@azure/msal-node-extensions - npm Package Compare versions

Comparing version 1.0.0-alpha.35 to 1.0.0-beta.0

dist/Dpapi.d.ts

 export interface DpapiBindings {
-    protectData(dataToEncrypt: Uint8Array, optionalEntropy: Uint8Array, scope: string): Uint8Array;
-    unprotectData(encryptData: Uint8Array, optionalEntropy: Uint8Array, scope: string): Uint8Array;
+    protectData(dataToEncrypt: Uint8Array, optionalEntropy: Uint8Array | null, scope: string): Uint8Array;
+    unprotectData(encryptData: Uint8Array, optionalEntropy: Uint8Array | null, scope: string): Uint8Array;
 }
-export declare var Dpapi: DpapiBindings;
-export default Dpapi;
+declare let Dpapi: DpapiBindings;
+export { Dpapi };

dist/index.js

@@ -0,8 +1,26 @@
+/*! @azure/msal-node-extensions v1.0.0-beta.0 2023-06-20 */
+'use strict';
+'use strict';
 
-'use strict'
+var PersistenceCachePlugin = require('./persistence/PersistenceCachePlugin.js');
+var FilePersistence = require('./persistence/FilePersistence.js');
+var FilePersistenceWithDataProtection = require('./persistence/FilePersistenceWithDataProtection.js');
+var DataProtectionScope = require('./persistence/DataProtectionScope.js');
+var KeychainPersistence = require('./persistence/KeychainPersistence.js');
+var LibSecretPersistence = require('./persistence/LibSecretPersistence.js');
+var PersistenceCreator = require('./persistence/PersistenceCreator.js');
+var Environment = require('./utils/Environment.js');
+var NativeBrokerPlugin = require('./broker/NativeBrokerPlugin.js');
 
-if (process.env.NODE_ENV === 'production') {
-  module.exports = require('./msal-node-extensions.cjs.production.min.js')
-} else {
-  module.exports = require('./msal-node-extensions.cjs.development.js')
-}
+
+
+exports.PersistenceCachePlugin = PersistenceCachePlugin.PersistenceCachePlugin;
+exports.FilePersistence = FilePersistence.FilePersistence;
+exports.FilePersistenceWithDataProtection = FilePersistenceWithDataProtection.FilePersistenceWithDataProtection;
+exports.DataProtectionScope = DataProtectionScope.DataProtectionScope;
+exports.KeychainPersistence = KeychainPersistence.KeychainPersistence;
+exports.LibSecretPersistence = LibSecretPersistence.LibSecretPersistence;
+exports.PersistenceCreator = PersistenceCreator.PersistenceCreator;
+exports.Environment = Environment.Environment;
+exports.NativeBrokerPlugin = NativeBrokerPlugin.NativeBrokerPlugin;
+//# sourceMappingURL=index.js.map

dist/lock/CrossPlatformLockOptions.d.ts

@@ -7,5 +7,5 @@ /**
  */
-export declare type CrossPlatformLockOptions = {
+export type CrossPlatformLockOptions = {
     retryNumber: number;
     retryDelay: number;
 };

dist/packageMetadata.d.ts

 export declare const name = "@azure/msal-node-extensions";
-export declare const version = "1.0.0-alpha.35";
+export declare const version = "1.0.0-beta.0";

dist/persistence/DataProtectionScope.d.ts

@@ -12,5 +12,6 @@ /**
  */
-export declare enum DataProtectionScope {
-    CurrentUser = "CurrentUser",
-    LocalMachine = "LocalMachine"
-}
+export declare const DataProtectionScope: {
+    readonly CurrentUser: "CurrentUser";
+    readonly LocalMachine: "LocalMachine";
+};
+export type DataProtectionScope = typeof DataProtectionScope[keyof typeof DataProtectionScope];

