@azure/msal-node
Advanced tools
Comparing version 1.0.3 to 1.1.0
@@ -5,2 +5,49 @@ { | ||
| { | ||
| "date": "Wed, 12 May 2021 18:35:03 GMT", | ||
| "tag": "@azure/msal-node_v1.1.0", | ||
| "version": "1.1.0", | ||
| "comments": { | ||
| "minor": [ | ||
| { | ||
| "comment": "Add Node 16 to msal-node supported versions", | ||
| "author": "janutter@microsoft.com", | ||
| "commit": "3998b0de71ca3a78b4ee68de2f31bef8b17e5cb8", | ||
| "package": "@azure/msal-node" | ||
| }, | ||
| { | ||
| "comment": "add support for regional authorities", | ||
| "author": "samuelkamau@microsoft.com", | ||
| "commit": "8baa387b34162b1bc96e341d7ad7158debd4b99d", | ||
| "package": "@azure/msal-node" | ||
| } | ||
| ], | ||
| "none": [ | ||
| { | ||
| "comment": "[docs] updates and replacements", | ||
| "author": "dogan.erisen@gmail.com", | ||
| "commit": "56a947b117302218a625d365b63e8ad85859125f", | ||
| "package": "@azure/msal-node" | ||
| }, | ||
| { | ||
| "comment": "add faq entry for msal node", | ||
| "author": "dogan.erisen@gmail.com", | ||
| "commit": "a90b0dc77e25a7f64d8833ad155f9247289eca95", | ||
| "package": "@azure/msal-node" | ||
| }, | ||
| { | ||
| "comment": "add guidance for pfx to pem conversion", | ||
| "author": "dogan.erisen@gmail.com", | ||
| "commit": "ebee07ce04f850cf29b601a04f28fc6f09d3edd9", | ||
| "package": "@azure/msal-node" | ||
| }, | ||
| { | ||
| "comment": "Regenerate package-lock #3510", | ||
| "author": "joarroyo@microsoft.com", | ||
| "commit": "ba0092a452f71a7bc58aaf7acdf94536d66f7493", | ||
| "package": "@azure/msal-node" | ||
| } | ||
| ] | ||
| } | ||
| }, | ||
| { | ||
| "date": "Thu, 22 Apr 2021 23:26:08 GMT", | ||
@@ -7,0 +54,0 @@ "tag": "@azure/msal-node_v1.0.3", |
| # Change Log - @azure/msal-node | ||
| This log was last generated on Thu, 22 Apr 2021 23:26:08 GMT and should not be manually modified. | ||
| This log was last generated on Wed, 12 May 2021 18:35:03 GMT and should not be manually modified. | ||
| <!-- Start content --> | ||
| ## 1.1.0 | ||
| Wed, 12 May 2021 18:35:03 GMT | ||
| ### Minor changes | ||
| - Add Node 16 to msal-node supported versions (janutter@microsoft.com) | ||
| - add support for regional authorities (samuelkamau@microsoft.com) | ||
| ## 1.0.3 | ||
@@ -8,0 +17,0 @@ |
@@ -1,2 +0,2 @@ | ||
| import { ClientConfiguration, AuthenticationResult, BaseAuthRequest, Logger, ServerTelemetryManager } from "@azure/msal-common"; | ||
| import { ClientConfiguration, AuthenticationResult, BaseAuthRequest, Logger, ServerTelemetryManager, AzureRegionConfiguration } from "@azure/msal-common"; | ||
| import { Configuration } from "../config/Configuration"; | ||
@@ -95,3 +95,3 @@ import { NodeStorage } from "../cache/NodeStorage"; | ||
| */ | ||
| protected buildOauthClientConfiguration(authority: string, serverTelemetryManager?: ServerTelemetryManager): Promise<ClientConfiguration>; | ||
| protected buildOauthClientConfiguration(authority: string, serverTelemetryManager?: ServerTelemetryManager, azureRegionConfiguration?: AzureRegionConfiguration): Promise<ClientConfiguration>; | ||
| private getClientAssertion; | ||
@@ -98,0 +98,0 @@ /** |
@@ -1,2 +0,2 @@ | ||
| "use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}Object.defineProperty(exports,"__esModule",{value:!0});var t,i=require("@azure/msal-common"),n=e(require("axios")),r=require("uuid"),s=e(require("crypto")),a=require("jsonwebtoken");!function(e){e.GET="get",e.POST="post"}(t||(t={}));const o="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";var c;!function(e){e[e.acquireTokenSilent=62]="acquireTokenSilent",e[e.acquireTokenByUsernamePassword=371]="acquireTokenByUsernamePassword",e[e.acquireTokenByDeviceCode=671]="acquireTokenByDeviceCode",e[e.acquireTokenByClientCredential=771]="acquireTokenByClientCredential",e[e.acquireTokenByCode=871]="acquireTokenByCode",e[e.acquireTokenByRefreshToken=872]="acquireTokenByRefreshToken"}(c||(c={}));class h{async sendGetRequestAsync(e,i){const r={method:t.GET,url:e,headers:i&&i.headers,validateStatus:()=>!0},s=await n(r);return{headers:s.headers,body:s.data,status:s.status}}async sendPostRequestAsync(e,i){const r={method:t.POST,url:e,data:i&&i.body||"",headers:i&&i.headers,validateStatus:()=>!0},s=await n(r);return{headers:s.headers,body:s.data,status:s.status}}}const l={clientId:"",authority:i.Constants.DEFAULT_AUTHORITY,clientSecret:"",clientAssertion:"",clientCertificate:{thumbprint:"",privateKey:"",x5c:""},knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",clientCapabilities:[],protocolMode:i.ProtocolMode.AAD},u={},d={loggerOptions:{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:i.LogLevel.Info},networkClient:class{static getNetworkClient(){return new h}}.getNetworkClient()};function g({auth:e,cache:t,system:i}){return{auth:{...l,...e},cache:{...u,...t},system:{...d,...i}}}class p{static base64Encode(e,t){return Buffer.from(e,t).toString("base64")}static base64EncodeUrl(e,t){return p.base64Encode(e,t).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}static base64Decode(e){return Buffer.from(e,"base64").toString("utf8")}static base64DecodeUrl(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");for(;t.length%4;)t+="=";return p.base64Decode(t)}}class y{async generatePkceCodes(){const e=this.generateCodeVerifier();return{verifier:e,challenge:this.generateCodeChallengeFromVerifier(e)}}generateCodeVerifier(){const e=s.randomBytes(32),t=this.bufferToCVString(e);return p.base64EncodeUrl(t)}generateCodeChallengeFromVerifier(e){return p.base64EncodeUrl(this.sha256(e).toString("base64"),"base64")}sha256(e){return s.createHash("sha256").update(e).digest()}bufferToCVString(e){const t=[];for(let i=0;i<e.byteLength;i+=1)t.push(o[e[i]%o.length]);return t.join("")}}class m{constructor(){this.pkceGenerator=new y}createNewGuid(){return class{static generateGuid(){return r.v4()}static isGuid(e){return/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(e)}}.generateGuid()}base64Encode(e){return p.base64Encode(e)}base64Decode(e){return p.base64Decode(e)}generatePkceCodes(){return this.pkceGenerator.generatePkceCodes()}getPublicKeyThumbprint(){throw new Error("Method not implemented.")