@azure/msal-node - npm Package Compare versions

Comparing version 2.6.4 to 2.6.5-alpha.0

dist/client/ClientCredentialClient.d.ts

@@ -1,2 +0,3 @@
-import { AuthenticationResult, BaseClient, ClientConfiguration, CommonClientCredentialRequest, IAppTokenProvider } from "@azure/msal-common";
+import { AuthenticationResult, Authority, BaseClient, CacheManager, CacheOutcome, ClientConfiguration, CommonClientCredentialRequest, IAppTokenProvider, ICrypto, ServerTelemetryManager } from "@azure/msal-common";
+import { ManagedIdentityConfiguration } from "../config/Configuration";
 /**
@@ -6,3 +7,2 @@ * OAuth2.0 client credential grant
 export declare class ClientCredentialClient extends BaseClient {
-    private scopeSet;
     private readonly appTokenProvider?;
@@ -18,3 +18,3 @@ constructor(configuration: ClientConfiguration, appTokenProvider?: IAppTokenProvider);
      */
-    private getCachedAuthenticationResult;
+    getCachedAuthenticationResult(request: CommonClientCredentialRequest, config: ClientConfiguration | ManagedIdentityConfiguration, cryptoUtils: ICrypto, authority: Authority, cacheManager: CacheManager, serverTelemetryManager?: ServerTelemetryManager | null): Promise<[AuthenticationResult | null, CacheOutcome]>;
     /**
@@ -21,0 +21,0 @@ * Reads access token from the cache

dist/config/Configuration.d.ts

@@ -6,2 +6,3 @@ /// <reference types="node" />
 import https from "https";
+import { ManagedIdentityId } from "./ManagedIdentityId.js";
 /**
@@ -68,2 +69,3 @@ * - clientId               - Client id of the application.
     customAgentOptions?: http.AgentOptions | https.AgentOptions;
+    disableInternalRetries?: boolean;
 };
@@ -90,2 +92,11 @@ export type NodeTelemetryOptions = {
 };
+export type ManagedIdentityIdParams = {
+    userAssignedClientId?: string;
+    userAssignedResourceId?: string;
+    userAssignedObjectId?: string;
+};
+export type ManagedIdentityConfiguration = {
+    managedIdentityIdParams?: ManagedIdentityIdParams;
+    system?: NodeSystemOptions;
+};
 /** @internal */
@@ -111,2 +122,7 @@ export type NodeConfiguration = {
 export declare function buildAppConfiguration({ auth, broker, cache, system, telemetry, }: Configuration): NodeConfiguration;
+export type ManagedIdentityNodeConfiguration = {
+    managedIdentityId: ManagedIdentityId;
+    system: Required<Pick<NodeSystemOptions, "loggerOptions" | "networkClient">>;
+};
+export declare function buildManagedIdentityConfiguration({ managedIdentityIdParams, system, }: ManagedIdentityConfiguration): ManagedIdentityNodeConfiguration;
 //# sourceMappingURL=Configuration.d.ts.map

