Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@azure/msal-node

Package Overview
Dependencies
Maintainers
3
Versions
112
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@azure/msal-node - npm Package Compare versions

Comparing version 1.8.0 to 1.9.0

2

dist/msal-node.cjs.production.min.js

@@ -1,2 +0,2 @@

"use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}Object.defineProperty(exports,"__esModule",{value:!0});var t,i=require("@azure/msal-common"),r=e(require("axios")),n=e(require("https-proxy-agent")),a=require("uuid"),s=e(require("crypto")),o=require("jsonwebtoken");!function(e){e.GET="get",e.POST="post"}(t||(t={}));const c="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";var l;!function(e){e[e.acquireTokenSilent=62]="acquireTokenSilent",e[e.acquireTokenByUsernamePassword=371]="acquireTokenByUsernamePassword",e[e.acquireTokenByDeviceCode=671]="acquireTokenByDeviceCode",e[e.acquireTokenByClientCredential=771]="acquireTokenByClientCredential",e[e.acquireTokenByCode=871]="acquireTokenByCode",e[e.acquireTokenByRefreshToken=872]="acquireTokenByRefreshToken"}(l||(l={}));class h{async sendGetRequestAsync(e,i){const a={method:t.GET,url:e,headers:i&&i.headers,validateStatus:()=>!0};i&&i.proxyUrl&&(a.proxy=!1,a.httpsAgent=n(i.proxyUrl));const s=await r(a);return{headers:s.headers,body:s.data,status:s.status}}async sendPostRequestAsync(e,a,s){const o={method:t.POST,url:e,data:a&&a.body||i.Constants.EMPTY_STRING,timeout:s,headers:a&&a.headers,validateStatus:()=>!0};a&&a.proxyUrl&&(o.proxy=!1,o.httpsAgent=n(a.proxyUrl));const c=await r(o);return{headers:c.headers,body:c.data,status:c.status}}}const u={clientId:i.Constants.EMPTY_STRING,authority:i.Constants.DEFAULT_AUTHORITY,clientSecret:i.Constants.EMPTY_STRING,clientAssertion:i.Constants.EMPTY_STRING,clientCertificate:{thumbprint:i.Constants.EMPTY_STRING,privateKey:i.Constants.EMPTY_STRING,x5c:i.Constants.EMPTY_STRING},knownAuthorities:[],cloudDiscoveryMetadata:i.Constants.EMPTY_STRING,authorityMetadata:i.Constants.EMPTY_STRING,clientCapabilities:[],protocolMode:i.ProtocolMode.AAD,azureCloudOptions:{azureCloudInstance:i.AzureCloudInstance.None,tenant:i.Constants.EMPTY_STRING}},d={},g={loggerOptions:{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:i.LogLevel.Info},networkClient:class{static getNetworkClient(){return new h}}.getNetworkClient(),proxyUrl:i.Constants.EMPTY_STRING},p={application:{appName:i.Constants.EMPTY_STRING,appVersion:i.Constants.EMPTY_STRING}};function y({auth:e,cache:t,system:i,telemetry:r}){return{auth:{...u,...e},cache:{...d,...t},system:{...g,...i},telemetry:{...p,...r}}}class m{generateGuid(){return a.v4()}isGuid(e){return/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(e)}}class f{static base64Encode(e,t){return Buffer.from(e,t).toString("base64")}static base64EncodeUrl(e,t){return f.base64Encode(e,t).replace(/=/g,i.Constants.EMPTY_STRING).replace(/\+/g,"-").replace(/\//g,"_")}static base64Decode(e){return Buffer.from(e,"base64").toString("utf8")}static base64DecodeUrl(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");for(;t.length%4;)t+="=";return f.base64Decode(t)}}class C{sha256(e){return s.createHash("sha256").update(e).digest()}}class T{constructor(){this.hashUtils=new C}async generatePkceCodes(){const e=this.generateCodeVerifier();return{verifier:e,challenge:this.generateCodeChallengeFromVerifier(e)}}generateCodeVerifier(){const e=[],t=256-256%c.length;for(;e.length<=32;){const i=s.randomBytes(1)[0];i>=t||e.push(c[i%c.length])}const r=e.join(i.Constants.EMPTY_STRING);return f.base64EncodeUrl(r)}generateCodeChallengeFromVerifier(e){return f.base64EncodeUrl(this.hashUtils.sha256(e).toString("base64"),"base64")}}class A{constructor(){this.pkceGenerator=new T,this.guidGenerator=new m,this.hashUtils=new C}createNewGuid(){return this.guidGenerator.generateGuid()}base64Encode(e){return f.base64Encode(e)}base64Decode(e){return f.base64Decode(e)}generatePkceCodes(){return this.pkceGenerator.generatePkceCodes()}getPublicKeyThumbprint(){throw new Error("Method not implemented.")}removeTokenBindingKey(){throw new Error("Method not implemented.")}clearKeystore(){throw new Error("Method not implemented.")}signJwt(){throw new Error("Method not implemented.")}async hashString(e){return f.base64EncodeUrl(this.hashUtils.sha256(e).toString("base64"),"base64")}}class k{static deserializeJSONBlob(e){return i.StringUtils.isEmpty(e)?{}:JSON.parse(e)}static deserializeAccounts(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,realm:n.realm,localAccountId:n.local_account_id,username:n.username,authorityType:n.authority_type,name:n.name,clientInfo:n.client_info,lastModificationTime:n.last_modification_time,lastModificationApp:n.last_modification_app},s=new i.AccountEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeIdTokens(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,credentialType:n.credential_type,clientId:n.client_id,secret:n.secret,realm:n.realm},s=new i.IdTokenEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeAccessTokens(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,credentialType:n.credential_type,clientId:n.client_id,secret:n.secret,realm:n.realm,target:n.target,cachedAt:n.cached_at,expiresOn:n.expires_on,extendedExpiresOn:n.extended_expires_on,refreshOn:n.refresh_on,keyId:n.key_id,tokenType:n.token_type,requestedClaims:n.requestedClaims,requestedClaimsHash:n.requestedClaimsHash},s=new i.AccessTokenEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeRefreshTokens(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,credentialType:n.credential_type,clientId:n.client_id,secret:n.secret,familyId:n.family_id,target:n.target,realm:n.realm},s=new i.RefreshTokenEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeAppMetadata(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={clientId:n.client_id,environment:n.environment,familyId:n.family_id},s=new i.AppMetadataEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeAllCache(e){return{accounts:e.Account?this.deserializeAccounts(e.Account):{},idTokens:e.IdToken?this.deserializeIdTokens(e.IdToken):{},accessTokens:e.AccessToken?this.deserializeAccessTokens(e.AccessToken):{},refreshTokens:e.RefreshToken?this.deserializeRefreshTokens(e.RefreshToken):{},appMetadata:e.AppMetadata?this.deserializeAppMetadata(e.AppMetadata):{}}}}class I{static serializeJSONBlob(e){return JSON.stringify(e)}static serializeAccounts(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,realm:r.realm,local_account_id:r.localAccountId,username:r.username,authority_type:r.authorityType,name:r.name,client_info:r.clientInfo,last_modification_time:r.lastModificationTime,last_modification_app:r.lastModificationApp}})),t}static serializeIdTokens(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,credential_type:r.credentialType,client_id:r.clientId,secret:r.secret,realm:r.realm}})),t}static serializeAccessTokens(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,credential_type:r.credentialType,client_id:r.clientId,secret:r.secret,realm:r.realm,target:r.target,cached_at:r.cachedAt,expires_on:r.expiresOn,extended_expires_on:r.extendedExpiresOn,refresh_on:r.refreshOn,key_id:r.keyId,token_type:r.tokenType,requestedClaims:r.requestedClaims,requestedClaimsHash:r.requestedClaimsHash}})),t}static serializeRefreshTokens(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,credential_type:r.credentialType,client_id:r.clientId,secret:r.secret,family_id:r.familyId,target:r.target,realm:r.realm}})),t}static serializeAppMetadata(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={client_id:r.clientId,environment:r.environment,family_id:r.familyId}})),t}static serializeAllCache(e){return{Account:this.serializeAccounts(e.accounts),IdToken:this.serializeIdTokens(e.idTokens),AccessToken:this.serializeAccessTokens(e.accessTokens),RefreshToken:this.serializeRefreshTokens(e.refreshTokens),AppMetadata:this.serializeAppMetadata(e.appMetadata)}}}class b extends i.CacheManager{constructor(e,t,i){super(t,i),this.cache={},this.changeEmitters=[],this.logger=e}registerChangeEmitter(e){this.changeEmitters.push(e)}emitChange(){this.changeEmitters.forEach(e=>e.call(null))}cacheToInMemoryCache(e){const t={accounts:{},idTokens:{},accessTokens:{},refreshTokens:{},appMetadata:{}};for(const r in e)if(e[r]instanceof i.AccountEntity)t.accounts[r]=e[r];else if(e[r]instanceof i.IdTokenEntity)t.idTokens[r]=e[r];else if(e[r]instanceof i.AccessTokenEntity)t.accessTokens[r]=e[r];else if(e[r]instanceof i.RefreshTokenEntity)t.refreshTokens[r]=e[r];else{if(!