}signJwt(){throw new Error("Method not implemented.")}}class f{static deserializeJSONBlob(e){return i.StringUtils.isEmpty(e)?{}:JSON.parse(e)}static deserializeAccounts(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,realm:r.realm,localAccountId:r.local_account_id,username:r.username,authorityType:r.authority_type,name:r.name,clientInfo:r.client_info,lastModificationTime:r.last_modification_time,lastModificationApp:r.last_modification_app},a=new i.AccountEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeIdTokens(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,credentialType:r.credential_type,clientId:r.client_id,secret:r.secret,realm:r.realm},a=new i.IdTokenEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeAccessTokens(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,credentialType:r.credential_type,clientId:r.client_id,secret:r.secret,realm:r.realm,target:r.target,cachedAt:r.cached_at,expiresOn:r.expires_on,extendedExpiresOn:r.extended_expires_on,refreshOn:r.refresh_on,keyId:r.key_id,tokenType:r.token_type},a=new i.AccessTokenEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeRefreshTokens(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,credentialType:r.credential_type,clientId:r.client_id,secret:r.secret,familyId:r.family_id,target:r.target,realm:r.realm},a=new i.RefreshTokenEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeAppMetadata(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={clientId:r.client_id,environment:r.environment,familyId:r.family_id},a=new i.AppMetadataEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeAllCache(e){return{accounts:e.Account?this.deserializeAccounts(e.Account):{},idTokens:e.IdToken?this.deserializeIdTokens(e.IdToken):{},accessTokens:e.AccessToken?this.deserializeAccessTokens(e.AccessToken):{},refreshTokens:e.RefreshToken?this.deserializeRefreshTokens(e.RefreshToken):{},appMetadata:e.AppMetadata?this.deserializeAppMetadata(e.AppMetadata):{}}}}class C{static serializeJSONBlob(e){return JSON.stringify(e)}static serializeAccounts(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,realm:n.realm,local_account_id:n.localAccountId,username:n.username,authority_type:n.authorityType,name:n.name,client_info:n.clientInfo,last_modification_time:n.lastModificationTime,last_modification_app:n.lastModificationApp}})),t}static serializeIdTokens(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,credential_type:n.credentialType,client_id:n.clientId,secret:n.secret,realm:n.realm}})),t}static serializeAccessTokens(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,credential_type:n.credentialType,client_id:n.clientId,secret:n.secret,realm:n.realm,target:n.target,cached_at:n.cachedAt,expires_on:n.expiresOn,extended_expires_on:n.extendedExpiresOn,refresh_on:n.refreshOn,key_id:n.keyId,token_type:n.tokenType}})),t}static serializeRefreshTokens(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,credential_type:n.credentialType,client_id:n.clientId,secret:n.secret,family_id:n.familyId,target:n.target,realm:n.realm}})),t}static serializeAppMetadata(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={client_id:n.clientId,environment:n.environment,family_id:n.familyId}})),t}static serializeAllCache(e){return{Account:this.serializeAccounts(e.accounts),IdToken:this.serializeIdTokens(e.idTokens),AccessToken:this.serializeAccessTokens(e.accessTokens),RefreshToken:this.serializeRefreshTokens(e.refreshTokens),AppMetadata:this.serializeAppMetadata(e.appMetadata)}}}class A extends i.CacheManager{constructor(e,t,i){super(t,i),this.cache={},this.changeEmitters=[],this.logger=e}registerChangeEmitter(e){this.changeEmitters.push(e)}emitChange(){this.changeEmitters.forEach(e=>e.call(null))}cacheToInMemoryCache(e){const t={accounts:{},idTokens:{},accessTokens:{},refreshTokens:{},appMetadata:{}};for(const n in e)if(e[n]instanceof i.AccountEntity)t.accounts[n]=e[n];else if(e[n]instanceof i.IdTokenEntity)t.idTokens[n]=e[n];else if(e[n]instanceof i.AccessTokenEntity)t.accessTokens[n]=e[n];else if(e[n]instanceof i.RefreshTokenEntity)t.refreshTokens[n]=e[n];else{if(!(e[n]instanceof i.AppMetadataEntity))continue;t.appMetadata[n]=e[n]}return t}inMemoryCacheToCache(e){let t=this.getCache();return t={...e.accounts,...e.idTokens,...e.accessTokens,...e.refreshTokens,...e.appMetadata},t}getInMemoryCache(){return this.logger.verbose("Getting in-memory cache"),this.cacheToInMemoryCache(this.getCache())}setInMemoryCache(e){this.logger.verbose("Setting in-memory cache");const t=this.inMemoryCacheToCache(e);this.setCache(t),this.emitChange()}getCache(){return this.logger.verbose("Getting cache key-value store"),this.cache}setCache(e){this.logger.verbose("Setting cache key value store"),this.cache=e,this.emitChange()}getItem(e){return this.logger.verbosePii("Item key: "+e),this.getCache()[e]}setItem(e,t){this.logger.verbosePii("Item key: "+e);const i=this.getCache();i[e]=t,this.setCache(i)}getAccount(e){const t=this.getItem(e);return i.AccountEntity.isAccountEntity(t)?t:null}setAccount(e){const t=e.generateAccountKey();this.setItem(t,e)}getIdTokenCredential(e){const t=this.getItem(e);return i.IdTokenEntity.isIdTokenEntity(t)?t:null}setIdTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAccessTokenCredential(e){const t=this.getItem(e);return i.AccessTokenEntity.isAccessTokenEntity(t)?t:null}setAccessTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getRefreshTokenCredential(e){const t=this.getItem(e);return i.RefreshTokenEntity.isRefreshTokenEntity(t)?t:null}setRefreshTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAppMetadata(e){const t=this.getItem(e);return i.AppMetadataEntity.isAppMetadataEntity(e,t)?t:null}setAppMetadata(e){const t=e.generateAppMetadataKey();this.setItem(t,e)}getServerTelemetry(e){const t=this.getItem(e);return t&&i.ServerTelemetryEntity.isServerTelemetryEntity(e,t)?t:null}setServerTelemetry(e,t){this.setItem(e,t)}getAuthorityMetadata(e){const t=this.getItem(e);return t&&i.AuthorityMetadataEntity.isAuthorityMetadataEntity(e,t)?t:null}getAuthorityMetadataKeys(){return this.getKeys().filter(e=>this.isAuthorityMetadata(e))}setAuthorityMetadata(e,t){this.setItem(e,t)}getThrottlingCache(e){const