dist/persistence/FilePersistence.d.ts

@@ -14,2 +14,3 @@ import { IPersistence } from "./IPersistence";
     private logger;
+    private constructor();
     static create(fileLocation: string, loggerOptions?: LoggerOptions): Promise<FilePersistence>;
@@ -16,0 +17,0 @@ save(contents: string): Promise<void>;

dist/persistence/KeychainPersistence.d.ts

@@ -11,4 +11,4 @@ import { IPersistence } from "./IPersistence";
 export declare class KeychainPersistence extends BasePersistence implements IPersistence {
-    protected readonly serviceName: any;
-    protected readonly accountName: any;
+    protected readonly serviceName: string;
+    protected readonly accountName: string;
     private filePersistence;
@@ -15,0 +15,0 @@ private constructor();

dist/persistence/LibSecretPersistence.d.ts

@@ -12,4 +12,4 @@ import { IPersistence } from "./IPersistence";
 export declare class LibSecretPersistence extends BasePersistence implements IPersistence {
-    protected readonly serviceName: any;
-    protected readonly accountName: any;
+    protected readonly serviceName: string;
+    protected readonly accountName: string;
     private filePersistence;
@@ -16,0 +16,0 @@ private constructor();

dist/persistence/PersistenceCachePlugin.d.ts

@@ -20,3 +20,3 @@ import { IPersistence } from "./IPersistence";
     lastSync: number;
-    currentCache: string;
+    currentCache: string | null;
     lockFilePath: string;
@@ -23,0 +23,0 @@ private crossPlatformLock;

dist/utils/Constants.d.ts

@@ -43,10 +43,13 @@ export declare const Constants: {
 };
-export declare enum Platform {
-    WINDOWS = "win32",
-    LINUX = "linux",
-    MACOS = "darwin"
-}
-export declare enum ErrorCodes {
-    INTERATION_REQUIRED_ERROR_CODE = "interaction_required",
-    SERVER_UNAVAILABLE = "server_unavailable"
-}
+export declare const Platform: {
+    readonly WINDOWS: "win32";
+    readonly LINUX: "linux";
+    readonly MACOS: "darwin";
+};
+export type Platform = typeof Platform[keyof typeof Platform];
+export declare const ErrorCodes: {
+    readonly INTERATION_REQUIRED_ERROR_CODE: "interaction_required";
+    readonly SERVER_UNAVAILABLE: "server_unavailable";
+    readonly UNKNOWN: "unknown_error";
+};
+export type ErrorCodes = typeof ErrorCodes[keyof typeof ErrorCodes];

dist/utils/Environment.d.ts

@@ -13,5 +13,5 @@ export declare class Environment {
     static isLinuxRootUser(): boolean;
-    static getUserRootDirectory(): string;
+    static getUserRootDirectory(): string | null;
     static getUserHomeDirOnWindows(): string;
     static getUserHomeDirOnUnix(): string | null;
 }

