push neon reactor

This commit is contained in:
2026-07-12 15:11:38 +02:00
parent 172e72dbcd
commit aeab5f7820
9597 changed files with 2407488 additions and 0 deletions
@@ -0,0 +1,6 @@
export interface DpapiBindings {
protectData(dataToEncrypt: Uint8Array, optionalEntropy: Uint8Array | null, scope: string): Uint8Array;
unprotectData(encryptData: Uint8Array, optionalEntropy: Uint8Array | null, scope: string): Uint8Array;
}
declare let Dpapi: DpapiBindings;
export { Dpapi };
@@ -0,0 +1,38 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { createRequire } from 'module';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class UnavailableDpapi {
constructor(errorMessage) {
this.errorMessage = errorMessage;
}
protectData() {
throw new Error(this.errorMessage);
}
unprotectData() {
throw new Error(this.errorMessage);
}
}
let Dpapi;
if (process.platform !== "win32") {
Dpapi = new UnavailableDpapi("Dpapi is not supported on this platform");
}
else {
// In .mjs files, require is not defined. We need to use createRequire to get a require function
const safeRequire = typeof require !== "undefined"
? require
: createRequire(import.meta.url);
try {
Dpapi = safeRequire(`../bin/${process.arch}/dpapi`);
}
catch (e) {
Dpapi = new UnavailableDpapi("Dpapi bindings unavailable");
}
}
export { Dpapi };
//# sourceMappingURL=Dpapi.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"Dpapi.mjs","sources":["../src/Dpapi.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AAAA;;;AAGG;AAiBH,MAAM,gBAAgB,CAAA;AAClB,IAAA,WAAA,CAA6B,YAAoB,EAAA;QAApB,IAAY,CAAA,YAAA,GAAZ,YAAY,CAAQ;KAAI;IAErD,WAAW,GAAA;AACP,QAAA,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;KACtC;IACD,aAAa,GAAA;AACT,QAAA,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;KACtC;AACJ,CAAA;AAED,IAAI,MAAqB;AACzB,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE;AAC9B,IAAA,KAAK,GAAG,IAAI,gBAAgB,CAAC,yCAAyC,CAAC,CAAC;AAC3E,CAAA;AAAM,KAAA;;AAEH,IAAA,MAAM,WAAW,GACb,OAAO,OAAO,KAAK,WAAW;AAC1B,UAAE,OAAO;UACP,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEzC,IAAI;QACA,KAAK,GAAG,WAAW,CAAC,CAAA,OAAA,EAAU,OAAO,CAAC,IAAI,CAAQ,MAAA,CAAA,CAAC,CAAC;AACvD,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;AACR,QAAA,KAAK,GAAG,IAAI,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;AAC9D,KAAA;AACJ;;;;"}
@@ -0,0 +1,21 @@
/// <reference types="node" resolution-mode="require"/>
/// <reference types="node" resolution-mode="require"/>
import { AccountInfo, AuthenticationResult, INativeBrokerPlugin, LoggerOptions, NativeRequest, NativeSignOutRequest } from "@azure/msal-common/node";
export declare class NativeBrokerPlugin implements INativeBrokerPlugin {
private logger;
isBrokerAvailable: boolean;
constructor();
setLogger(loggerOptions: LoggerOptions): void;
getAccountById(accountId: string, correlationId: string): Promise<AccountInfo>;
getAllAccounts(clientId: string, correlationId: string): Promise<AccountInfo[]>;
acquireTokenSilent(request: NativeRequest): Promise<AuthenticationResult>;
acquireTokenInteractive(request: NativeRequest, providedWindowHandle?: Buffer): Promise<AuthenticationResult>;
signOut(request: NativeSignOutRequest): Promise<void>;
private getAccount;
private readAccountById;
private generateRequestParameters;
private getAuthenticationResult;
private generateAccountInfo;
private isMsalRuntimeError;
private wrapError;
}
@@ -0,0 +1,443 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { msalNodeRuntime, ErrorStatus, LogLevel } from '@azure/msal-node-runtime';
import { ErrorCodes } from '../utils/Constants.mjs';
import { NativeAuthError } from '../error/NativeAuthError.mjs';
import { name, version } from '../packageMetadata.mjs';
import { Logger } from '../lib/msal-common/dist/logger/Logger.mjs';
import { Constants, PromptValue, AuthenticationScheme } from '../lib/msal-common/dist/utils/Constants.mjs';
import { createClientAuthError } from '../lib/msal-common/dist/error/ClientAuthError.mjs';
import { ServerTelemetryManager } from '../lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs';
import { createClientConfigurationError } from '../lib/msal-common/dist/error/ClientConfigurationError.mjs';
import { ServerError } from '../lib/msal-common/dist/error/ServerError.mjs';
import { InteractionRequiredAuthError } from '../lib/msal-common/dist/error/InteractionRequiredAuthError.mjs';
import { X_CLIENT_EXTRA_SKU } from '../lib/msal-common/dist/constants/AADServerParamKeys.mjs';
import { toDateFromSeconds } from '../lib/msal-common/dist/utils/TimeUtils.mjs';
import { noAccountFound, userCanceled, noNetworkConnectivity } from '../lib/msal-common/dist/error/ClientAuthErrorCodes.mjs';
import { untrustedAuthority } from '../lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class NativeBrokerPlugin {
constructor() {
const defaultLoggerOptions = {
loggerCallback: () => {
// Empty logger callback
},
piiLoggingEnabled: false,
};
this.logger = new Logger(defaultLoggerOptions, name, version); // Default logger
this.isBrokerAvailable = msalNodeRuntime.StartupError ? false : true;
}
setLogger(loggerOptions) {
this.logger = new Logger(loggerOptions, name, version);
const logCallback = (message, logLevel, containsPii) => {
switch (logLevel) {
case LogLevel.Trace:
if (containsPii) {
this.logger.tracePii(message);
}
else {
this.logger.trace(message);
}
break;
case LogLevel.Debug:
if (containsPii) {
this.logger.tracePii(message);
}
else {
this.logger.trace(message);
}
break;
case LogLevel.Info:
if (containsPii) {
this.logger.infoPii(message);
}
else {
this.logger.info(message);
}
break;
case LogLevel.Warning:
if (containsPii) {
this.logger.warningPii(message);
}
else {
this.logger.warning(message);
}
break;
case LogLevel.Error:
if (containsPii) {
this.logger.errorPii(message);
}
else {
this.logger.error(message);
}
break;
case LogLevel.Fatal:
if (containsPii) {
this.logger.errorPii(message);
}
else {
this.logger.error(message);
}
break;
default:
if (containsPii) {
this.logger.infoPii(message);
}
else {
this.logger.info(message);
}
break;
}
};
try {
msalNodeRuntime.RegisterLogger(logCallback, loggerOptions.piiLoggingEnabled || false);
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
throw wrappedError;
}
}
}
async getAccountById(accountId, correlationId) {
this.logger.trace("NativeBrokerPlugin - getAccountById called", correlationId);
const readAccountResult = await this.readAccountById(accountId, correlationId);
return this.generateAccountInfo(readAccountResult.account);
}
async getAllAccounts(clientId, correlationId) {
this.logger.trace("NativeBrokerPlugin - getAllAccounts called", correlationId);
return new Promise((resolve, reject) => {
const resultCallback = (result) => {
try {
result.CheckError();
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
return;
}
}
const accountInfoResult = [];
result.accounts.forEach((account) => {
accountInfoResult.push(this.generateAccountInfo(account));
});
resolve(accountInfoResult);
};
try {
msalNodeRuntime.DiscoverAccountsAsync(clientId, correlationId, resultCallback);
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
}
}
});
}
async acquireTokenSilent(request) {
this.logger.trace("NativeBrokerPlugin - acquireTokenSilent called", request.correlationId);
const authParams = this.generateRequestParameters(request);
const account = await this.getAccount(request);
return new Promise((resolve, reject) => {
const resultCallback = (result) => {
try {
result.CheckError();
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
return;
}
}
const authenticationResult = this.getAuthenticationResult(request, result);
resolve(authenticationResult);
};
try {
if (account) {
msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, request.correlationId, account, resultCallback);
}
else {
msalNodeRuntime.SignInSilentlyAsync(authParams, request.correlationId, resultCallback);
}
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
}
}
});
}
async acquireTokenInteractive(request, providedWindowHandle) {
this.logger.trace("NativeBrokerPlugin - acquireTokenInteractive called", request.correlationId);
const authParams = this.generateRequestParameters(request);
const account = await this.getAccount(request);
const windowHandle = providedWindowHandle || Buffer.from([0]);
return new Promise((resolve, reject) => {
const resultCallback = (result) => {
try {
result.CheckError();
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
return;
}
}
const authenticationResult = this.getAuthenticationResult(request, result);
resolve(authenticationResult);
};
try {
switch (request.prompt) {
case PromptValue.LOGIN:
case PromptValue.SELECT_ACCOUNT:
case PromptValue.CREATE:
this.logger.info("Calling native interop SignInInteractively API", request.correlationId);
const loginHint = request.loginHint || Constants.EMPTY_STRING;
msalNodeRuntime.SignInInteractivelyAsync(windowHandle, authParams, request.correlationId, loginHint, resultCallback);
break;
case PromptValue.NONE:
if (account) {
this.logger.info("Calling native interop AcquireTokenSilently API", request.correlationId);
msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, request.correlationId, account, resultCallback);
}
else {
this.logger.info("Calling native interop SignInSilently API", request.correlationId);
msalNodeRuntime.SignInSilentlyAsync(authParams, request.correlationId, resultCallback);
}
break;
default:
if (account) {
this.logger.info("Calling native interop AcquireTokenInteractively API", request.correlationId);
msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams, request.correlationId, account, resultCallback);
}
else {
this.logger.info("Calling native interop SignIn API", request.correlationId);
const loginHint = request.loginHint || Constants.EMPTY_STRING;
msalNodeRuntime.SignInAsync(windowHandle, authParams, request.correlationId, loginHint, resultCallback);
}
break;
}
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
}
}
});
}
async signOut(request) {
this.logger.trace("NativeBrokerPlugin - signOut called", request.correlationId);
const account = await this.getAccount(request);
if (!account) {
throw createClientAuthError(noAccountFound);
}
return new Promise((resolve, reject) => {
const resultCallback = (result) => {
try {
result.CheckError();
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
return;
}
}
resolve();
};
try {
msalNodeRuntime.SignOutSilentlyAsync(request.clientId, request.correlationId, account, resultCallback);
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
}
}
});
}
async getAccount(request) {
if (request.accountId) {
const readAccountResult = await this.readAccountById(request.accountId, request.correlationId);
return readAccountResult.account;
}
return null;
}
async readAccountById(accountId, correlationId) {
this.logger.trace("NativeBrokerPlugin - readAccountById called", correlationId);
return new Promise((resolve, reject) => {
const resultCallback = (result) => {
try {
result.CheckError();
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
return;
}
}
resolve(result);
};
try {
msalNodeRuntime.ReadAccountByIdAsync(accountId, correlationId, resultCallback);
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
reject(wrappedError);
}
}
});
}
generateRequestParameters(request) {
this.logger.trace("NativeBrokerPlugin - generateRequestParameters called", request.correlationId);
const authParams = new msalNodeRuntime.AuthParameters();
try {
authParams.CreateAuthParameters(request.clientId, request.authority);
authParams.SetRedirectUri(request.redirectUri);
authParams.SetRequestedScopes(request.scopes.join(" "));
if (request.claims) {
authParams.SetDecodedClaims(request.claims);
}
if (request.authenticationScheme === AuthenticationScheme.POP) {
if (!request.resourceRequestMethod ||
!request.resourceRequestUri) {
throw new Error("Authentication Scheme set to POP but one or more of the following parameters are missing: resourceRequestMethod, resourceRequestUri");
}
const resourceUrl = new URL(request.resourceRequestUri);
authParams.SetPopParams(request.resourceRequestMethod, resourceUrl.host, resourceUrl.pathname, request.shrNonce || "");
}
if (request.extraParameters) {
Object.entries(request.extraParameters).forEach(([key, value]) => {
authParams.SetAdditionalParameter(key, value);
});
}
const skus = request.extraParameters &&
request.extraParameters[X_CLIENT_EXTRA_SKU]
?.length
? request.extraParameters[X_CLIENT_EXTRA_SKU]
: "";
authParams.SetAdditionalParameter(X_CLIENT_EXTRA_SKU, ServerTelemetryManager.makeExtraSkuString({
skus,
extensionName: "msal.node.ext",
extensionVersion: version,
}));
}
catch (e) {
const wrappedError = this.wrapError(e);
if (wrappedError) {
throw wrappedError;
}
}
return authParams;
}
getAuthenticationResult(request, authResult) {
this.logger.trace("NativeBrokerPlugin - getAuthenticationResult called", request.correlationId);
let fromCache = false;
try {
const telemetryJSON = JSON.parse(authResult.telemetryData);
fromCache = !!telemetryJSON["is_cache"];
}
catch (e) {
this.logger.error("NativeBrokerPlugin: getAuthenticationResult - Error parsing telemetry data. Could not determine if response came from cache.", request.correlationId);
}
let idTokenClaims;
try {
idTokenClaims = JSON.parse(authResult.idToken);
}
catch (e) {
throw new Error("Unable to parse idToken claims");
}
const accountInfo = this.generateAccountInfo(authResult.account, idTokenClaims);
let accessToken;
let tokenType;
if (authResult.isPopAuthorization) {
// Header includes 'pop ' prefix
accessToken = authResult.authorizationHeader.split(" ")[1];
tokenType = AuthenticationScheme.POP;
}
else {
accessToken = authResult.accessToken;
tokenType = AuthenticationScheme.BEARER;
}
const result = {
authority: request.authority,
uniqueId: idTokenClaims.oid || idTokenClaims.sub || "",
tenantId: idTokenClaims.tid || "",
scopes: authResult.grantedScopes.split(" "),
account: accountInfo,
idToken: authResult.rawIdToken,
idTokenClaims: idTokenClaims,
accessToken: accessToken,
fromCache: fromCache,
// MsalRuntime expiresOn returned in seconds, converting to Date for AuthenticationResult
expiresOn: toDateFromSeconds(authResult.expiresOn),
tokenType: tokenType,
correlationId: request.correlationId,
fromNativeBroker: true,
};
return result;
}
generateAccountInfo(account, idTokenClaims) {
this.logger.trace("NativeBrokerPlugin - generateAccountInfo called");
const accountInfo = {
homeAccountId: account.homeAccountId,
environment: account.environment,
tenantId: account.realm,
username: account.username,
localAccountId: account.localAccountId,
name: account.displayName,
idTokenClaims: idTokenClaims,
nativeAccountId: account.accountId,
};
return accountInfo;
}
isMsalRuntimeError(result) {
return (result.hasOwnProperty("errorCode") ||
result.hasOwnProperty("errorStatus") ||
result.hasOwnProperty("errorContext") ||
result.hasOwnProperty("errorTag"));
}
wrapError(error) {
if (error &&
typeof error === "object" &&
this.isMsalRuntimeError(error)) {
const { errorCode, errorStatus, errorContext, errorTag } = error;
switch (errorStatus) {
case ErrorStatus.InteractionRequired:
case ErrorStatus.AccountUnusable:
return new InteractionRequiredAuthError(ErrorCodes.INTERATION_REQUIRED_ERROR_CODE, errorContext);
case ErrorStatus.NoNetwork:
case ErrorStatus.NetworkTemporarilyUnavailable:
return createClientAuthError(noNetworkConnectivity);
case ErrorStatus.ServerTemporarilyUnavailable:
return new ServerError(ErrorCodes.SERVER_UNAVAILABLE, errorContext);
case ErrorStatus.UserCanceled:
return createClientAuthError(userCanceled);
case ErrorStatus.AuthorityUntrusted:
return createClientConfigurationError(untrustedAuthority);
case ErrorStatus.UserSwitched:
// Not an error case, if there's customer demand we can surface this as a response property
return null;
case ErrorStatus.AccountNotFound:
return createClientAuthError(noAccountFound);
default:
return new NativeAuthError(ErrorStatus[errorStatus], errorContext, errorCode, errorTag);
}
}
throw error;
}
}
export { NativeBrokerPlugin };
//# sourceMappingURL=NativeBrokerPlugin.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,6 @@
import { AuthError } from "@azure/msal-common/node";
export declare class NativeAuthError extends AuthError {
statusCode: number;
tag: number;
constructor(errorStatus: string, errorContext: string, errorCode: number, errorTag: number);
}
@@ -0,0 +1,20 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { AuthError } from '../lib/msal-common/dist/error/AuthError.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class NativeAuthError extends AuthError {
constructor(errorStatus, errorContext, errorCode, errorTag) {
super(errorStatus, errorContext);
this.name = "NativeAuthError";
this.statusCode = errorCode;
this.tag = errorTag;
Object.setPrototypeOf(this, NativeAuthError.prototype);
}
}
export { NativeAuthError };
//# sourceMappingURL=NativeAuthError.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"NativeAuthError.mjs","sources":["../../src/error/NativeAuthError.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;AAAA;;;AAGG;AAIG,MAAO,eAAgB,SAAQ,SAAS,CAAA;AAI1C,IAAA,WAAA,CACI,WAAmB,EACnB,YAAoB,EACpB,SAAiB,EACjB,QAAgB,EAAA;AAEhB,QAAA,KAAK,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;AACjC,QAAA,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;AAC9B,QAAA,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;AAC5B,QAAA,IAAI,CAAC,GAAG,GAAG,QAAQ,CAAC;QACpB,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC;KAC1D;AACJ;;;;"}
@@ -0,0 +1,57 @@
/**
* Error thrown when trying to write MSAL cache to persistence.
*/
export declare class PersistenceError extends Error {
errorCode: string;
errorMessage: string;
constructor(errorCode: string, errorMessage: string);
/**
* Error thrown when trying to access the file system.
*/
static createFileSystemError(errorCode: string, errorMessage: string): PersistenceError;
/**
* Error thrown when trying to write, load, or delete data from secret service on linux.