(e[r]instanceof i.AppMetadataEntity))continue;t.appMetadata[r]=e[r]}return t}inMemoryCacheToCache(e){let t=this.getCache();return t={...t,...e.accounts,...e.idTokens,...e.accessTokens,...e.refreshTokens,...e.appMetadata},t}getInMemoryCache(){return this.logger.trace("Getting in-memory cache"),this.cacheToInMemoryCache(this.getCache())}setInMemoryCache(e){this.logger.trace("Setting in-memory cache");const t=this.inMemoryCacheToCache(e);this.setCache(t),this.emitChange()}getCache(){return this.logger.trace("Getting cache key-value store"),this.cache}setCache(e){this.logger.trace("Setting cache key value store"),this.cache=e,this.emitChange()}getItem(e){return this.logger.tracePii("Item key: "+e),this.getCache()[e]}setItem(e,t){this.logger.tracePii("Item key: "+e);const i=this.getCache();i[e]=t,this.setCache(i)}getAccount(e){const t=this.getItem(e);return i.AccountEntity.isAccountEntity(t)?t:null}setAccount(e){const t=e.generateAccountKey();this.setItem(t,e)}getIdTokenCredential(e){const t=this.getItem(e);return i.IdTokenEntity.isIdTokenEntity(t)?t:null}setIdTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAccessTokenCredential(e){const t=this.getItem(e);return i.AccessTokenEntity.isAccessTokenEntity(t)?t:null}setAccessTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getRefreshTokenCredential(e){const t=this.getItem(e);return i.RefreshTokenEntity.isRefreshTokenEntity(t)?t:null}setRefreshTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAppMetadata(e){const t=this.getItem(e);return i.AppMetadataEntity.isAppMetadataEntity(e,t)?t:null}setAppMetadata(e){const t=e.generateAppMetadataKey();this.setItem(t,e)}getServerTelemetry(e){const t=this.getItem(e);return t&&i.ServerTelemetryEntity.isServerTelemetryEntity(e,t)?t:null}setServerTelemetry(e,t){this.setItem(e,t)}getAuthorityMetadata(e){const t=this.getItem(e);return t&&i.AuthorityMetadataEntity.isAuthorityMetadataEntity(e,t)?t:null}getAuthorityMetadataKeys(){return this.getKeys().filter(e=>this.isAuthorityMetadata(e))}setAuthorityMetadata(e,t){this.setItem(e,t)}getThrottlingCache(e){const t=this.getItem(e);return t&&i.ThrottlingEntity.isThrottlingEntity(e,t)?t:null}setThrottlingCache(e,t){this.setItem(e,t)}removeItem(e){this.logger.tracePii("Item key: "+e);let t=!1;const i=this.getCache();return i[e]&&(delete i[e],t=!0),t&&(this.setCache(i),this.emitChange()),t}containsKey(e){return this.getKeys().includes(e)}getKeys(){this.logger.trace("Retrieving all cache keys");const e=this.getCache();return[...Object.keys(e)]}async clear(){this.logger.trace("Clearing cache entries created by MSAL"),this.getKeys().forEach(e=>{this.removeItem(e)}),this.emitChange()}static generateInMemoryCache(e){return k.deserializeAllCache(k.deserializeJSONBlob(e))}static generateJsonCache(e){return I.serializeAllCache(e)}updateCredentialCacheKey(e,t){const i=t.generateCredentialKey();if(e!==i){const r=this.getItem(e);if(r)return this.removeItem(e),this.setItem(i,r),this.logger.verbose(`Updated an outdated ${t.credentialType} cache key`),i;this.logger.error(`Attempted to update an outdated ${t.credentialType} cache key but no item matching the outdated key was found in storage`)}return e}}const E={},v={},w={},M={},S={};class R{constructor(e,t,i){this.cacheHasChanged=!1,this.storage=e,this.storage.registerChangeEmitter(this.handleChangeEvent.bind(this)),i&&(this.persistence=i),this.logger=t}hasChanged(){return this.cacheHasChanged}serialize(){this.logger.trace("Serializing in-memory cache");let e=I.serializeAllCache(this.storage.getInMemoryCache());return i.StringUtils.isEmpty(this.cacheSnapshot)?this.logger.trace("No cache snapshot to merge"):(this.logger.trace("Reading cache snapshot from disk"),e=this.mergeState(JSON.parse(this.cacheSnapshot),e)),this.cacheHasChanged=!1,JSON.stringify(e)}deserialize(e){if(this.logger.trace("Deserializing JSON to in-memory cache"),this.cacheSnapshot=e,i.StringUtils.isEmpty(this.cacheSnapshot))this.logger.trace("No cache snapshot to deserialize");else{this.logger.trace("Reading cache snapshot from disk");const e=k.deserializeAllCache(this.overlayDefaults(JSON.parse(this.cacheSnapshot)));this.storage.setInMemoryCache(e)}}getKVStore(){return this.storage.getCache()}async getAllAccounts(){let e;this.logger.trace("getAllAccounts called");try{return this.persistence&&(e=new i.TokenCacheContext(this,!1),await this.persistence.beforeCacheAccess(e)),this.storage.getAllAccounts()}finally{this.persistence&&e&&await this.persistence.afterCacheAccess(e)}}async getAccountByHomeId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.homeAccountId===e)[0]||null}async getAccountByLocalId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.localAccountId===e)[0]||null}async removeAccount(e){let t;this.logger.trace("removeAccount called");try{this.persistence&&(t=new i.TokenCacheContext(this,!0),await this.persistence.beforeCacheAccess(t)),await this.storage.removeAccount(i.AccountEntity.generateAccountCacheKey(e))}finally{this.persistence&&t&&await this.persistence.afterCacheAccess(t)}}handleChangeEvent(){this.cacheHasChanged=!0}mergeState(e,t){this.logger.trace("Merging in-memory cache with cache snapshot");const i=this.mergeRemovals(e,t);return this.mergeUpdates(i,t)}mergeUpdates(e,t){return Object.keys(t).forEach(i=>{const r=t[i];if(e.hasOwnProperty(i)){const t=null!==r,n="object"==typeof r,a=!Array.isArray(r),s=null!=e[i];t&&n&&a&&s?this.mergeUpdates(e[i],r):e[i]=r}else null!