package.json

 {
   "name": "@azure/msal-node-extensions",
-  "version": "1.0.0-alpha.35",
+  "version": "1.0.0-beta.0",
   "repository": {
@@ -11,3 +11,2 @@ "type": "git",
   "typings": "dist/index.d.ts",
-  "gypfile": true,
   "keywords": [
@@ -23,11 +22,11 @@ "js",
     "dist",
-    "src",
-    "binding.gyp"
+    "bin"
   ],
   "engines": {
-    "node": ">=10"
+    "node": "18 || 20"
   },
   "scripts": {
-    "start": "tsdx watch --tsconfig ./tsconfig.build.json",
-    "build": "node-gyp rebuild && tsdx build --tsconfig ./tsconfig.build.json",
+    "compile": "node-gyp rebuild",
+    "clean": "shx rm -rf dist bin",
+    "build": "npm run clean && rollup -c --strictDeprecations --bundleConfigAsCjs && node ./scripts/buildBinaries.js",
     "build:common": "cd ../../lib/msal-common && npm run build",
@@ -37,6 +36,6 @@ "build:all": "npm run build:common && npm run build",
     "test:coverage": "jest --coverage",
+    "link:localDeps": "npx lerna@6 bootstrap --scope @azure/msal-common --scope @azure/msal-node-extensions",
     "lint": "cd ../../ && npm run lint:node:extensions",
     "lint:fix": "npm run lint -- -- --fix",
-    "link:localDeps": "npx lerna bootstrap --scope @azure/msal-common --scope @azure/msal-node-extensions",
-    "prepack": "npm run build:all"
+    "prepack": "npm run build:all && node ./scripts/checkBinaries.js"
   },
@@ -57,17 +56,19 @@ "author": {
   "dependencies": {
-    "@azure/msal-common": "13.1.0",
+    "@azure/msal-common": "14.0.0-beta.0",
     "@azure/msal-node-runtime": "^0.13.6-alpha.0",
-    "keytar": "^7.8.0",
-    "node-addon-api": "^6.0.0"
+    "keytar": "^7.8.0"
   },
   "devDependencies": {
-    "@types/jest": "^29.5.0",
+    "@rollup/plugin-node-resolve": "^15.0.2",
+    "@rollup/plugin-typescript": "^11.1.0",
+    "@types/jest": "^29.5.1",
     "@types/node": "^18.8.3",
-    "husky": "^4.2.5",
     "jest": "^29.5.0",
-    "ts-jest": "^29.0.5",
-    "tsdx": "^0.14.1",
+    "node-addon-api": "^6.1.0",
+    "rollup": "^3.20.2",
+    "shx": "^0.3.4",
+    "ts-jest": "^29.1.0",
     "tslib": "^2.0.0",
-    "typescript": "~4.8.4"
+    "typescript": "^4.9.5"
   }
-}
+}

README.md

@@ -10,4 +10,4 @@ # Microsoft Authentication Extensions for Node
 1. [About](#about)
-    - [Goals](#goals)
-    - [Non-Goals](#non-goals)
+    - [Cache Persistence](#cache-persistence)
+    - [Brokering](#brokering)
 1. [FAQ](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/extensions/docs/faq.md)
@@ -17,5 +17,4 @@ 1. [Changelog](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/extensions/msal-node-extensions/CHANGELOG.md)
 1. [Installation](#installation)
-1. [Usage](#usage)
-    - [Getting Started](#getting-started)
-    - [Security Boundary](#security-boundary)
+1. [Usage - Cache Persistence](#usage---cache-persistence)
+1. [Usage - Brokering](#usage---brokering)
 1. [Build and Test](#build-and-test)
@@ -31,4 +30,9 @@ - [Build package](#building-the-package-locally)
 ## About
-The Microsoft Authentication Extensions for Node offers secure mechanisms for client applications to perform cross-platform token cache serialization and persistence. It gives additional support to the Microsoft Authentication Library for Node (MSAL).
+The `msal-node-extensions` library offers optional features to enhance the capabilities of `msal-node`:
 
+- Secure mechanisms for client applications to perform cross-platform token cache serialization and persistence
+- An interface for acquiring tokens from the native token broker, enabling a higher level of security and SSO with other native applications
+
+### Cache Persistence
+
 [MSAL Node](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-node) supports an in-memory cache by default and provides the ICachePlugin interface to perform cache serialization, but does not provide a default way of storing the token cache to disk. Microsoft authentication extensions for node is default implementation for persisting cache to disk across different platforms.
@@ -44,14 +48,12 @@
 
-### Goals
-* Provide a robust, secure and configurable token cache persistence implementation across Windows, Mac and Linux for public client applications (rich clients, CLI applications etc.)
-* Token cache storage can be accessed by multiple processes concurrently.
+### Brokering
 
-### Non Goals
-* This implementation is not suitable for web app / web api scenarios, where storing the cache should be done in memory, Redis, Sql Server etc. Have a look at the [web samples](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples) for server-side implementations.
+When using the native broker, refresh tokens are bound to the device on which they are acquired on and are not accessible by `msal-node` or the application. This provides a higher level of security that cannot be achieved by `msal-node` alone. More information about token brokering can be found [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-node/docs/brokering.md)
 
 ## Prerequisites 
 
-The extensions contain prebuild binaries.
-[node-gyp](https://github.com/nodejs/node-gyp) is used to compile addons for accessing system APIs. Installation requirements are listed on the [node-gyp README](https://github.com/nodejs/node-gyp#installation)
+The `msal-node-extensions` library ships with pre-compiled binaries.
 