* Libsecret is used to access secret service.
*/
static createLibSecretError(errorMessage: string): PersistenceError;
/**
* Error thrown when trying to write, load, or delete data from keychain on macOs.
*/
static createKeychainPersistenceError(errorMessage: string): PersistenceError;
/**
* Error thrown when trying to encrypt or decrypt data using DPAPI on Windows.
*/
static createFilePersistenceWithDPAPIError(errorMessage: string): PersistenceError;
/**
* Error thrown when using the cross platform lock.
*/
static createCrossPlatformLockError(errorMessage: string): PersistenceError;
/**
* Throw cache persistence error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createCachePersistenceError(errorMessage: string): PersistenceError;
/**
* Throw unsupported error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createNotSupportedError(errorMessage: string): PersistenceError;
/**
* Throw persistence not verified error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createPersistenceNotVerifiedError(errorMessage: string): PersistenceError;
/**
* Throw persistence creation validation error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createPersistenceNotValidatedError(errorMessage: string): PersistenceError;
}
@@ -0,0 +1,91 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Error thrown when trying to write MSAL cache to persistence.
*/
class PersistenceError extends Error {
constructor(errorCode, errorMessage) {
const errorString = errorMessage
? `${errorCode}: ${errorMessage}`
: errorCode;
super(errorString);
Object.setPrototypeOf(this, PersistenceError.prototype);
this.errorCode = errorCode;
this.errorMessage = errorMessage;
this.name = "PersistenceError";
}
/**
* Error thrown when trying to access the file system.
*/
static createFileSystemError(errorCode, errorMessage) {
return new PersistenceError(errorCode, errorMessage);
}
/**
* Error thrown when trying to write, load, or delete data from secret service on linux.
* Libsecret is used to access secret service.
*/
static createLibSecretError(errorMessage) {
return new PersistenceError("GnomeKeyringError", errorMessage);
}
/**
* Error thrown when trying to write, load, or delete data from keychain on macOs.
*/
static createKeychainPersistenceError(errorMessage) {
return new PersistenceError("KeychainError", errorMessage);
}
/**
* Error thrown when trying to encrypt or decrypt data using DPAPI on Windows.
*/
static createFilePersistenceWithDPAPIError(errorMessage) {
return new PersistenceError("DPAPIEncryptedFileError", errorMessage);
}
/**
* Error thrown when using the cross platform lock.
*/
static createCrossPlatformLockError(errorMessage) {
return new PersistenceError("CrossPlatformLockError", errorMessage);
}
/**
* Throw cache persistence error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createCachePersistenceError(errorMessage) {
return new PersistenceError("CachePersistenceError", errorMessage);
}
/**
* Throw unsupported error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createNotSupportedError(errorMessage) {
return new PersistenceError("NotSupportedError", errorMessage);
}
/**
* Throw persistence not verified error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createPersistenceNotVerifiedError(errorMessage) {
return new PersistenceError("PersistenceNotVerifiedError", errorMessage);
}
/**
* Throw persistence creation validation error
*
* @param errorMessage string
* @returns PersistenceError
*/
static createPersistenceNotValidatedError(errorMessage) {
return new PersistenceError("PersistenceNotValidatedError", errorMessage);
}
}
export { PersistenceError };
//# sourceMappingURL=PersistenceError.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"PersistenceError.mjs","sources":["../../src/error/PersistenceError.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAEH;;AAEG;AACG,MAAO,gBAAiB,SAAQ,KAAK,CAAA;IAMvC,WAAY,CAAA,SAAiB,EAAE,YAAoB,EAAA;QAC/C,MAAM,WAAW,GAAG,YAAY;AAC5B,cAAE,CAAA,EAAG,SAAS,CAAA,EAAA,EAAK,YAAY,CAAE,CAAA;cAC/B,SAAS,CAAC;QAChB,KAAK,CAAC,WAAW,CAAC,CAAC;QACnB,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAAC,CAAC;AAExD,QAAA,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;AAC3B,QAAA,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;AACjC,QAAA,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;KAClC;AAED;;AAEG;AACH,IAAA,OAAO,qBAAqB,CACxB,SAAiB,EACjB,YAAoB,EAAA;AAEpB,QAAA,OAAO,IAAI,gBAAgB,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;KACxD;AAED;;;AAGG;IACH,OAAO,oBAAoB,CAAC,YAAoB,EAAA;AAC5C,QAAA,OAAO,IAAI,gBAAgB,CAAC,mBAAmB,EAAE,YAAY,CAAC,CAAC;KAClE;AAED;;AAEG;IACH,OAAO,8BAA8B,CACjC,YAAoB,EAAA;AAEpB,QAAA,OAAO,IAAI,gBAAgB,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;KAC9D;AAED;;AAEG;IACH,OAAO,mCAAmC,CACtC,YAAoB,EAAA;AAEpB,QAAA,OAAO,IAAI,gBAAgB,CAAC,yBAAyB,EAAE,YAAY,CAAC,CAAC;KACxE;AAED;;AAEG;IACH,OAAO,4BAA4B,CAC/B,YAAoB,EAAA;AAEpB,QAAA,OAAO,IAAI,gBAAgB,CAAC,wBAAwB,EAAE,YAAY,CAAC,CAAC;KACvE;AAED;;;;;AAKG;IACH,OAAO,2BAA2B,CAAC,YAAoB,EAAA;AACnD,QAAA,OAAO,IAAI,gBAAgB,CAAC,uBAAuB,EAAE,YAAY,CAAC,CAAC;KACtE;AAED;;;;;AAKG;IACH,OAAO,uBAAuB,CAAC,YAAoB,EAAA;AAC/C,QAAA,OAAO,IAAI,gBAAgB,CAAC,mBAAmB,EAAE,YAAY,CAAC,CAAC;KAClE;AAED;;;;;AAKG;IACH,OAAO,iCAAiC,CACpC,YAAoB,EAAA;AAEpB,QAAA,OAAO,IAAI,gBAAgB,CACvB,6BAA6B,EAC7B,YAAY,CACf,CAAC;KACL;AAED;;;;;AAKG;IACH,OAAO,kCAAkC,CACrC,YAAoB,EAAA;AAEpB,QAAA,OAAO,IAAI,gBAAgB,CACvB,8BAA8B,EAC9B,YAAY,CACf,CAAC;KACL;AACJ;;;;"}
@@ -0,0 +1,12 @@
export { PersistenceCachePlugin } from "./persistence/PersistenceCachePlugin.js";
export { FilePersistence } from "./persistence/FilePersistence.js";
export { FilePersistenceWithDataProtection } from "./persistence/FilePersistenceWithDataProtection.js";
export { DataProtectionScope } from "./persistence/DataProtectionScope.js";
export { KeychainPersistence } from "./persistence/KeychainPersistence.js";
export { LibSecretPersistence } from "./persistence/LibSecretPersistence.js";
export { IPersistence } from "./persistence/IPersistence.js";
export { CrossPlatformLockOptions } from "./lock/CrossPlatformLockOptions.js";
export { PersistenceCreator } from "./persistence/PersistenceCreator.js";
export { IPersistenceConfiguration } from "./persistence/IPersistenceConfiguration.js";
export { Environment } from "./utils/Environment.js";
export { NativeBrokerPlugin } from "./broker/NativeBrokerPlugin.js";
@@ -0,0 +1,12 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
export { PersistenceCachePlugin } from './persistence/PersistenceCachePlugin.mjs';
export { FilePersistence } from './persistence/FilePersistence.mjs';
export { FilePersistenceWithDataProtection } from './persistence/FilePersistenceWithDataProtection.mjs';
export { DataProtectionScope } from './persistence/DataProtectionScope.mjs';
export { KeychainPersistence } from './persistence/KeychainPersistence.mjs';
export { LibSecretPersistence } from './persistence/LibSecretPersistence.mjs';
export { PersistenceCreator } from './persistence/PersistenceCreator.mjs';
export { Environment } from './utils/Environment.mjs';
export { NativeBrokerPlugin } from './broker/NativeBrokerPlugin.mjs';
//# sourceMappingURL=index.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"index.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;"}
@@ -0,0 +1,7 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*! @azure/msal-common v15.8.1 2025-07-08 */
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
export { X_CLIENT_EXTRA_SKU };
//# sourceMappingURL=AADServerParamKeys.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"AADServerParamKeys.mjs","sources":["../../../../../../../lib/msal-common/dist/constants/AADServerParamKeys.mjs"],"sourcesContent":["/*! @azure/msal-common v15.8.1 2025-07-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst CLIENT_ID = \"client_id\";\r\nconst REDIRECT_URI = \"redirect_uri\";\r\nconst RESPONSE_TYPE = \"response_type\";\r\nconst RESPONSE_MODE = \"response_mode\";\r\nconst GRANT_TYPE = \"grant_type\";\r\nconst CLAIMS = \"claims\";\r\nconst SCOPE = \"scope\";\r\nconst ERROR = \"error\";\r\nconst ERROR_DESCRIPTION = \"error_description\";\r\nconst ACCESS_TOKEN = \"access_token\";\r\nconst ID_TOKEN = \"id_token\";\r\nconst REFRESH_TOKEN = \"refresh_token\";\r\nconst EXPIRES_IN = \"expires_in\";\r\nconst REFRESH_TOKEN_EXPIRES_IN = \"refresh_token_expires_in\";\r\nconst STATE = \"state\";\r\nconst NONCE = \"nonce\";\r\nconst PROMPT = \"prompt\";\r\nconst SESSION_STATE = \"session_state\";\r\nconst CLIENT_INFO = \"client_info\";\r\nconst CODE = \"code\";\r\nconst CODE_CHALLENGE = \"code_challenge\";\r\nconst CODE_CHALLENGE_METHOD = \"code_challenge_method\";\r\nconst CODE_VERIFIER = \"code_verifier\";\r\nconst CLIENT_REQUEST_ID = \"client-request-id\";\r\nconst X_CLIENT_SKU = \"x-client-SKU\";\r\nconst X_CLIENT_VER = \"x-client-VER\";\r\nconst X_CLIENT_OS = \"x-client-OS\";\r\nconst X_CLIENT_CPU = \"x-client-CPU\";\r\nconst X_CLIENT_CURR_TELEM = \"x-client-current-telemetry\";\r\nconst X_CLIENT_LAST_TELEM = \"x-client-last-telemetry\";\r\nconst X_MS_LIB_CAPABILITY = \"x-ms-lib-capability\";\r\nconst X_APP_NAME = \"x-app-name\";\r\nconst X_APP_VER = \"x-app-ver\";\r\nconst POST_LOGOUT_URI = \"post_logout_redirect_uri\";\r\nconst ID_TOKEN_HINT = \"id_token_hint\";\r\nconst DEVICE_CODE = \"device_code\";\r\nconst CLIENT_SECRET = \"client_secret\";\r\nconst CLIENT_ASSERTION = \"client_assertion\";\r\nconst CLIENT_ASSERTION_TYPE = \"client_assertion_type\";\r\nconst TOKEN_TYPE = \"token_type\";\r\nconst REQ_CNF = \"req_cnf\";\r\nconst OBO_ASSERTION = \"assertion\";\r\nconst REQUESTED_TOKEN_USE = \"requested_token_use\";\r\nconst ON_BEHALF_OF = \"on_behalf_of\";\r\nconst FOCI = \"foci\";\r\nconst CCS_HEADER = \"X-AnchorMailbox\";\r\nconst RETURN_SPA_CODE = \"return_spa_code\";\r\nconst NATIVE_BROKER = \"nativebroker\";\r\nconst LOGOUT_HINT = \"logout_hint\";\r\nconst SID = \"sid\";\r\nconst LOGIN_HINT = \"login_hint\";\r\nconst DOMAIN_HINT = \"domain_hint\";\r\nconst X_CLIENT_EXTRA_SKU = \"x-client-xtra-sku\";\r\nconst BROKER_CLIENT_ID = \"brk_client_id\";\r\nconst BROKER_REDIRECT_URI = \"brk_redirect_uri\";\r\nconst INSTANCE_AWARE = \"instance_aware\";\r\nconst EAR_JWK = \"ear_jwk\";\r\nconst EAR_JWE_CRYPTO = \"ear_jwe_crypto\";\n\nexport { ACCESS_TOKEN, BROKER_CLIENT_ID, BROKER_REDIRECT_URI, CCS_HEADER, CLAIMS, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, CLIENT_ID, CLIENT_INFO, CLIENT_REQUEST_ID, CLIENT_SECRET, CODE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE_VERIFIER, DEVICE_CODE, DOMAIN_HINT, EAR_JWE_CRYPTO, EAR_JWK, ERROR, ERROR_DESCRIPTION, EXPIRES_IN, FOCI, GRANT_TYPE, ID_TOKEN, ID_TOKEN_HINT, INSTANCE_AWARE, LOGIN_HINT, LOGOUT_HINT, NATIVE_BROKER, NONCE, OBO_ASSERTION, ON_BEHALF_OF, POST_LOGOUT_URI, PROMPT, REDIRECT_URI, REFRESH_TOKEN, REFRESH_TOKEN_EXPIRES_IN, REQUESTED_TOKEN_USE, REQ_CNF, RESPONSE_MODE, RESPONSE_TYPE, RETURN_SPA_CODE, SCOPE, SESSION_STATE, SID, STATE, TOKEN_TYPE, X_APP_NAME, X_APP_VER, X_CLIENT_CPU, X_CLIENT_CURR_TELEM, X_CLIENT_EXTRA_SKU, X_CLIENT_LAST_TELEM, X_CLIENT_OS, X_CLIENT_SKU, X_CLIENT_VER, X_MS_LIB_CAPABILITY };\n//# sourceMappingURL=AADServerParamKeys.mjs.map\n"],"names":[],"mappings":";;AAAA;AA0DK,MAAC,kBAAkB,GAAG;;;;"}
@@ -0,0 +1,27 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { Constants } from '../utils/Constants.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/**
* General error class thrown by the MSAL.js library.
*/
class AuthError extends Error {
constructor(errorCode, errorMessage, suberror) {
const errorString = errorMessage
? `${errorCode}: ${errorMessage}`
: errorCode;
super(errorString);
Object.setPrototypeOf(this, AuthError.prototype);
this.errorCode = errorCode || Constants.EMPTY_STRING;
this.errorMessage = errorMessage || Constants.EMPTY_STRING;
this.subError = suberror || Constants.EMPTY_STRING;
this.name = "AuthError";
}
setCorrelationId(correlationId) {
this.correlationId = correlationId;
}
}
export { AuthError };
//# sourceMappingURL=AuthError.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"AuthError.mjs","sources":["../../../../../../../lib/msal-common/dist/error/AuthError.mjs"],"sourcesContent":["/*! @azure/msal-common v15.8.1 2025-07-08 */\n'use strict';\nimport { Constants } from '../utils/Constants.mjs';\nimport { postRequestFailed, unexpectedError } from './AuthErrorCodes.mjs';\nimport * as AuthErrorCodes from './AuthErrorCodes.mjs';\nexport { AuthErrorCodes };\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst AuthErrorMessages = {\r\n [unexpectedError]: \"Unexpected error in authentication.\",\r\n [postRequestFailed]: \"Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details.\",\r\n};\r\n/**\r\n * AuthErrorMessage class containing string constants used by error codes and messages.\r\n * @deprecated Use AuthErrorCodes instead\r\n */\r\nconst AuthErrorMessage = {\r\n unexpectedError: {\r\n code: unexpectedError,\r\n desc: AuthErrorMessages[unexpectedError],\r\n },\r\n postRequestFailed: {\r\n code: postRequestFailed,\r\n desc: AuthErrorMessages[postRequestFailed],\r\n },\r\n};\r\n/**\r\n * General error class thrown by the MSAL.js library.\r\n */\r\nclass AuthError extends Error {\r\n constructor(errorCode, errorMessage, suberror) {\r\n const errorString = errorMessage\r\n ? `${errorCode}: ${errorMessage}`\r\n : errorCode;\r\n super(errorString);\r\n Object.setPrototypeOf(this, AuthError.prototype);\r\n this.errorCode = errorCode || Constants.EMPTY_STRING;\r\n this.errorMessage = errorMessage || Constants.EMPTY_STRING;\r\n this.subError = suberror || Constants.EMPTY_STRING;\r\n this.name = \"AuthError\";\r\n }\r\n setCorrelationId(correlationId) {\r\n this.correlationId = correlationId;\r\n }\r\n}\r\nfunction createAuthError(code, additionalMessage) {\r\n return new AuthError(code, additionalMessage\r\n ? `${AuthErrorMessages[code]} ${additionalMessage}`\r\n : AuthErrorMessages[code]);\r\n}\n\nexport { AuthError, AuthErrorMessage, AuthErrorMessages, createAuthError };\n//# sourceMappingURL=AuthError.mjs.map\n"],"names":[],"mappings":";;;;AAAA;AA6BA;AACA;AACA;AACA,MAAM,SAAS,SAAS,KAAK,CAAC;AAC9B,IAAI,WAAW,CAAC,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE;AACnD,QAAQ,MAAM,WAAW,GAAG,YAAY;AACxC,cAAc,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE,YAAY,CAAC,CAAC;AAC7C,cAAc,SAAS,CAAC;AACxB,QAAQ,KAAK,CAAC,WAAW,CAAC,CAAC;AAC3B,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;AACzD,QAAQ,IAAI,CAAC,SAAS,GAAG,SAAS,IAAI,SAAS,CAAC,YAAY,CAAC;AAC7D,QAAQ,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,SAAS,CAAC,YAAY,CAAC;AACnE,QAAQ,IAAI,CAAC,QAAQ,GAAG,QAAQ,IAAI,SAAS,CAAC,YAAY,CAAC;AAC3D,QAAQ,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;AAChC,KAAK;AACL,IAAI,gBAAgB,CAAC,aAAa,EAAE;AACpC,QAAQ,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;AAC3C,KAAK;AACL;;;;"}
@@ -0,0 +1,81 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { AuthError } from './AuthError.mjs';
import { nestedAppAuthBridgeDisabled, methodNotImplemented, missingTenantIdError, userCanceled, noNetworkConnectivity, keyIdMissing, endSessionEndpointNotSupported, bindingKeyNotRemoved, authorizationCodeMissingFromServerResponse, tokenClaimsCnfRequiredForSignedJwt, userTimeoutReached, tokenRefreshRequired, invalidClientCredential, invalidAssertion, unexpectedCredentialType, noCryptoObject, noAccountFound, invalidCacheEnvironment, invalidCacheRecord, noAccountInSilentRequest, deviceCodeUnknownError, deviceCodeExpired, deviceCodePollingCancelled, emptyInputScopeSet, cannotAppendScopeSet, cannotRemoveEmptyScope, requestCannotBeMade, multipleMatchingAppMetadata, multipleMatchingAccounts, multipleMatchingTokens, maxAgeTranspired, authTimeNotFound, nonceMismatch, stateNotFound, stateMismatch, invalidState, hashNotDeserialized, openIdConfigError, networkError, endpointResolutionError, nullOrEmptyToken, tokenParsingError, clientInfoEmptyError, clientInfoDecodingError } from './ClientAuthErrorCodes.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* ClientAuthErrorMessage class containing string constants used by error codes and messages.
