tokenCredentialsBase.js 3.9 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. "use strict";
  2. // Copyright (c) Microsoft Corporation. All rights reserved.
  3. // Licensed under the MIT License. See License.txt in the project root for license information.
  4. var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
  5. return new (P || (P = Promise))(function (resolve, reject) {
  6. function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
  7. function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
  8. function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
  9. step((generator = generator.apply(thisArg, _arguments || [])).next());
  10. });
  11. };
  12. Object.defineProperty(exports, "__esModule", { value: true });
  13. const ms_rest_js_1 = require("@azure/ms-rest-js");
  14. const ms_rest_azure_env_1 = require("@azure/ms-rest-azure-env");
  15. const adal_node_1 = require("adal-node");
  16. class TokenCredentialsBase {
  17. constructor(clientId, domain, tokenAudience, environment = ms_rest_azure_env_1.Environment.AzureCloud, tokenCache = new adal_node_1.MemoryCache()) {
  18. this.clientId = clientId;
  19. this.domain = domain;
  20. this.tokenAudience = tokenAudience;
  21. this.environment = environment;
  22. this.tokenCache = tokenCache;
  23. if (!clientId || typeof clientId.valueOf() !== "string") {
  24. throw new Error("clientId must be a non empty string.");
  25. }
  26. if (!domain || typeof domain.valueOf() !== "string") {
  27. throw new Error("domain must be a non empty string.");
  28. }
  29. if (this.tokenAudience === "graph" && this.domain.toLowerCase() === "common") {
  30. throw new Error(`${"If the tokenAudience is specified as \"graph\" then \"domain\" cannot be defaulted to \"commmon\" tenant.\
  31. It must be the actual tenant (preferrably a string in a guid format)."}`);
  32. }
  33. const authorityUrl = this.environment.activeDirectoryEndpointUrl + this.domain;
  34. this.authContext = new adal_node_1.AuthenticationContext(authorityUrl, this.environment.validateAuthority, this.tokenCache);
  35. }
  36. getActiveDirectoryResourceId() {
  37. let resource = this.environment.activeDirectoryResourceId;
  38. if (this.tokenAudience) {
  39. resource = this.tokenAudience;
  40. if (this.tokenAudience.toLowerCase() === "graph") {
  41. resource = this.environment.activeDirectoryGraphResourceId;
  42. }
  43. else if (this.tokenAudience.toLowerCase() === "batch") {
  44. resource = this.environment.batchResourceId;
  45. }
  46. }
  47. return resource;
  48. }
  49. getTokenFromCache(username) {
  50. const self = this;
  51. const resource = this.getActiveDirectoryResourceId();
  52. return new Promise((resolve, reject) => {
  53. self.authContext.acquireToken(resource, username, self.clientId, (error, tokenResponse) => {
  54. if (error) {
  55. return reject(error);
  56. }
  57. if (tokenResponse.error || tokenResponse.errorDescription) {
  58. return reject(tokenResponse);
  59. }
  60. return resolve(tokenResponse);
  61. });
  62. });
  63. }
  64. /**
  65. * Signs a request with the Authentication header.
  66. *
  67. * @param {webResource} The WebResource to be signed.
  68. * @param {function(error)} callback The callback function.
  69. * @return {undefined}
  70. */
  71. signRequest(webResource) {
  72. return __awaiter(this, void 0, void 0, function* () {
  73. const tokenResponse = yield this.getToken();
  74. webResource.headers.set(ms_rest_js_1.Constants.HeaderConstants.AUTHORIZATION, `${tokenResponse.tokenType} ${tokenResponse.accessToken}`);
  75. return Promise.resolve(webResource);
  76. });
  77. }
  78. }
  79. exports.TokenCredentialsBase = TokenCredentialsBase;
  80. //# sourceMappingURL=tokenCredentialsBase.js.map