t=this.getItem(e);return t&&i.ThrottlingEntity.isThrottlingEntity(e,t)?t:null}setThrottlingCache(e,t){this.setItem(e,t)}removeItem(e){this.logger.verbosePii("Item key: "+e);let t=!1;const i=this.getCache();return i[e]&&(delete i[e],t=!0),t&&(this.setCache(i),this.emitChange()),t}containsKey(e){return this.getKeys().includes(e)}getKeys(){this.logger.verbose("Retrieving all cache keys");const e=this.getCache();return[...Object.keys(e)]}clear(){this.logger.verbose("Clearing cache entries created by MSAL"),this.getKeys().forEach(e=>{this.removeItem(e)}),this.emitChange()}static generateInMemoryCache(e){return f.deserializeAllCache(f.deserializeJSONBlob(e))}static generateJsonCache(e){return C.serializeAllCache(e)}}const T={},k={},b={},v={},I={};class E{constructor(e,t,i){this.cacheHasChanged=!1,this.storage=e,this.storage.registerChangeEmitter(this.handleChangeEvent.bind(this)),i&&(this.persistence=i),this.logger=t}hasChanged(){return this.cacheHasChanged}serialize(){this.logger.verbose("Serializing in-memory cache");let e=C.serializeAllCache(this.storage.getInMemoryCache());return i.StringUtils.isEmpty(this.cacheSnapshot)?this.logger.verbose("No cache snapshot to merge"):(this.logger.verbose("Reading cache snapshot from disk"),e=this.mergeState(JSON.parse(this.cacheSnapshot),e)),this.cacheHasChanged=!1,JSON.stringify(e)}deserialize(e){if(this.logger.verbose("Deserializing JSON to in-memory cache"),this.cacheSnapshot=e,i.StringUtils.isEmpty(this.cacheSnapshot))this.logger.verbose("No cache snapshot to deserialize");else{this.logger.verbose("Reading cache snapshot from disk");const e=f.deserializeAllCache(this.overlayDefaults(JSON.parse(this.cacheSnapshot)));this.storage.setInMemoryCache(e)}}getKVStore(){return this.storage.getCache()}async getAllAccounts(){let e;this.logger.verbose("getAllAccounts called");try{return this.persistence&&(e=new i.TokenCacheContext(this,!1),await this.persistence.beforeCacheAccess(e)),this.storage.getAllAccounts()}finally{this.persistence&&e&&await this.persistence.afterCacheAccess(e)}}async getAccountByHomeId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.homeAccountId===e)[0]||null}async getAccountByLocalId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.localAccountId===e)[0]||null}async removeAccount(e){let t;this.logger.verbose("removeAccount called");try{this.persistence&&(t=new i.TokenCacheContext(this,!0),await this.persistence.beforeCacheAccess(t)),this.storage.removeAccount(i.AccountEntity.generateAccountCacheKey(e))}finally{this.persistence&&t&&await this.persistence.afterCacheAccess(t)}}handleChangeEvent(){this.cacheHasChanged=!0}mergeState(e,t){this.logger.verbose("Merging in-memory cache with cache snapshot");const i=this.mergeRemovals(e,t);return this.mergeUpdates(i,t)}mergeUpdates(e,t){return Object.keys(t).forEach(i=>{const n=t[i];if(e.hasOwnProperty(i)){const t=null!==n,r="object"==typeof n,s=!Array.isArray(n),a=null!=e[i];t&&r&&s&&a?this.mergeUpdates(e[i],n):e[i]=n}else null!==n&&(e[i]=n)}),e}mergeRemovals(e,t){this.logger.verbose("Remove updated entries in cache");const i=e.Account?this.mergeRemovalsDict(e.Account,t.Account):e.Account,n=e.AccessToken?this.mergeRemovalsDict(e.AccessToken,t.AccessToken):e.AccessToken,r=e.RefreshToken?this.mergeRemovalsDict(e.RefreshToken,t.RefreshToken):e.RefreshToken,s=e.IdToken?this.mergeRemovalsDict(e.IdToken,t.IdToken):e.IdToken,a=e.AppMetadata?this.mergeRemovalsDict(e.AppMetadata,t.AppMetadata):e.AppMetadata;return{...e,Account:i,AccessToken:n,RefreshToken:r,IdToken:s,AppMetadata:a}}mergeRemovalsDict(e,t){const i={...e};return Object.keys(e).forEach(e=>{t&&t.hasOwnProperty(e)||delete i[e]}),i}overlayDefaults(e){return this.logger.verbose("Overlaying input cache with the default cache"),{Account:{...T,...e.Account},IdToken:{...k,...e.IdToken},AccessToken:{...b,...e.AccessToken},RefreshToken:{...v,...e.RefreshToken},AppMetadata:{...I,...e.AppMetadata}}}}class w{constructor(e){this.config=g(e),this.cryptoProvider=new m,this.logger=new i.Logger(this.config.system.loggerOptions,"@azure/msal-node","1.0.3"),this.storage=new A(this.logger,this.config.auth.clientId,this.cryptoProvider),this.tokenCache=new E(this.storage,this.logger,this.config.cache.cachePlugin)}async getAuthCodeUrl(e){this.logger.info("getAuthCodeUrl called");const t={...e,...this.initializeBaseRequest(e),responseMode:e.responseMode||i.ResponseMode.QUERY,authenticationScheme:i.AuthenticationScheme.BEARER},n=await this.buildOauthClientConfiguration(t.authority);return this.logger.verbose("Auth client config generated"),new i.AuthorizationCodeClient(n).getAuthCodeUrl(t)}async acquireTokenByCode(e){this.logger.info("acquireTokenByCode called");const t={...e,...this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},n=this.initializeServerTelemetryManager(c.acquireTokenByCode,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.AuthorizationCodeClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenByRefreshToken(e){this.logger.info("acquireTokenByRefreshToken called");const t={...e,...this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},n=this.initializeServerTelemetryManager(c.acquireTokenByRefreshToken,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.RefreshTokenClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenSilent(e){const t={...e,...this.initializeBaseRequest(e),forceRefresh:e.forceRefresh||!1},n=this.initializeServerTelemetryManager(c.acquireTokenSilent,t.correlationId,t.forceRefresh);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return new i.SilentFlowClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}getTokenCache(){return this.logger.info("getTokenCache called"),this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}async buildOauthClientConfiguration(e,t){this.logger.verbose("buildOauthClientConfiguration called");const i=await