@azure/msal-node - npm Package Compare versions

Comparing version 2.6.0 to 2.7.0-alpha.0

dist/cache/distributed/DistributedCachePlugin.d.ts

@@ -0,0 +0,0 @@ import { ICachePlugin, TokenCacheContext } from "@azure/msal-common";

dist/cache/distributed/ICacheClient.d.ts

@@ -0,0 +0,0 @@ export interface ICacheClient {

dist/cache/distributed/IPartitionManager.d.ts

@@ -0,0 +0,0 @@ import { AccountEntity } from "@azure/msal-common";

dist/cache/ITokenCache.d.ts

@@ -0,0 +0,0 @@ import { AccountInfo } from "@azure/msal-common";

dist/cache/NodeStorage.d.ts

@@ -0,0 +0,0 @@ import { TokenKeys, AccountEntity, IdTokenEntity, AccessTokenEntity, RefreshTokenEntity, AppMetadataEntity, ServerTelemetryEntity, ThrottlingEntity, CacheManager, Logger, ValidCacheType, ICrypto, AuthorityMetadataEntity, ValidCredentialType, StaticAuthorityOptions } from "@azure/msal-common";

dist/cache/serializer/Deserializer.d.ts

@@ -0,0 +0,0 @@ import { AccountCache, IdTokenCache, AccessTokenCache, RefreshTokenCache, AppMetadataCache } from "@azure/msal-common";

dist/cache/serializer/Serializer.d.ts

@@ -0,0 +0,0 @@ import { AccountCache, IdTokenCache, AccessTokenCache, RefreshTokenCache, AppMetadataCache } from "@azure/msal-common";

dist/cache/serializer/SerializerTypes.d.ts

@@ -0,0 +0,0 @@ import { AccountCache, IdTokenCache, AccessTokenCache, RefreshTokenCache, AppMetadataCache, ValidCacheType } from "@azure/msal-common";

dist/cache/TokenCache.d.ts

@@ -0,0 +0,0 @@ import { NodeStorage } from "./NodeStorage.js";

dist/client/ClientApplication.d.ts

@@ -0,0 +0,0 @@ import { ClientConfiguration, AuthenticationResult, BaseAuthRequest, Logger, ServerTelemetryManager, AzureRegionConfiguration, AzureCloudOptions, AuthorizationCodePayload } from "@azure/msal-common";

dist/client/ClientAssertion.d.ts

@@ -0,0 +0,0 @@ import { CryptoProvider } from "../crypto/CryptoProvider.js";

dist/client/ClientCredentialClient.d.ts

@@ -1,2 +0,3 @@
-import { AuthenticationResult, BaseClient, ClientConfiguration, CommonClientCredentialRequest, IAppTokenProvider } from "@azure/msal-common";
+import { AuthenticationResult, Authority, BaseClient, CacheManager, CacheOutcome, ClientConfiguration, CommonClientCredentialRequest, IAppTokenProvider, ICrypto, ServerTelemetryManager } from "@azure/msal-common";
+import { ManagedIdentityConfiguration } from "../config/Configuration";
 /**
@@ -6,3 +7,2 @@ * OAuth2.0 client credential grant
 export declare class ClientCredentialClient extends BaseClient {
-    private scopeSet;
     private readonly appTokenProvider?;
@@ -18,3 +18,3 @@ constructor(configuration: ClientConfiguration, appTokenProvider?: IAppTokenProvider);
      */
-    private getCachedAuthenticationResult;
+    getCachedAuthenticationResult(request: CommonClientCredentialRequest, config: ClientConfiguration | ManagedIdentityConfiguration, cryptoUtils: ICrypto, authority: Authority, cacheManager: CacheManager, serverTelemetryManager?: ServerTelemetryManager | null): Promise<[AuthenticationResult | null, CacheOutcome]>;
     /**
@@ -21,0 +21,0 @@ * Reads access token from the cache

dist/client/ConfidentialClientApplication.d.ts

@@ -0,0 +0,0 @@ import { ClientApplication } from "./ClientApplication.js";