==r&&(e[i]=r)}),e}mergeRemovals(e,t){this.logger.trace("Remove updated entries in cache");const i=e.Account?this.mergeRemovalsDict(e.Account,t.Account):e.Account,r=e.AccessToken?this.mergeRemovalsDict(e.AccessToken,t.AccessToken):e.AccessToken,n=e.RefreshToken?this.mergeRemovalsDict(e.RefreshToken,t.RefreshToken):e.RefreshToken,a=e.IdToken?this.mergeRemovalsDict(e.IdToken,t.IdToken):e.IdToken,s=e.AppMetadata?this.mergeRemovalsDict(e.AppMetadata,t.AppMetadata):e.AppMetadata;return{...e,Account:i,AccessToken:r,RefreshToken:n,IdToken:a,AppMetadata:s}}mergeRemovalsDict(e,t){const i={...e};return Object.keys(e).forEach(e=>{t&&t.hasOwnProperty(e)||delete i[e]}),i}overlayDefaults(e){return this.logger.trace("Overlaying input cache with the default cache"),{Account:{...E,...e.Account},IdToken:{...v,...e.IdToken},AccessToken:{...w,...e.AccessToken},RefreshToken:{...M,...e.RefreshToken},AppMetadata:{...S,...e.AppMetadata}}}}class O{constructor(e){this.config=y(e),this.cryptoProvider=new A,this.logger=new i.Logger(this.config.system.loggerOptions,"@azure/msal-node","1.8.0"),this.storage=new b(this.logger,this.config.auth.clientId,this.cryptoProvider),this.tokenCache=new R(this.storage,this.logger,this.config.cache.cachePlugin)}async getAuthCodeUrl(e){this.logger.info("getAuthCodeUrl called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e),responseMode:e.responseMode||i.ResponseMode.QUERY,authenticationScheme:i.AuthenticationScheme.BEARER},r=await this.buildOauthClientConfiguration(t.authority,t.correlationId,void 0,void 0,e.azureCloudOptions),n=new i.AuthorizationCodeClient(r);return this.logger.verbose("Auth code client created",t.correlationId),n.getAuthCodeUrl(t)}async acquireTokenByCode(e,t){this.logger.info("acquireTokenByCode called",e.correlationId);const r={...e,...await this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},n=this.initializeServerTelemetryManager(l.acquireTokenByCode,r.correlationId);try{const a=await this.buildOauthClientConfiguration(r.authority,r.correlationId,n,void 0,e.azureCloudOptions),s=new i.AuthorizationCodeClient(a);return this.logger.verbose("Auth code client created",r.correlationId),s.acquireToken(r,t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(r.correlationId),n.cacheFailedRequest(e),e}}async acquireTokenByRefreshToken(e){this.logger.info("acquireTokenByRefreshToken called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},r=this.initializeServerTelemetryManager(l.acquireTokenByRefreshToken,t.correlationId);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.RefreshTokenClient(n);return this.logger.verbose("Refresh token client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}async acquireTokenSilent(e){const t={...e,...await this.initializeBaseRequest(e),forceRefresh:e.forceRefresh||!1},r=this.initializeServerTelemetryManager(l.acquireTokenSilent,t.correlationId,t.forceRefresh);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.SilentFlowClient(n);return this.logger.verbose("Silent flow client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}async acquireTokenByUsernamePassword(e){this.logger.info("acquireTokenByUsernamePassword called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e)},r=this.initializeServerTelemetryManager(l.acquireTokenByUsernamePassword,t.correlationId);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.UsernamePasswordClient(n);return this.logger.verbose("Username password client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}getTokenCache(){return this.logger.info("getTokenCache called"),this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}async buildOauthClientConfiguration(e,t,r,n,a){this.logger.verbose("buildOauthClientConfiguration called",t);const s=a||this.config.auth.azureCloudOptions;this.logger.verbose("building oauth client configuration with the authority: "+e,t);const o=await this.createAuthority(e,n,t,s);return null==r||r.updateRegionDiscoveryMetadata(o.regionDiscoveryMetadata),{authOptions:{clientId:this.config.auth.clientId,authority:o,clientCapabilities:this.config.auth.clientCapabilities},systemOptions:{proxyUrl:this.config.system.proxyUrl},loggerOptions:{logLevel:this.config.system.loggerOptions.logLevel,loggerCallback:this.config.system.loggerOptions.loggerCallback,piiLoggingEnabled:this.config.system.loggerOptions.piiLoggingEnabled,correlationId:t},cryptoInterface:this.cryptoProvider,networkInterface:this.config.system.networkClient,storageInterface:this.storage,serverTelemetryManager:r,clientCredentials:{clientSecret:this.clientSecret,clientAssertion:this.clientAssertion?this.getClientAssertion(o):void 0},libraryInfo:{sku:"msal.js.node",version:"1.8.0",cpu:process.arch||i.Constants.EMPTY_STRING,os:process.platform||i.Constants.EMPTY_STRING},telemetry:this.config.telemetry,persistencePlugin:this.config.cache.cachePlugin,serializableCache:this.tokenCache}}getClientAssertion(e){return{assertion:this.clientAssertion.getJwt(this.cryptoProvider,this.config.auth.clientId,e.tokenEndpoint),assertionType:"urn:ietf:params:oauth:client-assertion-type:jwt-bearer"}}async initializeBaseRequest(e){return this.logger.verbose("initializeRequestScopes called",e.correlationId),e.authenticationScheme&&e.authenticationScheme===i.AuthenticationScheme.POP&&this.logger.verbose("Authentication Scheme 'pop' is not supported yet, setting Authentication Scheme to 'Bearer' for request",e.correlationId),e.authenticationScheme=i.AuthenticationScheme.BEARER,e.claims&&!i.StringUtils.isEmpty(e.claims)&&(e.requestedClaimsHash=await this.cryptoProvider.hashString(e.claims)),{...e,scopes:[...e&&e.scopes||[],...i.OIDC_DEFAULT_SCOPES],correlationId:e&&e.correlationId||this.cryptoProvider.createNewGuid(),authority:e.authority||this.config.auth.authority}}initializeServerTelemetryManager(e,t,r){return new i.ServerTelemetryManager({clientId:this.config.auth.clientId,correlationId:t,apiId:e,forceRefresh:r||!1},this.storage)}async createAuthority(e,t,r,n){this.logger.verbose("createAuthority called",r);const a=i.Authority.generateAuthority(e,n),s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,azureRegionConfiguration:t};return await i.AuthorityFactory.createDiscoveredInstance(a,this.config.system.networkClient,this.storage,s)}clearCache(){this.storage.clear()}}class _{static fromAssertion(e){const t=new _;return t.jwt=e,t}static fromCertificate(e,t,i){const r=new _;return r.privateKey=t,r.thumbprint=e,i&&(r.publicCertificate=this.parseCertificate(i)),r}getJwt(e,t,r){if(this.privateKey&&this.thumbprint)return this.jwt&&!this.isExpired()&&t===this.issuer&&r===this.jwtAudience?this.jwt:this.createJwt(e,t,r);if(this.jwt)return this.jwt;throw i.ClientAuthError.createInvalidAssertionError()}createJwt(e,t,r){this.issuer=t,this.jwtAudience=r;const n=i.TimeUtils.nowSeconds();this.expirationTime=n+600;const a={alg:"RS256",x5t:f.base64EncodeUrl(this.thumbprint,"hex")};this.publicCertificate&&Object.assign(a,{x5c:this.publicCertificate});const s={aud:this.jwtAudience,exp:this.expirationTime,iss:this.issuer,sub:this.issuer,nbf:n,jti:e.createNewGuid()};return this.jwt=o.sign(s,this.privateKey,{header:a}),this.jwt}isExpired(){return this.expirationTime<i.TimeUtils.nowSeconds()}static parseCertificate(e){const t=/-----BEGIN CERTIFICATE-----\n(.+?)\n-----END CERTIFICATE-----/gs,r=[];let n;for(;null!==(n=t.exec(e));)r.push(n[1].replace(/\n/,i.Constants.EMPTY_STRING));return r}}Object.defineProperty(exports,"AuthError",{enumerable:!0,get:function(){return i.AuthError}}),Object.defineProperty(exports,"AuthErrorMessage",{enumerable:!0,get:function(){return i.AuthErrorMessage}}),Object.defineProperty(exports,"AzureCloudInstance",{enumerable:!0,get:function(){return i.AzureCloudInstance}}),Object.defineProperty(exports,"ClientAuthError",{enumerable:!0,get:function(){return i.ClientAuthError}}),Object.defineProperty(exports,"ClientAuthErrorMessage",{enumerable:!0,get:function(){return i.ClientAuthErrorMessage}}),Object.defineProperty(exports,"ClientConfigurationError",{enumerable:!0,get:function(){return i.ClientConfigurationError}}),Object.defineProperty(exports,"ClientConfigurationErrorMessage",{enumerable:!0,get:function(){return i.ClientConfigurationErrorMessage}}),Object.defineProperty(exports,"InteractionRequiredAuthError",{enumerable:!0,get:function(){return i.InteractionRequiredAuthError}}),Object.defineProperty(exports,"InteractionRequiredAuthErrorMessage",{enumerable:!0,get:function(){return i.InteractionRequiredAuthErrorMessage}}),Object.defineProperty(exports,"LogLevel",{enumerable:!0,get:function(){return