this.createAuthority(e);return{authOptions:{clientId:this.config.auth.clientId,authority:i,clientCapabilities:this.config.auth.clientCapabilities},loggerOptions:{loggerCallback:this.config.system.loggerOptions.loggerCallback,piiLoggingEnabled:this.config.system.loggerOptions.piiLoggingEnabled},cryptoInterface:this.cryptoProvider,networkInterface:this.config.system.networkClient,storageInterface:this.storage,serverTelemetryManager:t,clientCredentials:{clientSecret:this.clientSecret,clientAssertion:this.clientAssertion?this.getClientAssertion(i):void 0},libraryInfo:{sku:"msal.js.node",version:"1.0.3",cpu:process.arch||"",os:process.platform||""},persistencePlugin:this.config.cache.cachePlugin,serializableCache:this.tokenCache}}getClientAssertion(e){return{assertion:this.clientAssertion.getJwt(this.cryptoProvider,this.config.auth.clientId,e.tokenEndpoint),assertionType:"urn:ietf:params:oauth:client-assertion-type:jwt-bearer"}}initializeBaseRequest(e){return this.logger.verbose("initializeRequestScopes called"),e.authenticationScheme&&e.authenticationScheme===i.AuthenticationScheme.POP&&this.logger.verbose("Authentication Scheme 'pop' is not supported yet, setting Authentication Scheme to 'Bearer' for request"),e.authenticationScheme=i.AuthenticationScheme.BEARER,{...e,scopes:[...e&&e.scopes||[],...i.OIDC_DEFAULT_SCOPES],correlationId:e&&e.correlationId||this.cryptoProvider.createNewGuid(),authority:e.authority||this.config.auth.authority}}initializeServerTelemetryManager(e,t,n){return new i.ServerTelemetryManager({clientId:this.config.auth.clientId,correlationId:t,apiId:e,forceRefresh:n||!1},this.storage)}async createAuthority(e){this.logger.verbose("createAuthority called");const t={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata};return await i.AuthorityFactory.createDiscoveredInstance(e,this.config.system.networkClient,this.storage,t)}}class M{static fromAssertion(e){const t=new M;return t.jwt=e,t}static fromCertificate(e,t,i){const n=new M;return n.privateKey=t,n.thumbprint=e,i&&(n.publicCertificate=this.parseCertificate(i)),n}getJwt(e,t,n){if(this.privateKey&&this.thumbprint)return this.jwt&&!this.isExpired()&&t===this.issuer&&n===this.jwtAudience?this.jwt:this.createJwt(e,t,n);if(this.jwt)return this.jwt;throw i.ClientAuthError.createInvalidAssertionError()}createJwt(e,t,n){this.issuer=t,this.jwtAudience=n;const r=i.TimeUtils.nowSeconds();this.expirationTime=r+600;const s={alg:"RS256",x5t:p.base64EncodeUrl(this.thumbprint,"hex")};this.publicCertificate&&Object.assign(s,{x5c:this.publicCertificate});const o={aud:this.jwtAudience,exp:this.expirationTime,iss:this.issuer,sub:this.issuer,nbf:r,jti:e.createNewGuid()};return this.jwt=a.sign(o,this.privateKey,{header:s}),this.jwt}isExpired(){return this.expirationTime<i.TimeUtils.nowSeconds()}static parseCertificate(e){const t=/-----BEGIN CERTIFICATE-----\n(.+?)\n-----END CERTIFICATE-----/gs,i=[];let n;for(;null!==(n=t.exec(e));)i.push(n[1].replace(/\n/,""));return i}}Object.defineProperty(exports,"AuthError",{enumerable:!0,get:function(){return i.AuthError}}),Object.defineProperty(exports,"AuthErrorMessage",{enumerable:!0,get:function(){return i.AuthErrorMessage}}),Object.defineProperty(exports,"ClientAuthError",{enumerable:!0,get:function(){return i.ClientAuthError}}),Object.defineProperty(exports,"ClientAuthErrorMessage",{enumerable:!0,get:function(){return i.ClientAuthErrorMessage}}),Object.defineProperty(exports,"ClientConfigurationError",{enumerable:!0,get:function(){return i.ClientConfigurationError}}),Object.defineProperty(exports,"ClientConfigurationErrorMessage",{enumerable:!0,get:function(){return i.ClientConfigurationErrorMessage}}),Object.defineProperty(exports,"InteractionRequiredAuthError",{enumerable:!0,get:function(){return i.InteractionRequiredAuthError}}),Object.defineProperty(exports,"LogLevel",{enumerable:!0,get:function(){return i.LogLevel}}),Object.defineProperty(exports,"Logger",{enumerable:!0,get:function(){return i.Logger}}),Object.defineProperty(exports,"PromptValue",{enumerable:!0,get:function(){return i.PromptValue}}),Object.defineProperty(exports,"ProtocolMode",{enumerable:!0,get:function(){return i.ProtocolMode}}),Object.defineProperty(exports,"ResponseMode",{enumerable:!0,get:function(){return i.ResponseMode}}),Object.defineProperty(exports,"ServerError",{enumerable:!0,get:function(){return i.ServerError}}),Object.defineProperty(exports,"TokenCacheContext",{enumerable:!0,get:function(){return i.TokenCacheContext}}),exports.ClientApplication=w,exports.ClientAssertion=M,exports.ConfidentialClientApplication=class extends w{constructor(e){super(e),this.setClientCredential(this.config)}async acquireTokenByClientCredential(e){this.logger.info("acquireTokenByClientCredential called");const t={...e,...this.initializeBaseRequest(e)},n=this.initializeServerTelemetryManager(c.acquireTokenByClientCredential,t.correlationId,t.skipCache);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.ClientCredentialClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenOnBehalfOf(e){this.logger.info("acquireTokenOnBehalfOf called");const t={...e,...this.initializeBaseRequest(e)},n=await this.buildOauthClientConfiguration(t.authority);return this.logger.verbose("Auth client config generated"),new i.OnBehalfOfClient(n).acquireToken(t)}setClientCredential(e){const t=!i.StringUtils.isEmpty(e.auth.clientSecret),n=!i.StringUtils.isEmpty(e.auth.clientAssertion),r=e.auth.clientCertificate,s=!i.StringUtils.isEmpty(r.thumbprint)||!i.StringUtils.isEmpty(r.privateKey);if(t&&n||n&&s||t&&s)throw i.ClientAuthError.createInvalidCredentialError();if(t)this.clientSecret=e.auth.clientSecret;else if(n)this.clientAssertion=M.fromAssertion(e.auth.clientAssertion);else{if(!s)throw i.ClientAuthError.createInvalidCredentialError();var a;this.clientAssertion=M.fromCertificate(r.thumbprint,r.privateKey,null==(a=e.auth.clientCertificate)?void 0:a.x5c)}}},exports.CryptoProvider=m,exports.NodeStorage=A,exports.PublicClientApplication=class extends w{constructor(e){super(e)}async acquireTokenByDeviceCode(e){this.logger.info("acquireTokenByDeviceCode called");const t=Object.assign(e,this.initializeBaseRequest(e)),n=this.initializeServerTelemetryManager(c.acquireTokenByDeviceCode,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.DeviceCodeClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenByUsernamePassword(e){this.logger.info("acquireTokenByUsernamePassword called");const t={...e,...this.initializeBaseRequest(e)},n=this.initializeServerTelemetryManager(c.acquireTokenByUsernamePassword,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.UsernamePasswordClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}},exports.TokenCache=E,exports.buildAppConfiguration=g; | ||