dist/client/DeviceCodeClient.d.ts

@@ -0,0 +0,0 @@ import { AuthenticationResult, BaseClient, ClientConfiguration, CommonDeviceCodeRequest } from "@azure/msal-common";

dist/client/IConfidentialClientApplication.d.ts

@@ -0,0 +0,0 @@ import { AuthenticationResult, IAppTokenProvider, Logger } from "@azure/msal-common";

dist/client/IPublicClientApplication.d.ts

@@ -0,0 +0,0 @@ import { AccountInfo, AuthenticationResult, Logger } from "@azure/msal-common";

dist/client/OnBehalfOfClient.d.ts

@@ -0,0 +0,0 @@ import { AuthenticationResult, BaseClient, ClientConfiguration, CommonOnBehalfOfRequest } from "@azure/msal-common";

dist/client/PublicClientApplication.d.ts

@@ -0,0 +0,0 @@ import { AuthenticationResult, AccountInfo } from "@azure/msal-common";

dist/client/UsernamePasswordClient.d.ts

@@ -0,0 +0,0 @@ import { AuthenticationResult, BaseClient, ClientConfiguration, CommonUsernamePasswordRequest } from "@azure/msal-common";

dist/config/Configuration.d.ts

@@ -6,2 +6,3 @@ /// <reference types="node" />
 import https from "https";
+import { ManagedIdentityId } from "./ManagedIdentityId.js";
 /**
@@ -89,2 +90,11 @@ * - clientId               - Client id of the application.
 };
+export type ManagedIdentityIdParams = {
+    userAssignedClientId?: string;
+    userAssignedResourceId?: string;
+    userAssignedObjectId?: string;
+};
+export type ManagedIdentityConfiguration = {
+    managedIdentityIdParams?: ManagedIdentityIdParams;
+    system?: NodeSystemOptions;
+};
 /** @internal */
@@ -110,2 +120,7 @@ export type NodeConfiguration = {
 export declare function buildAppConfiguration({ auth, broker, cache, system, telemetry, }: Configuration): NodeConfiguration;
+export type ManagedIdentityNodeConfiguration = {
+    managedIdentityId: ManagedIdentityId;
+    system: Required<NodeSystemOptions>;
+};
+export declare function buildManagedIdentityConfiguration({ managedIdentityIdParams, system, }: ManagedIdentityConfiguration): ManagedIdentityNodeConfiguration;
 //# sourceMappingURL=Configuration.d.ts.map

dist/crypto/CryptoProvider.d.ts

@@ -0,0 +0,0 @@ import { ICrypto, PkceCodes } from "@azure/msal-common";

dist/crypto/GuidGenerator.d.ts

@@ -0,0 +0,0 @@ import { IGuidGenerator } from "@azure/msal-common";

dist/crypto/HashUtils.d.ts

@@ -0,0 +0,0 @@ /// <reference types="node" />

dist/crypto/PkceGenerator.d.ts

@@ -0,0 +0,0 @@ import { PkceCodes } from "@azure/msal-common";

dist/error/NodeAuthError.d.ts

@@ -0,0 +0,0 @@ import { AuthError } from "@azure/msal-common";

