UNPKG

@equinor/fusion-framework-module-msal-node

Version:

Fusion Framework module for secure Azure AD authentication in Node.js using MSAL. Supports interactive, silent, and token-only authentication modes with encrypted token storage.

github.com/equinor/fusion-framework

equinor/fusion-framework

53 lines (46 loc) 1.98 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
import type { Module } from '@equinor/fusion-framework-module'; import { AuthConfigurator } from './AuthConfigurator.js'; import { AuthProvider } from './AuthProvider.js'; import { AuthTokenProvider } from './AuthTokenProvider.js'; import { AuthProviderInteractive } from './AuthProviderInteractive.js'; import type { IAuthProvider } from './AuthProvider.interface.js'; /** * MSAL Node authentication module for the Fusion Framework. * * This module provides authentication capabilities for Node.js applications using Microsoft's MSAL library. * It supports multiple authentication modes: token-only, interactive (browser-based), and silent (cached credentials). * * The module exposes a unified provider interface for acquiring tokens and managing authentication state. * * - In `token_only` mode, a static access token is used (see {@link AuthTokenProvider}). * - In `interactive` mode, the user is prompted via a local server and browser (see {@link AuthProviderInteractive}). * - In all other cases, silent authentication is attempted using cached credentials (see {@link AuthProvider}). * * @see AuthProvider * @see AuthProviderInteractive * @see AuthTokenProvider * @see IAuthProvider * @see AuthConfigurator */ export type MsalNodeModule = Module<'auth', IAuthProvider, AuthConfigurator>; export const module: MsalNodeModule = { name: 'auth', configure: () => new AuthConfigurator(), initialize: async (args) => { const config = await args.config.createConfigAsync(args); switch (config.mode) { case 'token_only': return new AuthTokenProvider(config.accessToken); case 'interactive': { const { client, server } = config; if (!server) { throw new Error('Server configuration is required for interactive mode'); } return new AuthProviderInteractive(client, { server }); } default: return new AuthProvider(config.client); } }, }; export default module;