| "use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}Object.defineProperty(exports,"__esModule",{value:!0});var t,i=require("@azure/msal-common"),n=e(require("axios")),r=require("uuid"),s=e(require("crypto")),a=require("jsonwebtoken");!function(e){e.GET="get",e.POST="post"}(t||(t={}));const o="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";var c;!function(e){e[e.acquireTokenSilent=62]="acquireTokenSilent",e[e.acquireTokenByUsernamePassword=371]="acquireTokenByUsernamePassword",e[e.acquireTokenByDeviceCode=671]="acquireTokenByDeviceCode",e[e.acquireTokenByClientCredential=771]="acquireTokenByClientCredential",e[e.acquireTokenByCode=871]="acquireTokenByCode",e[e.acquireTokenByRefreshToken=872]="acquireTokenByRefreshToken"}(c||(c={}));class h{async sendGetRequestAsync(e,i){const r={method:t.GET,url:e,headers:i&&i.headers,validateStatus:()=>!0},s=await n(r);return{headers:s.headers,body:s.data,status:s.status}}async sendPostRequestAsync(e,i,r){const s={method:t.POST,url:e,data:i&&i.body||"",timeout:r,headers:i&&i.headers,validateStatus:()=>!0},a=await n(s);return{headers:a.headers,body:a.data,status:a.status}}}const l={clientId:"",authority:i.Constants.DEFAULT_AUTHORITY,clientSecret:"",clientAssertion:"",clientCertificate:{thumbprint:"",privateKey:"",x5c:""},knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",clientCapabilities:[],protocolMode:i.ProtocolMode.AAD},u={},g={loggerOptions:{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:i.LogLevel.Info},networkClient:class{static getNetworkClient(){return new h}}.getNetworkClient()};function d({auth:e,cache:t,system:i}){return{auth:{...l,...e},cache:{...u,...t},system:{...g,...i}}}class p{static base64Encode(e,t){return Buffer.from(e,t).toString("base64")}static base64EncodeUrl(e,t){return p.base64Encode(e,t).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}static base64Decode(e){return Buffer.from(e,"base64").toString("utf8")}static base64DecodeUrl(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");for(;t.length%4;)t+="=";return p.base64Decode(t)}}class y{async generatePkceCodes(){const e=this.generateCodeVerifier();return{verifier:e,challenge:this.generateCodeChallengeFromVerifier(e)}}generateCodeVerifier(){const e=s.randomBytes(32),t=this.bufferToCVString(e);return p.base64EncodeUrl(t)}generateCodeChallengeFromVerifier(e){return p.base64EncodeUrl(this.sha256(e).toString("base64"),"base64")}sha256(e){return s.createHash("sha256").update(e).digest()}bufferToCVString(e){const t=[];for(let i=0;i<e.byteLength;i+=1)t.push(o[e[i]%o.length]);return t.join("")}}class m{constructor(){this.pkceGenerator=new y}createNewGuid(){return class{static generateGuid(){return r.v4()}static isGuid(e){return/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(e)}}.generateGuid()}base64Encode(e){return p.base64Encode(e)}base64Decode(e){return p.base64Decode(e)}generatePkceCodes(){return this.pkceGenerator.generatePkceCodes()}getPublicKeyThumbprint(){throw new Error("Method not implemented.")}signJwt(){throw new Error("Method not implemented.")}}class f{static deserializeJSONBlob(e){return i.StringUtils.isEmpty(e)?{}:JSON.parse(e)}static deserializeAccounts(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,realm:r.realm,localAccountId:r.local_account_id,username:r.username,authorityType:r.authority_type,name:r.name,clientInfo:r.client_info,lastModificationTime:r.last_modification_time,lastModificationApp:r.last_modification_app},a=new i.AccountEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeIdTokens(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,credentialType:r.credential_type,clientId:r.client_id,secret:r.secret,realm:r.realm},a=new i.IdTokenEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeAccessTokens(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,credentialType:r.credential_type,clientId:r.client_id,secret:r.secret,realm:r.realm,target:r.target,cachedAt:r.cached_at,expiresOn:r.expires_on,extendedExpiresOn:r.extended_expires_on,refreshOn:r.refresh_on,keyId:r.key_id,tokenType:r.token_type},a=new i.AccessTokenEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeRefreshTokens(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={homeAccountId:r.home_account_id,environment:r.environment,credentialType:r.credential_type,clientId:r.client_id,secret:r.secret,familyId:r.family_id,target:r.target,realm:r.realm},a=new i.RefreshTokenEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeAppMetadata(e){const t={};return e&&Object.keys(e).map((function(n){const r=e[n],s={clientId:r.client_id,environment:r.environment,familyId:r.family_id},a=new i.AppMetadataEntity;i.CacheManager.toObject(a,s),t[n]=a})),t}static deserializeAllCache(e){return{accounts:e.Account?this.deserializeAccounts(e.Account):{},idTokens:e.IdToken?this.deserializeIdTokens(e.IdToken):{},accessTokens:e.AccessToken?this.deserializeAccessTokens(e.AccessToken):{},refreshTokens:e.RefreshToken?this.deserializeRefreshTokens(e.RefreshToken):{},appMetadata:e.AppMetadata?this.deserializeAppMetadata(e.AppMetadata):{}}}}class C{static serializeJSONBlob(e){return JSON.stringify(e)}static serializeAccounts(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,realm:n.realm,local_account_id:n.localAccountId,username:n.username,authority_type:n.authorityType,name:n.name,client_info:n.clientInfo,last_modification_time:n.lastModificationTime,last_modification_app:n.lastModificationApp}})),t}static serializeIdTokens(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,credential_type:n.credentialType,client_id:n.clientId,secret:n.secret,realm:n.realm}})),t}static serializeAccessTokens(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,credential_type:n.credentialType,client_id:n.clientId,secret:n.secret,realm:n.realm,target:n.target,cached_at:n.cachedAt,expires_on:n.expiresOn,extended_expires_on:n.extendedExpiresOn,refresh_on:n.refreshOn,key_id:n.keyId,token_type:n.tokenType}})),t}static