dist/index.d.ts

@@ -23,4 +23,5 @@ /**
 export { OnBehalfOfClient } from "./client/OnBehalfOfClient.js";
+export { ManagedIdentityApplication } from "./client/ManagedIdentityApplication.js";
 export { UsernamePasswordClient } from "./client/UsernamePasswordClient.js";
-export { Configuration, buildAppConfiguration, NodeAuthOptions, NodeSystemOptions, BrokerOptions, NodeTelemetryOptions, CacheOptions, } from "./config/Configuration.js";
+export { Configuration, ManagedIdentityConfiguration, ManagedIdentityIdParams, buildAppConfiguration, NodeAuthOptions, NodeSystemOptions, BrokerOptions, NodeTelemetryOptions, CacheOptions, } from "./config/Configuration.js";
 export { ClientAssertion } from "./client/ClientAssertion.js";
@@ -42,4 +43,5 @@ export { TokenCache } from "./cache/TokenCache.js";
 export type { SignOutRequest } from "./request/SignOutRequest.js";
+export type { ManagedIdentityRequestParams } from "./request/ManagedIdentityRequestParams.js";
 export { PromptValue, ResponseMode, AuthorizationCodePayload, AuthenticationResult, ServerAuthorizationCodeResponse, IdTokenClaims, AccountInfo, ValidCacheType, AuthError, AuthErrorMessage, AuthErrorCodes, ClientAuthError, ClientAuthErrorCodes, ClientAuthErrorMessage, ClientConfigurationError, ClientConfigurationErrorCodes, ClientConfigurationErrorMessage, InteractionRequiredAuthError, InteractionRequiredAuthErrorCodes, InteractionRequiredAuthErrorMessage, ServerError, INetworkModule, NetworkRequestOptions, NetworkResponse, Logger, LogLevel, ProtocolMode, ICachePlugin, TokenCacheContext, ISerializableTokenCache, AzureCloudInstance, AzureCloudOptions, IAppTokenProvider, AppTokenProviderParameters, AppTokenProviderResult, INativeBrokerPlugin, } from "@azure/msal-common";
 export { version } from "./packageMetadata.js";
 //# sourceMappingURL=index.d.ts.map

dist/internals.d.ts

@@ -0,0 +0,0 @@ /**

dist/network/HttpClient.d.ts

@@ -12,3 +12,4 @@ /// <reference types="node" />
     private customAgentOptions;
-    constructor(proxyUrl?: string, customAgentOptions?: http.AgentOptions | https.AgentOptions);
+    private managedIdentity;
+    constructor(proxyUrl?: string, customAgentOptions?: http.AgentOptions | https.AgentOptions, managedIdentity?: boolean);
     /**
@@ -15,0 +16,0 @@ * Http Get request

dist/network/ILoopbackClient.d.ts

@@ -0,0 +0,0 @@ import { ServerAuthorizationCodeResponse } from "@azure/msal-common";

dist/network/LoopbackClient.d.ts

@@ -0,0 +0,0 @@ import { ServerAuthorizationCodeResponse } from "@azure/msal-common";

dist/packageMetadata.d.ts

 export declare const name = "@azure/msal-node";
-export declare const version = "2.6.0";
+export declare const version = "2.7.0-alpha.0";
 //# sourceMappingURL=packageMetadata.d.ts.map

dist/request/AuthorizationCodeRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonAuthorizationCodeRequest } from "@azure/msal-common";

dist/request/AuthorizationUrlRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common";

dist/request/ClientCredentialRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonClientCredentialRequest } from "@azure/msal-common";

dist/request/DeviceCodeRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonDeviceCodeRequest, DeviceCodeResponse } from "@azure/msal-common";

dist/request/InteractiveRequest.d.ts

@@ -0,0 +0,0 @@ /// <reference types="node" />

dist/request/OnBehalfOfRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonOnBehalfOfRequest } from "@azure/msal-common";

dist/request/RefreshTokenRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonRefreshTokenRequest } from "@azure/msal-common";

dist/request/SignOutRequest.d.ts

@@ -0,0 +0,0 @@ import { AccountInfo } from "@azure/msal-common";

dist/request/SilentFlowRequest.d.ts

@@ -0,0 +0,0 @@ import { AccountInfo, CommonSilentFlowRequest } from "@azure/msal-common";

dist/request/UsernamePasswordRequest.d.ts

@@ -0,0 +0,0 @@ import { CommonUsernamePasswordRequest } from "@azure/msal-common";