i.LogLevel}}),Object.defineProperty(exports,"Logger",{enumerable:!0,get:function(){return i.Logger}}),Object.defineProperty(exports,"PromptValue",{enumerable:!0,get:function(){return i.PromptValue}}),Object.defineProperty(exports,"ProtocolMode",{enumerable:!0,get:function(){return i.ProtocolMode}}),Object.defineProperty(exports,"ResponseMode",{enumerable:!0,get:function(){return i.ResponseMode}}),Object.defineProperty(exports,"ServerError",{enumerable:!0,get:function(){return i.ServerError}}),Object.defineProperty(exports,"TokenCacheContext",{enumerable:!0,get:function(){return i.TokenCacheContext}}),exports.ClientApplication=O,exports.ClientAssertion=_,exports.ConfidentialClientApplication=class extends O{constructor(e){super(e),this.setClientCredential(this.config)}async acquireTokenByClientCredential(e){this.logger.info("acquireTokenByClientCredential called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e)},r={azureRegion:t.azureRegion,environmentRegion:process.env.REGION_NAME},n=this.initializeServerTelemetryManager(l.acquireTokenByClientCredential,t.correlationId,t.skipCache);try{const a=await this.buildOauthClientConfiguration(t.authority,t.correlationId,n,r,e.azureCloudOptions),s=new i.ClientCredentialClient(a);return this.logger.verbose("Client credential client created",t.correlationId),s.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),n.cacheFailedRequest(e),e}}async acquireTokenOnBehalfOf(e){this.logger.info("acquireTokenOnBehalfOf called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e)};try{const r=await this.buildOauthClientConfiguration(t.authority,t.correlationId,void 0,void 0,e.azureCloudOptions),n=new i.OnBehalfOfClient(r);return this.logger.verbose("On behalf of client created",t.correlationId),n.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),e}}setClientCredential(e){const t=!i.StringUtils.isEmpty(e.auth.clientSecret),r=!i.StringUtils.isEmpty(e.auth.clientAssertion),n=e.auth.clientCertificate||{thumbprint:i.Constants.EMPTY_STRING,privateKey:i.Constants.EMPTY_STRING},a=!i.StringUtils.isEmpty(n.thumbprint)||!i.StringUtils.isEmpty(n.privateKey);if(t&&r||r&&a||t&&a)throw i.ClientAuthError.createInvalidCredentialError();if(e.auth.clientSecret)this.clientSecret=e.auth.clientSecret;else if(e.auth.clientAssertion)this.clientAssertion=_.fromAssertion(e.auth.clientAssertion);else{if(!a)throw i.ClientAuthError.createInvalidCredentialError();var s;this.clientAssertion=_.fromCertificate(n.thumbprint,n.privateKey,null==(s=e.auth.clientCertificate)?void 0:s.x5c)}}},exports.CryptoProvider=A,exports.DistributedCachePlugin=class{constructor(e,t){this.client=e,this.partitionManager=t}async beforeCacheAccess(e){const t=await this.partitionManager.getKey(),i=await this.client.get(t);e.tokenCache.deserialize(i)}async afterCacheAccess(e){if(e.cacheHasChanged){const t=e.tokenCache.getKVStore(),r=Object.values(t).filter(e=>i.AccountEntity.isAccountEntity(e));if(r.length>0){const t=r[0],i=await this.partitionManager.extractKey(t);await this.client.set(i,e.tokenCache.serialize())}}}},exports.NodeStorage=b,exports.PublicClientApplication=class extends O{constructor(e){super(e)}async acquireTokenByDeviceCode(e){this.logger.info("acquireTokenByDeviceCode called",e.correlationId);const t=Object.assign(e,await this.initializeBaseRequest(e)),r=this.initializeServerTelemetryManager(l.acquireTokenByDeviceCode,t.correlationId);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.DeviceCodeClient(n);return this.logger.verbose("Device code client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}},exports.TokenCache=R,exports.buildAppConfiguration=y,exports.version="1.8.0";
"use strict";function e(e){return e&&"object"==typeof e&&"default"in e?e.default:e}Object.defineProperty(exports,"__esModule",{value:!0});var t,i=require("@azure/msal-common"),r=e(require("axios")),n=e(require("https-proxy-agent")),a=require("uuid"),s=e(require("crypto")),o=require("jsonwebtoken");!function(e){e.GET="get",e.POST="post"}(t||(t={}));const c="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";var l;!function(e){e[e.acquireTokenSilent=62]="acquireTokenSilent",e[e.acquireTokenByUsernamePassword=371]="acquireTokenByUsernamePassword",e[e.acquireTokenByDeviceCode=671]="acquireTokenByDeviceCode",e[e.acquireTokenByClientCredential=771]="acquireTokenByClientCredential",e[e.acquireTokenByCode=871]="acquireTokenByCode",e[e.acquireTokenByRefreshToken=872]="acquireTokenByRefreshToken"}(l||(l={}));class h{async sendGetRequestAsync(e,i){const a={method:t.GET,url:e,headers:i&&i.headers,validateStatus:()=>!0};i&&i.proxyUrl&&(a.proxy=!1,a.httpsAgent=n(i.proxyUrl));const s=await r(a);return{headers:s.headers,body:s.data,status:s.status}}async sendPostRequestAsync(e,a,s){const o={method:t.POST,url:e,data:a&&a.body||i.Constants.EMPTY_STRING,timeout:s,headers:a&&a.headers,validateStatus:()=>!0};a&&a.proxyUrl&&(o.proxy=!1,o.httpsAgent=n(a.proxyUrl));const c=await r(o);return{headers:c.headers,body:c.data,status:c.status}}}const u={clientId:i.Constants.EMPTY_STRING,authority:i.Constants.DEFAULT_AUTHORITY,clientSecret:i.Constants.EMPTY_STRING,clientAssertion:i.Constants.EMPTY_STRING,clientCertificate:{thumbprint:i.Constants.EMPTY_STRING,privateKey:i.Constants.EMPTY_STRING,x5c:i.Constants.EMPTY_STRING},knownAuthorities:[],cloudDiscoveryMetadata:i.Constants.EMPTY_STRING,authorityMetadata:i.Constants.EMPTY_STRING,clientCapabilities:[],protocolMode:i.ProtocolMode.AAD,azureCloudOptions:{azureCloudInstance:i.AzureCloudInstance.None,tenant:i.Constants.EMPTY_STRING}},d={},g={loggerOptions:{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:i.LogLevel.Info},networkClient:class{static getNetworkClient(){return new h}}.getNetworkClient(),proxyUrl:i.Constants.EMPTY_STRING},p={application:{appName:i.Constants.EMPTY_STRING,appVersion:i.Constants.EMPTY_STRING}};function y({auth:e,cache:t,system:i,telemetry:r}){return{auth:{...u,...e},cache:{...d,...t},system:{...g,...i},telemetry:{...p,...r}}}class m{generateGuid(){return a.v4()}isGuid(e){return/^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(e)}}class f{static base64Encode(e,t){return Buffer.from(e,t).toString("base64")}static base64EncodeUrl(e,t){return f.base64Encode(e,t).replace(/=/g,i.Constants.EMPTY_STRING).replace(/\+/g,"-").replace(/\//g,"_")}static base64Decode(e){return Buffer.from(e,"base64").toString("utf8")}static base64DecodeUrl(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");for(;t.length%4;)t+="=";return f.base64Decode(t)}}class C{sha256(e){return s.createHash("sha256").update(e).digest()}}class T{constructor(){this.hashUtils=new C}async generatePkceCodes(){const e=this.generateCodeVerifier();return{verifier:e,challenge:this.generateCodeChallengeFromVerifier(e)}}generateCodeVerifier(){const e=[],t=256-256%c.length;for(;e.length<=32;){const i=s.randomBytes(1)[0];i>=t||e.push(c[i%c.length])}const r=e.join(i.Constants.EMPTY_STRING);return f.base64EncodeUrl(r)}generateCodeChallengeFromVerifier(e){return f.base64EncodeUrl(this.hashUtils.sha256(e).toString("base64"),"base64")}}class A{constructor(){this.pkceGenerator=new T,this.guidGenerator=new m,this.hashUtils=new C}createNewGuid(){return this.guidGenerator.generateGuid()}base64Encode(e){return f.base64Encode(e)}base64Decode(e){return f.base64Decode(e)}generatePkceCodes(){return this.pkceGenerator.generatePkceCodes()}getPublicKeyThumbprint(){throw new Error("Method not implemented.")}removeTokenBindingKey(){throw new Error("Method not implemented.")}clearKeystore(){throw new Error("Method not implemented.")