*/
const ClientAuthErrorMessages = {
[clientInfoDecodingError]: "The client info could not be parsed/decoded correctly",
[clientInfoEmptyError]: "The client info was empty",
[tokenParsingError]: "Token cannot be parsed",
[nullOrEmptyToken]: "The token is null or empty",
[endpointResolutionError]: "Endpoints cannot be resolved",
[networkError]: "Network request failed",
[openIdConfigError]: "Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.",
[hashNotDeserialized]: "The hash parameters could not be deserialized",
[invalidState]: "State was not the expected format",
[stateMismatch]: "State mismatch error",
[stateNotFound]: "State not found",
[nonceMismatch]: "Nonce mismatch error",
[authTimeNotFound]: "Max Age was requested and the ID token is missing the auth_time variable." +
" auth_time is an optional claim and is not enabled by default - it must be enabled." +
" See https://aka.ms/msaljs/optional-claims for more information.",
[maxAgeTranspired]: "Max Age is set to 0, or too much time has elapsed since the last end-user authentication.",
[multipleMatchingTokens]: "The cache contains multiple tokens satisfying the requirements. " +
"Call AcquireToken again providing more requirements such as authority or account.",
[multipleMatchingAccounts]: "The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account",
[multipleMatchingAppMetadata]: "The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata",
[requestCannotBeMade]: "Token request cannot be made without authorization code or refresh token.",
[cannotRemoveEmptyScope]: "Cannot remove null or empty scope from ScopeSet",
[cannotAppendScopeSet]: "Cannot append ScopeSet",
[emptyInputScopeSet]: "Empty input ScopeSet cannot be processed",
[deviceCodePollingCancelled]: "Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.",
[deviceCodeExpired]: "Device code is expired.",
[deviceCodeUnknownError]: "Device code stopped polling for unknown reasons.",
[noAccountInSilentRequest]: "Please pass an account object, silent flow is not supported without account information",
[invalidCacheRecord]: "Cache record object was null or undefined.",
[invalidCacheEnvironment]: "Invalid environment when attempting to create cache entry",
[noAccountFound]: "No account found in cache for given key.",
[noCryptoObject]: "No crypto object detected.",
[unexpectedCredentialType]: "Unexpected credential type.",
[invalidAssertion]: "Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515",
[invalidClientCredential]: "Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential",
[tokenRefreshRequired]: "Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.",
[userTimeoutReached]: "User defined timeout for device code polling reached",
[tokenClaimsCnfRequiredForSignedJwt]: "Cannot generate a POP jwt if the token_claims are not populated",
[authorizationCodeMissingFromServerResponse]: "Server response does not contain an authorization code to proceed",
[bindingKeyNotRemoved]: "Could not remove the credential's binding key from storage.",
[endSessionEndpointNotSupported]: "The provided authority does not support logout",
[keyIdMissing]: "A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.",
[noNetworkConnectivity]: "No network connectivity. Check your internet connection.",
[userCanceled]: "User cancelled the flow.",
[missingTenantIdError]: "A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.",
[methodNotImplemented]: "This method has not been implemented",
[nestedAppAuthBridgeDisabled]: "The nested app auth bridge is disabled",
};
/**
* Error thrown when there is an error in the client code running on the browser.
*/
class ClientAuthError extends AuthError {
constructor(errorCode, additionalMessage) {
super(errorCode, additionalMessage
? `${ClientAuthErrorMessages[errorCode]}: ${additionalMessage}`
: ClientAuthErrorMessages[errorCode]);
this.name = "ClientAuthError";
Object.setPrototypeOf(this, ClientAuthError.prototype);
}
}
function createClientAuthError(errorCode, additionalMessage) {
return new ClientAuthError(errorCode, additionalMessage);
}
export { ClientAuthError, ClientAuthErrorMessages, createClientAuthError };
//# sourceMappingURL=ClientAuthError.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,54 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const clientInfoDecodingError = "client_info_decoding_error";
const clientInfoEmptyError = "client_info_empty_error";
const tokenParsingError = "token_parsing_error";
const nullOrEmptyToken = "null_or_empty_token";
const endpointResolutionError = "endpoints_resolution_error";
const networkError = "network_error";
const openIdConfigError = "openid_config_error";
const hashNotDeserialized = "hash_not_deserialized";
const invalidState = "invalid_state";
const stateMismatch = "state_mismatch";
const stateNotFound = "state_not_found";
const nonceMismatch = "nonce_mismatch";
const authTimeNotFound = "auth_time_not_found";
const maxAgeTranspired = "max_age_transpired";
const multipleMatchingTokens = "multiple_matching_tokens";
const multipleMatchingAccounts = "multiple_matching_accounts";
const multipleMatchingAppMetadata = "multiple_matching_appMetadata";
const requestCannotBeMade = "request_cannot_be_made";
const cannotRemoveEmptyScope = "cannot_remove_empty_scope";
const cannotAppendScopeSet = "cannot_append_scopeset";
const emptyInputScopeSet = "empty_input_scopeset";
const deviceCodePollingCancelled = "device_code_polling_cancelled";
const deviceCodeExpired = "device_code_expired";
const deviceCodeUnknownError = "device_code_unknown_error";
const noAccountInSilentRequest = "no_account_in_silent_request";
const invalidCacheRecord = "invalid_cache_record";
const invalidCacheEnvironment = "invalid_cache_environment";
const noAccountFound = "no_account_found";
const noCryptoObject = "no_crypto_object";
const unexpectedCredentialType = "unexpected_credential_type";
const invalidAssertion = "invalid_assertion";
const invalidClientCredential = "invalid_client_credential";
const tokenRefreshRequired = "token_refresh_required";
const userTimeoutReached = "user_timeout_reached";
const tokenClaimsCnfRequiredForSignedJwt = "token_claims_cnf_required_for_signedjwt";
const authorizationCodeMissingFromServerResponse = "authorization_code_missing_from_server_response";
const bindingKeyNotRemoved = "binding_key_not_removed";
const endSessionEndpointNotSupported = "end_session_endpoint_not_supported";
const keyIdMissing = "key_id_missing";
const noNetworkConnectivity = "no_network_connectivity";
const userCanceled = "user_canceled";
const missingTenantIdError = "missing_tenant_id_error";
const methodNotImplemented = "method_not_implemented";
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
export { authTimeNotFound, authorizationCodeMissingFromServerResponse, bindingKeyNotRemoved, cannotAppendScopeSet, cannotRemoveEmptyScope, clientInfoDecodingError, clientInfoEmptyError, deviceCodeExpired, deviceCodePollingCancelled, deviceCodeUnknownError, emptyInputScopeSet, endSessionEndpointNotSupported, endpointResolutionError, hashNotDeserialized, invalidAssertion, invalidCacheEnvironment, invalidCacheRecord, invalidClientCredential, invalidState, keyIdMissing, maxAgeTranspired, methodNotImplemented, missingTenantIdError, multipleMatchingAccounts, multipleMatchingAppMetadata, multipleMatchingTokens, nestedAppAuthBridgeDisabled, networkError, noAccountFound, noAccountInSilentRequest, noCryptoObject, noNetworkConnectivity, nonceMismatch, nullOrEmptyToken, openIdConfigError, requestCannotBeMade, stateMismatch, stateNotFound, tokenClaimsCnfRequiredForSignedJwt, tokenParsingError, tokenRefreshRequired, unexpectedCredentialType, userCanceled, userTimeoutReached };
//# sourceMappingURL=ClientAuthErrorCodes.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,50 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { AuthError } from './AuthError.mjs';
import { authorityMismatch, cannotAllowPlatformBroker, cannotSetOIDCOptions, invalidAuthenticationHeader, missingNonceAuthenticationHeader, missingSshKid, missingSshJwk, untrustedAuthority, invalidAuthorityMetadata, invalidCloudDiscoveryMetadata, pkceParamsMissing, invalidCodeChallengeMethod, logoutRequestEmpty, tokenRequestEmpty, invalidClaims, emptyInputScopesError, urlEmptyError, urlParseError, authorityUriInsecure, claimsRequestParsingError, redirectUriEmpty } from './ClientConfigurationErrorCodes.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const ClientConfigurationErrorMessages = {
[redirectUriEmpty]: "A redirect URI is required for all calls, and none has been set.",
[claimsRequestParsingError]: "Could not parse the given claims request object.",
[authorityUriInsecure]: "Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options",
[urlParseError]: "URL could not be parsed into appropriate segments.",
[urlEmptyError]: "URL was empty or null.",
[emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
[invalidClaims]: "Given claims parameter must be a stringified JSON object.",
[tokenRequestEmpty]: "Token request was empty and not found in cache.",
[logoutRequestEmpty]: "The logout request was null or undefined.",
[invalidCodeChallengeMethod]: 'code_challenge_method passed is invalid. Valid values are "plain" and "S256".',
[pkceParamsMissing]: "Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request",
[invalidCloudDiscoveryMetadata]: "Invalid cloudDiscoveryMetadata provided. Must be a stringified JSON object containing tenant_discovery_endpoint and metadata fields",
[invalidAuthorityMetadata]: "Invalid authorityMetadata provided. Must by a stringified JSON object containing authorization_endpoint, token_endpoint, issuer fields.",
[untrustedAuthority]: "The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter.",
[missingSshJwk]: "Missing sshJwk in SSH certificate request. A stringified JSON Web Key is required when using the SSH authentication scheme.",
[missingSshKid]: "Missing sshKid in SSH certificate request. A string that uniquely identifies the public SSH key is required when using the SSH authentication scheme.",
[missingNonceAuthenticationHeader]: "Unable to find an authentication header containing server nonce. Either the Authentication-Info or WWW-Authenticate headers must be present in order to obtain a server nonce.",
[invalidAuthenticationHeader]: "Invalid authentication header provided",
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
};
/**
* Error thrown when there is an error in configuration of the MSAL.js library.
*/
class ClientConfigurationError extends AuthError {
constructor(errorCode) {
super(errorCode, ClientConfigurationErrorMessages[errorCode]);
this.name = "ClientConfigurationError";
Object.setPrototypeOf(this, ClientConfigurationError.prototype);
}
}
function createClientConfigurationError(errorCode) {
return new ClientConfigurationError(errorCode);
}
export { ClientConfigurationError, ClientConfigurationErrorMessages, createClientConfigurationError };
//# sourceMappingURL=ClientConfigurationError.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,31 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const redirectUriEmpty = "redirect_uri_empty";
const claimsRequestParsingError = "claims_request_parsing_error";
const authorityUriInsecure = "authority_uri_insecure";
const urlParseError = "url_parse_error";
const urlEmptyError = "empty_url_error";
const emptyInputScopesError = "empty_input_scopes_error";
const invalidClaims = "invalid_claims";
const tokenRequestEmpty = "token_request_empty";
const logoutRequestEmpty = "logout_request_empty";
const invalidCodeChallengeMethod = "invalid_code_challenge_method";
const pkceParamsMissing = "pkce_params_missing";
const invalidCloudDiscoveryMetadata = "invalid_cloud_discovery_metadata";
const invalidAuthorityMetadata = "invalid_authority_metadata";
const untrustedAuthority = "untrusted_authority";
const missingSshJwk = "missing_ssh_jwk";
const missingSshKid = "missing_ssh_kid";
const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
const invalidAuthenticationHeader = "invalid_authentication_header";
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
const authorityMismatch = "authority_mismatch";
export { authorityMismatch, authorityUriInsecure, cannotAllowPlatformBroker, cannotSetOIDCOptions, claimsRequestParsingError, emptyInputScopesError, invalidAuthenticationHeader, invalidAuthorityMetadata, invalidClaims, invalidCloudDiscoveryMetadata, invalidCodeChallengeMethod, logoutRequestEmpty, missingNonceAuthenticationHeader, missingSshJwk, missingSshKid, pkceParamsMissing, redirectUriEmpty, tokenRequestEmpty, untrustedAuthority, urlEmptyError, urlParseError };
//# sourceMappingURL=ClientConfigurationErrorCodes.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"ClientConfigurationErrorCodes.mjs","sources":["../../../../../../../lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs"],"sourcesContent":["/*! @azure/msal-common v15.8.1 2025-07-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst redirectUriEmpty = \"redirect_uri_empty\";\r\nconst claimsRequestParsingError = \"claims_request_parsing_error\";\r\nconst authorityUriInsecure = \"authority_uri_insecure\";\r\nconst urlParseError = \"url_parse_error\";\r\nconst urlEmptyError = \"empty_url_error\";\r\nconst emptyInputScopesError = \"empty_input_scopes_error\";\r\nconst invalidClaims = \"invalid_claims\";\r\nconst tokenRequestEmpty = \"token_request_empty\";\r\nconst logoutRequestEmpty = \"logout_request_empty\";\r\nconst invalidCodeChallengeMethod = \"invalid_code_challenge_method\";\r\nconst pkceParamsMissing = \"pkce_params_missing\";\r\nconst invalidCloudDiscoveryMetadata = \"invalid_cloud_discovery_metadata\";\r\nconst invalidAuthorityMetadata = \"invalid_authority_metadata\";\r\nconst untrustedAuthority = \"untrusted_authority\";\r\nconst missingSshJwk = \"missing_ssh_jwk\";\r\nconst missingSshKid = \"missing_ssh_kid\";\r\nconst missingNonceAuthenticationHeader = \"missing_nonce_authentication_header\";\r\nconst invalidAuthenticationHeader = \"invalid_authentication_header\";\r\nconst cannotSetOIDCOptions = \"cannot_set_OIDCOptions\";\r\nconst cannotAllowPlatformBroker = \"cannot_allow_platform_broker\";\r\nconst authorityMismatch = \"authority_mismatch\";\n\nexport { authorityMismatch, authorityUriInsecure, cannotAllowPlatformBroker, cannotSetOIDCOptions, claimsRequestParsingError, emptyInputScopesError, invalidAuthenticationHeader, invalidAuthorityMetadata, invalidClaims, invalidCloudDiscoveryMetadata, invalidCodeChallengeMethod, logoutRequestEmpty, missingNonceAuthenticationHeader, missingSshJwk, missingSshKid, pkceParamsMissing, redirectUriEmpty, tokenRequestEmpty, untrustedAuthority, urlEmptyError, urlParseError };\n//# sourceMappingURL=ClientConfigurationErrorCodes.mjs.map\n"],"names":[],"mappings":";;AAAA;AAEA;AACA;AACA;AACA;AACK,MAAC,gBAAgB,GAAG,qBAAqB;AACzC,MAAC,yBAAyB,GAAG,+BAA+B;AAC5D,MAAC,oBAAoB,GAAG,yBAAyB;AACjD,MAAC,aAAa,GAAG,kBAAkB;AACnC,MAAC,aAAa,GAAG,kBAAkB;AACnC,MAAC,qBAAqB,GAAG,2BAA2B;AACpD,MAAC,aAAa,GAAG,iBAAiB;AAClC,MAAC,iBAAiB,GAAG,sBAAsB;AAC3C,MAAC,kBAAkB,GAAG,uBAAuB;AAC7C,MAAC,0BAA0B,GAAG,gCAAgC;AAC9D,MAAC,iBAAiB,GAAG,sBAAsB;AAC3C,MAAC,6BAA6B,GAAG,mCAAmC;AACpE,MAAC,wBAAwB,GAAG,6BAA6B;AACzD,MAAC,kBAAkB,GAAG,sBAAsB;AAC5C,MAAC,aAAa,GAAG,kBAAkB;AACnC,MAAC,aAAa,GAAG,kBAAkB;AACnC,MAAC,gCAAgC,GAAG,sCAAsC;AAC1E,MAAC,2BAA2B,GAAG,gCAAgC;AAC/D,MAAC,oBAAoB,GAAG,yBAAyB;AACjD,MAAC,yBAAyB,GAAG,+BAA+B;AAC5D,MAAC,iBAAiB,GAAG;;;;"}
@@ -0,0 +1,24 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { Constants } from '../utils/Constants.mjs';
import { AuthError } from './AuthError.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/**
* Error thrown when user interaction is required.
*/
class InteractionRequiredAuthError extends AuthError {
constructor(errorCode, errorMessage, subError, timestamp, traceId, correlationId, claims, errorNo) {
super(errorCode, errorMessage, subError);
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
this.timestamp = timestamp || Constants.EMPTY_STRING;
this.traceId = traceId || Constants.EMPTY_STRING;
this.correlationId = correlationId || Constants.EMPTY_STRING;
this.claims = claims || Constants.EMPTY_STRING;
this.name = "InteractionRequiredAuthError";
this.errorNo = errorNo;
}
}
export { InteractionRequiredAuthError };
//# sourceMappingURL=InteractionRequiredAuthError.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,25 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { AuthError } from './AuthError.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Error thrown when there is an error with the server code, for example, unavailability.
