UNPKG

@azure/identity

Version:

Provides credential implementations for Azure SDK libraries that can authenticate with Microsoft Entra ID

github.com/Azure/azure-sdk-for-js/tree/main/sdk/identity/identity/README.md

Azure/azure-sdk-for-js

96 lines 5.64 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
"use strict"; // Copyright (c) Microsoft Corporation. // Licensed under the MIT License. Object.defineProperty(exports, "__esModule", { value: true }); exports.DeviceCodeCredential = void 0; exports.defaultDeviceCodePromptCallback = defaultDeviceCodePromptCallback; const tenantIdUtils_js_1 = require("../util/tenantIdUtils.js"); const logging_js_1 = require("../util/logging.js"); const scopeUtils_js_1 = require("../util/scopeUtils.js"); const tracing_js_1 = require("../util/tracing.js"); const msalClient_js_1 = require("../msal/nodeFlows/msalClient.js"); const constants_js_1 = require("../constants.js"); const logger = (0, logging_js_1.credentialLogger)("DeviceCodeCredential"); /** * Method that logs the user code from the DeviceCodeCredential. * @param deviceCodeInfo - The device code. */ function defaultDeviceCodePromptCallback(deviceCodeInfo) { console.log(deviceCodeInfo.message); } /** * Enables authentication to Microsoft Entra ID using a device code * that the user can enter into https://microsoft.com/devicelogin. */ class DeviceCodeCredential { /** * Creates an instance of DeviceCodeCredential with the details needed * to initiate the device code authorization flow with Microsoft Entra ID. * * A message will be logged, giving users a code that they can use to authenticate once they go to https://microsoft.com/devicelogin * * Developers can configure how this message is shown by passing a custom `userPromptCallback`: * * ```ts snippet:device_code_credential_example * import { DeviceCodeCredential } from "@azure/identity"; * * const credential = new DeviceCodeCredential({ * tenantId: process.env.AZURE_TENANT_ID, * clientId: process.env.AZURE_CLIENT_ID, * userPromptCallback: (info) => { * console.log("CUSTOMIZED PROMPT CALLBACK", info.message); * }, * }); * ``` * * @param options - Options for configuring the client which makes the authentication requests. */ constructor(options) { var _a, _b; this.tenantId = options === null || options === void 0 ? void 0 : options.tenantId; this.additionallyAllowedTenantIds = (0, tenantIdUtils_js_1.resolveAdditionallyAllowedTenantIds)(options === null || options === void 0 ? void 0 : options.additionallyAllowedTenants); const clientId = (_a = options === null || options === void 0 ? void 0 : options.clientId) !== null && _a !== void 0 ? _a : constants_js_1.DeveloperSignOnClientId; const tenantId = (0, tenantIdUtils_js_1.resolveTenantId)(logger, options === null || options === void 0 ? void 0 : options.tenantId, clientId); this.userPromptCallback = (_b = options === null || options === void 0 ? void 0 : options.userPromptCallback) !== null && _b !== void 0 ? _b : defaultDeviceCodePromptCallback; this.msalClient = (0, msalClient_js_1.createMsalClient)(clientId, tenantId, Object.assign(Object.assign({}, options), { logger, tokenCredentialOptions: options || {} })); this.disableAutomaticAuthentication = options === null || options === void 0 ? void 0 : options.disableAutomaticAuthentication; } /** * Authenticates with Microsoft Entra ID and returns an access token if successful. * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure. * * If the user provided the option `disableAutomaticAuthentication`, * once the token can't be retrieved silently, * this method won't attempt to request user interaction to retrieve the token. * * @param scopes - The list of scopes for which the token will have access. * @param options - The options used to configure any requests this * TokenCredential implementation might make. */ async getToken(scopes, options = {}) { return tracing_js_1.tracingClient.withSpan(`${this.constructor.name}.getToken`, options, async (newOptions) => { newOptions.tenantId = (0, tenantIdUtils_js_1.processMultiTenantRequest)(this.tenantId, newOptions, this.additionallyAllowedTenantIds, logger); const arrayScopes = (0, scopeUtils_js_1.ensureScopes)(scopes); return this.msalClient.getTokenByDeviceCode(arrayScopes, this.userPromptCallback, Object.assign(Object.assign({}, newOptions), { disableAutomaticAuthentication: this.disableAutomaticAuthentication })); }); } /** * Authenticates with Microsoft Entra ID and returns an access token if successful. * If authentication fails, a {@link CredentialUnavailableError} will be thrown with the details of the failure. * * If the token can't be retrieved silently, this method will always generate a challenge for the user. * * @param scopes - The list of scopes for which the token will have access. * @param options - The options used to configure any requests this * TokenCredential implementation might make. */ async authenticate(scopes, options = {}) { return tracing_js_1.tracingClient.withSpan(`${this.constructor.name}.authenticate`, options, async (newOptions) => { const arrayScopes = Array.isArray(scopes) ? scopes : [scopes]; await this.msalClient.getTokenByDeviceCode(arrayScopes, this.userPromptCallback, Object.assign(Object.assign({}, newOptions), { disableAutomaticAuthentication: false })); return this.msalClient.getActiveAccount(); }); } } exports.DeviceCodeCredential = DeviceCodeCredential; //# sourceMappingURL=deviceCodeCredential.js.map