dist/index.d.ts

@@ -23,4 +23,5 @@ /**
 export { OnBehalfOfClient } from "./client/OnBehalfOfClient.js";
+export { ManagedIdentityApplication } from "./client/ManagedIdentityApplication.js";
 export { UsernamePasswordClient } from "./client/UsernamePasswordClient.js";
-export { Configuration, buildAppConfiguration, NodeAuthOptions, NodeSystemOptions, BrokerOptions, NodeTelemetryOptions, CacheOptions, } from "./config/Configuration.js";
+export { Configuration, ManagedIdentityConfiguration, ManagedIdentityIdParams, buildAppConfiguration, NodeAuthOptions, NodeSystemOptions, BrokerOptions, NodeTelemetryOptions, CacheOptions, } from "./config/Configuration.js";
 export { ClientAssertion } from "./client/ClientAssertion.js";
@@ -42,4 +43,5 @@ export { TokenCache } from "./cache/TokenCache.js";
 export type { SignOutRequest } from "./request/SignOutRequest.js";
+export type { ManagedIdentityRequestParams } from "./request/ManagedIdentityRequestParams.js";
 export { PromptValue, ResponseMode, AuthorizationCodePayload, AuthenticationResult, ServerAuthorizationCodeResponse, IdTokenClaims, AccountInfo, ValidCacheType, AuthError, AuthErrorMessage, AuthErrorCodes, ClientAuthError, ClientAuthErrorCodes, ClientAuthErrorMessage, ClientConfigurationError, ClientConfigurationErrorCodes, ClientConfigurationErrorMessage, InteractionRequiredAuthError, InteractionRequiredAuthErrorCodes, InteractionRequiredAuthErrorMessage, ServerError, INetworkModule, NetworkRequestOptions, NetworkResponse, Logger, LogLevel, ProtocolMode, ICachePlugin, TokenCacheContext, ISerializableTokenCache, AzureCloudInstance, AzureCloudOptions, IAppTokenProvider, AppTokenProviderParameters, AppTokenProviderResult, INativeBrokerPlugin, } from "@azure/msal-common";
 export { version } from "./packageMetadata.js";
 //# sourceMappingURL=index.d.ts.map

dist/network/HttpClient.d.ts

@@ -12,3 +12,4 @@ /// <reference types="node" />
     private customAgentOptions;
-    constructor(proxyUrl?: string, customAgentOptions?: http.AgentOptions | https.AgentOptions);
+    private managedIdentity;
+    constructor(proxyUrl?: string, customAgentOptions?: http.AgentOptions | https.AgentOptions, managedIdentity?: boolean);
     /**
@@ -15,0 +16,0 @@ * Http Get request

dist/packageMetadata.d.ts

 export declare const name = "@azure/msal-node";
-export declare const version = "2.6.4";
+export declare const version = "2.6.5-alpha.0";
 //# sourceMappingURL=packageMetadata.d.ts.map

dist/utils/Constants.d.ts

@@ -0,2 +1,44 @@
+export declare const AUTHORIZATION_HEADER_NAME: string;
+export declare const METADATA_HEADER_NAME: string;
+export declare const APP_SERVICE_SECRET_HEADER_NAME: string;
+export declare const SERVICE_FABRIC_SECRET_HEADER_NAME: string;
+export declare const API_VERSION_QUERY_PARAMETER_NAME: string;
+export declare const RESOURCE_BODY_OR_QUERY_PARAMETER_NAME: string;
+export declare const DEFAULT_MANAGED_IDENTITY_ID = "system_assigned_managed_identity";
+export declare const MANAGED_IDENTITY_DEFAULT_TENANT = "managed_identity";
+export declare const DEFAULT_AUTHORITY_FOR_MANAGED_IDENTITY: string;
 /**
+ * Managed Identity Environment Variable Names
+ */
+export declare const ManagedIdentityEnvironmentVariableNames: {
+    readonly AZURE_POD_IDENTITY_AUTHORITY_HOST: "AZURE_POD_IDENTITY_AUTHORITY_HOST";
+    readonly IDENTITY_ENDPOINT: "IDENTITY_ENDPOINT";
+    readonly IDENTITY_HEADER: "IDENTITY_HEADER";
+    readonly IDENTITY_SERVER_THUMBPRINT: "IDENTITY_SERVER_THUMBPRINT";
+    readonly IMDS_ENDPOINT: "IMDS_ENDPOINT";
+    readonly MSI_ENDPOINT: "MSI_ENDPOINT";
+};
+export type ManagedIdentityEnvironmentVariableNames = (typeof ManagedIdentityEnvironmentVariableNames)[keyof typeof ManagedIdentityEnvironmentVariableNames];
+/**
+ * Managed Identity Source Names
+ */
+export declare const ManagedIdentitySourceNames: {
+    readonly APP_SERVICE: "App Service";
+    readonly AZURE_ARC: "Azure Arc";
+    readonly CLOUD_SHELL: "Cloud Shell";
+    readonly IMDS: "IMDS";
+    readonly SERVICE_FABRIC: "Service Fabric";
+};
+export type ManagedIdentitySourceNames = (typeof ManagedIdentitySourceNames)[keyof typeof ManagedIdentitySourceNames];
+/**
+ * Managed Identity Ids
+ */
+export declare const ManagedIdentityIdType: {
+    readonly SYSTEM_ASSIGNED: "system-assigned";
+    readonly USER_ASSIGNED_CLIENT_ID: "user-assigned-client-id";
+    readonly USER_ASSIGNED_RESOURCE_ID: "user-assigned-resource-id";
+    readonly USER_ASSIGNED_OBJECT_ID: "user-assigned-object-id";
+};
+export type ManagedIdentityIdType = (typeof ManagedIdentityIdType)[keyof typeof ManagedIdentityIdType];
+/**
  * http methods
@@ -87,2 +129,5 @@ */
 };
+export declare const MANAGED_IDENTITY_MAX_RETRIES = 1;
+export declare const MANAGED_IDENTITY_RETRY_DELAY = 1000;
+export declare const MANAGED_IDENTITY_HTTP_STATUS_CODES_TO_RETRY_ON: (500 | 404 | 408 | 429 | 503 | 504)[];
 //# sourceMappingURL=Constants.d.ts.map