*/
class ServerError extends AuthError {
constructor(errorCode, errorMessage, subError, errorNo, status) {
super(errorCode, errorMessage, subError);
this.name = "ServerError";
this.errorNo = errorNo;
this.status = status;
Object.setPrototypeOf(this, ServerError.prototype);
}
}
export { ServerError };
//# sourceMappingURL=ServerError.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"ServerError.mjs","sources":["../../../../../../../lib/msal-common/dist/error/ServerError.mjs"],"sourcesContent":["/*! @azure/msal-common v15.8.1 2025-07-08 */\n'use strict';\nimport { AuthError } from './AuthError.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Error thrown when there is an error with the server code, for example, unavailability.\r\n */\r\nclass ServerError extends AuthError {\r\n constructor(errorCode, errorMessage, subError, errorNo, status) {\r\n super(errorCode, errorMessage, subError);\r\n this.name = \"ServerError\";\r\n this.errorNo = errorNo;\r\n this.status = status;\r\n Object.setPrototypeOf(this, ServerError.prototype);\r\n }\r\n}\n\nexport { ServerError };\n//# sourceMappingURL=ServerError.mjs.map\n"],"names":[],"mappings":";;;;AAAA;;AAIA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAM,WAAW,SAAS,SAAS,CAAC;AACpC,IAAI,WAAW,CAAC,SAAS,EAAE,YAAY,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE;AACpE,QAAQ,KAAK,CAAC,SAAS,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;AACjD,QAAQ,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;AAClC,QAAQ,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;AAC/B,QAAQ,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;AAC7B,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC;AAC3D,KAAK;AACL;;;;"}
@@ -0,0 +1,197 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { Constants } from '../utils/Constants.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Log message level.
*/
var LogLevel;
(function (LogLevel) {
LogLevel[LogLevel["Error"] = 0] = "Error";
LogLevel[LogLevel["Warning"] = 1] = "Warning";
LogLevel[LogLevel["Info"] = 2] = "Info";
LogLevel[LogLevel["Verbose"] = 3] = "Verbose";
LogLevel[LogLevel["Trace"] = 4] = "Trace";
})(LogLevel || (LogLevel = {}));
/**
* Class which facilitates logging of messages to a specific place.
*/
class Logger {
constructor(loggerOptions, packageName, packageVersion) {
// Current log level, defaults to info.
this.level = LogLevel.Info;
const defaultLoggerCallback = () => {
return;
};
const setLoggerOptions = loggerOptions || Logger.createDefaultLoggerOptions();
this.localCallback =
setLoggerOptions.loggerCallback || defaultLoggerCallback;
this.piiLoggingEnabled = setLoggerOptions.piiLoggingEnabled || false;
this.level =
typeof setLoggerOptions.logLevel === "number"
? setLoggerOptions.logLevel
: LogLevel.Info;
this.correlationId =
setLoggerOptions.correlationId || Constants.EMPTY_STRING;
this.packageName = packageName || Constants.EMPTY_STRING;
this.packageVersion = packageVersion || Constants.EMPTY_STRING;
}
static createDefaultLoggerOptions() {
return {
loggerCallback: () => {
// allow users to not set loggerCallback
},
piiLoggingEnabled: false,
logLevel: LogLevel.Info,
};
}
/**
* Create new Logger with existing configurations.
*/
clone(packageName, packageVersion, correlationId) {
return new Logger({
loggerCallback: this.localCallback,
piiLoggingEnabled: this.piiLoggingEnabled,
logLevel: this.level,
correlationId: correlationId || this.correlationId,
}, packageName, packageVersion);
}
/**
* Log message with required options.
*/
logMessage(logMessage, options) {
if (options.logLevel > this.level ||
(!this.piiLoggingEnabled && options.containsPii)) {
return;
}
const timestamp = new Date().toUTCString();
// Add correlationId to logs if set, correlationId provided on log messages take precedence
const logHeader = `[${timestamp}] : [${options.correlationId || this.correlationId || ""}]`;
const log = `${logHeader} : ${this.packageName}@${this.packageVersion} : ${LogLevel[options.logLevel]} - ${logMessage}`;
// debug(`msal:${LogLevel[options.logLevel]}${options.containsPii ? "-Pii": Constants.EMPTY_STRING}${options.context ? `:${options.context}` : Constants.EMPTY_STRING}`)(logMessage);
this.executeCallback(options.logLevel, log, options.containsPii || false);
}
/**
* Execute callback with message.
*/
executeCallback(level, message, containsPii) {
if (this.localCallback) {
this.localCallback(level, message, containsPii);
}
}
/**
* Logs error messages.
*/
error(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Error,
containsPii: false,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs error messages with PII.
*/
errorPii(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Error,
containsPii: true,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs warning messages.
*/
warning(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Warning,
containsPii: false,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs warning messages with PII.
*/
warningPii(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Warning,
containsPii: true,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs info messages.
*/
info(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Info,
containsPii: false,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs info messages with PII.
*/
infoPii(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Info,
containsPii: true,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs verbose messages.
*/
verbose(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Verbose,
containsPii: false,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs verbose messages with PII.
*/
verbosePii(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Verbose,
containsPii: true,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs trace messages.
*/
trace(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Trace,
containsPii: false,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Logs trace messages with PII.
*/
tracePii(message, correlationId) {
this.logMessage(message, {
logLevel: LogLevel.Trace,
containsPii: true,
correlationId: correlationId || Constants.EMPTY_STRING,
});
}
/**
* Returns whether PII Logging is enabled or not.
*/
isPiiLoggingEnabled() {
return this.piiLoggingEnabled || false;
}
}
export { LogLevel, Logger };
//# sourceMappingURL=Logger.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,270 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { CacheOutcome, Constants, SERVER_TELEM_CONSTANTS, Separators } from '../../utils/Constants.mjs';
import { AuthError } from '../../error/AuthError.mjs';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const skuGroupSeparator = ",";
const skuValueSeparator = "|";
function makeExtraSkuString(params) {
const { skus, libraryName, libraryVersion, extensionName, extensionVersion, } = params;
const skuMap = new Map([
[0, [libraryName, libraryVersion]],
[2, [extensionName, extensionVersion]],
]);
let skuArr = [];
if (skus?.length) {
skuArr = skus.split(skuGroupSeparator);
// Ignore invalid input sku param
if (skuArr.length < 4) {
return skus;
}
}
else {
skuArr = Array.from({ length: 4 }, () => skuValueSeparator);
}
skuMap.forEach((value, key) => {
if (value.length === 2 && value[0]?.length && value[1]?.length) {
setSku({
skuArr,
index: key,
skuName: value[0],
skuVersion: value[1],
});
}
});
return skuArr.join(skuGroupSeparator);
}
function setSku(params) {
const { skuArr, index, skuName, skuVersion } = params;
if (index >= skuArr.length) {
return;
}
skuArr[index] = [skuName, skuVersion].join(skuValueSeparator);
}
/** @internal */
class ServerTelemetryManager {
constructor(telemetryRequest, cacheManager) {
this.cacheOutcome = CacheOutcome.NOT_APPLICABLE;
this.cacheManager = cacheManager;
this.apiId = telemetryRequest.apiId;
this.correlationId = telemetryRequest.correlationId;
this.wrapperSKU = telemetryRequest.wrapperSKU || Constants.EMPTY_STRING;
this.wrapperVer = telemetryRequest.wrapperVer || Constants.EMPTY_STRING;
this.telemetryCacheKey =
SERVER_TELEM_CONSTANTS.CACHE_KEY +
Separators.CACHE_KEY_SEPARATOR +
telemetryRequest.clientId;
}
/**
* API to add MSER Telemetry to request
*/
generateCurrentRequestHeaderValue() {
const request = `${this.apiId}${SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR}${this.cacheOutcome}`;
const platformFieldsArr = [this.wrapperSKU, this.wrapperVer];
const nativeBrokerErrorCode = this.getNativeBrokerErrorCode();
if (nativeBrokerErrorCode?.length) {
platformFieldsArr.push(`broker_error=${nativeBrokerErrorCode}`);
}
const platformFields = platformFieldsArr.join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);
const regionDiscoveryFields = this.getRegionDiscoveryFields();
const requestWithRegionDiscoveryFields = [
request,
regionDiscoveryFields,
].join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);
return [
SERVER_TELEM_CONSTANTS.SCHEMA_VERSION,
requestWithRegionDiscoveryFields,
platformFields,
].join(SERVER_TELEM_CONSTANTS.CATEGORY_SEPARATOR);
}
/**
* API to add MSER Telemetry for the last failed request
*/
generateLastRequestHeaderValue() {
const lastRequests = this.getLastRequests();
const maxErrors = ServerTelemetryManager.maxErrorsToSend(lastRequests);
const failedRequests = lastRequests.failedRequests
.slice(0, 2 * maxErrors)
.join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);
const errors = lastRequests.errors
.slice(0, maxErrors)
.join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);
const errorCount = lastRequests.errors.length;
// Indicate whether this header contains all data or partial data
const overflow = maxErrors < errorCount
? SERVER_TELEM_CONSTANTS.OVERFLOW_TRUE
: SERVER_TELEM_CONSTANTS.OVERFLOW_FALSE;
const platformFields = [errorCount, overflow].join(SERVER_TELEM_CONSTANTS.VALUE_SEPARATOR);
return [
SERVER_TELEM_CONSTANTS.SCHEMA_VERSION,
lastRequests.cacheHits,
failedRequests,
errors,
platformFields,
].join(SERVER_TELEM_CONSTANTS.CATEGORY_SEPARATOR);
}
/**
* API to cache token failures for MSER data capture
* @param error
*/
cacheFailedRequest(error) {
const lastRequests = this.getLastRequests();
if (lastRequests.errors.length >=
SERVER_TELEM_CONSTANTS.MAX_CACHED_ERRORS) {
// Remove a cached error to make room, first in first out
lastRequests.failedRequests.shift(); // apiId
lastRequests.failedRequests.shift(); // correlationId
lastRequests.errors.shift();
}
lastRequests.failedRequests.push(this.apiId, this.correlationId);
if (error instanceof Error && !!error && error.toString()) {
if (error instanceof AuthError) {
if (error.subError) {
lastRequests.errors.push(error.subError);
}
else if (error.errorCode) {
lastRequests.errors.push(error.errorCode);
}
else {
lastRequests.errors.push(error.toString());
}
}
else {
lastRequests.errors.push(error.toString());
}
}
else {
lastRequests.errors.push(SERVER_TELEM_CONSTANTS.UNKNOWN_ERROR);
}
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
return;
}
/**
* Update server telemetry cache entry by incrementing cache hit counter
*/
incrementCacheHits() {
const lastRequests = this.getLastRequests();
lastRequests.cacheHits += 1;
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
return lastRequests.cacheHits;
}
/**
* Get the server telemetry entity from cache or initialize a new one
*/
getLastRequests() {
const initialValue = {
failedRequests: [],
errors: [],
cacheHits: 0,
};
const lastRequests = this.cacheManager.getServerTelemetry(this.telemetryCacheKey);
return lastRequests || initialValue;
}
/**
* Remove server telemetry cache entry
*/
clearTelemetryCache() {
const lastRequests = this.getLastRequests();
const numErrorsFlushed = ServerTelemetryManager.maxErrorsToSend(lastRequests);
const errorCount = lastRequests.errors.length;
if (numErrorsFlushed === errorCount) {
// All errors were sent on last request, clear Telemetry cache
this.cacheManager.removeItem(this.telemetryCacheKey, this.correlationId);
}
else {
// Partial data was flushed to server, construct a new telemetry cache item with errors that were not flushed
const serverTelemEntity = {
failedRequests: lastRequests.failedRequests.slice(numErrorsFlushed * 2),
errors: lastRequests.errors.slice(numErrorsFlushed),
cacheHits: 0,
};
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity, this.correlationId);
}
}
/**
* Returns the maximum number of errors that can be flushed to the server in the next network request
* @param serverTelemetryEntity
*/
static maxErrorsToSend(serverTelemetryEntity) {
let i;
let maxErrors = 0;
let dataSize = 0;
const errorCount = serverTelemetryEntity.errors.length;
for (i = 0; i < errorCount; i++) {
// failedRequests parameter contains pairs of apiId and correlationId, multiply index by 2 to preserve pairs
const apiId = serverTelemetryEntity.failedRequests[2 * i] ||
Constants.EMPTY_STRING;
const correlationId = serverTelemetryEntity.failedRequests[2 * i + 1] ||
Constants.EMPTY_STRING;
const errorCode = serverTelemetryEntity.errors[i] || Constants.EMPTY_STRING;
// Count number of characters that would be added to header, each character is 1 byte. Add 3 at the end to account for separators
dataSize +=
apiId.toString().length +
correlationId.toString().length +
errorCode.length +
3;
if (dataSize < SERVER_TELEM_CONSTANTS.MAX_LAST_HEADER_BYTES) {
// Adding this entry to the header would still keep header size below the limit
maxErrors += 1;
}
else {
break;
}
}
return maxErrors;
}
/**
* Get the region discovery fields
*
* @returns string
*/
getRegionDiscoveryFields() {
const regionDiscoveryFields = [];
regionDiscoveryFields.push(this.regionUsed || Constants.EMPTY_STRING);
regionDiscoveryFields.push(this.regionSource || Constants.EMPTY_STRING);
regionDiscoveryFields.push(this.regionOutcome || Constants.EMPTY_STRING);
return regionDiscoveryFields.join(",");
}
/**
* Update the region discovery metadata
*
* @param regionDiscoveryMetadata
* @returns void
*/
updateRegionDiscoveryMetadata(regionDiscoveryMetadata) {
this.regionUsed = regionDiscoveryMetadata.region_used;
this.regionSource = regionDiscoveryMetadata.region_source;
this.regionOutcome = regionDiscoveryMetadata.region_outcome;
}
/**
* Set cache outcome
*/
setCacheOutcome(cacheOutcome) {
this.cacheOutcome = cacheOutcome;
}
setNativeBrokerErrorCode(errorCode) {
const lastRequests = this.getLastRequests();
lastRequests.nativeBrokerErrorCode = errorCode;
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
}
getNativeBrokerErrorCode() {
return this.getLastRequests().nativeBrokerErrorCode;
}
clearNativeBrokerErrorCode() {
const lastRequests = this.getLastRequests();
delete lastRequests.nativeBrokerErrorCode;
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
}
static makeExtraSkuString(params) {
return makeExtraSkuString(params);
}
}
export { ServerTelemetryManager };
//# sourceMappingURL=ServerTelemetryManager.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,107 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const Constants = {
LIBRARY_NAME: "MSAL.JS",
SKU: "msal.js.common",
// Prefix for all library cache entries
CACHE_PREFIX: "msal",
// default authority
DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
DEFAULT_COMMON_TENANT: "common",
// ADFS String
ADFS: "adfs",
DSTS: "dstsv2",
// Default AAD Instance Discovery Endpoint
AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
// CIAM URL
CIAM_AUTH_URL: ".ciamlogin.com",
AAD_TENANT_DOMAIN_SUFFIX: ".onmicrosoft.com",
// Resource delimiter - used for certain cache entries
RESOURCE_DELIM: "|",
// Placeholder for non-existent account ids/objects
NO_ACCOUNT: "NO_ACCOUNT",
// Claims
CLAIMS: "claims",
// Consumer UTID
CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
// Default scopes
OPENID_SCOPE: "openid",
PROFILE_SCOPE: "profile",
OFFLINE_ACCESS_SCOPE: "offline_access",
EMAIL_SCOPE: "email",
CODE_GRANT_TYPE: "authorization_code",
RT_GRANT_TYPE: "refresh_token",
S256_CODE_CHALLENGE_METHOD: "S256",
URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
AUTHORIZATION_PENDING: "authorization_pending",
NOT_DEFINED: "not_defined",
EMPTY_STRING: "",
NOT_APPLICABLE: "N/A",
NOT_AVAILABLE: "Not Available",
FORWARD_SLASH: "/",
IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
IMDS_VERSION: "2020-06-01",
IMDS_TIMEOUT: 2000,
AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
KNOWN_PUBLIC_CLOUDS: [
"login.microsoftonline.com",
"login.windows.net",
"login.microsoft.com",
"sts.windows.net",
],
SHR_NONCE_VALIDITY: 240,
INVALID_INSTANCE: "invalid_instance",
};
/**
* we considered making this "enum" in the request instead of string, however it looks like the allowed list of
* prompt values kept changing over past couple of years. There are some undocumented prompt values for some
* internal partners too, hence the choice of generic "string" type instead of the "enum"
*/
const PromptValue = {
LOGIN: "login",
SELECT_ACCOUNT: "select_account",
CONSENT: "consent",
NONE: "none",
CREATE: "create",
NO_SESSION: "no_session",
};
/**
* Separators used in cache
*/
const Separators = {
CACHE_KEY_SEPARATOR: "-"};
const SERVER_TELEM_CONSTANTS = {
SCHEMA_VERSION: 5,
MAX_LAST_HEADER_BYTES: 330,
MAX_CACHED_ERRORS: 50,
CACHE_KEY: "server-telemetry",
CATEGORY_SEPARATOR: "|",
VALUE_SEPARATOR: ",",
OVERFLOW_TRUE: "1",
OVERFLOW_FALSE: "0",
UNKNOWN_ERROR: "unknown_error",
};
/**
* Type of the authentication request
*/
const AuthenticationScheme = {
BEARER: "Bearer",
POP: "pop",
SSH: "ssh-cert",
};
/**
* Specifies the reason for fetching the access token from the identity provider
*/
const CacheOutcome = {
// When a token is found in the cache or the cache is not supposed to be hit when making the request
NOT_APPLICABLE: "0"};
export { AuthenticationScheme, CacheOutcome, Constants, PromptValue, SERVER_TELEM_CONSTANTS, Separators };
//# sourceMappingURL=Constants.mjs.map
File diff suppressed because one or more lines are too long
@@ -0,0 +1,16 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*! @azure/msal-common v15.8.1 2025-07-08 */
/**
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
* @param seconds
*/
function toDateFromSeconds(seconds) {
if (seconds) {
return new Date(Number(seconds) * 1000);
}
return new Date();
}
export { toDateFromSeconds };
//# sourceMappingURL=TimeUtils.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"TimeUtils.mjs","sources":["../../../../../../../lib/msal-common/dist/utils/TimeUtils.mjs"],"sourcesContent":["/*! @azure/msal-common v15.8.1 2025-07-08 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Utility functions for managing date and time operations.\r\n */\r\n/**\r\n * return the current time in Unix time (seconds).\r\n */\r\nfunction nowSeconds() {\r\n // Date.getTime() returns in milliseconds.\r\n return Math.round(new Date().getTime() / 1000.0);\r\n}\r\n/**\r\n * Converts JS Date object to seconds\r\n * @param date Date\r\n */\r\nfunction toSecondsFromDate(date) {\r\n // Convert date to seconds\r\n return date.getTime() / 1000;\r\n}\r\n/**\r\n * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).\r\n * @param seconds\r\n */\r\nfunction toDateFromSeconds(seconds) {\r\n if (seconds) {\r\n return new Date(Number(seconds) * 1000);\r\n }\r\n return new Date();\r\n}\r\n/**\r\n * check if a token is expired based on given UTC time in seconds.\r\n * @param expiresOn\r\n */\r\nfunction isTokenExpired(expiresOn, offset) {\r\n // check for access token expiry\r\n const expirationSec = Number(expiresOn) || 0;\r\n const offsetCurrentTimeSec = nowSeconds() + offset;\r\n // If current time + offset is greater than token expiration time, then token is expired.\r\n return offsetCurrentTimeSec > expirationSec;\r\n}\r\n/**\r\n * If the current time is earlier than the time that a token was cached at, we must discard the token\r\n * i.e. The system clock was turned back after acquiring the cached token\r\n * @param cachedAt\r\n * @param offset\r\n */\r\nfunction wasClockTurnedBack(cachedAt) {\r\n const cachedAtSec = Number(cachedAt);\r\n return cachedAtSec > nowSeconds();\r\n}\r\n/**\r\n * Waits for t number of milliseconds\r\n * @param t number\r\n * @param value T\r\n */\r\nfunction delay(t, value) {\r\n return new Promise((resolve) => setTimeout(() => resolve(value), t));\r\n}\n\nexport { delay, isTokenExpired, nowSeconds, toDateFromSeconds, toSecondsFromDate, wasClockTurnedBack };\n//# sourceMappingURL=TimeUtils.mjs.map\n"],"names":[],"mappings":";;AAAA;AAwBA;AACA;AACA;AACA;AACA,SAAS,iBAAiB,CAAC,OAAO,EAAE;AACpC,IAAI,IAAI,OAAO,EAAE;AACjB,QAAQ,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;AAChD,KAAK;AACL,IAAI,OAAO,IAAI,IAAI,EAAE,CAAC;AACtB;;;;"}
@@ -0,0 +1,24 @@
import { CrossPlatformLockOptions } from "./CrossPlatformLockOptions.js";
import { Logger } from "@azure/msal-common/node";
/**
* Cross-process lock that works on all platforms.