dist/utils/Constants.d.ts

@@ -0,2 +1,22 @@
+export declare const AUTHORIZATION_HEADER_NAME: string;
+export declare const METADATA_HEADER_NAME: string;
+export declare const SECRET_HEADER_NAME: string;
+export declare const MANAGED_IDENTITY_CLIENT_ID = "client_id";
+export declare const MANAGED_IDENTITY_OBJECT_ID = "object_id";
+export declare const MANAGED_IDENTITY_RESOURCE_ID = "mi_res_id";
+export declare const DEFAULT_MANAGED_IDENTITY_ID = "system_assigned_managed_identity";
+export declare const MANAGED_IDENTITY_DEFAULT_TENANT = "managed_identity";
+export declare const DEFAULT_AUTHORITY_FOR_MANAGED_IDENTITY: string;
+export declare const MANAGED_IDENTITY_TIMEOUT_ERROR: string;
 /**
+ * Managed Identity Ids
+ */
+export declare const ManagedIdentityIdType: {
+    readonly SYSTEM_ASSIGNED: "system-assigned";
+    readonly USER_ASSIGNED_CLIENT_ID: "user-assigned-client-id";
+    readonly USER_ASSIGNED_RESOURCE_ID: "user-assigned-resource-id";
+    readonly USER_ASSIGNED_OBJECT_ID: "user-assigned-object-id";
+};
+export type ManagedIdentityIdType = (typeof ManagedIdentityIdType)[keyof typeof ManagedIdentityIdType];
+/**
  * http methods
@@ -3,0 +23,0 @@ */

dist/utils/EncodingUtils.d.ts

@@ -0,0 +0,0 @@ /// <reference types="node" />

dist/utils/NetworkUtils.d.ts

@@ -0,0 +0,0 @@ import { NetworkResponse, UrlToHttpRequestOptions } from "@azure/msal-common";

package.json

 {
   "$schema": "https://json.schemastore.org/package.json",
   "name": "@azure/msal-node",
-  "version": "2.6.0",
+  "version": "2.7.0-alpha.0",
   "author": {
@@ -80,3 +80,3 @@ "name": "Microsoft",
   "dependencies": {
-    "@azure/msal-common": "14.5.0",
+    "@azure/msal-common": "14.6.0-alpha.0",
     "jsonwebtoken": "^9.0.0",
@@ -86,4 +86,4 @@ "uuid": "^8.3.0"
   "engines": {
-    "node": "16|| 18 || 20"
+    "node": ">=16"
   }
 }

src/cache/NodeStorage.ts

@@ -424,6 +424,3 @@ /*
             throttlingCache &&
-            ThrottlingEntity.isThrottlingEntity(
-                throttlingCacheKey,
-                throttlingCache
-            )
+            CacheHelpers.isThrottlingEntity(throttlingCacheKey, throttlingCache)
         ) {
@@ -430,0 +427,0 @@ return throttlingCache;

src/client/ClientCredentialClient.ts

@@ -12,2 +12,3 @@ /*
     BaseClient,
+    CacheManager,
     CacheOutcome,
@@ -20,4 +21,6 @@ ClientAuthErrorCodes,
     CredentialType,
+    DEFAULT_TOKEN_RENEWAL_OFFSET_SEC,
     GrantType,
     IAppTokenProvider,
+    ICrypto,
     RequestParameterBuilder,
@@ -28,2 +31,3 @@ RequestThumbprint,
     ServerAuthorizationTokenResponse,
+    ServerTelemetryManager,
     StringUtils,
@@ -35,2 +39,6 @@ TimeUtils,
 } from "@azure/msal-common";
+import {
+    ManagedIdentityConfiguration,
+    ManagedIdentityNodeConfiguration,
+} from "../config/Configuration";
 
@@ -41,3 +49,2 @@ /**
 export class ClientCredentialClient extends BaseClient {
-    private scopeSet: ScopeSet;
     private readonly appTokenProvider?: IAppTokenProvider;
@@ -60,4 +67,2 @@
     ): Promise<AuthenticationResult | null> {
-        this.scopeSet = new ScopeSet(request.scopes || []);
-
         if (request.skipCache) {
@@ -68,3 +73,10 @@ return this.executeTokenRequest(request, this.authority);
         const [cachedAuthenticationResult, lastCacheOutcome] =
-            await this.getCachedAuthenticationResult(request);
+            await this.getCachedAuthenticationResult(
+                request,
+                this.config,
+                this.cryptoUtils,
+                this.authority,
+                this.cacheManager,
+                this.serverTelemetryManager
+            );
 