package.json

 {
   "$schema": "https://json.schemastore.org/package.json",
   "name": "@azure/msal-node",
-  "version": "2.6.4",
+  "version": "2.6.5-alpha.0",
   "author": {
@@ -80,3 +80,3 @@ "name": "Microsoft",
   "dependencies": {
-    "@azure/msal-common": "14.7.1",
+    "@azure/msal-common": "14.7.2-alpha.0",
     "jsonwebtoken": "^9.0.0",
@@ -83,0 +83,0 @@ "uuid": "^8.3.0"

src/client/ClientCredentialClient.ts

@@ -12,2 +12,3 @@ /*
     BaseClient,
+    CacheManager,
     CacheOutcome,
@@ -20,4 +21,6 @@ ClientAuthErrorCodes,
     CredentialType,
+    DEFAULT_TOKEN_RENEWAL_OFFSET_SEC,
     GrantType,
     IAppTokenProvider,
+    ICrypto,
     RequestParameterBuilder,
@@ -28,2 +31,3 @@ RequestThumbprint,
     ServerAuthorizationTokenResponse,
+    ServerTelemetryManager,
     StringUtils,
@@ -35,2 +39,6 @@ TimeUtils,
 } from "@azure/msal-common";
+import {
+    ManagedIdentityConfiguration,
+    ManagedIdentityNodeConfiguration,
+} from "../config/Configuration";
 
@@ -41,3 +49,2 @@ /**
 export class ClientCredentialClient extends BaseClient {
-    private scopeSet: ScopeSet;
     private readonly appTokenProvider?: IAppTokenProvider;
@@ -60,4 +67,2 @@
     ): Promise<AuthenticationResult | null> {
-        this.scopeSet = new ScopeSet(request.scopes || []);
-
         if (request.skipCache) {
@@ -68,3 +73,10 @@ return this.executeTokenRequest(request, this.authority);
         const [cachedAuthenticationResult, lastCacheOutcome] =
-            await this.getCachedAuthenticationResult(request);
+            await this.getCachedAuthenticationResult(
+                request,
+                this.config,
+                this.cryptoUtils,
+                this.authority,
+                this.cacheManager,
+                this.serverTelemetryManager
+            );
 