*/
export declare class CrossPlatformLock {
private readonly lockFilePath;
private lockFileHandle;
private readonly retryNumber;
private readonly retryDelay;
private logger;
constructor(lockFilePath: string, logger: Logger, lockOptions?: CrossPlatformLockOptions);
/**
* Locks cache from read or writes by creating file with same path and name as
* cache file but with .lockfile extension. If another process has already created
* the lockfile, will back off and retry based on configuration settings set by CrossPlatformLockOptions
*/
lock(): Promise<void>;
/**
* unlocks cache file by deleting .lockfile.
*/
unlock(): Promise<void>;
private sleep;
}
@@ -0,0 +1,95 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { promises } from 'fs';
import { pid } from 'process';
import { Constants } from '../utils/Constants.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
import { isNodeError } from '../utils/TypeGuards.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Cross-process lock that works on all platforms.
*/
class CrossPlatformLock {
constructor(lockFilePath, logger, lockOptions) {
this.lockFilePath = lockFilePath;
this.retryNumber = lockOptions ? lockOptions.retryNumber : 500;
this.retryDelay = lockOptions ? lockOptions.retryDelay : 100;
this.logger = logger;
}
/**
* Locks cache from read or writes by creating file with same path and name as
* cache file but with .lockfile extension. If another process has already created
* the lockfile, will back off and retry based on configuration settings set by CrossPlatformLockOptions
*/
async lock() {
for (let tryCount = 0; tryCount < this.retryNumber; tryCount++) {
try {
this.logger.info(`Pid ${pid} trying to acquire lock`);
this.lockFileHandle = await promises.open(this.lockFilePath, "wx+");
this.logger.info(`Pid ${pid} acquired lock`);
await this.lockFileHandle.write(pid.toString());
return;
}
catch (err) {
if (isNodeError(err)) {
if (err.code === Constants.EEXIST_ERROR ||
err.code === Constants.EPERM_ERROR) {
this.logger.info(err.message);
await this.sleep(this.retryDelay);
}
else {
this.logger.error(`${pid} was not able to acquire lock. Ran into error: ${err.message}`);
throw PersistenceError.createCrossPlatformLockError(err.message);
}
}
else {
throw err;
}
}
}
this.logger.error(`${pid} was not able to acquire lock. Exceeded amount of retries set in the options`);
throw PersistenceError.createCrossPlatformLockError("Not able to acquire lock. Exceeded amount of retries set in options");
}
/**
* unlocks cache file by deleting .lockfile.
*/
async unlock() {
try {
if (this.lockFileHandle) {
// if we have a file handle to the .lockfile, delete lock file
await promises.unlink(this.lockFilePath);
await this.lockFileHandle.close();
this.logger.info("lockfile deleted");
}
else {
this.logger.warning("lockfile handle does not exist, so lockfile could not be deleted");
}
}
catch (err) {
if (isNodeError(err)) {
if (err.code === Constants.ENOENT_ERROR) {
this.logger.info("Tried to unlock but lockfile does not exist");
}
else {
this.logger.error(`${pid} was not able to release lock. Ran into error: ${err.message}`);
throw PersistenceError.createCrossPlatformLockError(err.message);
}
}
else {
throw err;
}
}
}
sleep(ms) {
return new Promise((resolve) => {
setTimeout(resolve, ms);
});
}
}
export { CrossPlatformLock };
//# sourceMappingURL=CrossPlatformLock.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"CrossPlatformLock.mjs","sources":["../../src/lock/CrossPlatformLock.ts"],"sourcesContent":[null],"names":["fs"],"mappings":";;;;;;;;AAAA;;;AAGG;AAUH;;AAEG;MACU,iBAAiB,CAAA;AAQ1B,IAAA,WAAA,CACI,YAAoB,EACpB,MAAc,EACd,WAAsC,EAAA;AAEtC,QAAA,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;AACjC,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,GAAG,WAAW,CAAC,WAAW,GAAG,GAAG,CAAC;AAC/D,QAAA,IAAI,CAAC,UAAU,GAAG,WAAW,GAAG,WAAW,CAAC,UAAU,GAAG,GAAG,CAAC;AAC7D,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;KACxB;AAED;;;;AAIG;AACI,IAAA,MAAM,IAAI,GAAA;AACb,QAAA,KAAK,IAAI,QAAQ,GAAG,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,QAAQ,EAAE,EAAE;YAC5D,IAAI;gBACA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,IAAA,EAAA,GAAG,CAAyB,uBAAA,CAAA,CAAC,CAAC;AACtD,gBAAA,IAAI,CAAC,cAAc,GAAG,MAAMA,QAAE,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;gBAE9D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,IAAA,EAAA,GAAG,CAAgB,cAAA,CAAA,CAAC,CAAC;gBAC7C,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAChD,OAAO;AACV,aAAA;AAAC,YAAA,OAAO,GAAG,EAAE;AACV,gBAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,oBAAA,IACI,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,YAAY;AACnC,wBAAA,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,WAAW,EACpC;wBACE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;wBAC9B,MAAM,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AACrC,qBAAA;AAAM,yBAAA;AACH,wBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,CAAA,EAAG,GAAG,CAAA,+CAAA,EAAkD,GAAG,CAAC,OAAO,CAAA,CAAE,CACxE,CAAC;wBACF,MAAM,gBAAgB,CAAC,4BAA4B,CAC/C,GAAG,CAAC,OAAO,CACd,CAAC;AACL,qBAAA;AACJ,iBAAA;AAAM,qBAAA;AACH,oBAAA,MAAM,GAAG,CAAC;AACb,iBAAA;AACJ,aAAA;AACJ,SAAA;QACD,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,CAAG,EAAA,GAAG,CAA8E,4EAAA,CAAA,CACvF,CAAC;AACF,QAAA,MAAM,gBAAgB,CAAC,4BAA4B,CAC/C,qEAAqE,CACxE,CAAC;KACL;AAED;;AAEG;AACI,IAAA,MAAM,MAAM,GAAA;QACf,IAAI;YACA,IAAI,IAAI,CAAC,cAAc,EAAE;;gBAErB,MAAMA,QAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;AACnC,gBAAA,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;AAClC,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;AACxC,aAAA;AAAM,iBAAA;AACH,gBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,kEAAkE,CACrE,CAAC;AACL,aAAA;AACJ,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,YAAY,EAAE;AACrC,oBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,6CAA6C,CAChD,CAAC;AACL,iBAAA;AAAM,qBAAA;AACH,oBAAA,IAAI,CAAC,MAAM,CAAC,KAAK,CACb,CAAA,EAAG,GAAG,CAAA,+CAAA,EAAkD,GAAG,CAAC,OAAO,CAAA,CAAE,CACxE,CAAC;oBACF,MAAM,gBAAgB,CAAC,4BAA4B,CAC/C,GAAG,CAAC,OAAO,CACd,CAAC;AACL,iBAAA;AACJ,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEO,IAAA,KAAK,CAAC,EAAU,EAAA;AACpB,QAAA,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,KAAI;AAC3B,YAAA,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;AAC5B,SAAC,CAAC,CAAC;KACN;AACJ;;;;"}
@@ -0,0 +1,10 @@
/**
* Options for CrossPlatform lock.
*
* retryNumber: Numbers of times we should try to acquire a lock. Defaults to 500.
* retryDelay: Time to wait before trying to retry a lock acquisition. Defaults to 100 ms.
*/
export type CrossPlatformLockOptions = {
retryNumber: number;
retryDelay: number;
};
@@ -0,0 +1,2 @@
export declare const name = "@azure/msal-node-extensions";
export declare const version = "1.5.17";
@@ -0,0 +1,8 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/* eslint-disable header/header */
const name = "@azure/msal-node-extensions";
const version = "1.5.17";
export { name, version };
//# sourceMappingURL=packageMetadata.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"packageMetadata.mjs","sources":["../src/packageMetadata.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;AACO,MAAM,IAAI,GAAG,8BAA8B;AAC3C,MAAM,OAAO,GAAG;;;;"}
@@ -0,0 +1,5 @@
import { IPersistence } from "./IPersistence.js";
export declare abstract class BasePersistence {
abstract createForPersistenceValidation(): Promise<IPersistence>;
verifyPersistence(): Promise<boolean>;
}
@@ -0,0 +1,36 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { PersistenceError } from '../error/PersistenceError.mjs';
import { Constants } from '../utils/Constants.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class BasePersistence {
async verifyPersistence() {
// We are using a different location for the test to avoid overriding the functional cache
const persistenceValidator = await this.createForPersistenceValidation();
try {
await persistenceValidator.save(Constants.PERSISTENCE_TEST_DATA);
const retrievedDummyData = await persistenceValidator.load();
if (!retrievedDummyData) {
throw PersistenceError.createCachePersistenceError("Persistence check failed. Data was written but it could not be read. " +
"Possible cause: on Linux, LibSecret is installed but D-Bus isn't running \
because it cannot be started over SSH.");
}
if (retrievedDummyData !== Constants.PERSISTENCE_TEST_DATA) {
throw PersistenceError.createCachePersistenceError(`Persistence check failed. Data written ${Constants.PERSISTENCE_TEST_DATA} is different \
from data read ${retrievedDummyData}`);
}
await persistenceValidator.delete();
return true;
}
catch (e) {
throw PersistenceError.createCachePersistenceError(`Verifing persistence failed with the error: ${e}`);
}
}
}
export { BasePersistence };
//# sourceMappingURL=BasePersistence.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"BasePersistence.mjs","sources":["../../src/persistence/BasePersistence.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAAA;;;AAGG;MAMmB,eAAe,CAAA;AAG1B,IAAA,MAAM,iBAAiB,GAAA;;AAE1B,QAAA,MAAM,oBAAoB,GACtB,MAAM,IAAI,CAAC,8BAA8B,EAAE,CAAC;QAEhD,IAAI;YACA,MAAM,oBAAoB,CAAC,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;AAEjE,YAAA,MAAM,kBAAkB,GAAG,MAAM,oBAAoB,CAAC,IAAI,EAAE,CAAC;YAE7D,IAAI,CAAC,kBAAkB,EAAE;AACrB,gBAAA,MAAM,gBAAgB,CAAC,2BAA2B,CAC9C,uEAAuE;AACnE,oBAAA;AACmC,2DAAA,CAC1C,CAAC;AACL,aAAA;AAED,YAAA,IAAI,kBAAkB,KAAK,SAAS,CAAC,qBAAqB,EAAE;AACxD,gBAAA,MAAM,gBAAgB,CAAC,2BAA2B,CAC9C,CAA0C,uCAAA,EAAA,SAAS,CAAC,qBAAqB,CAAA;qCACxD,kBAAkB,CAAA,CAAE,CACxC,CAAC;AACL,aAAA;AACD,YAAA,MAAM,oBAAoB,CAAC,MAAM,EAAE,CAAC;AACpC,YAAA,OAAO,IAAI,CAAC;AACf,SAAA;AAAC,QAAA,OAAO,CAAC,EAAE;YACR,MAAM,gBAAgB,CAAC,2BAA2B,CAC9C,+CAA+C,CAAC,CAAA,CAAE,CACrD,CAAC;AACL,SAAA;KACJ;AACJ;;;;"}
@@ -0,0 +1,16 @@
/**
* Specifies the scope of the data protection - either the current user or the local
* machine.
*
* You do not need a key to protect or unprotect the data.
* If you set the Scope to CurrentUser, only applications running on your credentials can
* unprotect the data; however, that means that any application running on your credentials
* can access the protected data. If you set the Scope to LocalMachine, any full-trust
* application on the computer can unprotect, access, and modify the data.
*
*/
export declare const DataProtectionScope: {
readonly CurrentUser: "CurrentUser";
readonly LocalMachine: "LocalMachine";
};
export type DataProtectionScope = (typeof DataProtectionScope)[keyof typeof DataProtectionScope];
@@ -0,0 +1,24 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Specifies the scope of the data protection - either the current user or the local
* machine.
*
* You do not need a key to protect or unprotect the data.
* If you set the Scope to CurrentUser, only applications running on your credentials can
* unprotect the data; however, that means that any application running on your credentials
* can access the protected data. If you set the Scope to LocalMachine, any full-trust
* application on the computer can unprotect, access, and modify the data.
*
*/
const DataProtectionScope = {
CurrentUser: "CurrentUser",
LocalMachine: "LocalMachine",
};
export { DataProtectionScope };
//# sourceMappingURL=DataProtectionScope.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"DataProtectionScope.mjs","sources":["../../src/persistence/DataProtectionScope.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAEH;;;;;;;;;;AAUG;AACU,MAAA,mBAAmB,GAAG;AAC/B,IAAA,WAAW,EAAE,aAAa;AAC1B,IAAA,YAAY,EAAE,cAAc;;;;;"}
@@ -0,0 +1,29 @@
import { IPersistence } from "./IPersistence.js";
import { Logger, LoggerOptions } from "@azure/msal-common/node";
import { BasePersistence } from "./BasePersistence.js";
/**
* Reads and writes data to file specified by file location. File contents are not
* encrypted.
*
* If file or directory has not been created, it FilePersistence.create() will create
* file and any directories in the path recursively.
*/
export declare class FilePersistence extends BasePersistence implements IPersistence {
private filePath;
private logger;
private constructor();
static create(fileLocation: string, loggerOptions?: LoggerOptions): Promise<FilePersistence>;
save(contents: string): Promise<void>;
saveBuffer(contents: Uint8Array): Promise<void>;
load(): Promise<string | null>;
loadBuffer(): Promise<Uint8Array>;
delete(): Promise<boolean>;
getFilePath(): string;
reloadNecessary(lastSync: number): Promise<boolean>;
getLogger(): Logger;
createForPersistenceValidation(): Promise<FilePersistence>;
private static createDefaultLoggerOptions;
private timeLastModified;
private createCacheFile;
private createFileDirectory;
}
@@ -0,0 +1,173 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { promises } from 'fs';
import { dirname } from 'path';
import { ErrorCodes, Constants } from '../utils/Constants.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
import { BasePersistence } from './BasePersistence.mjs';
import { isNodeError } from '../utils/TypeGuards.mjs';
import { Logger, LogLevel } from '../lib/msal-common/dist/logger/Logger.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Reads and writes data to file specified by file location. File contents are not
* encrypted.
*
* If file or directory has not been created, it FilePersistence.create() will create
* file and any directories in the path recursively.