@@ -97,5 +109,14 @@ if (cachedAuthenticationResult) {
      */
-    private async getCachedAuthenticationResult(
-        request: CommonClientCredentialRequest
+    public async getCachedAuthenticationResult(
+        request: CommonClientCredentialRequest,
+        config: ClientConfiguration | ManagedIdentityConfiguration,
+        cryptoUtils: ICrypto,
+        authority: Authority,
+        cacheManager: CacheManager,
+        serverTelemetryManager?: ServerTelemetryManager | null
     ): Promise<[AuthenticationResult | null, CacheOutcome]> {
+        const clientConfiguration = config as ClientConfiguration;
+        const managedIdentityConfiguration =
+            config as ManagedIdentityNodeConfiguration;
+
         let lastCacheOutcome: CacheOutcome = CacheOutcome.NOT_APPLICABLE;
@@ -105,18 +126,31 @@
         let cacheContext;
-        if (this.config.serializableCache && this.config.persistencePlugin) {
+        if (
+            clientConfiguration.serializableCache &&
+            clientConfiguration.persistencePlugin
+        ) {
             cacheContext = new TokenCacheContext(
-                this.config.serializableCache,
+                clientConfiguration.serializableCache,
                 false
             );
-            await this.config.persistencePlugin.beforeCacheAccess(cacheContext);
+            await clientConfiguration.persistencePlugin.beforeCacheAccess(
+                cacheContext
+            );
         }
 
-        const cachedAccessToken = this.readAccessTokenFromCache();
+        const cachedAccessToken = this.readAccessTokenFromCache(
+            authority,
+            managedIdentityConfiguration.managedIdentityId?.id ||
+                clientConfiguration.authOptions.clientId,
+            new ScopeSet(request.scopes || []),
+            cacheManager
+        );
 
         if (
-            this.config.serializableCache &&
-            this.config.persistencePlugin &&
+            clientConfiguration.serializableCache &&
+            clientConfiguration.persistencePlugin &&
             cacheContext
         ) {
-            await this.config.persistencePlugin.afterCacheAccess(cacheContext);
+            await clientConfiguration.persistencePlugin.afterCacheAccess(
+                cacheContext
+            );
         }
@@ -126,3 +160,3 @@
         if (!cachedAccessToken) {
-            this.serverTelemetryManager?.setCacheOutcome(
+            serverTelemetryManager?.setCacheOutcome(
                 CacheOutcome.NO_CACHED_ACCESS_TOKEN
@@ -137,6 +171,7 @@ );
                 cachedAccessToken.expiresOn,
-                this.config.systemOptions.tokenRenewalOffsetSeconds
+                clientConfiguration.systemOptions?.tokenRenewalOffsetSeconds ||
+                    DEFAULT_TOKEN_RENEWAL_OFFSET_SEC
             )
         ) {
-            this.serverTelemetryManager?.setCacheOutcome(
+            serverTelemetryManager?.setCacheOutcome(
                 CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED
@@ -153,3 +188,3 @@ );
             lastCacheOutcome = CacheOutcome.PROACTIVELY_REFRESHED;
-            this.serverTelemetryManager?.setCacheOutcome(
+            serverTelemetryManager?.setCacheOutcome(
                 CacheOutcome.PROACTIVELY_REFRESHED
@@ -161,4 +196,4 @@ );
             await ResponseHandler.generateAuthenticationResult(
-                this.cryptoUtils,
-                this.authority,
+                cryptoUtils,
+                authority,
                 {
@@ -181,15 +216,20 @@ account: null,
      */
-    private readAccessTokenFromCache(): AccessTokenEntity | null {
+    private readAccessTokenFromCache(
+        authority: Authority,
+        id: string,
+        scopeSet: ScopeSet,
+        cacheManager: CacheManager
+    ): AccessTokenEntity | null {
         const accessTokenFilter: CredentialFilter = {
             homeAccountId: Constants.EMPTY_STRING,
             environment:
-                this.authority.canonicalAuthorityUrlComponents.HostNameAndPort,
+                authority.canonicalAuthorityUrlComponents.HostNameAndPort,
             credentialType: CredentialType.ACCESS_TOKEN,
-            clientId: this.config.authOptions.clientId,
-            realm: this.authority.tenant,
-            target: ScopeSet.createSearchScopes(this.scopeSet.asArray()),
+            clientId: id,
+            realm: authority.tenant,
+            target: ScopeSet.createSearchScopes(scopeSet.asArray()),
         };
 