@@ -97,5 +109,14 @@ if (cachedAuthenticationResult) {
      */
-    private async getCachedAuthenticationResult(
-        request: CommonClientCredentialRequest
+    public async getCachedAuthenticationResult(
+        request: CommonClientCredentialRequest,
+        config: ClientConfiguration | ManagedIdentityConfiguration,
+        cryptoUtils: ICrypto,
+        authority: Authority,
+        cacheManager: CacheManager,
+        serverTelemetryManager?: ServerTelemetryManager | null
     ): Promise<[AuthenticationResult | null, CacheOutcome]> {
+        const clientConfiguration = config as ClientConfiguration;
+        const managedIdentityConfiguration =
+            config as ManagedIdentityNodeConfiguration;
+
         let lastCacheOutcome: CacheOutcome = CacheOutcome.NOT_APPLICABLE;
@@ -105,18 +126,31 @@
         let cacheContext;
-        if (this.config.serializableCache && this.config.persistencePlugin) {
+        if (
+            clientConfiguration.serializableCache &&
+            clientConfiguration.persistencePlugin
+        ) {
             cacheContext = new TokenCacheContext(
-                this.config.serializableCache,
+                clientConfiguration.serializableCache,
                 false
             );
-            await this.config.persistencePlugin.beforeCacheAccess(cacheContext);
+            await clientConfiguration.persistencePlugin.beforeCacheAccess(
+                cacheContext
+            );
         }
 
-        const cachedAccessToken = this.readAccessTokenFromCache();
+        const cachedAccessToken = this.readAccessTokenFromCache(
+            authority,
+            managedIdentityConfiguration.managedIdentityId?.id ||
+                clientConfiguration.authOptions.clientId,
+            new ScopeSet(request.scopes || []),
+            cacheManager
+        );
 
         if (
-            this.config.serializableCache &&
-            this.config.persistencePlugin &&
+            clientConfiguration.serializableCache &&
+            clientConfiguration.persistencePlugin &&
             cacheContext
         ) {
-            await this.config.persistencePlugin.afterCacheAccess(cacheContext);
+            await clientConfiguration.persistencePlugin.afterCacheAccess(
+                cacheContext
+            );
         }
@@ -126,3 +160,3 @@
         if (!cachedAccessToken) {
-            this.serverTelemetryManager?.setCacheOutcome(
+            serverTelemetryManager?.setCacheOutcome(
                 CacheOutcome.NO_CACHED_ACCESS_TOKEN
@@ -137,6 +171,7 @@ );
                 cachedAccessToken.expiresOn,
-                this.config.systemOptions.tokenRenewalOffsetSeconds
+                clientConfiguration.systemOptions?.tokenRenewalOffsetSeconds ||
+                    DEFAULT_TOKEN_RENEWAL_OFFSET_SEC
             )
         ) {
-            this.serverTelemetryManager?.setCacheOutcome(
+            serverTelemetryManager?.setCacheOutcome(
                 CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED
@@ -153,3 +188,3 @@ );
             lastCacheOutcome = CacheOutcome.PROACTIVELY_REFRESHED;
-            this.serverTelemetryManager?.setCacheOutcome(
+            serverTelemetryManager?.setCacheOutcome(
                 CacheOutcome.PROACTIVELY_REFRESHED
@@ -161,4 +196,4 @@ );
             await ResponseHandler.generateAuthenticationResult(
-                this.cryptoUtils,
-                this.authority,
+                cryptoUtils,
+                authority,
                 {
@@ -181,15 +216,20 @@ account: null,
      */
-    private readAccessTokenFromCache(): AccessTokenEntity | null {
+    private readAccessTokenFromCache(
+        authority: Authority,
+        id: string,
+        scopeSet: ScopeSet,
+        cacheManager: CacheManager
+    ): AccessTokenEntity | null {
         const accessTokenFilter: CredentialFilter = {
             homeAccountId: Constants.EMPTY_STRING,
             environment:
-                this.authority.canonicalAuthorityUrlComponents.HostNameAndPort,
+                authority.canonicalAuthorityUrlComponents.HostNameAndPort,
             credentialType: CredentialType.ACCESS_TOKEN,
-            clientId: this.config.authOptions.clientId,
-            realm: this.authority.tenant,
-            target: ScopeSet.createSearchScopes(this.scopeSet.asArray()),
+            clientId: id,
+            realm: authority.tenant,
+            target: ScopeSet.createSearchScopes(scopeSet.asArray()),
         };
 