*/
class FilePersistence extends BasePersistence {
constructor(fileLocation, loggerOptions) {
super();
this.logger = new Logger(loggerOptions || FilePersistence.createDefaultLoggerOptions());
this.filePath = fileLocation;
}
static async create(fileLocation, loggerOptions) {
const filePersistence = new FilePersistence(fileLocation, loggerOptions);
await filePersistence.createCacheFile();
return filePersistence;
}
async save(contents) {
try {
await promises.writeFile(this.getFilePath(), contents, "utf-8");
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
else {
throw err;
}
}
}
async saveBuffer(contents) {
try {
await promises.writeFile(this.getFilePath(), contents);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
else {
throw err;
}
}
}
async load() {
try {
return await promises.readFile(this.getFilePath(), "utf-8");
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
else {
throw err;
}
}
}
async loadBuffer() {
try {
return await promises.readFile(this.getFilePath());
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
else {
throw err;
}
}
}
async delete() {
try {
await promises.unlink(this.getFilePath());
return true;
}
catch (err) {
if (isNodeError(err)) {
if (err.code === Constants.ENOENT_ERROR) {
// file does not exist, so it was not deleted
this.logger.warning("Cache file does not exist, so it could not be deleted");
return false;
}
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
else {
throw err;
}
}
}
getFilePath() {
return this.filePath;
}
async reloadNecessary(lastSync) {
return lastSync < (await this.timeLastModified());
}
getLogger() {
return this.logger;
}
createForPersistenceValidation() {
const testCacheFileLocation = `${dirname(this.filePath)}/test.cache`;
return FilePersistence.create(testCacheFileLocation);
}
static createDefaultLoggerOptions() {
return {
loggerCallback: () => {
// allow users to not set loggerCallback
},
piiLoggingEnabled: false,
logLevel: LogLevel.Info,
};
}
async timeLastModified() {
try {
const stats = await promises.stat(this.filePath);
return stats.mtime.getTime();
}
catch (err) {
if (isNodeError(err)) {
if (err.code === Constants.ENOENT_ERROR) {
// file does not exist, so it's never been modified
this.logger.verbose("Cache file does not exist");
return 0;
}
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
else {
throw err;
}
}
}
async createCacheFile() {
await this.createFileDirectory();
// File is created only if it does not exist
const fileHandle = await promises.open(this.filePath, "a");
await fileHandle.close();
this.logger.info(`File created at ${this.filePath}`);
}
async createFileDirectory() {
try {
await promises.mkdir(dirname(this.filePath), { recursive: true });
}
catch (err) {
if (isNodeError(err)) {
if (err.code === Constants.EEXIST_ERROR) {
this.logger.info(`Directory ${dirname(this.filePath)} already exists`);
}
else {
throw PersistenceError.createFileSystemError(err.code || ErrorCodes.UNKNOWN, err.message);
}
}
else {
throw err;
}
}
}
}
export { FilePersistence };
//# sourceMappingURL=FilePersistence.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"FilePersistence.mjs","sources":["../../src/persistence/FilePersistence.ts"],"sourcesContent":[null],"names":["fs"],"mappings":";;;;;;;;;;AAAA;;;AAGG;AAWH;;;;;;AAMG;AACG,MAAO,eAAgB,SAAQ,eAAe,CAAA;IAIhD,WAAoB,CAAA,YAAoB,EAAE,aAA6B,EAAA;AACnE,QAAA,KAAK,EAAE,CAAC;AACR,QAAA,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CACpB,aAAa,IAAI,eAAe,CAAC,0BAA0B,EAAE,CAChE,CAAC;AACF,QAAA,IAAI,CAAC,QAAQ,GAAG,YAAY,CAAC;KAChC;AAEM,IAAA,aAAa,MAAM,CACtB,YAAoB,EACpB,aAA6B,EAAA;QAE7B,MAAM,eAAe,GAAG,IAAI,eAAe,CACvC,YAAY,EACZ,aAAa,CAChB,CAAC;AACF,QAAA,MAAM,eAAe,CAAC,eAAe,EAAE,CAAC;AACxC,QAAA,OAAO,eAAe,CAAC;KAC1B;IAEM,MAAM,IAAI,CAAC,QAAgB,EAAA;QAC9B,IAAI;AACA,YAAA,MAAMA,QAAE,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;AAC7D,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;IAEM,MAAM,UAAU,CAAC,QAAoB,EAAA;QACxC,IAAI;YACA,MAAMA,QAAE,CAAC,SAAS,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,QAAQ,CAAC,CAAC;AACpD,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,IAAI,GAAA;QACb,IAAI;AACA,YAAA,OAAO,MAAMA,QAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;AACzD,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,UAAU,GAAA;QACnB,IAAI;YACA,OAAO,MAAMA,QAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;AAChD,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,MAAM,GAAA;QACf,IAAI;YACA,MAAMA,QAAE,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;AACpC,YAAA,OAAO,IAAI,CAAC;AACf,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,YAAY,EAAE;;AAErC,oBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,uDAAuD,CAC1D,CAAC;AACF,oBAAA,OAAO,KAAK,CAAC;AAChB,iBAAA;AACD,gBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;IAEM,WAAW,GAAA;QACd,OAAO,IAAI,CAAC,QAAQ,CAAC;KACxB;IAEM,MAAM,eAAe,CAAC,QAAgB,EAAA;QACzC,OAAO,QAAQ,IAAI,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC;KACrD;IAEM,SAAS,GAAA;QACZ,OAAO,IAAI,CAAC,MAAM,CAAC;KACtB;IAEM,8BAA8B,GAAA;QACjC,MAAM,qBAAqB,GAAG,CAAA,EAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA,WAAA,CAAa,CAAC;AACrE,QAAA,OAAO,eAAe,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;KACxD;AAEO,IAAA,OAAO,0BAA0B,GAAA;QACrC,OAAO;YACH,cAAc,EAAE,MAAK;;aAEpB;AACD,YAAA,iBAAiB,EAAE,KAAK;YACxB,QAAQ,EAAE,QAAQ,CAAC,IAAI;SAC1B,CAAC;KACL;AAEO,IAAA,MAAM,gBAAgB,GAAA;QAC1B,IAAI;YACA,MAAM,KAAK,GAAG,MAAMA,QAAE,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAC3C,YAAA,OAAO,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;AAChC,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,YAAY,EAAE;;AAErC,oBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,CAAC;AACjD,oBAAA,OAAO,CAAC,CAAC;AACZ,iBAAA;AACD,gBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEO,IAAA,MAAM,eAAe,GAAA;AACzB,QAAA,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;;AAEjC,QAAA,MAAM,UAAU,GAAG,MAAMA,QAAE,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;AACrD,QAAA,MAAM,UAAU,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAmB,gBAAA,EAAA,IAAI,CAAC,QAAQ,CAAE,CAAA,CAAC,CAAC;KACxD;AAEO,IAAA,MAAM,mBAAmB,GAAA;QAC7B,IAAI;AACA,YAAA,MAAMA,QAAE,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AAC/D,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;AAClB,gBAAA,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,YAAY,EAAE;AACrC,oBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,CAAa,UAAA,EAAA,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA,gBAAA,CAAkB,CACxD,CAAC;AACL,iBAAA;AAAM,qBAAA;AACH,oBAAA,MAAM,gBAAgB,CAAC,qBAAqB,CACxC,GAAG,CAAC,IAAI,IAAI,UAAU,CAAC,OAAO,EAC9B,GAAG,CAAC,OAAO,CACd,CAAC;AACL,iBAAA;AACJ,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AACJ;;;;"}
@@ -0,0 +1,24 @@
import { IPersistence } from "./IPersistence.js";
import { DataProtectionScope } from "./DataProtectionScope.js";
import { Logger, LoggerOptions } from "@azure/msal-common/node";
import { BasePersistence } from "./BasePersistence.js";
/**
* Uses CryptProtectData and CryptUnprotectData on Windows to encrypt and decrypt file contents.
*
* scope: Scope of the data protection. Either local user or the current machine
* optionalEntropy: Password or other additional entropy used to encrypt the data
*/
export declare class FilePersistenceWithDataProtection extends BasePersistence implements IPersistence {
private filePersistence;
private scope;
private optionalEntropy;
private constructor();
static create(fileLocation: string, scope: DataProtectionScope, optionalEntropy?: string, loggerOptions?: LoggerOptions): Promise<FilePersistenceWithDataProtection>;
save(contents: string): Promise<void>;
load(): Promise<string | null>;
delete(): Promise<boolean>;
reloadNecessary(lastSync: number): Promise<boolean>;
getFilePath(): string;
getLogger(): Logger;
createForPersistenceValidation(): Promise<FilePersistenceWithDataProtection>;
}
@@ -0,0 +1,90 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { FilePersistence } from './FilePersistence.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
import { Dpapi } from '../Dpapi.mjs';
import { DataProtectionScope } from './DataProtectionScope.mjs';
import { dirname } from 'path';
import { BasePersistence } from './BasePersistence.mjs';
import { isNodeError } from '../utils/TypeGuards.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Uses CryptProtectData and CryptUnprotectData on Windows to encrypt and decrypt file contents.
*
* scope: Scope of the data protection. Either local user or the current machine
* optionalEntropy: Password or other additional entropy used to encrypt the data
*/
class FilePersistenceWithDataProtection extends BasePersistence {
constructor(filePersistence, scope, optionalEntropy) {
super();
this.scope = scope;
this.optionalEntropy = optionalEntropy
? Buffer.from(optionalEntropy, "utf-8")
: null;
this.filePersistence = filePersistence;
}
static async create(fileLocation, scope, optionalEntropy, loggerOptions) {
const filePersistence = await FilePersistence.create(fileLocation, loggerOptions);
const persistence = new FilePersistenceWithDataProtection(filePersistence, scope, optionalEntropy);
return persistence;
}
async save(contents) {
try {
const encryptedContents = Dpapi.protectData(Buffer.from(contents, "utf-8"), this.optionalEntropy, this.scope.toString());
await this.filePersistence.saveBuffer(encryptedContents);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createFilePersistenceWithDPAPIError(err.message);
}
else {
throw err;
}
}
}
async load() {
try {
const encryptedContents = await this.filePersistence.loadBuffer();
if (typeof encryptedContents === "undefined" ||
!encryptedContents ||
0 === encryptedContents.length) {
this.filePersistence
.getLogger()
.info("Encrypted contents loaded from file were null or empty");
return null;
}
return Dpapi.unprotectData(encryptedContents, this.optionalEntropy, this.scope.toString()).toString();
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createFilePersistenceWithDPAPIError(err.message);
}
else {
throw err;
}
}
}
async delete() {
return this.filePersistence.delete();
}
async reloadNecessary(lastSync) {
return this.filePersistence.reloadNecessary(lastSync);
}
getFilePath() {
return this.filePersistence.getFilePath();
}
getLogger() {
return this.filePersistence.getLogger();
}
createForPersistenceValidation() {
const testCacheFileLocation = `${dirname(this.filePersistence.getFilePath())}/test.cache`;
return FilePersistenceWithDataProtection.create(testCacheFileLocation, DataProtectionScope.CurrentUser);
}
}
export { FilePersistenceWithDataProtection };
//# sourceMappingURL=FilePersistenceWithDataProtection.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"FilePersistenceWithDataProtection.mjs","sources":["../../src/persistence/FilePersistenceWithDataProtection.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;AAAA;;;AAGG;AAYH;;;;;AAKG;AACG,MAAO,iCACT,SAAQ,eAAe,CAAA;AAOvB,IAAA,WAAA,CACI,eAAgC,EAChC,KAA0B,EAC1B,eAAwB,EAAA;AAExB,QAAA,KAAK,EAAE,CAAC;AACR,QAAA,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,eAAe,GAAG,eAAe;cAChC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE,OAAO,CAAC;cACrC,IAAI,CAAC;AACX,QAAA,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;KAC1C;IAEM,aAAa,MAAM,CACtB,YAAoB,EACpB,KAA0B,EAC1B,eAAwB,EACxB,aAA6B,EAAA;QAE7B,MAAM,eAAe,GAAG,MAAM,eAAe,CAAC,MAAM,CAChD,YAAY,EACZ,aAAa,CAChB,CAAC;QACF,MAAM,WAAW,GAAG,IAAI,iCAAiC,CACrD,eAAe,EACf,KAAK,EACL,eAAe,CAClB,CAAC;AACF,QAAA,OAAO,WAAW,CAAC;KACtB;IAEM,MAAM,IAAI,CAAC,QAAgB,EAAA;QAC9B,IAAI;YACA,MAAM,iBAAiB,GAAG,KAAK,CAAC,WAAW,CACvC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,EAC9B,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CACxB,CAAC;YACF,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC;AAC5D,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,mCAAmC,CACtD,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,IAAI,GAAA;QACb,IAAI;YACA,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,CAAC;YAClE,IACI,OAAO,iBAAiB,KAAK,WAAW;AACxC,gBAAA,CAAC,iBAAiB;AAClB,gBAAA,CAAC,KAAK,iBAAiB,CAAC,MAAM,EAChC;AACE,gBAAA,IAAI,CAAC,eAAe;AACf,qBAAA,SAAS,EAAE;qBACX,IAAI,CACD,wDAAwD,CAC3D,CAAC;AACN,gBAAA,OAAO,IAAI,CAAC;AACf,aAAA;YACD,OAAO,KAAK,CAAC,aAAa,CACtB,iBAAiB,EACjB,IAAI,CAAC,eAAe,EACpB,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CACxB,CAAC,QAAQ,EAAE,CAAC;AAChB,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,mCAAmC,CACtD,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,MAAM,GAAA;AACf,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;KACxC;IAEM,MAAM,eAAe,CAAC,QAAgB,EAAA;QACzC,OAAO,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;KACzD;IAEM,WAAW,GAAA;AACd,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CAAC;KAC7C;IAEM,SAAS,GAAA;AACZ,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;KAC3C;IAEM,8BAA8B,GAAA;AACjC,QAAA,MAAM,qBAAqB,GAAG,CAAG,EAAA,OAAO,CACpC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CACrC,aAAa,CAAC;QACf,OAAO,iCAAiC,CAAC,MAAM,CAC3C,qBAAqB,EACrB,mBAAmB,CAAC,WAAW,CAClC,CAAC;KACL;AACJ;;;;"}
@@ -0,0 +1,11 @@
import { Logger } from "@azure/msal-common/node";
export interface IPersistence {
save(contents: string): Promise<void>;
load(): Promise<string | null>;
delete(): Promise<boolean>;
reloadNecessary(lastSync: number): Promise<boolean>;
getFilePath(): string;
getLogger(): Logger;
verifyPersistence(): Promise<boolean>;
createForPersistenceValidation(): Promise<IPersistence>;
}
@@ -0,0 +1,10 @@
import type { LoggerOptions } from "@azure/msal-common/node";
import { DataProtectionScope } from "./DataProtectionScope.js";
export interface IPersistenceConfiguration {
cachePath?: string;
dataProtectionScope?: DataProtectionScope;
serviceName?: string;
accountName?: string;
usePlaintextFileOnLinux?: boolean;
loggerOptions?: LoggerOptions;
}
@@ -0,0 +1,23 @@
import { IPersistence } from "./IPersistence.js";
import { Logger, LoggerOptions } from "@azure/msal-common/node";
import { BasePersistence } from "./BasePersistence.js";
/**
* Uses reads and writes passwords to macOS keychain
*
* serviceName: Identifier used as key for whatever value is stored
* accountName: Account under which password should be stored
*/
export declare class KeychainPersistence extends BasePersistence implements IPersistence {
protected readonly serviceName: string;
protected readonly accountName: string;
private filePersistence;
private constructor();
static create(fileLocation: string, serviceName: string, accountName: string, loggerOptions?: LoggerOptions): Promise<KeychainPersistence>;
save(contents: string): Promise<void>;
load(): Promise<string | null>;
delete(): Promise<boolean>;
reloadNecessary(lastSync: number): Promise<boolean>;
getFilePath(): string;
getLogger(): Logger;
createForPersistenceValidation(): Promise<KeychainPersistence>;
}
@@ -0,0 +1,90 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import keytar from 'keytar';
import { FilePersistence } from './FilePersistence.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
import { dirname } from 'path';
import { BasePersistence } from './BasePersistence.mjs';
import { isNodeError } from '../utils/TypeGuards.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Uses reads and writes passwords to macOS keychain
*
* serviceName: Identifier used as key for whatever value is stored
* accountName: Account under which password should be stored
*/
class KeychainPersistence extends BasePersistence {
constructor(filePersistence, serviceName, accountName) {
super();
this.filePersistence = filePersistence;
this.serviceName = serviceName;
this.accountName = accountName;
}
static async create(fileLocation, serviceName, accountName, loggerOptions) {
const filePersistence = await FilePersistence.create(fileLocation, loggerOptions);
const persistence = new KeychainPersistence(filePersistence, serviceName, accountName);
return persistence;
}
async save(contents) {
try {
await keytar.setPassword(this.serviceName, this.accountName, contents);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createKeychainPersistenceError(err.message);
}
else {
throw err;
}
}
// Write dummy data to update file mtime
await this.filePersistence.save("{}");
}
async load() {
try {
return await keytar.getPassword(this.serviceName, this.accountName);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createKeychainPersistenceError(err.message);
}
else {
throw err;
}
}
}
async delete() {
try {
await this.filePersistence.delete();
return await keytar.deletePassword(this.serviceName, this.accountName);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createKeychainPersistenceError(err.message);
}
else {
throw err;
}
}
}
async reloadNecessary(lastSync) {
return this.filePersistence.reloadNecessary(lastSync);
}
getFilePath() {
return this.filePersistence.getFilePath();
}
getLogger() {
return this.filePersistence.getLogger();
}
createForPersistenceValidation() {
const testCacheFileLocation = `${dirname(this.filePersistence.getFilePath())}/test.cache`;
return KeychainPersistence.create(testCacheFileLocation, "persistenceValidationServiceName", "persistencValidationAccountName");
}
}
export { KeychainPersistence };
//# sourceMappingURL=KeychainPersistence.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"KeychainPersistence.mjs","sources":["../../src/persistence/KeychainPersistence.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;AAAA;;;AAGG;AAWH;;;;;AAKG;AACG,MAAO,mBACT,SAAQ,eAAe,CAAA;AAOvB,IAAA,WAAA,CACI,eAAgC,EAChC,WAAmB,EACnB,WAAmB,EAAA;AAEnB,QAAA,KAAK,EAAE,CAAC;AACR,QAAA,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;AACvC,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;AAC/B,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;KAClC;IAEM,aAAa,MAAM,CACtB,YAAoB,EACpB,WAAmB,EACnB,WAAmB,EACnB,aAA6B,EAAA;QAE7B,MAAM,eAAe,GAAG,MAAM,eAAe,CAAC,MAAM,CAChD,YAAY,EACZ,aAAa,CAChB,CAAC;QACF,MAAM,WAAW,GAAG,IAAI,mBAAmB,CACvC,eAAe,EACf,WAAW,EACX,WAAW,CACd,CAAC;AACF,QAAA,OAAO,WAAW,CAAC;KACtB;IAEM,MAAM,IAAI,CAAC,QAAgB,EAAA;QAC9B,IAAI;AACA,YAAA,MAAM,MAAM,CAAC,WAAW,CACpB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,WAAW,EAChB,QAAQ,CACX,CAAC;AACL,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,8BAA8B,CACjD,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACzC;AAEM,IAAA,MAAM,IAAI,GAAA;QACb,IAAI;AACA,YAAA,OAAO,MAAM,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;AACvE,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,8BAA8B,CACjD,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,MAAM,GAAA;QACf,IAAI;AACA,YAAA,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;AACpC,YAAA,OAAO,MAAM,MAAM,CAAC,cAAc,CAC9B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,WAAW,CACnB,CAAC;AACL,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,8BAA8B,CACjD,GAAG,CAAC,OAAO,CACd,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;IAEM,MAAM,eAAe,CAAC,QAAgB,EAAA;QACzC,OAAO,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;KACzD;IAEM,WAAW,GAAA;AACd,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CAAC;KAC7C;IAEM,SAAS,GAAA;AACZ,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;KAC3C;IAEM,8BAA8B,GAAA;AACjC,QAAA,MAAM,qBAAqB,GAAG,CAAG,EAAA,OAAO,CACpC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CACrC,aAAa,CAAC;QACf,OAAO,mBAAmB,CAAC,MAAM,CAC7B,qBAAqB,EACrB,kCAAkC,EAClC,iCAAiC,CACpC,CAAC;KACL;AACJ;;;;"}
@@ -0,0 +1,24 @@
import { IPersistence } from "./IPersistence.js";
import { Logger, LoggerOptions } from "@azure/msal-common/node";
import { BasePersistence } from "./BasePersistence.js";
/**
* Uses reads and writes passwords to Secret Service API/libsecret. Requires libsecret
* to be installed.