}signJwt(){throw new Error("Method not implemented.")}async hashString(e){return f.base64EncodeUrl(this.hashUtils.sha256(e).toString("base64"),"base64")}}class k{static deserializeJSONBlob(e){return i.StringUtils.isEmpty(e)?{}:JSON.parse(e)}static deserializeAccounts(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,realm:n.realm,localAccountId:n.local_account_id,username:n.username,authorityType:n.authority_type,name:n.name,clientInfo:n.client_info,lastModificationTime:n.last_modification_time,lastModificationApp:n.last_modification_app},s=new i.AccountEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeIdTokens(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,credentialType:n.credential_type,clientId:n.client_id,secret:n.secret,realm:n.realm},s=new i.IdTokenEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeAccessTokens(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,credentialType:n.credential_type,clientId:n.client_id,secret:n.secret,realm:n.realm,target:n.target,cachedAt:n.cached_at,expiresOn:n.expires_on,extendedExpiresOn:n.extended_expires_on,refreshOn:n.refresh_on,keyId:n.key_id,tokenType:n.token_type,requestedClaims:n.requestedClaims,requestedClaimsHash:n.requestedClaimsHash},s=new i.AccessTokenEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeRefreshTokens(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={homeAccountId:n.home_account_id,environment:n.environment,credentialType:n.credential_type,clientId:n.client_id,secret:n.secret,familyId:n.family_id,target:n.target,realm:n.realm},s=new i.RefreshTokenEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeAppMetadata(e){const t={};return e&&Object.keys(e).map((function(r){const n=e[r],a={clientId:n.client_id,environment:n.environment,familyId:n.family_id},s=new i.AppMetadataEntity;i.CacheManager.toObject(s,a),t[r]=s})),t}static deserializeAllCache(e){return{accounts:e.Account?this.deserializeAccounts(e.Account):{},idTokens:e.IdToken?this.deserializeIdTokens(e.IdToken):{},accessTokens:e.AccessToken?this.deserializeAccessTokens(e.AccessToken):{},refreshTokens:e.RefreshToken?this.deserializeRefreshTokens(e.RefreshToken):{},appMetadata:e.AppMetadata?this.deserializeAppMetadata(e.AppMetadata):{}}}}class I{static serializeJSONBlob(e){return JSON.stringify(e)}static serializeAccounts(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,realm:r.realm,local_account_id:r.localAccountId,username:r.username,authority_type:r.authorityType,name:r.name,client_info:r.clientInfo,last_modification_time:r.lastModificationTime,last_modification_app:r.lastModificationApp}})),t}static serializeIdTokens(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,credential_type:r.credentialType,client_id:r.clientId,secret:r.secret,realm:r.realm}})),t}static serializeAccessTokens(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,credential_type:r.credentialType,client_id:r.clientId,secret:r.secret,realm:r.realm,target:r.target,cached_at:r.cachedAt,expires_on:r.expiresOn,extended_expires_on:r.extendedExpiresOn,refresh_on:r.refreshOn,key_id:r.keyId,token_type:r.tokenType,requestedClaims:r.requestedClaims,requestedClaimsHash:r.requestedClaimsHash}})),t}static serializeRefreshTokens(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={home_account_id:r.homeAccountId,environment:r.environment,credential_type:r.credentialType,client_id:r.clientId,secret:r.secret,family_id:r.familyId,target:r.target,realm:r.realm}})),t}static serializeAppMetadata(e){const t={};return Object.keys(e).map((function(i){const r=e[i];t[i]={client_id:r.clientId,environment:r.environment,family_id:r.familyId}})),t}static serializeAllCache(e){return{Account:this.serializeAccounts(e.accounts),IdToken:this.serializeIdTokens(e.idTokens),AccessToken:this.serializeAccessTokens(e.accessTokens),RefreshToken:this.serializeRefreshTokens(e.refreshTokens),AppMetadata:this.serializeAppMetadata(e.appMetadata)}}}class b extends i.CacheManager{constructor(e,t,i){super(t,i),this.cache={},this.changeEmitters=[],this.logger=e}registerChangeEmitter(e){this.changeEmitters.push(e)}emitChange(){this.changeEmitters.forEach(e=>e.call(null))}cacheToInMemoryCache(e){const t={accounts:{},idTokens:{},accessTokens:{},refreshTokens:{},appMetadata:{}};for(const r in e)if(e[r]instanceof i.AccountEntity)t.accounts[r]=e[r];else if(e[r]instanceof i.IdTokenEntity)t.idTokens[r]=e[r];else if(e[r]instanceof i.AccessTokenEntity)t.accessTokens[r]=e[r];else if(e[r]instanceof i.RefreshTokenEntity)t.refreshTokens[r]=e[r];else{if(!(e[r]instanceof i.AppMetadataEntity))continue;t.appMetadata[r]=e[r]}return t}inMemoryCacheToCache(e){let t=this.getCache();return t={...t,...e.accounts,...e.idTokens,...e.accessTokens,...e.refreshTokens,...e.appMetadata},t}getInMemoryCache(){return this.logger.trace("Getting in-memory cache"),this.cacheToInMemoryCache(this.getCache())}setInMemoryCache(e){this.logger.trace("Setting in-memory cache");const t=this.inMemoryCacheToCache(e);this.setCache(t),this.emitChange()}getCache(){return this.logger.trace("Getting cache key-value store"),this.cache}setCache(e){this.logger.trace("Setting cache key value store"),this.cache=e,this.emitChange()}getItem(e){return this.logger.tracePii("Item key: "+e),this.getCache()[e]}setItem(e,t){this.logger.tracePii("Item key: "+e);const i=this.getCache();i[e]=t,this.setCache(i)}getAccount(e){const t=this.getItem(e);return i.AccountEntity.isAccountEntity(t)?t:null}setAccount(e){const t=e.generateAccountKey();this.setItem(t,e)}getIdTokenCredential(e){const t=this.getItem(e);return i.IdTokenEntity.isIdTokenEntity(t)?t:null}setIdTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAccessTokenCredential(e){const t=this.getItem(e);return i.AccessTokenEntity.isAccessTokenEntity(t)?t:null}setAccessTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getRefreshTokenCredential(e){const t=this.getItem(e);return i.RefreshTokenEntity.isRefreshTokenEntity(t)?t:null}setRefreshTokenCredential(e){const t=e.generateCredentialKey();this.setItem(t,e)}getAppMetadata(e){const t=this.getItem(e);return i.AppMetadataEntity.isAppMetadataEntity(e,t)?t:null}setAppMetadata(e){const t=e.generateAppMetadataKey();this.setItem(t,e)}getServerTelemetry(e){const t=this.getItem(e);return t&&i.ServerTelemetryEntity.isServerTelemetryEntity(e,t)?t:null}setServerTelemetry(e,t){this.setItem(e,t)}getAuthorityMetadata(e){const t=this.getItem(e);return t&&i.AuthorityMetadataEntity.isAuthorityMetadataEntity(e,t)?t:null}getAuthorityMetadataKeys(){return this.getKeys().filter(e=>this.isAuthorityMetadata(e))}setAuthorityMetadata(e,t){this.setItem(e,t)}getThrottlingCache(e){const t=this.getItem(e);return t&&i.ThrottlingEntity.isThrottlingEntity(e,t)?t:null}setThrottlingCache(e,t){this.setItem(e,t)}removeItem(e){this.logger.tracePii("Item key: "+e);let t=!1;const i=this.getCache();return i[e]&&(delete i[e],t=!0),t&&(this.setCache(i),this.emitChange()),t}containsKey(e){return this.getKeys().includes(e)}getKeys(){this.logger.trace("Retrieving all cache keys");const e=this.getCache();return[...Object.keys(e)]}async clear(){this.logger.trace("Clearing cache entries created by MSAL"),this.getKeys().forEach(e=>{this.removeItem(e)}),this.emitChange()}static generateInMemoryCache(e){return k.deserializeAllCache(k.deserializeJSONBlob(e))}static generateJsonCache(e){return I.serializeAllCache(e)}updateCredentialCacheKey(e,t){const i=t.generateCredentialKey();if(e!