serializeRefreshTokens(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={home_account_id:n.homeAccountId,environment:n.environment,credential_type:n.credentialType,client_id:n.clientId,secret:n.secret,family_id:n.familyId,target:n.target,realm:n.realm}})),t}static serializeAppMetadata(e){const t={};return Object.keys(e).map((function(i){const n=e[i];t[i]={client_id:n.clientId,environment:n.environment,family_id:n.familyId}})),t}static serializeAllCache(e){return{Account:this.serializeAccounts(e.accounts),IdToken:this.serializeIdTokens(e.idTokens),AccessToken:this.serializeAccessTokens(e.accessTokens),RefreshToken:this.serializeRefreshTokens(e.refreshTokens),AppMetadata:this.serializeAppMetadata(e.appMetadata)}}}class A extends i.CacheManager{constructor(e,t,i){super(t,i),this.cache={},this.changeEmitters=[],this.logger=e}registerChangeEmitter(e){this.changeEmitters.push(e)}emitChange(){this.changeEmitters.forEach(e=>e.call(null))}cacheToInMemoryCache(e){const t={accounts:{},idTokens:{},accessTokens:{},refreshTokens:{},appMetadata:{}};for(const n in e)if(e[n]instanceof i.AccountEntity)t.accounts[n]=e[n];else if(e[n]instanceof i.IdTokenEntity)t.idTokens[n]=e[n];else if(e[n]instanceof i.AccessTokenEntity)t.accessTokens[n]=e[n];else if(e[n]instanceof i.RefreshTokenEntity)t.refreshTokens[n]=e[n];else{if(!(e[n]instanceof i.AppMetadataEntity))continue;t.appMetadata[n]=e[n]}return t}inMemoryCacheToCache(e){let t=this.getCache();return t={...e.accounts,...e.idTokens,...e.accessTokens,...e.refreshTokens,...e.appMetadata},t}getInMemoryCache(){return this.logger.verbose("Getting in-memory cache"),this.cacheToInMemoryCache(this.getCache())}setInMemoryCache(e){this.logger.verbose("Setting in-memory cache");const t=this.inMemoryCacheToCache(e);this.setCache(t),this.emitChange()}getCache(){return this.logger.verbose("Getting cache key-value store"),this.cache}setCache(e){this.logger.verbose("Setting cache key value store"),this.cache=e,this.emitChange()}getItem(e){return this.logger.verbosePii("Item key: "+e),this.getCache()[e]}setItem(e,t){this.logger.verbosePii("Item key: "+e);const i=this.getCache();i[e]=t,this.setCache(i)}getAccount(e){const t=this.getItem(e);return i.AccountEntity.isAccountEntity(t)?t:null}setAccount(e){const t=e.generateAccountKey();this.setItem(t,e)}getIdTokenCredential(e){const t=this.getItem(e);return i.IdTokenEntity.isIdTokenEntity(t)?t:null}setIdTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAccessTokenCredential(e){const t=this.getItem(e);return i.AccessTokenEntity.isAccessTokenEntity(t)?t:null}setAccessTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getRefreshTokenCredential(e){const t=this.getItem(e);return i.RefreshTokenEntity.isRefreshTokenEntity(t)?t:null}setRefreshTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAppMetadata(e){const t=this.getItem(e);return i.AppMetadataEntity.isAppMetadataEntity(e,t)?t:null}setAppMetadata(e){const t=e.generateAppMetadataKey();this.setItem(t,e)}getServerTelemetry(e){const t=this.getItem(e);return t&&i.ServerTelemetryEntity.isServerTelemetryEntity(e,t)?t:null}setServerTelemetry(e,t){this.setItem(e,t)}getAuthorityMetadata(e){const t=this.getItem(e);return t&&i.AuthorityMetadataEntity.isAuthorityMetadataEntity(e,t)?t:null}getAuthorityMetadataKeys(){return this.getKeys().filter(e=>this.isAuthorityMetadata(e))}setAuthorityMetadata(e,t){this.setItem(e,t)}getThrottlingCache(e){const t=this.getItem(e);return t&&i.ThrottlingEntity.isThrottlingEntity(e,t)?t:null}setThrottlingCache(e,t){this.setItem(e,t)}removeItem(e){this.logger.verbosePii("Item key: "+e);let t=!1;const i=this.getCache();return i[e]&&(delete i[e],t=!0),t&&(this.setCache(i),this.emitChange()),t}containsKey(e){return this.getKeys().includes(e)}getKeys(){this.logger.verbose("Retrieving all cache keys");const e=this.getCache();return[...Object.keys(e)]}clear(){this.logger.verbose("Clearing cache entries created by MSAL"),this.getKeys().forEach(e=>{this.removeItem(e)}),this.emitChange()}static generateInMemoryCache(e){return f.deserializeAllCache(f.deserializeJSONBlob(e))}static generateJsonCache(e){return C.serializeAllCache(e)}}const T={},k={},b={},v={},I={};class E{constructor(e,t,i){this.cacheHasChanged=!1,this.storage=e,this.storage.registerChangeEmitter(this.handleChangeEvent.bind(this)),i&&(this.persistence=i),this.logger=t}hasChanged(){return this.cacheHasChanged}serialize(){this.logger.verbose("Serializing in-memory cache");let e=C.serializeAllCache(this.storage.getInMemoryCache());return i.StringUtils.isEmpty(this.cacheSnapshot)?this.logger.verbose("No cache snapshot to merge"):(this.logger.verbose("Reading cache snapshot from disk"),e=this.mergeState(JSON.parse(this.cacheSnapshot),e)),this.cacheHasChanged=!1,JSON.stringify(e)}deserialize(e){if(this.logger.verbose("Deserializing JSON to in-memory cache"),this.cacheSnapshot=e,i.StringUtils.isEmpty(this.cacheSnapshot))this.logger.verbose("No cache snapshot to deserialize");else{this.logger.verbose("Reading cache snapshot from disk");const e=f.deserializeAllCache(this.overlayDefaults(JSON.parse(this.cacheSnapshot)));this.storage.setInMemoryCache(e)}}getKVStore(){return this.storage.getCache()}async getAllAccounts(){let e;this.logger.verbose("getAllAccounts called");try{return this.persistence&&(e=new i.TokenCacheContext(this,!1),await this.persistence.beforeCacheAccess(e)),this.storage.getAllAccounts()}finally{this.persistence&&e&&await this.persistence.afterCacheAccess(e)}}async getAccountByHomeId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.homeAccountId===e)[0]||null}async getAccountByLocalId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.localAccountId===e)[0]||null}async removeAccount(e){let t;this.logger.verbose("removeAccount called");try{this.persistence&&(t=new i.TokenCacheContext(this,!0),await this.persistence.beforeCacheAccess(t)),this.storage.removeAccount(i.AccountEntity.generateAccountCacheKey(e))}finally{this.persistence&&t&&await this.persistence.afterCacheAccess(t)}}handleChangeEvent(){this.cacheHasChanged=!0}mergeState(e,t){this.logger.verbose("Merging in-memory cache with cache snapshot");const i=this.mergeRemovals(e,t);return this.mergeUpdates(i,t)}mergeUpdates(e,t){return Object.keys(t).forEach(i=>{const n=t[i];if(e.hasOwnProperty(i)){const t=null!