         const accessTokens =
-            this.cacheManager.getAccessTokensByFilter(accessTokenFilter);
+            cacheManager.getAccessTokensByFilter(accessTokenFilter);
         if (accessTokens.length < 1) {
@@ -196,0 +236,0 @@ return null;

src/config/Configuration.ts

@@ -21,2 +21,10 @@ /*
 import https from "https";
+import { ManagedIdentityId } from "./ManagedIdentityId.js";
+import {
+    MANAGED_IDENTITY_HTTP_STATUS_CODES_TO_RETRY_ON,
+    MANAGED_IDENTITY_MAX_RETRIES,
+    MANAGED_IDENTITY_RETRY_DELAY,
+} from "../utils/Constants.js";
+import { LinearRetryPolicy } from "../retry/LinearRetryPolicy.js";
+import { HttpClientWithRetries } from "../network/HttpClientWithRetries.js";
 
@@ -87,2 +95,3 @@ /**
     customAgentOptions?: http.AgentOptions | https.AgentOptions;
+    disableInternalRetries?: boolean;
 };
@@ -112,2 +121,13 @@
 
+export type ManagedIdentityIdParams = {
+    userAssignedClientId?: string;
+    userAssignedResourceId?: string;
+    userAssignedObjectId?: string;
+};
+
+export type ManagedIdentityConfiguration = {
+    managedIdentityIdParams?: ManagedIdentityIdParams;
+    system?: NodeSystemOptions;
+};
+
 const DEFAULT_AUTH_OPTIONS: Required<NodeAuthOptions> = {
@@ -152,2 +172,3 @@ clientId: Constants.EMPTY_STRING,
     customAgentOptions: {} as http.AgentOptions | https.AgentOptions,
+    disableInternalRetries: false,
 };
@@ -193,5 +214,9 @@
             system?.proxyUrl,
-            system?.customAgentOptions as http.AgentOptions | https.AgentOptions
+            system?.customAgentOptions as
+                | http.AgentOptions
+                | https.AgentOptions,
+            false // Managed Identity
         ),
         loggerOptions: system?.loggerOptions || DEFAULT_LOGGER_OPTIONS,
+        disableInternalRetries: system?.disableInternalRetries || false,
     };
@@ -207,1 +232,56 @@
 }
+
+export type ManagedIdentityNodeConfiguration = {
+    managedIdentityId: ManagedIdentityId;
+    system: Required<
+        Pick<NodeSystemOptions, "loggerOptions" | "networkClient">
+    >;
+};
+
+export function buildManagedIdentityConfiguration({
+    managedIdentityIdParams,
+    system,
+}: ManagedIdentityConfiguration): ManagedIdentityNodeConfiguration {
+    const managedIdentityId: ManagedIdentityId = new ManagedIdentityId(
+        managedIdentityIdParams
+    );
+
+    const loggerOptions: LoggerOptions =
+        system?.loggerOptions || DEFAULT_LOGGER_OPTIONS;
+
+    let networkClient: INetworkModule;
+    // use developer provided network client if passed in
+    if (system?.networkClient) {
+        networkClient = system.networkClient;
+        // otherwise, create a new one
+    } else {
+        networkClient = new HttpClient(
+            system?.proxyUrl,
+            system?.customAgentOptions as
+                | http.AgentOptions
+                | https.AgentOptions,
+            true // Managed Identity
+        );
+    }
+
+    // wrap the network client with a retry policy if the developer has not disabled the option to do so
+    if (!system?.disableInternalRetries) {
+        const linearRetryPolicy: LinearRetryPolicy = new LinearRetryPolicy(
+            MANAGED_IDENTITY_MAX_RETRIES,
+            MANAGED_IDENTITY_RETRY_DELAY,
+            MANAGED_IDENTITY_HTTP_STATUS_CODES_TO_RETRY_ON
+        );
+        networkClient = new HttpClientWithRetries(
+            networkClient,
+            linearRetryPolicy
+        );
+    }
+
+    return {
+        managedIdentityId: managedIdentityId,
+        system: {
+            loggerOptions,
+            networkClient,
+        },
+    };
+}