         const accessTokens =
-            this.cacheManager.getAccessTokensByFilter(accessTokenFilter);
+            cacheManager.getAccessTokensByFilter(accessTokenFilter);
         if (accessTokens.length < 1) {
@@ -196,0 +236,0 @@ return null;

src/config/Configuration.ts

@@ -21,2 +21,3 @@ /*
 import https from "https";
+import { ManagedIdentityId } from "./ManagedIdentityId.js";
 
@@ -111,2 +112,13 @@ /**
 
+export type ManagedIdentityIdParams = {
+    userAssignedClientId?: string;
+    userAssignedResourceId?: string;
+    userAssignedObjectId?: string;
+};
+
+export type ManagedIdentityConfiguration = {
+    managedIdentityIdParams?: ManagedIdentityIdParams;
+    system?: NodeSystemOptions;
+};
+
 const DEFAULT_AUTH_OPTIONS: Required<NodeAuthOptions> = {
@@ -191,3 +203,6 @@ clientId: Constants.EMPTY_STRING,
             system?.proxyUrl,
-            system?.customAgentOptions as http.AgentOptions | https.AgentOptions
+            system?.customAgentOptions as
+                | http.AgentOptions
+                | https.AgentOptions,
+            false // Managed Identity
         ),
@@ -205,1 +220,32 @@ loggerOptions: system?.loggerOptions || DEFAULT_LOGGER_OPTIONS,
 }
+
+export type ManagedIdentityNodeConfiguration = {
+    managedIdentityId: ManagedIdentityId;
+    system: Required<NodeSystemOptions>;
+};
+
+export function buildManagedIdentityConfiguration({
+    managedIdentityIdParams,
+    system,
+}: ManagedIdentityConfiguration): ManagedIdentityNodeConfiguration {
+    const managedIdentityId: ManagedIdentityId = new ManagedIdentityId(
+        managedIdentityIdParams
+    );
+
+    const systemOptions: Required<NodeSystemOptions> = {
+        ...DEFAULT_SYSTEM_OPTIONS,
+        loggerOptions: system?.loggerOptions || DEFAULT_LOGGER_OPTIONS,
+        networkClient: new HttpClient(
+            system?.proxyUrl,
+            system?.customAgentOptions as
+                | http.AgentOptions
+                | https.AgentOptions,
+            true // Managed Identity
+        ),
+    };
+
+    return {
+        managedIdentityId: managedIdentityId,
+        system: { ...systemOptions, ...system },
+    };
+}

src/index.ts

@@ -34,2 +34,3 @@ /*
 export { OnBehalfOfClient } from "./client/OnBehalfOfClient.js";
+export { ManagedIdentityApplication } from "./client/ManagedIdentityApplication.js";
 export { UsernamePasswordClient } from "./client/UsernamePasswordClient.js";
@@ -39,2 +40,4 @@
     Configuration,
+    ManagedIdentityConfiguration,
+    ManagedIdentityIdParams,
     buildAppConfiguration,
@@ -78,2 +81,3 @@ NodeAuthOptions,
 export type { SignOutRequest } from "./request/SignOutRequest.js";
+export type { ManagedIdentityRequestParams } from "./request/ManagedIdentityRequestParams.js";
 