==n,r="object"==typeof n,s=!Array.isArray(n),a=null!=e[i];t&&r&&s&&a?this.mergeUpdates(e[i],n):e[i]=n}else null!==n&&(e[i]=n)}),e}mergeRemovals(e,t){this.logger.verbose("Remove updated entries in cache");const i=e.Account?this.mergeRemovalsDict(e.Account,t.Account):e.Account,n=e.AccessToken?this.mergeRemovalsDict(e.AccessToken,t.AccessToken):e.AccessToken,r=e.RefreshToken?this.mergeRemovalsDict(e.RefreshToken,t.RefreshToken):e.RefreshToken,s=e.IdToken?this.mergeRemovalsDict(e.IdToken,t.IdToken):e.IdToken,a=e.AppMetadata?this.mergeRemovalsDict(e.AppMetadata,t.AppMetadata):e.AppMetadata;return{...e,Account:i,AccessToken:n,RefreshToken:r,IdToken:s,AppMetadata:a}}mergeRemovalsDict(e,t){const i={...e};return Object.keys(e).forEach(e=>{t&&t.hasOwnProperty(e)||delete i[e]}),i}overlayDefaults(e){return this.logger.verbose("Overlaying input cache with the default cache"),{Account:{...T,...e.Account},IdToken:{...k,...e.IdToken},AccessToken:{...b,...e.AccessToken},RefreshToken:{...v,...e.RefreshToken},AppMetadata:{...I,...e.AppMetadata}}}}class w{constructor(e){this.config=d(e),this.cryptoProvider=new m,this.logger=new i.Logger(this.config.system.loggerOptions,"@azure/msal-node","1.1.0"),this.storage=new A(this.logger,this.config.auth.clientId,this.cryptoProvider),this.tokenCache=new E(this.storage,this.logger,this.config.cache.cachePlugin)}async getAuthCodeUrl(e){this.logger.info("getAuthCodeUrl called");const t={...e,...this.initializeBaseRequest(e),responseMode:e.responseMode||i.ResponseMode.QUERY,authenticationScheme:i.AuthenticationScheme.BEARER},n=await this.buildOauthClientConfiguration(t.authority);return this.logger.verbose("Auth client config generated"),new i.AuthorizationCodeClient(n).getAuthCodeUrl(t)}async acquireTokenByCode(e){this.logger.info("acquireTokenByCode called");const t={...e,...this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},n=this.initializeServerTelemetryManager(c.acquireTokenByCode,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.AuthorizationCodeClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenByRefreshToken(e){this.logger.info("acquireTokenByRefreshToken called");const t={...e,...this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},n=this.initializeServerTelemetryManager(c.acquireTokenByRefreshToken,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.RefreshTokenClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenSilent(e){const t={...e,...this.initializeBaseRequest(e),forceRefresh:e.forceRefresh||!1},n=this.initializeServerTelemetryManager(c.acquireTokenSilent,t.correlationId,t.forceRefresh);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return new i.SilentFlowClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}getTokenCache(){return this.logger.info("getTokenCache called"),this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}async buildOauthClientConfiguration(e,t,i){this.logger.verbose("buildOauthClientConfiguration called"),this.logger.verbose("building oauth client configuration with the authority: "+e);const n=await this.createAuthority(e,i);return{authOptions:{clientId:this.config.auth.clientId,authority:n,clientCapabilities:this.config.auth.clientCapabilities},loggerOptions:{loggerCallback:this.config.system.loggerOptions.loggerCallback,piiLoggingEnabled:this.config.system.loggerOptions.piiLoggingEnabled},cryptoInterface:this.cryptoProvider,networkInterface:this.config.system.networkClient,storageInterface:this.storage,serverTelemetryManager:t,clientCredentials:{clientSecret:this.clientSecret,clientAssertion:this.clientAssertion?this.getClientAssertion(n):void 0},libraryInfo:{sku:"msal.js.node",version:"1.1.0",cpu:process.arch||"",os:process.platform||""},persistencePlugin:this.config.cache.cachePlugin,serializableCache:this.tokenCache}}getClientAssertion(e){return{assertion:this.clientAssertion.getJwt(this.cryptoProvider,this.config.auth.clientId,e.tokenEndpoint),assertionType:"urn:ietf:params:oauth:client-assertion-type:jwt-bearer"}}initializeBaseRequest(e){return this.logger.verbose("initializeRequestScopes called"),e.authenticationScheme&&e.authenticationScheme===i.AuthenticationScheme.POP&&this.logger.verbose("Authentication Scheme 'pop' is not supported yet, setting Authentication Scheme to 'Bearer' for request"),e.authenticationScheme=i.AuthenticationScheme.BEARER,{...e,scopes:[...e&&e.scopes||[],...i.OIDC_DEFAULT_SCOPES],correlationId:e&&e.correlationId||this.cryptoProvider.createNewGuid(),authority:e.authority||this.config.auth.authority}}initializeServerTelemetryManager(e,t,n){return new i.ServerTelemetryManager({clientId:this.config.auth.clientId,correlationId:t,apiId:e,forceRefresh:n||!1},this.storage)}async createAuthority(e,t){this.logger.verbose("createAuthority called");const n={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,azureRegionConfiguration:t};return await i.AuthorityFactory.createDiscoveredInstance(e,this.config.system.networkClient,this.storage,n)}}class M{static fromAssertion(e){const t=new M;return t.jwt=e,t}static fromCertificate(e,t,i){const n=new M;return n.privateKey=t,n.thumbprint=e,i&&(n.publicCertificate=this.parseCertificate(i)),n}getJwt(e,t,n){if(this.privateKey&&this.thumbprint)return this.jwt&&!this.isExpired()&&t===this.issuer&&n===this.jwtAudience?this.jwt:this.createJwt(e,t,n);if(this.jwt)return this.jwt;throw i.ClientAuthError.createInvalidAssertionError()}createJwt(e,t,n){this.issuer=t,this.jwtAudience=n;const r=i.TimeUtils.nowSeconds();this.expirationTime=r+600;const s={alg:"RS256",x5t:p.base64EncodeUrl(this.thumbprint,"hex")};this.publicCertificate&&Object.assign(s,{x5c:this.publicCertificate});const o={aud:this.jwtAudience,exp:this.expirationTime,iss:this.issuer,sub:this.issuer,nbf:r,jti:e.createNewGuid()};return this.jwt=a.sign(o,this.privateKey,{header:s}),this.jwt}isExpired(){return this.expirationTime<i.TimeUtils.nowSeconds()}static parseCertificate(e){const t=/-----BEGIN CERTIFICATE-----\n(.