src/index.ts

@@ -34,2 +34,3 @@ /*
 export { OnBehalfOfClient } from "./client/OnBehalfOfClient.js";
+export { ManagedIdentityApplication } from "./client/ManagedIdentityApplication.js";
 export { UsernamePasswordClient } from "./client/UsernamePasswordClient.js";
@@ -39,2 +40,4 @@
     Configuration,
+    ManagedIdentityConfiguration,
+    ManagedIdentityIdParams,
     buildAppConfiguration,
@@ -78,2 +81,3 @@ NodeAuthOptions,
 export type { SignOutRequest } from "./request/SignOutRequest.js";
+export type { ManagedIdentityRequestParams } from "./request/ManagedIdentityRequestParams.js";
 
@@ -80,0 +84,0 @@ // Common Object Formats

src/network/HttpClient.ts

@@ -23,9 +23,12 @@ /*
     private customAgentOptions: http.AgentOptions | https.AgentOptions;
+    private managedIdentity: boolean;
 
     constructor(
         proxyUrl?: string,
-        customAgentOptions?: http.AgentOptions | https.AgentOptions
+        customAgentOptions?: http.AgentOptions | https.AgentOptions,
+        managedIdentity?: boolean
     ) {
         this.proxyUrl = proxyUrl || "";
         this.customAgentOptions = customAgentOptions || {};
+        this.managedIdentity = managedIdentity || false;
     }
@@ -55,3 +58,5 @@
                 options,
-                this.customAgentOptions as https.AgentOptions
+                this.customAgentOptions as https.AgentOptions,
+                undefined,
+                this.managedIdentity
             );
@@ -86,3 +91,4 @@ }
                 this.customAgentOptions as https.AgentOptions,
-                cancellationToken
+                cancellationToken,
+                this.managedIdentity
             );
@@ -283,3 +289,4 @@ }
     agentOptions?: https.AgentOptions,
-    timeout?: number
+    timeout?: number,
+    managedIdentity?: boolean
 ): Promise<NetworkResponse<T>> => {
@@ -314,3 +321,8 @@ const isPostRequest = httpMethod === HttpMethod.POST;
     return new Promise<NetworkResponse<T>>((resolve, reject) => {
-        const request = https.request(customOptions);
+        let request: http.ClientRequest;
+        if (managedIdentity) {
+            request = http.request(customOptions);
+        } else {
+            request = https.request(customOptions);
+        }
 
@@ -317,0 +329,0 @@ if (timeout) {

src/packageMetadata.ts

 /* eslint-disable header/header */
 export const name = "@azure/msal-node";
-export const version = "2.6.4";
+export const version = "2.6.5-alpha.0";