+> Note: If you are planning to do local development on msal-node-extensions itself you may need to install some additional tools. [node-gyp](https://github.com/nodejs/node-gyp) is used to compile [addons](https://nodejs.org/api/addons.html) for accessing system APIs. Installation requirements are listed on the [node-gyp README](https://github.com/nodejs/node-gyp#installation)
+
 On linux, the library uses `libsecret` so you may need to install it. Depending on your distribution, you will need to run the following command:
@@ -70,3 +72,4 @@
 ```
-## Usage
+## Usage - Cache Persistence
+
 ### Getting started
@@ -132,2 +135,24 @@ Here is a code snippet on how to configure the token cache.
 
+## Usage - Brokering
+
+Enabling token brokering requires just one new configuration parameter:
+
+```javascript
+import { PublicClientApplication, Configuration } from "@azure/msal-node";
+import { NativeBrokerPlugin } from "@azure/msal-node-extensions";
+
+const msalConfig: Configuration = {
+    auth: {
+        clientId: "your-client-id"
+    },
+    broker: {
+        nativeBrokerPlugin: new NativeBrokerPlugin()
+    }
+};
+
+const pca = new PublicClientApplication(msalConfig);
+```
+
+More detailed information can be found in the [brokering documentation](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-node/docs/brokering.md)
+
 ## Build and Test
@@ -139,3 +164,3 @@
 
-To build the `@azure/msal-node-extensions` library, you can do the following:
+To build both the `@azure/msal-node-extensions` library and `@azure/msal-common` libraries, run the following commands:
 
@@ -146,18 +171,5 @@ ```bash
 // Change to the msal-node-extensions package directory
-cd extensions/msal-node-extensions 
-// To run build only for node-extensions package
-npm run build
-```
-
-To build both the `@azure/msal-node-extensions` library and `@azure/msal-common` libraries, you can do the following:
-
-```bash
-// Install dev dependencies from root of repo
-npm install
-// Change to the msal-react package directory
 cd lib/msal-node-extensions/
-// To run build for the common package
-npm run build:common
-// To run build for the msal-node-extensions package
-npm run build
+// Build msal-common and msal-node-extensions
+npm run build:all
 ```
@@ -175,4 +187,7 @@
 ## Samples
-Have a look at a [simple auth-code app](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/extensions/samples/msal-node-extensions) using this token cache. We use this for testing on Windows, Mac and Linux.
 
+- [Auth Code CLI sample with Cache Persistence](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/extensions/samples/msal-node-extensions). This can be run on Windows, Mac and Linux.
+- [Electron sample with Cache Persistence](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/extensions/samples/electron-webpack)
+- [Brokering sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-node-samples/auth-code-cli-brokered-app)
+
 ## Security Reporting
@@ -179,0 +194,0 @@

New alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

591778

increased by27.21%

Dependency count

3

decreased by-25%

Number of package files

99

increased by80%

Number of low quality alerts

2

decreased by-33.33%

Number of lines in readme file

208

increased by7.77%

Worsened metrics

Dev dependency count

11

increased by37.5%

Lines of code

3344

decreased by-19.01%

Number of low supply chain risk alerts

8

increased by14.29%

Number of medium supply chain risk alerts

4

increased by300%

Dependency changes

• + Added@azure/msal-common@14.0.0-beta.0(transitive)

• - Removednode-addon-api@^6.0.0

• - Removed@azure/msal-common@13.1.0(transitive)

• - Removednode-addon-api@6.1.0(transitive)

• Updated@azure/msal-common@14.0.0-beta.0