==i){const r=this.getItem(e);if(r)return this.removeItem(e),this.setItem(i,r),this.logger.verbose(`Updated an outdated ${t.credentialType} cache key`),i;this.logger.error(`Attempted to update an outdated ${t.credentialType} cache key but no item matching the outdated key was found in storage`)}return e}}const E={},v={},w={},M={},S={};class R{constructor(e,t,i){this.cacheHasChanged=!1,this.storage=e,this.storage.registerChangeEmitter(this.handleChangeEvent.bind(this)),i&&(this.persistence=i),this.logger=t}hasChanged(){return this.cacheHasChanged}serialize(){this.logger.trace("Serializing in-memory cache");let e=I.serializeAllCache(this.storage.getInMemoryCache());return i.StringUtils.isEmpty(this.cacheSnapshot)?this.logger.trace("No cache snapshot to merge"):(this.logger.trace("Reading cache snapshot from disk"),e=this.mergeState(JSON.parse(this.cacheSnapshot),e)),this.cacheHasChanged=!1,JSON.stringify(e)}deserialize(e){if(this.logger.trace("Deserializing JSON to in-memory cache"),this.cacheSnapshot=e,i.StringUtils.isEmpty(this.cacheSnapshot))this.logger.trace("No cache snapshot to deserialize");else{this.logger.trace("Reading cache snapshot from disk");const e=k.deserializeAllCache(this.overlayDefaults(JSON.parse(this.cacheSnapshot)));this.storage.setInMemoryCache(e)}}getKVStore(){return this.storage.getCache()}async getAllAccounts(){let e;this.logger.trace("getAllAccounts called");try{return this.persistence&&(e=new i.TokenCacheContext(this,!1),await this.persistence.beforeCacheAccess(e)),this.storage.getAllAccounts()}finally{this.persistence&&e&&await this.persistence.afterCacheAccess(e)}}async getAccountByHomeId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.homeAccountId===e)[0]||null}async getAccountByLocalId(e){const t=await this.getAllAccounts();return!i.StringUtils.isEmpty(e)&&t&&t.length&&t.filter(t=>t.localAccountId===e)[0]||null}async removeAccount(e){let t;this.logger.trace("removeAccount called");try{this.persistence&&(t=new i.TokenCacheContext(this,!0),await this.persistence.beforeCacheAccess(t)),await this.storage.removeAccount(i.AccountEntity.generateAccountCacheKey(e))}finally{this.persistence&&t&&await this.persistence.afterCacheAccess(t)}}handleChangeEvent(){this.cacheHasChanged=!0}mergeState(e,t){this.logger.trace("Merging in-memory cache with cache snapshot");const i=this.mergeRemovals(e,t);return this.mergeUpdates(i,t)}mergeUpdates(e,t){return Object.keys(t).forEach(i=>{const r=t[i];if(e.hasOwnProperty(i)){const t=null!==r,n="object"==typeof r,a=!Array.isArray(r),s=null!=e[i];t&&n&&a&&s?this.mergeUpdates(e[i],r):e[i]=r}else null!==r&&(e[i]=r)}),e}mergeRemovals(e,t){this.logger.trace("Remove updated entries in cache");const i=e.Account?this.mergeRemovalsDict(e.Account,t.Account):e.Account,r=e.AccessToken?this.mergeRemovalsDict(e.AccessToken,t.AccessToken):e.AccessToken,n=e.RefreshToken?this.mergeRemovalsDict(e.RefreshToken,t.RefreshToken):e.RefreshToken,a=e.IdToken?this.mergeRemovalsDict(e.IdToken,t.IdToken):e.IdToken,s=e.AppMetadata?this.mergeRemovalsDict(e.AppMetadata,t.AppMetadata):e.AppMetadata;return{...e,Account:i,AccessToken:r,RefreshToken:n,IdToken:a,AppMetadata:s}}mergeRemovalsDict(e,t){const i={...e};return Object.keys(e).forEach(e=>{t&&t.hasOwnProperty(e)||delete i[e]}),i}overlayDefaults(e){return this.logger.trace("Overlaying input cache with the default cache"),{Account:{...E,...e.Account},IdToken:{...v,...e.IdToken},AccessToken:{...w,...e.AccessToken},RefreshToken:{...M,...e.RefreshToken},AppMetadata:{...S,...e.AppMetadata}}}}class O{constructor(e){this.config=y(e),this.cryptoProvider=new A,this.logger=new i.Logger(this.config.system.loggerOptions,"@azure/msal-node","1.9.0"),this.storage=new b(this.logger,this.config.auth.clientId,this.cryptoProvider),this.tokenCache=new R(this.storage,this.logger,this.config.cache.cachePlugin)}async getAuthCodeUrl(e){this.logger.info("getAuthCodeUrl called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e),responseMode:e.responseMode||i.ResponseMode.QUERY,authenticationScheme:i.AuthenticationScheme.BEARER},r=await this.buildOauthClientConfiguration(t.authority,t.correlationId,void 0,void 0,e.azureCloudOptions),n=new i.AuthorizationCodeClient(r);return this.logger.verbose("Auth code client created",t.correlationId),n.getAuthCodeUrl(t)}async acquireTokenByCode(e,t){this.logger.info("acquireTokenByCode called",e.correlationId);const r={...e,...await this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},n=this.initializeServerTelemetryManager(l.acquireTokenByCode,r.correlationId);try{const a=await this.buildOauthClientConfiguration(r.authority,r.correlationId,n,void 0,e.azureCloudOptions),s=new i.AuthorizationCodeClient(a);return this.logger.verbose("Auth code client created",r.correlationId),s.acquireToken(r,t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(r.correlationId),n.cacheFailedRequest(e),e}}async acquireTokenByRefreshToken(e){this.logger.info("acquireTokenByRefreshToken called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e),authenticationScheme:i.AuthenticationScheme.BEARER},r=this.initializeServerTelemetryManager(l.acquireTokenByRefreshToken,t.correlationId);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.RefreshTokenClient(n);return this.logger.verbose("Refresh token client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}async acquireTokenSilent(e){const t={...e,...await this.initializeBaseRequest(e),forceRefresh:e.forceRefresh||!1},r=this.initializeServerTelemetryManager(l.acquireTokenSilent,t.correlationId,t.forceRefresh);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.SilentFlowClient(n);return this.logger.verbose("Silent flow client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}async acquireTokenByUsernamePassword(e){this.logger.info("acquireTokenByUsernamePassword called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e)},r=this.initializeServerTelemetryManager(l.acquireTokenByUsernamePassword,t.correlationId);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.UsernamePasswordClient(n);return this.logger.verbose("Username password client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}getTokenCache(){return this.logger.info("getTokenCache called"),this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}async buildOauthClientConfiguration(e,t,r,n,a){this.logger.verbose("buildOauthClientConfiguration called",t);const s=a||this.config.auth.azureCloudOptions;this.logger.verbose("building oauth client configuration with the authority: "+e,t);const o=await this.createAuthority(e,n,t,s);return null==r||r.updateRegionDiscoveryMetadata(o.regionDiscoveryMetadata),{authOptions:{clientId:this.config.auth.clientId,authority:o,clientCapabilities:this.config.auth.clientCapabilities},systemOptions:{proxyUrl:this.config.system.proxyUrl},loggerOptions:{logLevel:this.config.system.loggerOptions.logLevel,loggerCallback:this.config.system.loggerOptions.loggerCallback,piiLoggingEnabled:this.config.system.loggerOptions.piiLoggingEnabled,correlationId:t},cryptoInterface:this.cryptoProvider,networkInterface:this.config.system.networkClient,storageInterface:this.storage,serverTelemetryManager:r,clientCredentials:{clientSecret:this.clientSecret,clientAssertion:this.clientAssertion?this.getClientAssertion(o):void 0},libraryInfo:{sku:"msal.js.node",version:"1.9.0",cpu:process.arch||i.Constants.EMPTY_STRING,os:process.platform||i.Constants.EMPTY_STRING},telemetry:this.config.telemetry,persistencePlugin:this.config.cache.cachePlugin,serializableCache:this.tokenCache}}getClientAssertion(e){return{assertion:this.clientAssertion.getJwt(this.cryptoProvider,this.config.auth.clientId,e.tokenEndpoint),assertionType:"urn:ietf:params:oauth:client-assertion-type:jwt-bearer"}}async