src/utils/Constants.ts

@@ -6,3 +6,55 @@ /*
 
+import { HttpStatus } from "@azure/msal-common";
+
+// MSI Constants. Docs for MSI are available here https://docs.microsoft.com/azure/app-service/overview-managed-identity
+export const AUTHORIZATION_HEADER_NAME: string = "Authorization";
+export const METADATA_HEADER_NAME: string = "Metadata";
+export const APP_SERVICE_SECRET_HEADER_NAME: string = "X-IDENTITY-HEADER";
+export const SERVICE_FABRIC_SECRET_HEADER_NAME: string = "secret";
+export const API_VERSION_QUERY_PARAMETER_NAME: string = "api-version";
+export const RESOURCE_BODY_OR_QUERY_PARAMETER_NAME: string = "resource";
+export const DEFAULT_MANAGED_IDENTITY_ID = "system_assigned_managed_identity";
+export const MANAGED_IDENTITY_DEFAULT_TENANT = "managed_identity";
+export const DEFAULT_AUTHORITY_FOR_MANAGED_IDENTITY = `https://login.microsoftonline.com/${MANAGED_IDENTITY_DEFAULT_TENANT}/`;
+
 /**
+ * Managed Identity Environment Variable Names
+ */
+export const ManagedIdentityEnvironmentVariableNames = {
+    AZURE_POD_IDENTITY_AUTHORITY_HOST: "AZURE_POD_IDENTITY_AUTHORITY_HOST",
+    IDENTITY_ENDPOINT: "IDENTITY_ENDPOINT",
+    IDENTITY_HEADER: "IDENTITY_HEADER",
+    IDENTITY_SERVER_THUMBPRINT: "IDENTITY_SERVER_THUMBPRINT",
+    IMDS_ENDPOINT: "IMDS_ENDPOINT",
+    MSI_ENDPOINT: "MSI_ENDPOINT",
+} as const;
+export type ManagedIdentityEnvironmentVariableNames =
+    (typeof ManagedIdentityEnvironmentVariableNames)[keyof typeof ManagedIdentityEnvironmentVariableNames];
+
+/**
+ * Managed Identity Source Names
+ */
+export const ManagedIdentitySourceNames = {
+    APP_SERVICE: "App Service",
+    AZURE_ARC: "Azure Arc",
+    CLOUD_SHELL: "Cloud Shell",
+    IMDS: "IMDS",
+    SERVICE_FABRIC: "Service Fabric",
+} as const;
+export type ManagedIdentitySourceNames =
+    (typeof ManagedIdentitySourceNames)[keyof typeof ManagedIdentitySourceNames];
+
+/**
+ * Managed Identity Ids
+ */
+export const ManagedIdentityIdType = {
+    SYSTEM_ASSIGNED: "system-assigned",
+    USER_ASSIGNED_CLIENT_ID: "user-assigned-client-id",
+    USER_ASSIGNED_RESOURCE_ID: "user-assigned-resource-id",
+    USER_ASSIGNED_OBJECT_ID: "user-assigned-object-id",
+} as const;
+export type ManagedIdentityIdType =
+    (typeof ManagedIdentityIdType)[keyof typeof ManagedIdentityIdType];
+
+/**
  * http methods
@@ -105,1 +157,12 @@ */
 };
+
+export const MANAGED_IDENTITY_MAX_RETRIES = 1;
+export const MANAGED_IDENTITY_RETRY_DELAY = 1000;
+export const MANAGED_IDENTITY_HTTP_STATUS_CODES_TO_RETRY_ON = [
+    HttpStatus.NOT_FOUND,
+    HttpStatus.REQUEST_TIMEOUT,
+    HttpStatus.TOO_MANY_REQUESTS,
+    HttpStatus.INTERNAL_SERVER_ERROR,
+    HttpStatus.SERVICE_UNAVAILABLE,
+    HttpStatus.GATEWAY_TIMEOUT,
+];

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1127486

increased by31.81%

Number of package files

353

increased by45.27%

Lines of code

18516

increased by26.54%

Worsened metrics

Number of low quality alerts

2

increased by100%

Number of low supply chain risk alerts

26

increased by1200%

Dependency changes

• + Added@azure/msal-common@14.7.2-alpha.0(transitive)

• - Removed@azure/msal-common@14.7.1(transitive)

• Updated@azure/msal-common@14.7.2-alpha.0