@
{"version":3,"file":"tokenCachePersistenceOptions.js","sourceRoot":"","sources":["../../../../src/msal/nodeFlows/tokenCachePersistenceOptions.ts"],"names":[],"mappings":";AAAA,uCAAuC;AACvC,kCAAkC","sourcesContent":["// Copyright (c) Microsoft Corporation.\n// Licensed under the MIT License.\n\n/**\n * Parameters that enable token cache persistence in the Identity credentials.\n */\nexport interface TokenCachePersistenceOptions {\n /**\n * If set to true, persistent token caching will be enabled for this credential instance.\n */\n enabled: boolean;\n /**\n * Unique identifier for the persistent token cache.\n *\n * Based on this identifier, the persistence file will be located in any of the following places:\n * - Darwin: '/Users/user/.IdentityService/<name>'\n * - Windows 8+: 'C:\\\\Users\\\\user\\\\AppData\\\\Local\\\\.IdentityService\\\\<name>'\n * - Linux: '/home/user/.IdentityService/<name>'\n */\n name?: string;\n /**\n * If set to true, the cache will be stored without encryption if no OS level user encryption is available.\n * When set to false, the PersistentTokenCache will throw an error if no OS level user encryption is available.\n */\n unsafeAllowUnencryptedStorage?: boolean;\n}\n"]}