initializeBaseRequest(e){return this.logger.verbose("initializeRequestScopes called",e.correlationId),e.authenticationScheme&&e.authenticationScheme===i.AuthenticationScheme.POP&&this.logger.verbose("Authentication Scheme 'pop' is not supported yet, setting Authentication Scheme to 'Bearer' for request",e.correlationId),e.authenticationScheme=i.AuthenticationScheme.BEARER,e.claims&&!i.StringUtils.isEmpty(e.claims)&&(e.requestedClaimsHash=await this.cryptoProvider.hashString(e.claims)),{...e,scopes:[...e&&e.scopes||[],...i.OIDC_DEFAULT_SCOPES],correlationId:e&&e.correlationId||this.cryptoProvider.createNewGuid(),authority:e.authority||this.config.auth.authority}}initializeServerTelemetryManager(e,t,r){return new i.ServerTelemetryManager({clientId:this.config.auth.clientId,correlationId:t,apiId:e,forceRefresh:r||!1},this.storage)}async createAuthority(e,t,r,n){this.logger.verbose("createAuthority called",r);const a=i.Authority.generateAuthority(e,n),s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,azureRegionConfiguration:t};return await i.AuthorityFactory.createDiscoveredInstance(a,this.config.system.networkClient,this.storage,s)}clearCache(){this.storage.clear()}}class _{static fromAssertion(e){const t=new _;return t.jwt=e,t}static fromCertificate(e,t,i){const r=new _;return r.privateKey=t,r.thumbprint=e,i&&(r.publicCertificate=this.parseCertificate(i)),r}getJwt(e,t,r){if(this.privateKey&&this.thumbprint)return this.jwt&&!this.isExpired()&&t===this.issuer&&r===this.jwtAudience?this.jwt:this.createJwt(e,t,r);if(this.jwt)return this.jwt;throw i.ClientAuthError.createInvalidAssertionError()}createJwt(e,t,r){this.issuer=t,this.jwtAudience=r;const n=i.TimeUtils.nowSeconds();this.expirationTime=n+600;const a={alg:"RS256",x5t:f.base64EncodeUrl(this.thumbprint,"hex")};this.publicCertificate&&Object.assign(a,{x5c:this.publicCertificate});const s={aud:this.jwtAudience,exp:this.expirationTime,iss:this.issuer,sub:this.issuer,nbf:n,jti:e.createNewGuid()};return this.jwt=o.sign(s,this.privateKey,{header:a}),this.jwt}isExpired(){return this.expirationTime<i.TimeUtils.nowSeconds()}static parseCertificate(e){const t=/-----BEGIN CERTIFICATE-----\n(.+?)\n-----END CERTIFICATE-----/gs,r=[];let n;for(;null!==(n=t.exec(e));)r.push(n[1].replace(/\n/,i.Constants.EMPTY_STRING));return r}}Object.defineProperty(exports,"AuthError",{enumerable:!0,get:function(){return i.AuthError}}),Object.defineProperty(exports,"AuthErrorMessage",{enumerable:!0,get:function(){return i.AuthErrorMessage}}),Object.defineProperty(exports,"AzureCloudInstance",{enumerable:!0,get:function(){return i.AzureCloudInstance}}),Object.defineProperty(exports,"ClientAuthError",{enumerable:!0,get:function(){return i.ClientAuthError}}),Object.defineProperty(exports,"ClientAuthErrorMessage",{enumerable:!0,get:function(){return i.ClientAuthErrorMessage}}),Object.defineProperty(exports,"ClientConfigurationError",{enumerable:!0,get:function(){return i.ClientConfigurationError}}),Object.defineProperty(exports,"ClientConfigurationErrorMessage",{enumerable:!0,get:function(){return i.ClientConfigurationErrorMessage}}),Object.defineProperty(exports,"InteractionRequiredAuthError",{enumerable:!0,get:function(){return i.InteractionRequiredAuthError}}),Object.defineProperty(exports,"InteractionRequiredAuthErrorMessage",{enumerable:!0,get:function(){return i.InteractionRequiredAuthErrorMessage}}),Object.defineProperty(exports,"LogLevel",{enumerable:!0,get:function(){return i.LogLevel}}),Object.defineProperty(exports,"Logger",{enumerable:!0,get:function(){return i.Logger}}),Object.defineProperty(exports,"PromptValue",{enumerable:!0,get:function(){return i.PromptValue}}),Object.defineProperty(exports,"ProtocolMode",{enumerable:!0,get:function(){return i.ProtocolMode}}),Object.defineProperty(exports,"ResponseMode",{enumerable:!0,get:function(){return i.ResponseMode}}),Object.defineProperty(exports,"ServerError",{enumerable:!0,get:function(){return i.ServerError}}),Object.defineProperty(exports,"TokenCacheContext",{enumerable:!0,get:function(){return i.TokenCacheContext}}),exports.ClientApplication=O,exports.ClientAssertion=_,exports.ConfidentialClientApplication=class extends O{constructor(e){super(e),this.setClientCredential(this.config)}async acquireTokenByClientCredential(e){this.logger.info("acquireTokenByClientCredential called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e)},r={azureRegion:t.azureRegion,environmentRegion:process.env.REGION_NAME},n=this.initializeServerTelemetryManager(l.acquireTokenByClientCredential,t.correlationId,t.skipCache);try{const a=await this.buildOauthClientConfiguration(t.authority,t.correlationId,n,r,e.azureCloudOptions),s=new i.ClientCredentialClient(a);return this.logger.verbose("Client credential client created",t.correlationId),s.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),n.cacheFailedRequest(e),e}}async acquireTokenOnBehalfOf(e){this.logger.info("acquireTokenOnBehalfOf called",e.correlationId);const t={...e,...await this.initializeBaseRequest(e)};try{const r=await this.buildOauthClientConfiguration(t.authority,t.correlationId,void 0,void 0,e.azureCloudOptions),n=new i.OnBehalfOfClient(r);return this.logger.verbose("On behalf of client created",t.correlationId),n.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),e}}setClientCredential(e){const t=!i.StringUtils.isEmpty(e.auth.clientSecret),r=!i.StringUtils.isEmpty(e.auth.clientAssertion),n=e.auth.clientCertificate||{thumbprint:i.Constants.EMPTY_STRING,privateKey:i.Constants.EMPTY_STRING},a=!i.StringUtils.isEmpty(n.thumbprint)||!i.StringUtils.isEmpty(n.privateKey);if(t&&r||r&&a||t&&a)throw i.ClientAuthError.createInvalidCredentialError();if(e.auth.clientSecret)this.clientSecret=e.auth.clientSecret;else if(e.auth.clientAssertion)this.clientAssertion=_.fromAssertion(e.auth.clientAssertion);else{if(!a)throw i.ClientAuthError.createInvalidCredentialError();var s;this.clientAssertion=_.fromCertificate(n.thumbprint,n.privateKey,null==(s=e.auth.clientCertificate)?void 0:s.x5c)}}},exports.CryptoProvider=A,exports.DistributedCachePlugin=class{constructor(e,t){this.client=e,this.partitionManager=t}async beforeCacheAccess(e){const t=await this.partitionManager.getKey(),i=await this.client.get(t);e.tokenCache.deserialize(i)}async afterCacheAccess(e){if(e.cacheHasChanged){const t=e.tokenCache.getKVStore(),r=Object.values(t).filter(e=>i.AccountEntity.isAccountEntity(e));if(r.length>0){const t=r[0],i=await this.partitionManager.extractKey(t);await this.client.set(i,e.tokenCache.serialize())}}}},exports.NodeStorage=b,exports.PublicClientApplication=class extends O{constructor(e){super(e)}async acquireTokenByDeviceCode(e){this.logger.info("acquireTokenByDeviceCode called",e.correlationId);const t=Object.assign(e,await this.initializeBaseRequest(e)),r=this.initializeServerTelemetryManager(l.acquireTokenByDeviceCode,t.correlationId);try{const n=await this.buildOauthClientConfiguration(t.authority,t.correlationId,r,void 0,e.azureCloudOptions),a=new i.DeviceCodeClient(n);return this.logger.verbose("Device code client created",t.correlationId),a.acquireToken(t)}catch(e){throw e instanceof i.AuthError&&e.setCorrelationId(t.correlationId),r.cacheFailedRequest(e),e}}},exports.TokenCache=R,exports.buildAppConfiguration=y,exports.version="1.9.0";
//# sourceMappingURL=msal-node.cjs.production.min.js.map

