UNPKG

@equinor/fusion-framework-module-msal-node

Version:

Fusion Framework module for secure Azure AD authentication in Node.js using MSAL. Supports interactive, silent, and token-only authentication modes with encrypted token storage.

github.com/equinor/fusion-framework

equinor/fusion-framework

35 lines (34 loc) 1.91 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
import type { AuthenticationResult, PublicClientApplication } from '@azure/msal-node'; /** * Creates a temporary HTTP server to handle the OAuth 2.0 authorization code flow for interactive authentication. * * This function is used in interactive authentication scenarios to listen for the authorization code * returned by Azure AD after the user authenticates in the browser. It exchanges the code for an access token * using the provided `PublicClientApplication` instance. The server automatically shuts down after a successful * authentication, error, or timeout. * * @param client - The MSAL `PublicClientApplication` instance used to acquire tokens. * @param scopes - An array of scopes for which the token is requested. * @param options - Configuration for the authentication server. * @param options.port - The port on which the server will listen for the authentication response. * @param options.codeVerifier - The PKCE code verifier used for enhanced security (optional). * @param options.timeout - Timeout in milliseconds before the server shuts down if no response is received (default: 5 minutes). * * @returns A promise that resolves with the `AuthenticationResult` upon successful authentication, * or rejects with an error if authentication fails or times out. * * @throws {@link AuthServerError} If no authorization code is received or if token acquisition fails. * @throws {@link AuthServerTimeoutError} If the server times out before receiving a response. * * @example * ```typescript * const result = await createAuthServer(client, ['user.read'], { port: 3000, codeVerifier }); * console.log(result.accessToken); * ``` */ export declare const createAuthServer: (client: PublicClientApplication, scopes: string[], options: { port: number; codeVerifier?: string; timeout?: number; }) => Promise<AuthenticationResult>; export default createAuthServer;