@@ -80,0 +84,0 @@ // Common Object Formats

src/network/HttpClient.ts

@@ -23,9 +23,12 @@ /*
     private customAgentOptions: http.AgentOptions | https.AgentOptions;
+    private managedIdentity: boolean;
 
     constructor(
         proxyUrl?: string,
-        customAgentOptions?: http.AgentOptions | https.AgentOptions
+        customAgentOptions?: http.AgentOptions | https.AgentOptions,
+        managedIdentity?: boolean
     ) {
         this.proxyUrl = proxyUrl || "";
         this.customAgentOptions = customAgentOptions || {};
+        this.managedIdentity = managedIdentity || false;
     }
@@ -55,3 +58,5 @@
                 options,
-                this.customAgentOptions as https.AgentOptions
+                this.customAgentOptions as https.AgentOptions,
+                undefined,
+                this.managedIdentity
             );
@@ -86,3 +91,4 @@ }
                 this.customAgentOptions as https.AgentOptions,
-                cancellationToken
+                cancellationToken,
+                this.managedIdentity
             );
@@ -283,3 +289,4 @@ }
     agentOptions?: https.AgentOptions,
-    timeout?: number
+    timeout?: number,
+    managedIdentity?: boolean
 ): Promise<NetworkResponse<T>> => {
@@ -314,3 +321,8 @@ const isPostRequest = httpMethod === HttpMethod.POST;
     return new Promise<NetworkResponse<T>>((resolve, reject) => {
-        const request = https.request(customOptions);
+        let request: http.ClientRequest;
+        if (managedIdentity) {
+            request = http.request(customOptions);
+        } else {
+            request = https.request(customOptions);
+        }
 
@@ -317,0 +329,0 @@ if (timeout) {

src/packageMetadata.ts

 /* eslint-disable header/header */
 export const name = "@azure/msal-node";
-export const version = "2.6.0";
+export const version = "2.7.0-alpha.0";

src/utils/Constants.ts

@@ -6,3 +6,30 @@ /*
 
+// MSI Constants. Docs for MSI are available here https://docs.microsoft.com/azure/app-service/overview-managed-identity
+export const AUTHORIZATION_HEADER_NAME: string = "Authorization";
+export const METADATA_HEADER_NAME: string = "Metadata";
+export const SECRET_HEADER_NAME: string = "X-IDENTITY-HEADER";
+
+export const MANAGED_IDENTITY_CLIENT_ID = "client_id";
+export const MANAGED_IDENTITY_OBJECT_ID = "object_id";
+export const MANAGED_IDENTITY_RESOURCE_ID = "mi_res_id";
+export const DEFAULT_MANAGED_IDENTITY_ID = "system_assigned_managed_identity";
+export const MANAGED_IDENTITY_DEFAULT_TENANT = "managed_identity";
+export const DEFAULT_AUTHORITY_FOR_MANAGED_IDENTITY = `https://login.microsoftonline.com/${MANAGED_IDENTITY_DEFAULT_TENANT}/`;
+
+export const MANAGED_IDENTITY_TIMEOUT_ERROR: string =
+    "[Managed Identity] Authentication unavailable. The request to the managed identity endpoint timed out.";
+
 /**
+ * Managed Identity Ids
+ */
+export const ManagedIdentityIdType = {
+    SYSTEM_ASSIGNED: "system-assigned",
+    USER_ASSIGNED_CLIENT_ID: "user-assigned-client-id",
+    USER_ASSIGNED_RESOURCE_ID: "user-assigned-resource-id",
+    USER_ASSIGNED_OBJECT_ID: "user-assigned-object-id",
+} as const;
+export type ManagedIdentityIdType =
+    (typeof ManagedIdentityIdType)[keyof typeof ManagedIdentityIdType];
+
+/**
  * http methods
@@ -9,0 +36,0 @@ */

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1055227

increased by23.23%

Number of package files

328

increased by34.98%

Lines of code

17435

increased by19.01%

Worsened metrics

Number of low quality alerts

2

increased by100%

Number of low supply chain risk alerts

18

increased by800%

Number of versions

110

decreased by-0.9%

Published versions last months

1

decreased by-50%

Published versions last two months

3

decreased by-25%

Published versions last week

0

decreased by-100%

Dependency changes

• + Added@azure/msal-common@14.6.0-alpha.0(transitive)

• - Removed@azure/msal-common@14.5.0(transitive)

• Updated@azure/msal-common@14.6.0-alpha.0