*
* serviceName: Identifier used as key for whatever value is stored
* accountName: Account under which password should be stored
*/
export declare class LibSecretPersistence extends BasePersistence implements IPersistence {
protected readonly serviceName: string;
protected readonly accountName: string;
private filePersistence;
private constructor();
static create(fileLocation: string, serviceName: string, accountName: string, loggerOptions?: LoggerOptions): Promise<LibSecretPersistence>;
save(contents: string): Promise<void>;
load(): Promise<string | null>;
delete(): Promise<boolean>;
reloadNecessary(lastSync: number): Promise<boolean>;
getFilePath(): string;
getLogger(): Logger;
createForPersistenceValidation(): Promise<LibSecretPersistence>;
}
@@ -0,0 +1,91 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import keytar from 'keytar';
import { FilePersistence } from './FilePersistence.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
import { dirname } from 'path';
import { BasePersistence } from './BasePersistence.mjs';
import { isNodeError } from '../utils/TypeGuards.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Uses reads and writes passwords to Secret Service API/libsecret. Requires libsecret
* to be installed.
*
* serviceName: Identifier used as key for whatever value is stored
* accountName: Account under which password should be stored
*/
class LibSecretPersistence extends BasePersistence {
constructor(filePersistence, serviceName, accountName) {
super();
this.filePersistence = filePersistence;
this.serviceName = serviceName;
this.accountName = accountName;
}
static async create(fileLocation, serviceName, accountName, loggerOptions) {
const filePersistence = await FilePersistence.create(fileLocation, loggerOptions);
const persistence = new LibSecretPersistence(filePersistence, serviceName, accountName);
return persistence;
}
async save(contents) {
try {
await keytar.setPassword(this.serviceName, this.accountName, contents);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createLibSecretError(err.message);
}
else {
throw err;
}
}
// Write dummy data to update file mtime
await this.filePersistence.save("{}");
}
async load() {
try {
return await keytar.getPassword(this.serviceName, this.accountName);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createLibSecretError(err.message);
}
else {
throw err;
}
}
}
async delete() {
try {
await this.filePersistence.delete();
return await keytar.deletePassword(this.serviceName, this.accountName);
}
catch (err) {
if (isNodeError(err)) {
throw PersistenceError.createLibSecretError(err.message);
}
else {
throw err;
}
}
}
async reloadNecessary(lastSync) {
return this.filePersistence.reloadNecessary(lastSync);
}
getFilePath() {
return this.filePersistence.getFilePath();
}
getLogger() {
return this.filePersistence.getLogger();
}
createForPersistenceValidation() {
const testCacheFileLocation = `${dirname(this.filePersistence.getFilePath())}/test.cache`;
return LibSecretPersistence.create(testCacheFileLocation, "persistenceValidationServiceName", "persistencValidationAccountName");
}
}
export { LibSecretPersistence };
//# sourceMappingURL=LibSecretPersistence.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"LibSecretPersistence.mjs","sources":["../../src/persistence/LibSecretPersistence.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;AAAA;;;AAGG;AAWH;;;;;;AAMG;AACG,MAAO,oBACT,SAAQ,eAAe,CAAA;AAOvB,IAAA,WAAA,CACI,eAAgC,EAChC,WAAmB,EACnB,WAAmB,EAAA;AAEnB,QAAA,KAAK,EAAE,CAAC;AACR,QAAA,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;AACvC,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;AAC/B,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;KAClC;IAEM,aAAa,MAAM,CACtB,YAAoB,EACpB,WAAmB,EACnB,WAAmB,EACnB,aAA6B,EAAA;QAE7B,MAAM,eAAe,GAAG,MAAM,eAAe,CAAC,MAAM,CAChD,YAAY,EACZ,aAAa,CAChB,CAAC;QACF,MAAM,WAAW,GAAG,IAAI,oBAAoB,CACxC,eAAe,EACf,WAAW,EACX,WAAW,CACd,CAAC;AACF,QAAA,OAAO,WAAW,CAAC;KACtB;IAEM,MAAM,IAAI,CAAC,QAAgB,EAAA;QAC9B,IAAI;AACA,YAAA,MAAM,MAAM,CAAC,WAAW,CACpB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,WAAW,EAChB,QAAQ,CACX,CAAC;AACL,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAC5D,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;;QAED,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;KACzC;AAEM,IAAA,MAAM,IAAI,GAAA;QACb,IAAI;AACA,YAAA,OAAO,MAAM,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;AACvE,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAC5D,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;AAEM,IAAA,MAAM,MAAM,GAAA;QACf,IAAI;AACA,YAAA,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;AACpC,YAAA,OAAO,MAAM,MAAM,CAAC,cAAc,CAC9B,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,WAAW,CACnB,CAAC;AACL,SAAA;AAAC,QAAA,OAAO,GAAG,EAAE;AACV,YAAA,IAAI,WAAW,CAAC,GAAG,CAAC,EAAE;gBAClB,MAAM,gBAAgB,CAAC,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;AAC5D,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,GAAG,CAAC;AACb,aAAA;AACJ,SAAA;KACJ;IAEM,MAAM,eAAe,CAAC,QAAgB,EAAA;QACzC,OAAO,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;KACzD;IAEM,WAAW,GAAA;AACd,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CAAC;KAC7C;IAEM,SAAS,GAAA;AACZ,QAAA,OAAO,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;KAC3C;IAEM,8BAA8B,GAAA;AACjC,QAAA,MAAM,qBAAqB,GAAG,CAAG,EAAA,OAAO,CACpC,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CACrC,aAAa,CAAC;QACf,OAAO,oBAAoB,CAAC,MAAM,CAC9B,qBAAqB,EACrB,kCAAkC,EAClC,iCAAiC,CACpC,CAAC;KACL;AACJ;;;;"}
@@ -0,0 +1,38 @@
import { IPersistence } from "./IPersistence.js";
import { CrossPlatformLockOptions } from "../lock/CrossPlatformLockOptions.js";
import { TokenCacheContext, ICachePlugin } from "@azure/msal-common/node";
/**
* MSAL cache plugin which enables callers to write the MSAL cache to disk on Windows,
* macOs, and Linux.
*
* - Persistence can be one of:
* - FilePersistence: Writes and reads from an unencrypted file. Can be used on Windows,
* macOs, or Linux.
* - FilePersistenceWithDataProtection: Used on Windows, writes and reads from file encrypted
* with windows dpapi-addon.
* - KeychainPersistence: Used on macOs, writes and reads from keychain.
* - LibSecretPersistence: Used on linux, writes and reads from secret service API. Requires
* libsecret be installed.
*/
export declare class PersistenceCachePlugin implements ICachePlugin {
persistence: IPersistence;
lastSync: number;
currentCache: string | null;
lockFilePath: string;
private crossPlatformLock;
private logger;
constructor(persistence: IPersistence, lockOptions?: CrossPlatformLockOptions);
/**
* Reads from storage and saves an in-memory copy. If persistence has not been updated
* since last time data was read, in memory copy is used.
*
* If cacheContext.cacheHasChanged === true, then file lock is created and not deleted until
* afterCacheAccess() is called, to prevent the cache file from changing in between
* beforeCacheAccess() and afterCacheAccess().
*/
beforeCacheAccess(cacheContext: TokenCacheContext): Promise<void>;
/**
* Writes to storage if MSAL in memory copy of cache has been changed.
*/
afterCacheAccess(cacheContext: TokenCacheContext): Promise<void>;
}
@@ -0,0 +1,99 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { CrossPlatformLock } from '../lock/CrossPlatformLock.mjs';
import { pid } from 'process';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* MSAL cache plugin which enables callers to write the MSAL cache to disk on Windows,
* macOs, and Linux.
*
* - Persistence can be one of:
* - FilePersistence: Writes and reads from an unencrypted file. Can be used on Windows,
* macOs, or Linux.
* - FilePersistenceWithDataProtection: Used on Windows, writes and reads from file encrypted
* with windows dpapi-addon.
* - KeychainPersistence: Used on macOs, writes and reads from keychain.
* - LibSecretPersistence: Used on linux, writes and reads from secret service API. Requires
* libsecret be installed.
*/
class PersistenceCachePlugin {
constructor(persistence, lockOptions) {
this.persistence = persistence;
// initialize logger
this.logger = persistence.getLogger();
// create file lock
this.lockFilePath = `${this.persistence.getFilePath()}.lockfile`;
this.crossPlatformLock = new CrossPlatformLock(this.lockFilePath, this.logger, lockOptions);
// initialize default values
this.lastSync = 0;
this.currentCache = null;
}
/**
* Reads from storage and saves an in-memory copy. If persistence has not been updated
* since last time data was read, in memory copy is used.
*
* If cacheContext.cacheHasChanged === true, then file lock is created and not deleted until
* afterCacheAccess() is called, to prevent the cache file from changing in between
* beforeCacheAccess() and afterCacheAccess().
*/
async beforeCacheAccess(cacheContext) {
this.logger.info("Executing before cache access");
const reloadNecessary = await this.persistence.reloadNecessary(this.lastSync);
if (!reloadNecessary && this.currentCache !== null) {
if (cacheContext.cacheHasChanged) {
this.logger.verbose("Cache context has changed");
await this.crossPlatformLock.lock();
}
return;
}
try {
this.logger.info(`Reload necessary. Last sync time: ${this.lastSync}`);
await this.crossPlatformLock.lock();
this.currentCache = await this.persistence.load();
this.lastSync = new Date().getTime();
if (this.currentCache) {
cacheContext.tokenCache.deserialize(this.currentCache);
}
else {
this.logger.info("Cache empty.");
}
this.logger.info(`Last sync time updated to: ${this.lastSync}`);
}
finally {
if (!cacheContext.cacheHasChanged) {
await this.crossPlatformLock.unlock();
this.logger.info(`Pid ${pid} released lock`);
}
else {
this.logger.info(`Pid ${pid} beforeCacheAccess did not release lock`);
}
}
}
/**
* Writes to storage if MSAL in memory copy of cache has been changed.
*/
async afterCacheAccess(cacheContext) {
this.logger.info("Executing after cache access");
try {
if (cacheContext.cacheHasChanged) {
this.logger.info("Msal in-memory cache has changed. Writing changes to persistence");
this.currentCache = cacheContext.tokenCache.serialize();
await this.persistence.save(this.currentCache);
}
else {
this.logger.info("Msal in-memory cache has not changed. Did not write to persistence");
}
}
finally {
await this.crossPlatformLock.unlock();
this.logger.info(`Pid ${pid} afterCacheAccess released lock`);
}
}
}
export { PersistenceCachePlugin };
//# sourceMappingURL=PersistenceCachePlugin.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"PersistenceCachePlugin.mjs","sources":["../../src/persistence/PersistenceCachePlugin.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;AAAA;;;AAGG;AAYH;;;;;;;;;;;;AAYG;MACU,sBAAsB,CAAA;IAU/B,WACI,CAAA,WAAyB,EACzB,WAAsC,EAAA;AAEtC,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;;AAG/B,QAAA,IAAI,CAAC,MAAM,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;;QAGtC,IAAI,CAAC,YAAY,GAAG,CAAG,EAAA,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,CAAA,SAAA,CAAW,CAAC;AACjE,QAAA,IAAI,CAAC,iBAAiB,GAAG,IAAI,iBAAiB,CAC1C,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,MAAM,EACX,WAAW,CACd,CAAC;;AAGF,QAAA,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC;AAClB,QAAA,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;KAC5B;AAED;;;;;;;AAOG;IACI,MAAM,iBAAiB,CAC1B,YAA+B,EAAA;AAE/B,QAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;AAClD,QAAA,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,CAC1D,IAAI,CAAC,QAAQ,CAChB,CAAC;QACF,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,EAAE;YAChD,IAAI,YAAY,CAAC,eAAe,EAAE;AAC9B,gBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,2BAA2B,CAAC,CAAC;AACjD,gBAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;AACvC,aAAA;YACD,OAAO;AACV,SAAA;QACD,IAAI;YACA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,CAAqC,kCAAA,EAAA,IAAI,CAAC,QAAQ,CAAE,CAAA,CACvD,CAAC;AACF,YAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,CAAC;YAEpC,IAAI,CAAC,YAAY,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YAClD,IAAI,CAAC,QAAQ,GAAG,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC;YACrC,IAAI,IAAI,CAAC,YAAY,EAAE;gBACnB,YAAY,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;AAC1D,aAAA;AAAM,iBAAA;AACH,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;AACpC,aAAA;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAA8B,2BAAA,EAAA,IAAI,CAAC,QAAQ,CAAE,CAAA,CAAC,CAAC;AACnE,SAAA;AAAS,gBAAA;AACN,YAAA,IAAI,CAAC,YAAY,CAAC,eAAe,EAAE;AAC/B,gBAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;gBACtC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,IAAA,EAAA,GAAG,CAAgB,cAAA,CAAA,CAAC,CAAC;AAChD,aAAA;AAAM,iBAAA;gBACH,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,CAAO,IAAA,EAAA,GAAG,CAAyC,uCAAA,CAAA,CACtD,CAAC;AACL,aAAA;AACJ,SAAA;KACJ;AAED;;AAEG;IACI,MAAM,gBAAgB,CACzB,YAA+B,EAAA;AAE/B,QAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QACjD,IAAI;YACA,IAAI,YAAY,CAAC,eAAe,EAAE;AAC9B,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,kEAAkE,CACrE,CAAC;gBACF,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;gBACxD,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;AAClD,aAAA;AAAM,iBAAA;AACH,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,oEAAoE,CACvE,CAAC;AACL,aAAA;AACJ,SAAA;AAAS,gBAAA;AACN,YAAA,MAAM,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC;YACtC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAO,IAAA,EAAA,GAAG,CAAiC,+BAAA,CAAA,CAAC,CAAC;AACjE,SAAA;KACJ;AACJ;;;;"}
@@ -0,0 +1,5 @@
import { IPersistence } from "./IPersistence.js";
import { IPersistenceConfiguration } from "./IPersistenceConfiguration.js";
export declare class PersistenceCreator {
static createPersistence(config: IPersistenceConfiguration): Promise<IPersistence>;
}
@@ -0,0 +1,68 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import { FilePersistenceWithDataProtection } from './FilePersistenceWithDataProtection.mjs';
import { LibSecretPersistence } from './LibSecretPersistence.mjs';
import { KeychainPersistence } from './KeychainPersistence.mjs';
import { DataProtectionScope } from './DataProtectionScope.mjs';
import { Environment } from '../utils/Environment.mjs';
import { FilePersistence } from './FilePersistence.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class PersistenceCreator {
static async createPersistence(config) {
let peristence;
// On Windows, uses a DPAPI encrypted file
if (Environment.isWindowsPlatform()) {
if (!config.cachePath || !config.dataProtectionScope) {
throw PersistenceError.createPersistenceNotValidatedError("Cache path and/or data protection scope not provided for the FilePersistenceWithDataProtection cache plugin");
}
peristence = await FilePersistenceWithDataProtection.create(config.cachePath, DataProtectionScope.CurrentUser, undefined, config.loggerOptions);
}
// On Mac, uses keychain.
else if (Environment.isMacPlatform()) {
if (!config.cachePath ||
!config.serviceName ||
!config.accountName) {
throw PersistenceError.createPersistenceNotValidatedError("Cache path, service name and/or account name not provided for the KeychainPersistence cache plugin");
}
peristence = await KeychainPersistence.create(config.cachePath, config.serviceName, config.accountName, config.loggerOptions);
}
// On Linux, uses libsecret to store to secret service. Libsecret has to be installed.