+?)\n-----END CERTIFICATE-----/gs,i=[];let n;for(;null!==(n=t.exec(e));)i.push(n[1].replace(/\n/,""));return i}}Object.defineProperty(exports,"AuthError",{enumerable:!0,get:function(){return i.AuthError}}),Object.defineProperty(exports,"AuthErrorMessage",{enumerable:!0,get:function(){return i.AuthErrorMessage}}),Object.defineProperty(exports,"ClientAuthError",{enumerable:!0,get:function(){return i.ClientAuthError}}),Object.defineProperty(exports,"ClientAuthErrorMessage",{enumerable:!0,get:function(){return i.ClientAuthErrorMessage}}),Object.defineProperty(exports,"ClientConfigurationError",{enumerable:!0,get:function(){return i.ClientConfigurationError}}),Object.defineProperty(exports,"ClientConfigurationErrorMessage",{enumerable:!0,get:function(){return i.ClientConfigurationErrorMessage}}),Object.defineProperty(exports,"InteractionRequiredAuthError",{enumerable:!0,get:function(){return i.InteractionRequiredAuthError}}),Object.defineProperty(exports,"LogLevel",{enumerable:!0,get:function(){return i.LogLevel}}),Object.defineProperty(exports,"Logger",{enumerable:!0,get:function(){return i.Logger}}),Object.defineProperty(exports,"PromptValue",{enumerable:!0,get:function(){return i.PromptValue}}),Object.defineProperty(exports,"ProtocolMode",{enumerable:!0,get:function(){return i.ProtocolMode}}),Object.defineProperty(exports,"ResponseMode",{enumerable:!0,get:function(){return i.ResponseMode}}),Object.defineProperty(exports,"ServerError",{enumerable:!0,get:function(){return i.ServerError}}),Object.defineProperty(exports,"TokenCacheContext",{enumerable:!0,get:function(){return i.TokenCacheContext}}),exports.ClientApplication=w,exports.ClientAssertion=M,exports.ConfidentialClientApplication=class extends w{constructor(e){super(e),this.setClientCredential(this.config)}async acquireTokenByClientCredential(e){this.logger.info("acquireTokenByClientCredential called");const t={...e,...this.initializeBaseRequest(e)},n={azureRegion:t.azureRegion,environmentRegion:process.env.REGION_NAME},r=this.initializeServerTelemetryManager(c.acquireTokenByClientCredential,t.correlationId,t.skipCache);try{const e=await this.buildOauthClientConfiguration(t.authority,r,n);return this.logger.verbose("Auth client config generated"),new i.ClientCredentialClient(e).acquireToken(t)}catch(e){throw r.cacheFailedRequest(e),e}}async acquireTokenOnBehalfOf(e){this.logger.info("acquireTokenOnBehalfOf called");const t={...e,...this.initializeBaseRequest(e)},n=await this.buildOauthClientConfiguration(t.authority);return this.logger.verbose("Auth client config generated"),new i.OnBehalfOfClient(n).acquireToken(t)}setClientCredential(e){const t=!i.StringUtils.isEmpty(e.auth.clientSecret),n=!i.StringUtils.isEmpty(e.auth.clientAssertion),r=e.auth.clientCertificate,s=!i.StringUtils.isEmpty(r.thumbprint)||!i.StringUtils.isEmpty(r.privateKey);if(t&&n||n&&s||t&&s)throw i.ClientAuthError.createInvalidCredentialError();if(t)this.clientSecret=e.auth.clientSecret;else if(n)this.clientAssertion=M.fromAssertion(e.auth.clientAssertion);else{if(!s)throw i.ClientAuthError.createInvalidCredentialError();var a;this.clientAssertion=M.fromCertificate(r.thumbprint,r.privateKey,null==(a=e.auth.clientCertificate)?void 0:a.x5c)}}},exports.CryptoProvider=m,exports.NodeStorage=A,exports.PublicClientApplication=class extends w{constructor(e){super(e)}async acquireTokenByDeviceCode(e){this.logger.info("acquireTokenByDeviceCode called");const t=Object.assign(e,this.initializeBaseRequest(e)),n=this.initializeServerTelemetryManager(c.acquireTokenByDeviceCode,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.DeviceCodeClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}async acquireTokenByUsernamePassword(e){this.logger.info("acquireTokenByUsernamePassword called");const t={...e,...this.initializeBaseRequest(e)},n=this.initializeServerTelemetryManager(c.acquireTokenByUsernamePassword,t.correlationId);try{const e=await this.buildOauthClientConfiguration(t.authority,n);return this.logger.verbose("Auth client config generated"),new i.UsernamePasswordClient(e).acquireToken(t)}catch(e){throw n.cacheFailedRequest(e),e}}},exports.TokenCache=E,exports.buildAppConfiguration=d; | ||
| //# sourceMappingURL=msal-node.cjs.production.min.js.map |
@@ -17,4 +17,4 @@ import { INetworkModule, NetworkRequestOptions, NetworkResponse } from "@azure/msal-common"; | ||
| */ | ||
| sendPostRequestAsync<T>(url: string, options?: NetworkRequestOptions): Promise<NetworkResponse<T>>; | ||
| sendPostRequestAsync<T>(url: string, options?: NetworkRequestOptions, cancellationToken?: number): Promise<NetworkResponse<T>>; | ||
| } | ||
| //# sourceMappingURL=HttpClient.d.ts.map |
| export declare const name = "@azure/msal-node"; | ||
| export declare const version = "1.0.3"; | ||
| export declare const version = "1.1.0"; | ||
| //# sourceMappingURL=packageMetadata.d.ts.map |
@@ -9,2 +9,6 @@ /** | ||
| /** | ||
| * Constants used for region discovery | ||
| */ | ||
| export declare const REGION_ENVIRONMENT_VARIABLE = "REGION_NAME"; | ||
| /** | ||
| * Constant used for PKCE | ||
@@ -11,0 +15,0 @@ */ |
| { | ||
| "name": "@azure/msal-node", | ||
| "version": "1.0.3", | ||
| "version": "1.1.0", | ||
| "author": { | ||
@@ -69,3 +69,3 @@ "name": "Microsoft", | ||
| "dependencies": { | ||
| "@azure/msal-common": "^4.2.1", | ||
| "@azure/msal-common": "^4.3.0", | ||
| "axios": "^0.21.1", | ||
@@ -76,4 +76,4 @@ "jsonwebtoken": "^8.5.1", | ||
| "engines": { | ||
| "node": "10 || 12 || 14" | ||
| "node": "10 || 12 || 14 || 16" | ||
| } | ||
| } |
@@ -85,3 +85,3 @@ # Microsoft Authentication Library for Node (msal-node) | ||
| |-------------------|-------------------------|-------------------------| | ||
| | 1.x.x | Active development | 10, 12, 14 | | ||
| | 1.x.x | Active development | 10, 12, 14, 16 | | ||
@@ -88,0 +88,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.09%
686114
- Lines of code
- increased by1.31%
5661
Worsened metrics
- Number of low supply chain risk alerts
- increased by300%
4
Dependency changes
Updated@azure/msal-common@^4.3.0