| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 |
- // Copyright (c) Microsoft Corporation. All rights reserved.
- // Licensed under the MIT License. See License.txt in the project root for license information.
- import { ApplicationTokenCredentials } from "./applicationTokenCredentials";
- import { ApplicationTokenCertificateCredentials } from "./applicationTokenCertificateCredentials";
- import { DeviceTokenCredentials } from "./deviceTokenCredentials";
- import { MSIAppServiceTokenCredentials } from "./msiAppServiceTokenCredentials";
- import { MSITokenCredentials } from "./msiTokenCredentials";
- import { MSIVmTokenCredentials } from "./msiVmTokenCredentials";
- import { TokenCredentialsBase } from "./tokenCredentialsBase";
- import { UserTokenCredentials } from "./userTokenCredentials";
- import { AuthenticationContext, TokenResponse, ErrorResponse } from "adal-node";
- import { Authenticator } from "@azure/ms-rest-js";
- export function createAuthenticator(credentials: MSITokenCredentials): Authenticator {
- const convertedCredentials = _convert(credentials);
- const authenticator = _createAuthenticatorMapper(convertedCredentials);
- return authenticator;
- }
- function _convert(credentials: MSITokenCredentials): MSITokenCredentials {
- if (credentials instanceof MSIAppServiceTokenCredentials) {
- return new MSIAppServiceTokenCredentials({
- msiEndpoint: credentials.msiEndpoint,
- msiSecret: credentials.msiSecret,
- msiApiVersion: credentials.msiApiVersion,
- resource: credentials.resource
- });
- } else if (credentials instanceof MSIVmTokenCredentials) {
- return new MSIVmTokenCredentials({
- resource: credentials.resource,
- msiEndpoint: credentials.msiEndpoint
- });
- } else if (credentials instanceof MSITokenCredentials) {
- throw new Error("MSI-credentials not one of: MSIVmTokenCredentials, MSIAppServiceTokenCredentials");
- } else {
- return credentials;
- }
- }
- function _createAuthenticatorMapper(credentials: MSITokenCredentials): Authenticator {
- return (challenge: any) => new Promise((resolve, reject) => {
- // Function to take token Response and format a authorization value
- const _formAuthorizationValue = (err: Error, tokenResponse: TokenResponse | ErrorResponse) => {
- if (err) {
- return reject(err);
- }
- if (tokenResponse.error) {
- return reject(tokenResponse.error);
- }
- tokenResponse = tokenResponse as TokenResponse;
- // Calculate the value to be set in the request's Authorization header and resume the call.
- const authorizationValue = tokenResponse.tokenType + " " + tokenResponse.accessToken;
- return resolve(authorizationValue);
- };
- // Create a new authentication context.
- if (credentials instanceof TokenCredentialsBase) {
- const context = new AuthenticationContext(challenge.authorization, true, credentials.authContext && credentials.authContext.cache);
- if (credentials instanceof ApplicationTokenCredentials) {
- return context.acquireTokenWithClientCredentials(
- challenge.resource, credentials.clientId, credentials.secret, _formAuthorizationValue);
- } else if (credentials instanceof ApplicationTokenCertificateCredentials) {
- return context.acquireTokenWithClientCertificate(
- challenge.resource, credentials.clientId, credentials.certificate, credentials.thumbprint, _formAuthorizationValue);
- } else if (credentials instanceof UserTokenCredentials) {
- return context.acquireTokenWithUsernamePassword(
- challenge.resource, credentials.username, credentials.password, credentials.clientId, _formAuthorizationValue);
- } else if (credentials instanceof DeviceTokenCredentials) {
- return context.acquireToken(
- challenge.resource, credentials.username, credentials.clientId, _formAuthorizationValue);
- }
- } else if (credentials instanceof MSITokenCredentials) {
- return credentials.getToken();
- } else {
- return reject(new Error("credentials must be one of: ApplicationTokenCredentials, UserTokenCredentials, " +
- "DeviceTokenCredentials, MSITokenCredentials"));
- }
- });
- }
|