else if (Environment.isLinuxPlatform()) {
if (!config.cachePath ||
!config.serviceName ||
!config.accountName) {
throw PersistenceError.createPersistenceNotValidatedError("Cache path, service name and/or account name not provided for the LibSecretPersistence cache plugin");
}
peristence = await LibSecretPersistence.create(config.cachePath, config.serviceName, config.accountName, config.loggerOptions);
}
else {
throw PersistenceError.createNotSupportedError("The current environment is not supported by msal-node-extensions yet.");
}
await peristence.verifyPersistence().catch(async (e) => {
if (Environment.isLinuxPlatform() &&
config.usePlaintextFileOnLinux) {
if (!config.cachePath) {
throw PersistenceError.createPersistenceNotValidatedError("Cache path not provided for the FilePersistence cache plugin");
}
peristence = await FilePersistence.create(config.cachePath, config.loggerOptions);
const isFilePersistenceVerified = await peristence.verifyPersistence();
if (isFilePersistenceVerified) {
return peristence;
}
throw PersistenceError.createPersistenceNotVerifiedError("Persistence could not be verified");
}
else {
throw e;
}
});
return peristence;
}
}
export { PersistenceCreator };
//# sourceMappingURL=PersistenceCreator.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"PersistenceCreator.mjs","sources":["../../src/persistence/PersistenceCreator.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;;;;;AAAA;;;AAGG;MAYU,kBAAkB,CAAA;AAC3B,IAAA,aAAa,iBAAiB,CAC1B,MAAiC,EAAA;AAEjC,QAAA,IAAI,UAAwB,CAAC;;AAG7B,QAAA,IAAI,WAAW,CAAC,iBAAiB,EAAE,EAAE;YACjC,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE;AAClD,gBAAA,MAAM,gBAAgB,CAAC,kCAAkC,CACrD,6GAA6G,CAChH,CAAC;AACL,aAAA;YAED,UAAU,GAAG,MAAM,iCAAiC,CAAC,MAAM,CACvD,MAAM,CAAC,SAAS,EAChB,mBAAmB,CAAC,WAAW,EAC/B,SAAS,EACT,MAAM,CAAC,aAAa,CACvB,CAAC;AACL,SAAA;;AAGI,aAAA,IAAI,WAAW,CAAC,aAAa,EAAE,EAAE;YAClC,IACI,CAAC,MAAM,CAAC,SAAS;gBACjB,CAAC,MAAM,CAAC,WAAW;gBACnB,CAAC,MAAM,CAAC,WAAW,EACrB;AACE,gBAAA,MAAM,gBAAgB,CAAC,kCAAkC,CACrD,oGAAoG,CACvG,CAAC;AACL,aAAA;YAED,UAAU,GAAG,MAAM,mBAAmB,CAAC,MAAM,CACzC,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,aAAa,CACvB,CAAC;AACL,SAAA;;AAGI,aAAA,IAAI,WAAW,CAAC,eAAe,EAAE,EAAE;YACpC,IACI,CAAC,MAAM,CAAC,SAAS;gBACjB,CAAC,MAAM,CAAC,WAAW;gBACnB,CAAC,MAAM,CAAC,WAAW,EACrB;AACE,gBAAA,MAAM,gBAAgB,CAAC,kCAAkC,CACrD,qGAAqG,CACxG,CAAC;AACL,aAAA;YAED,UAAU,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAC1C,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,aAAa,CACvB,CAAC;AACL,SAAA;AAAM,aAAA;AACH,YAAA,MAAM,gBAAgB,CAAC,uBAAuB,CAC1C,uEAAuE,CAC1E,CAAC;AACL,SAAA;QAED,MAAM,UAAU,CAAC,iBAAiB,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAI;YACnD,IACI,WAAW,CAAC,eAAe,EAAE;gBAC7B,MAAM,CAAC,uBAAuB,EAChC;AACE,gBAAA,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE;AACnB,oBAAA,MAAM,gBAAgB,CAAC,kCAAkC,CACrD,8DAA8D,CACjE,CAAC;AACL,iBAAA;AAED,gBAAA,UAAU,GAAG,MAAM,eAAe,CAAC,MAAM,CACrC,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,aAAa,CACvB,CAAC;AAEF,gBAAA,MAAM,yBAAyB,GAC3B,MAAM,UAAU,CAAC,iBAAiB,EAAE,CAAC;AACzC,gBAAA,IAAI,yBAAyB,EAAE;AAC3B,oBAAA,OAAO,UAAU,CAAC;AACrB,iBAAA;AAED,gBAAA,MAAM,gBAAgB,CAAC,iCAAiC,CACpD,mCAAmC,CACtC,CAAC;AACL,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,CAAC,CAAC;AACX,aAAA;AACL,SAAC,CAAC,CAAC;AAEH,QAAA,OAAO,UAAU,CAAC;KACrB;AACJ;;;;"}
@@ -0,0 +1,54 @@
export declare const Constants: {
/**
* An existing file was the target of an operation that required that the target not exist
*/
EEXIST_ERROR: string;
/**
* No such file or directory: Commonly raised by fs operations to indicate that a component
* of the specified pathname does not exist. No entity (file or directory) could be found
* by the given path
*/
ENOENT_ERROR: string;
/**
* Operation not permitted. An attempt was made to perform an operation that requires
* elevated privileges.
*/
EPERM_ERROR: string;
/**
* Default service name for using MSAL Keytar
*/
DEFAULT_SERVICE_NAME: string;
/**
* Test data used to verify underlying persistence mechanism
*/
PERSISTENCE_TEST_DATA: string;
/**
* This is the value of a the guid if the process is being ran by the root user
*/
LINUX_ROOT_USER_GUID: number;
/**
* List of environment variables
*/
ENVIRONMENT: {
HOME: string;
LOGNAME: string;
USER: string;
LNAME: string;
USERNAME: string;
PLATFORM: string;
LOCAL_APPLICATION_DATA: string;
};
DEFAULT_CACHE_FILE_NAME: string;
};
export declare const Platform: {
readonly WINDOWS: "win32";
readonly LINUX: "linux";
readonly MACOS: "darwin";
};
export type Platform = (typeof Platform)[keyof typeof Platform];
export declare const ErrorCodes: {
readonly INTERATION_REQUIRED_ERROR_CODE: "interaction_required";
readonly SERVER_UNAVAILABLE: "server_unavailable";
readonly UNKNOWN: "unknown_error";
};
export type ErrorCodes = (typeof ErrorCodes)[keyof typeof ErrorCodes];
@@ -0,0 +1,62 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const Constants = {
/**
* An existing file was the target of an operation that required that the target not exist
*/
EEXIST_ERROR: "EEXIST",
/**
* No such file or directory: Commonly raised by fs operations to indicate that a component
* of the specified pathname does not exist. No entity (file or directory) could be found
* by the given path
*/
ENOENT_ERROR: "ENOENT",
/**
* Operation not permitted. An attempt was made to perform an operation that requires
* elevated privileges.
*/
EPERM_ERROR: "EPERM",
/**
* Default service name for using MSAL Keytar
*/
DEFAULT_SERVICE_NAME: "msal-node-extensions",
/**
* Test data used to verify underlying persistence mechanism
*/
PERSISTENCE_TEST_DATA: "Dummy data to verify underlying persistence mechanism",
/**
* This is the value of a the guid if the process is being ran by the root user
*/
LINUX_ROOT_USER_GUID: 0,
/**
* List of environment variables
*/
ENVIRONMENT: {
HOME: "HOME",
LOGNAME: "LOGNAME",
USER: "USER",
LNAME: "LNAME",
USERNAME: "USERNAME",
PLATFORM: "platform",
LOCAL_APPLICATION_DATA: "LOCALAPPDATA",
},
// Name of the default cache file
DEFAULT_CACHE_FILE_NAME: "cache.json",
};
const Platform = {
WINDOWS: "win32",
LINUX: "linux",
MACOS: "darwin",
};
const ErrorCodes = {
INTERATION_REQUIRED_ERROR_CODE: "interaction_required",
SERVER_UNAVAILABLE: "server_unavailable",
UNKNOWN: "unknown_error",
};
export { Constants, ErrorCodes, Platform };
//# sourceMappingURL=Constants.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"Constants.mjs","sources":["../../src/utils/Constants.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAEU,MAAA,SAAS,GAAG;AACrB;;AAEG;AACH,IAAA,YAAY,EAAE,QAAQ;AAEtB;;;;AAIG;AACH,IAAA,YAAY,EAAE,QAAQ;AAEtB;;;AAGG;AACH,IAAA,WAAW,EAAE,OAAO;AAEpB;;AAEG;AACH,IAAA,oBAAoB,EAAE,sBAAsB;AAE5C;;AAEG;AACH,IAAA,qBAAqB,EACjB,uDAAuD;AAE3D;;AAEG;AACH,IAAA,oBAAoB,EAAE,CAAC;AAEvB;;AAEG;AACH,IAAA,WAAW,EAAE;AACT,QAAA,IAAI,EAAE,MAAM;AACZ,QAAA,OAAO,EAAE,SAAS;AAClB,QAAA,IAAI,EAAE,MAAM;AACZ,QAAA,KAAK,EAAE,OAAO;AACd,QAAA,QAAQ,EAAE,UAAU;AACpB,QAAA,QAAQ,EAAE,UAAU;AACpB,QAAA,sBAAsB,EAAE,cAAc;AACzC,KAAA;;AAGD,IAAA,uBAAuB,EAAE,YAAY;EACvC;AAEW,MAAA,QAAQ,GAAG;AACpB,IAAA,OAAO,EAAE,OAAO;AAChB,IAAA,KAAK,EAAE,OAAO;AACd,IAAA,KAAK,EAAE,QAAQ;EACR;AAGE,MAAA,UAAU,GAAG;AACtB,IAAA,8BAA8B,EAAE,sBAAsB;AACtD,IAAA,kBAAkB,EAAE,oBAAoB;AACxC,IAAA,OAAO,EAAE,eAAe;;;;;"}
@@ -0,0 +1,16 @@
export declare class Environment {
static get homeEnvVar(): string;
static get lognameEnvVar(): string;
static get userEnvVar(): string;
static get lnameEnvVar(): string;
static get usernameEnvVar(): string;
static getEnvironmentVariable(name: string): string;
static getEnvironmentPlatform(): string;
static isWindowsPlatform(): boolean;
static isLinuxPlatform(): boolean;
static isMacPlatform(): boolean;
static isLinuxRootUser(): boolean;
static getUserRootDirectory(): string | null;
static getUserHomeDirOnWindows(): string;
static getUserHomeDirOnUnix(): string | null;
}
@@ -0,0 +1,94 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
import path from 'path';
import { Constants, Platform } from './Constants.mjs';
import { PersistenceError } from '../error/PersistenceError.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class Environment {
static get homeEnvVar() {
return this.getEnvironmentVariable(Constants.ENVIRONMENT.HOME);
}
static get lognameEnvVar() {
return this.getEnvironmentVariable(Constants.ENVIRONMENT.LOGNAME);
}
static get userEnvVar() {
return this.getEnvironmentVariable(Constants.ENVIRONMENT.USER);
}
static get lnameEnvVar() {
return this.getEnvironmentVariable(Constants.ENVIRONMENT.LNAME);
}
static get usernameEnvVar() {
return this.getEnvironmentVariable(Constants.ENVIRONMENT.USERNAME);
}
static getEnvironmentVariable(name) {
return process.env[name] || "";
}
static getEnvironmentPlatform() {
return process.platform;
}
static isWindowsPlatform() {
return this.getEnvironmentPlatform() === Platform.WINDOWS;
}
static isLinuxPlatform() {
return this.getEnvironmentPlatform() === Platform.LINUX;
}
static isMacPlatform() {
return this.getEnvironmentPlatform() === Platform.MACOS;
}
static isLinuxRootUser() {
if (typeof process.getuid !== "function") {
return false;
}
return process.getuid() === Constants.LINUX_ROOT_USER_GUID;
}
static getUserRootDirectory() {
return !this.isWindowsPlatform()
? this.getUserHomeDirOnUnix()
: this.getUserHomeDirOnWindows();
}
static getUserHomeDirOnWindows() {
return this.getEnvironmentVariable(Constants.ENVIRONMENT.LOCAL_APPLICATION_DATA);
}
static getUserHomeDirOnUnix() {
if (this.isWindowsPlatform()) {
throw PersistenceError.createNotSupportedError("Getting the user home directory for unix is not supported in windows");
}
if (this.homeEnvVar) {
return this.homeEnvVar;
}
let username = null;
if (this.lognameEnvVar) {
username = this.lognameEnvVar;
}
else if (this.userEnvVar) {
username = this.userEnvVar;
}
else if (this.lnameEnvVar) {
username = this.lnameEnvVar;
}
else if (this.usernameEnvVar) {
username = this.usernameEnvVar;
}
if (this.isMacPlatform()) {
return username ? path.join("/Users", username) : null;
}
else if (this.isLinuxPlatform()) {
if (this.isLinuxRootUser()) {
return "/root";
}
else {
return username ? path.join("/home", username) : null;
}
}
else {
throw PersistenceError.createNotSupportedError("Getting the user home directory for unix is not supported in windows");
}
}
}
export { Environment };
//# sourceMappingURL=Environment.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"Environment.mjs","sources":["../../src/utils/Environment.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAAA;;;AAGG;MAMU,WAAW,CAAA;AACpB,IAAA,WAAW,UAAU,GAAA;QACjB,OAAO,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;KAClE;AAED,IAAA,WAAW,aAAa,GAAA;QACpB,OAAO,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;KACrE;AAED,IAAA,WAAW,UAAU,GAAA;QACjB,OAAO,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;KAClE;AAED,IAAA,WAAW,WAAW,GAAA;QAClB,OAAO,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;KACnE;AAED,IAAA,WAAW,cAAc,GAAA;QACrB,OAAO,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;KACtE;IAED,OAAO,sBAAsB,CAAC,IAAY,EAAA;QACtC,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;KAClC;AAED,IAAA,OAAO,sBAAsB,GAAA;QACzB,OAAO,OAAO,CAAC,QAAQ,CAAC;KAC3B;AAED,IAAA,OAAO,iBAAiB,GAAA;QACpB,OAAO,IAAI,CAAC,sBAAsB,EAAE,KAAK,QAAQ,CAAC,OAAO,CAAC;KAC7D;AAED,IAAA,OAAO,eAAe,GAAA;QAClB,OAAO,IAAI,CAAC,sBAAsB,EAAE,KAAK,QAAQ,CAAC,KAAK,CAAC;KAC3D;AAED,IAAA,OAAO,aAAa,GAAA;QAChB,OAAO,IAAI,CAAC,sBAAsB,EAAE,KAAK,QAAQ,CAAC,KAAK,CAAC;KAC3D;AAED,IAAA,OAAO,eAAe,GAAA;AAClB,QAAA,IAAI,OAAO,OAAO,CAAC,MAAM,KAAK,UAAU,EAAE;AACtC,YAAA,OAAO,KAAK,CAAC;AAChB,SAAA;QAED,OAAO,OAAO,CAAC,MAAM,EAAE,KAAK,SAAS,CAAC,oBAAoB,CAAC;KAC9D;AAED,IAAA,OAAO,oBAAoB,GAAA;AACvB,QAAA,OAAO,CAAC,IAAI,CAAC,iBAAiB,EAAE;AAC5B,cAAE,IAAI,CAAC,oBAAoB,EAAE;AAC7B,cAAE,IAAI,CAAC,uBAAuB,EAAE,CAAC;KACxC;AAED,IAAA,OAAO,uBAAuB,GAAA;QAC1B,OAAO,IAAI,CAAC,sBAAsB,CAC9B,SAAS,CAAC,WAAW,CAAC,sBAAsB,CAC/C,CAAC;KACL;AAED,IAAA,OAAO,oBAAoB,GAAA;AACvB,QAAA,IAAI,IAAI,CAAC,iBAAiB,EAAE,EAAE;AAC1B,YAAA,MAAM,gBAAgB,CAAC,uBAAuB,CAC1C,sEAAsE,CACzE,CAAC;AACL,SAAA;QAED,IAAI,IAAI,CAAC,UAAU,EAAE;YACjB,OAAO,IAAI,CAAC,UAAU,CAAC;AAC1B,SAAA;QAED,IAAI,QAAQ,GAAG,IAAI,CAAC;QACpB,IAAI,IAAI,CAAC,aAAa,EAAE;AACpB,YAAA,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC;AACjC,SAAA;aAAM,IAAI,IAAI,CAAC,UAAU,EAAE;AACxB,YAAA,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC;AAC9B,SAAA;aAAM,IAAI,IAAI,CAAC,WAAW,EAAE;AACzB,YAAA,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC;AAC/B,SAAA;aAAM,IAAI,IAAI,CAAC,cAAc,EAAE;AAC5B,YAAA,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC;AAClC,SAAA;AAED,QAAA,IAAI,IAAI,CAAC,aAAa,EAAE,EAAE;AACtB,YAAA,OAAO,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAC;AAC1D,SAAA;AAAM,aAAA,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE;AAC/B,YAAA,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE;AACxB,gBAAA,OAAO,OAAO,CAAC;AAClB,aAAA;AAAM,iBAAA;AACH,gBAAA,OAAO,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,GAAG,IAAI,CAAC;AACzD,aAAA;AACJ,SAAA;AAAM,aAAA;AACH,YAAA,MAAM,gBAAgB,CAAC,uBAAuB,CAC1C,sEAAsE,CACzE,CAAC;AACL,SAAA;KACJ;AACJ;;;;"}
@@ -0,0 +1,5 @@
/// <reference types="node" resolution-mode="require"/>
/**
* Returns whether or not the given object is a Node.js error
*/
export declare const isNodeError: (error: unknown) => error is NodeJS.ErrnoException;
@@ -0,0 +1,15 @@
/*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Returns whether or not the given object is a Node.js error
*/
const isNodeError = (error) => {
return !!error && typeof error === "object" && error.hasOwnProperty("code");
};
export { isNodeError };
//# sourceMappingURL=TypeGuards.mjs.map
@@ -0,0 +1 @@
{"version":3,"file":"TypeGuards.mjs","sources":["../../src/utils/TypeGuards.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAEH;;AAEG;AACU,MAAA,WAAW,GAAG,CAAC,KAAc,KAAoC;AAC1E,IAAA,OAAO,CAAC,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;AAChF;;;;"}