2

dist/packageMetadata.d.ts
export declare const name = "@azure/msal-node";
export declare const version = "1.8.0";
export declare const version = "1.9.0";
//# sourceMappingURL=packageMetadata.d.ts.map

6

package.json
{
"name": "@azure/msal-node",
"version": "1.8.0",
"version": "1.9.0",
"author": {

@@ -61,3 +61,3 @@ "name": "Microsoft",

"dependencies": {
"@azure/msal-common": "^6.2.0",
"@azure/msal-common": "^6.3.0",
"axios": "^0.21.4",

@@ -69,4 +69,4 @@ "https-proxy-agent": "^5.0.0",

"engines": {
"node": "10 || 12 || 14 || 16"
"node": "10 || 12 || 14 || 16 || 18"
}
}

2

README.md

@@ -87,3 +87,3 @@ # Microsoft Authentication Library for Node (msal-node)

|-------------------|-------------------------|-------------------------|
| 1.x.x | Active development | 10, 12, 14, 16 |
| 1.x.x | Active development | 10, 12, 14, 16, 18 |

@@ -90,0 +90,0 @@ 

dist/msal-node.cjs.development.js

Sorry, the diff of this file is too big to display

dist/msal-node.cjs.development.js.map

Sorry, the diff of this file is not supported yet

dist/msal-node.cjs.production.min.js.map

Sorry, the diff of this file is not supported yet

dist/msal-node.esm.js

Sorry, the diff of this file is too big to display

dist/msal-node.esm.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc