Commit iniziale

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AppService.d.ts

@@ -0,0 +1,18 @@
+import { INetworkModule, Logger } from "@azure/msal-common/node";
+import { BaseManagedIdentitySource } from "./BaseManagedIdentitySource.js";
+import { CryptoProvider } from "../../crypto/CryptoProvider.js";
+import { ManagedIdentityRequestParameters } from "../../config/ManagedIdentityRequestParameters.js";
+import { ManagedIdentityId } from "../../config/ManagedIdentityId.js";
+import { NodeStorage } from "../../cache/NodeStorage.js";
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/AppServiceManagedIdentitySource.cs
+ */
+export declare class AppService extends BaseManagedIdentitySource {
+    private identityEndpoint;
+    private identityHeader;
+    constructor(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, identityEndpoint: string, identityHeader: string);
+    static getEnvironmentVariables(): Array<string | undefined>;
+    static tryCreate(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider): AppService | null;
+    createRequest(resource: string, managedIdentityId: ManagedIdentityId): ManagedIdentityRequestParameters;
+}
+//# sourceMappingURL=AppService.d.ts.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AppService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AppService.d.ts","sourceRoot":"","sources":["../../../src/client/ManagedIdentitySources/AppService.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAU3E,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,gCAAgC,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAKzD;;GAEG;AACH,qBAAa,UAAW,SAAQ,yBAAyB;IACrD,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,cAAc,CAAS;gBAG3B,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,gBAAgB,EAAE,MAAM,EACxB,cAAc,EAAE,MAAM;WAQZ,uBAAuB,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,CAAC;WAapD,SAAS,CACnB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,GAC/B,UAAU,GAAG,IAAI;IAkCb,aAAa,CAChB,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,iBAAiB,GACrC,gCAAgC;CA4BtC"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AppService.mjs

@@ -0,0 +1,54 @@
+/*! @azure/msal-node v2.16.2 2024-11-19 */
+'use strict';
+import { BaseManagedIdentitySource } from './BaseManagedIdentitySource.mjs';
+import { ManagedIdentityEnvironmentVariableNames, ManagedIdentitySourceNames, APP_SERVICE_SECRET_HEADER_NAME, API_VERSION_QUERY_PARAMETER_NAME, RESOURCE_BODY_OR_QUERY_PARAMETER_NAME, ManagedIdentityIdType, HttpMethod } from '../../utils/Constants.mjs';
+import { ManagedIdentityRequestParameters } from '../../config/ManagedIdentityRequestParameters.mjs';
+
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+// MSI Constants. Docs for MSI are available here https://docs.microsoft.com/azure/app-service/overview-managed-identity
+const APP_SERVICE_MSI_API_VERSION = "2019-08-01";
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/AppServiceManagedIdentitySource.cs
+ */
+class AppService extends BaseManagedIdentitySource {
+    constructor(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint, identityHeader) {
+        super(logger, nodeStorage, networkClient, cryptoProvider);
+        this.identityEndpoint = identityEndpoint;
+        this.identityHeader = identityHeader;
+    }
+    static getEnvironmentVariables() {
+        const identityEndpoint = process.env[ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT];
+        const identityHeader = process.env[ManagedIdentityEnvironmentVariableNames.IDENTITY_HEADER];
+        return [identityEndpoint, identityHeader];
+    }
+    static tryCreate(logger, nodeStorage, networkClient, cryptoProvider) {
+        const [identityEndpoint, identityHeader] = AppService.getEnvironmentVariables();
+        // if either of the identity endpoint or identity header variables are undefined, this MSI provider is unavailable.
+        if (!identityEndpoint || !identityHeader) {
+            logger.info(`[Managed Identity] ${ManagedIdentitySourceNames.APP_SERVICE} managed identity is unavailable because one or both of the '${ManagedIdentityEnvironmentVariableNames.IDENTITY_HEADER}' and '${ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT}' environment variables are not defined.`);
+            return null;
+        }
+        const validatedIdentityEndpoint = AppService.getValidatedEnvVariableUrlString(ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT, identityEndpoint, ManagedIdentitySourceNames.APP_SERVICE, logger);
+        logger.info(`[Managed Identity] Environment variables validation passed for ${ManagedIdentitySourceNames.APP_SERVICE} managed identity. Endpoint URI: ${validatedIdentityEndpoint}. Creating ${ManagedIdentitySourceNames.APP_SERVICE} managed identity.`);
+        return new AppService(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint, identityHeader);
+    }
+    createRequest(resource, managedIdentityId) {
+        const request = new ManagedIdentityRequestParameters(HttpMethod.GET, this.identityEndpoint);
+        request.headers[APP_SERVICE_SECRET_HEADER_NAME] = this.identityHeader;
+        request.queryParameters[API_VERSION_QUERY_PARAMETER_NAME] =
+            APP_SERVICE_MSI_API_VERSION;
+        request.queryParameters[RESOURCE_BODY_OR_QUERY_PARAMETER_NAME] =
+            resource;
+        if (managedIdentityId.idType !== ManagedIdentityIdType.SYSTEM_ASSIGNED) {
+            request.queryParameters[this.getManagedIdentityUserAssignedIdQueryParameterKey(managedIdentityId.idType)] = managedIdentityId.id;
+        }
+        // bodyParameters calculated in BaseManagedIdentity.acquireTokenWithManagedIdentity
+        return request;
+    }
+}
+
+export { AppService };
+//# sourceMappingURL=AppService.mjs.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AppService.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"AppService.mjs","sources":["../../../src/client/ManagedIdentitySources/AppService.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAAA;;;AAGG;AAkBH;AACA,MAAM,2BAA2B,GAAW,YAAY,CAAC;AAEzD;;AAEG;AACG,MAAO,UAAW,SAAQ,yBAAyB,CAAA;IAIrD,WACI,CAAA,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAC9B,gBAAwB,EACxB,cAAsB,EAAA;QAEtB,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;AAE1D,QAAA,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;AACzC,QAAA,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;KACxC;AAEM,IAAA,OAAO,uBAAuB,GAAA;QACjC,MAAM,gBAAgB,GAClB,OAAO,CAAC,GAAG,CACP,uCAAuC,CAAC,iBAAiB,CAC5D,CAAC;QACN,MAAM,cAAc,GAChB,OAAO,CAAC,GAAG,CACP,uCAAuC,CAAC,eAAe,CAC1D,CAAC;AAEN,QAAA,OAAO,CAAC,gBAAgB,EAAE,cAAc,CAAC,CAAC;KAC7C;IAEM,OAAO,SAAS,CACnB,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAAA;QAE9B,MAAM,CAAC,gBAAgB,EAAE,cAAc,CAAC,GACpC,UAAU,CAAC,uBAAuB,EAAE,CAAC;;AAGzC,QAAA,IAAI,CAAC,gBAAgB,IAAI,CAAC,cAAc,EAAE;AACtC,YAAA,MAAM,CAAC,IAAI,CACP,CAAsB,mBAAA,EAAA,0BAA0B,CAAC,WAAW,CAAA,6DAAA,EAAgE,uCAAuC,CAAC,eAAe,CAAU,OAAA,EAAA,uCAAuC,CAAC,iBAAiB,CAAA,wCAAA,CAA0C,CACnS,CAAC;AACF,YAAA,OAAO,IAAI,CAAC;AACf,SAAA;AAED,QAAA,MAAM,yBAAyB,GAC3B,UAAU,CAAC,gCAAgC,CACvC,uCAAuC,CAAC,iBAAiB,EACzD,gBAAgB,EAChB,0BAA0B,CAAC,WAAW,EACtC,MAAM,CACT,CAAC;AAEN,QAAA,MAAM,CAAC,IAAI,CACP,CAAA,+DAAA,EAAkE,0BAA0B,CAAC,WAAW,CAAoC,iCAAA,EAAA,yBAAyB,cAAc,0BAA0B,CAAC,WAAW,CAAA,kBAAA,CAAoB,CAChP,CAAC;AAEF,QAAA,OAAO,IAAI,UAAU,CACjB,MAAM,EACN,WAAW,EACX,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,cAAc,CACjB,CAAC;KACL;IAEM,aAAa,CAChB,QAAgB,EAChB,iBAAoC,EAAA;AAEpC,QAAA,MAAM,OAAO,GACT,IAAI,gCAAgC,CAChC,UAAU,CAAC,GAAG,EACd,IAAI,CAAC,gBAAgB,CACxB,CAAC;QAEN,OAAO,CAAC,OAAO,CAAC,8BAA8B,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC;AAEtE,QAAA,OAAO,CAAC,eAAe,CAAC,gCAAgC,CAAC;AACrD,YAAA,2BAA2B,CAAC;AAChC,QAAA,OAAO,CAAC,eAAe,CAAC,qCAAqC,CAAC;AAC1D,YAAA,QAAQ,CAAC;AAEb,QAAA,IACI,iBAAiB,CAAC,MAAM,KAAK,qBAAqB,CAAC,eAAe,EACpE;AACE,YAAA,OAAO,CAAC,eAAe,CACnB,IAAI,CAAC,iDAAiD,CAClD,iBAAiB,CAAC,MAAM,CAC3B,CACJ,GAAG,iBAAiB,CAAC,EAAE,CAAC;AAC5B,SAAA;;AAID,QAAA,OAAO,OAAO,CAAC;KAClB;AACJ;;;;"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AzureArc.d.ts

@@ -0,0 +1,28 @@
+import { INetworkModule, NetworkResponse, NetworkRequestOptions, Logger, ServerAuthorizationTokenResponse } from "@azure/msal-common/node";
+import { ManagedIdentityRequestParameters } from "../../config/ManagedIdentityRequestParameters.js";
+import { BaseManagedIdentitySource } from "./BaseManagedIdentitySource.js";
+import { CryptoProvider } from "../../crypto/CryptoProvider.js";
+import { NodeStorage } from "../../cache/NodeStorage.js";
+import { ManagedIdentityTokenResponse } from "../../response/ManagedIdentityTokenResponse.js";
+import { ManagedIdentityId } from "../../config/ManagedIdentityId.js";
+export declare const ARC_API_VERSION: string;
+export declare const DEFAULT_AZURE_ARC_IDENTITY_ENDPOINT: string;
+type FilePathMap = {
+    win32: string;
+    linux: string;
+};
+export declare const SUPPORTED_AZURE_ARC_PLATFORMS: FilePathMap;
+export declare const AZURE_ARC_FILE_DETECTION: FilePathMap;
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/AzureArcManagedIdentitySource.cs
+ */
+export declare class AzureArc extends BaseManagedIdentitySource {
+    private identityEndpoint;
+    constructor(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, identityEndpoint: string);
+    static getEnvironmentVariables(): Array<string | undefined>;
+    static tryCreate(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, managedIdentityId: ManagedIdentityId): AzureArc | null;
+    createRequest(resource: string): ManagedIdentityRequestParameters;
+    getServerTokenResponseAsync(originalResponse: NetworkResponse<ManagedIdentityTokenResponse>, networkClient: INetworkModule, networkRequest: ManagedIdentityRequestParameters, networkRequestOptions: NetworkRequestOptions): Promise<ServerAuthorizationTokenResponse>;
+}
+export {};
+//# sourceMappingURL=AzureArc.d.ts.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AzureArc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AzureArc.d.ts","sourceRoot":"","sources":["../../../src/client/ManagedIdentitySources/AzureArc.ts"],"names":[],"mappings":"AAKA,OAAO,EAKH,cAAc,EACd,eAAe,EACf,qBAAqB,EACrB,MAAM,EACN,gCAAgC,EACnC,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,gCAAgC,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAgBhE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAOzD,OAAO,EAAE,4BAA4B,EAAE,MAAM,gDAAgD,CAAC;AAC9F,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAGtE,eAAO,MAAM,eAAe,EAAE,MAAqB,CAAC;AACpD,eAAO,MAAM,mCAAmC,EAAE,MACS,CAAC;AAG5D,KAAK,WAAW,GAAG;IACf,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACjB,CAAC;AAEF,eAAO,MAAM,6BAA6B,EAAE,WAG3C,CAAC;AAEF,eAAO,MAAM,wBAAwB,EAAE,WAGtC,CAAC;AAEF;;GAEG;AACH,qBAAa,QAAS,SAAQ,yBAAyB;IACnD,OAAO,CAAC,gBAAgB,CAAS;gBAG7B,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,gBAAgB,EAAE,MAAM;WAOd,uBAAuB,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,CAAC;WAoCpD,SAAS,CACnB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,iBAAiB,EAAE,iBAAiB,GACrC,QAAQ,GAAG,IAAI;IA8DX,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,gCAAgC;IAmB3D,2BAA2B,CACpC,gBAAgB,EAAE,eAAe,CAAC,4BAA4B,CAAC,EAC/D,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,gCAAgC,EAChD,qBAAqB,EAAE,qBAAqB,GAC7C,OAAO,CAAC,gCAAgC,CAAC;CA0G/C"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/AzureArc.mjs

@@ -0,0 +1,167 @@
+/*! @azure/msal-node v2.16.2 2024-11-19 */
+'use strict';
+import { HttpStatus, AuthError, createClientAuthError, ClientAuthErrorCodes } from '@azure/msal-common/node';
+import { ManagedIdentityRequestParameters } from '../../config/ManagedIdentityRequestParameters.mjs';
+import { BaseManagedIdentitySource } from './BaseManagedIdentitySource.mjs';
+import { createManagedIdentityError } from '../../error/ManagedIdentityError.mjs';
+import { ManagedIdentityEnvironmentVariableNames, ManagedIdentitySourceNames, ManagedIdentityIdType, HttpMethod, METADATA_HEADER_NAME, API_VERSION_QUERY_PARAMETER_NAME, RESOURCE_BODY_OR_QUERY_PARAMETER_NAME, AZURE_ARC_SECRET_FILE_MAX_SIZE_BYTES, AUTHORIZATION_HEADER_NAME } from '../../utils/Constants.mjs';
+import { accessSync, constants, statSync, readFileSync } from 'fs';
+import path from 'path';
+import { unableToCreateAzureArc, wwwAuthenticateHeaderMissing, wwwAuthenticateHeaderUnsupportedFormat, platformNotSupported, invalidFileExtension, invalidFilePath, unableToReadSecretFile, invalidSecret } from '../../error/ManagedIdentityErrorCodes.mjs';
+
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+const ARC_API_VERSION = "2019-11-01";
+const DEFAULT_AZURE_ARC_IDENTITY_ENDPOINT = "http://127.0.0.1:40342/metadata/identity/oauth2/token";
+const HIMDS_EXECUTABLE_HELPER_STRING = "N/A: himds executable exists";
+const SUPPORTED_AZURE_ARC_PLATFORMS = {
+    win32: `${process.env["ProgramData"]}\\AzureConnectedMachineAgent\\Tokens\\`,
+    linux: "/var/opt/azcmagent/tokens/",
+};
+const AZURE_ARC_FILE_DETECTION = {
+    win32: `${process.env["ProgramFiles"]}\\AzureConnectedMachineAgent\\himds.exe`,
+    linux: "/opt/azcmagent/bin/himds",
+};
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/AzureArcManagedIdentitySource.cs
+ */
+class AzureArc extends BaseManagedIdentitySource {
+    constructor(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint) {
+        super(logger, nodeStorage, networkClient, cryptoProvider);
+        this.identityEndpoint = identityEndpoint;
+    }
+    static getEnvironmentVariables() {
+        let identityEndpoint = process.env[ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT];
+        let imdsEndpoint = process.env[ManagedIdentityEnvironmentVariableNames.IMDS_ENDPOINT];
+        // if either of the identity or imds endpoints are undefined, check if the himds executable exists
+        if (!identityEndpoint || !imdsEndpoint) {
+            // get the expected Windows or Linux file path of the himds executable
+            const fileDetectionPath = AZURE_ARC_FILE_DETECTION[process.platform];
+            try {
+                /*
+                 * check if the himds executable exists and its permissions allow it to be read
+                 * returns undefined if true, throws an error otherwise
+                 */
+                accessSync(fileDetectionPath, constants.F_OK | constants.R_OK);
+                identityEndpoint = DEFAULT_AZURE_ARC_IDENTITY_ENDPOINT;
+                imdsEndpoint = HIMDS_EXECUTABLE_HELPER_STRING;
+            }
+            catch (err) {
+                /*
+                 * do nothing
+                 * accessSync returns undefined on success, and throws an error on failure
+                 */
+            }
+        }
+        return [identityEndpoint, imdsEndpoint];
+    }
+    static tryCreate(logger, nodeStorage, networkClient, cryptoProvider, managedIdentityId) {
+        const [identityEndpoint, imdsEndpoint] = AzureArc.getEnvironmentVariables();
+        // if either of the identity or imds endpoints are undefined (even after himds file detection)
+        if (!identityEndpoint || !imdsEndpoint) {
+            logger.info(`[Managed Identity] ${ManagedIdentitySourceNames.AZURE_ARC} managed identity is unavailable through environment variables because one or both of '${ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT}' and '${ManagedIdentityEnvironmentVariableNames.IMDS_ENDPOINT}' are not defined. ${ManagedIdentitySourceNames.AZURE_ARC} managed identity is also unavailable through file detection.`);
+            return null;
+        }
+        // check if the imds endpoint is set to the default for file detection
+        if (imdsEndpoint === HIMDS_EXECUTABLE_HELPER_STRING) {
+            logger.info(`[Managed Identity] ${ManagedIdentitySourceNames.AZURE_ARC} managed identity is available through file detection. Defaulting to known ${ManagedIdentitySourceNames.AZURE_ARC} endpoint: ${DEFAULT_AZURE_ARC_IDENTITY_ENDPOINT}. Creating ${ManagedIdentitySourceNames.AZURE_ARC} managed identity.`);
+        }
+        else {
+            // otherwise, both the identity and imds endpoints are defined without file detection; validate them
+            const validatedIdentityEndpoint = AzureArc.getValidatedEnvVariableUrlString(ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT, identityEndpoint, ManagedIdentitySourceNames.AZURE_ARC, logger);
+            // remove trailing slash
+            validatedIdentityEndpoint.endsWith("/")
+                ? validatedIdentityEndpoint.slice(0, -1)
+                : validatedIdentityEndpoint;
+            AzureArc.getValidatedEnvVariableUrlString(ManagedIdentityEnvironmentVariableNames.IMDS_ENDPOINT, imdsEndpoint, ManagedIdentitySourceNames.AZURE_ARC, logger);
+            logger.info(`[Managed Identity] Environment variables validation passed for ${ManagedIdentitySourceNames.AZURE_ARC} managed identity. Endpoint URI: ${validatedIdentityEndpoint}. Creating ${ManagedIdentitySourceNames.AZURE_ARC} managed identity.`);
+        }
+        if (managedIdentityId.idType !== ManagedIdentityIdType.SYSTEM_ASSIGNED) {
+            throw createManagedIdentityError(unableToCreateAzureArc);
+        }
+        return new AzureArc(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint);
+    }
+    createRequest(resource) {
+        const request = new ManagedIdentityRequestParameters(HttpMethod.GET, this.identityEndpoint.replace("localhost", "127.0.0.1"));
+        request.headers[METADATA_HEADER_NAME] = "true";
+        request.queryParameters[API_VERSION_QUERY_PARAMETER_NAME] =
+            ARC_API_VERSION;
+        request.queryParameters[RESOURCE_BODY_OR_QUERY_PARAMETER_NAME] =
+            resource;
+        // bodyParameters calculated in BaseManagedIdentity.acquireTokenWithManagedIdentity
+        return request;
+    }
+    async getServerTokenResponseAsync(originalResponse, networkClient, networkRequest, networkRequestOptions) {
+        let retryResponse;
+        if (originalResponse.status === HttpStatus.UNAUTHORIZED) {
+            const wwwAuthHeader = originalResponse.headers["www-authenticate"];
+            if (!wwwAuthHeader) {
+                throw createManagedIdentityError(wwwAuthenticateHeaderMissing);
+            }
+            if (!wwwAuthHeader.includes("Basic realm=")) {
+                throw createManagedIdentityError(wwwAuthenticateHeaderUnsupportedFormat);
+            }
+            const secretFilePath = wwwAuthHeader.split("Basic realm=")[1];
+            // throw an error if the managed identity application is not being run on Windows or Linux
+            if (!SUPPORTED_AZURE_ARC_PLATFORMS.hasOwnProperty(process.platform)) {
+                throw createManagedIdentityError(platformNotSupported);
+            }
+            // get the expected Windows or Linux file path
+            const expectedSecretFilePath = SUPPORTED_AZURE_ARC_PLATFORMS[process.platform];
+            // throw an error if the file in the file path is not a .key file
+            const fileName = path.basename(secretFilePath);
+            if (!fileName.endsWith(".key")) {
+                throw createManagedIdentityError(invalidFileExtension);
+            }
+            /*
+             * throw an error if the file path from the www-authenticate header does not match the
+             * expected file path for the platform (Windows or Linux) the managed identity application
+             * is running on
+             */
+            if (expectedSecretFilePath + fileName !== secretFilePath) {
+                throw createManagedIdentityError(invalidFilePath);
+            }
+            let secretFileSize;
+            // attempt to get the secret file's size, in bytes
+            try {
+                secretFileSize = await statSync(secretFilePath).size;
+            }
+            catch (e) {
+                throw createManagedIdentityError(unableToReadSecretFile);
+            }
+            // throw an error if the secret file's size is greater than 4096 bytes
+            if (secretFileSize > AZURE_ARC_SECRET_FILE_MAX_SIZE_BYTES) {
+                throw createManagedIdentityError(invalidSecret);
+            }
+            // attempt to read the contents of the secret file
+            let secret;
+            try {
+                secret = readFileSync(secretFilePath, "utf-8");
+            }
+            catch (e) {
+                throw createManagedIdentityError(unableToReadSecretFile);
+            }
+            const authHeaderValue = `Basic ${secret}`;
+            this.logger.info(`[Managed Identity] Adding authorization header to the request.`);
+            networkRequest.headers[AUTHORIZATION_HEADER_NAME] = authHeaderValue;
+            try {
+                retryResponse =
+                    await networkClient.sendGetRequestAsync(networkRequest.computeUri(), networkRequestOptions);
+            }
+            catch (error) {
+                if (error instanceof AuthError) {
+                    throw error;
+                }
+                else {
+                    throw createClientAuthError(ClientAuthErrorCodes.networkError);
+                }
+            }
+        }
+        return this.getServerTokenResponse(retryResponse || originalResponse);
+    }
+}
+
+export { ARC_API_VERSION, AZURE_ARC_FILE_DETECTION, AzureArc, DEFAULT_AZURE_ARC_IDENTITY_ENDPOINT, SUPPORTED_AZURE_ARC_PLATFORMS };
+//# sourceMappingURL=AzureArc.mjs.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/BaseManagedIdentitySource.d.ts

@@ -0,0 +1,31 @@
+import { Authority, INetworkModule, Logger, NetworkRequestOptions, NetworkResponse, ServerAuthorizationTokenResponse, AuthenticationResult } from "@azure/msal-common/node";
+import { ManagedIdentityId } from "../../config/ManagedIdentityId.js";
+import { ManagedIdentityRequestParameters } from "../../config/ManagedIdentityRequestParameters.js";
+import { CryptoProvider } from "../../crypto/CryptoProvider.js";
+import { ManagedIdentityRequest } from "../../request/ManagedIdentityRequest.js";
+import { ManagedIdentityIdType } from "../../utils/Constants.js";
+import { ManagedIdentityTokenResponse } from "../../response/ManagedIdentityTokenResponse.js";
+import { NodeStorage } from "../../cache/NodeStorage.js";
+/**
+ * Managed Identity User Assigned Id Query Parameter Names
+ */
+export declare const ManagedIdentityUserAssignedIdQueryParameterNames: {
+    readonly MANAGED_IDENTITY_CLIENT_ID: "client_id";
+    readonly MANAGED_IDENTITY_OBJECT_ID: "object_id";
+    readonly MANAGED_IDENTITY_RESOURCE_ID: "mi_res_id";
+};
+export type ManagedIdentityUserAssignedIdQueryParameterNames = (typeof ManagedIdentityUserAssignedIdQueryParameterNames)[keyof typeof ManagedIdentityUserAssignedIdQueryParameterNames];
+export declare abstract class BaseManagedIdentitySource {
+    protected logger: Logger;
+    private nodeStorage;
+    private networkClient;
+    private cryptoProvider;
+    constructor(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider);
+    abstract createRequest(request: string, managedIdentityId: ManagedIdentityId): ManagedIdentityRequestParameters;
+    getServerTokenResponseAsync(response: NetworkResponse<ManagedIdentityTokenResponse>, _networkClient: INetworkModule, _networkRequest: ManagedIdentityRequestParameters, _networkRequestOptions: NetworkRequestOptions): Promise<ServerAuthorizationTokenResponse>;
+    getServerTokenResponse(response: NetworkResponse<ManagedIdentityTokenResponse>): ServerAuthorizationTokenResponse;
+    acquireTokenWithManagedIdentity(managedIdentityRequest: ManagedIdentityRequest, managedIdentityId: ManagedIdentityId, fakeAuthority: Authority, refreshAccessToken?: boolean): Promise<AuthenticationResult>;
+    getManagedIdentityUserAssignedIdQueryParameterKey(managedIdentityIdType: ManagedIdentityIdType): string;
+    static getValidatedEnvVariableUrlString: (envVariableStringName: string, envVariable: string, sourceName: string, logger: Logger) => string;
+}
+//# sourceMappingURL=BaseManagedIdentitySource.d.ts.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/BaseManagedIdentitySource.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"BaseManagedIdentitySource.d.ts","sourceRoot":"","sources":["../../../src/client/ManagedIdentitySources/BaseManagedIdentitySource.ts"],"names":[],"mappings":"AAKA,OAAO,EAEH,SAAS,EAIT,cAAc,EACd,MAAM,EACN,qBAAqB,EACrB,eAAe,EAEf,gCAAgC,EAGhC,oBAAoB,EAEvB,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,OAAO,EAAE,gCAAgC,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,MAAM,yCAAyC,CAAC;AACjF,OAAO,EAAc,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAC7E,OAAO,EAAE,4BAA4B,EAAE,MAAM,gDAAgD,CAAC;AAC9F,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AAMzD;;GAEG;AACH,eAAO,MAAM,gDAAgD;;;;CAInD,CAAC;AACX,MAAM,MAAM,gDAAgD,GACxD,CAAC,OAAO,gDAAgD,CAAC,CAAC,MAAM,OAAO,gDAAgD,CAAC,CAAC;AAE7H,8BAAsB,yBAAyB;IAC3C,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,aAAa,CAAiB;IACtC,OAAO,CAAC,cAAc,CAAiB;gBAGnC,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc;IAQlC,QAAQ,CAAC,aAAa,CAClB,OAAO,EAAE,MAAM,EACf,iBAAiB,EAAE,iBAAiB,GACrC,gCAAgC;IAEtB,2BAA2B,CACpC,QAAQ,EAAE,eAAe,CAAC,4BAA4B,CAAC,EAEvD,cAAc,EAAE,cAAc,EAE9B,eAAe,EAAE,gCAAgC,EAEjD,sBAAsB,EAAE,qBAAqB,GAC9C,OAAO,CAAC,gCAAgC,CAAC;IAIrC,sBAAsB,CACzB,QAAQ,EAAE,eAAe,CAAC,4BAA4B,CAAC,GACxD,gCAAgC;IAyCtB,+BAA+B,CACxC,sBAAsB,EAAE,sBAAsB,EAC9C,iBAAiB,EAAE,iBAAiB,EACpC,aAAa,EAAE,SAAS,EACxB,kBAAkB,CAAC,EAAE,OAAO,GAC7B,OAAO,CAAC,oBAAoB,CAAC;IA0EzB,iDAAiD,CACpD,qBAAqB,EAAE,qBAAqB,GAC7C,MAAM;IA0BT,OAAc,gCAAgC,0BACnB,MAAM,eAChB,MAAM,cACP,MAAM,UACV,MAAM,KACf,MAAM,CAeP;CACL"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/BaseManagedIdentitySource.mjs

@@ -0,0 +1,132 @@
+/*! @azure/msal-node v2.16.2 2024-11-19 */
+'use strict';
+import { TimeUtils, HeaderNames, Constants, AuthError, createClientAuthError, ClientAuthErrorCodes, ResponseHandler, UrlString } from '@azure/msal-common/node';
+import { HttpMethod, ManagedIdentityIdType } from '../../utils/Constants.mjs';
+import { createManagedIdentityError } from '../../error/ManagedIdentityError.mjs';
+import { invalidManagedIdentityIdType, MsiEnvironmentVariableUrlMalformedErrorCodes } from '../../error/ManagedIdentityErrorCodes.mjs';
+
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+/**
+ * Managed Identity User Assigned Id Query Parameter Names
+ */
+const ManagedIdentityUserAssignedIdQueryParameterNames = {
+    MANAGED_IDENTITY_CLIENT_ID: "client_id",
+    MANAGED_IDENTITY_OBJECT_ID: "object_id",
+    MANAGED_IDENTITY_RESOURCE_ID: "mi_res_id",
+};
+class BaseManagedIdentitySource {
+    constructor(logger, nodeStorage, networkClient, cryptoProvider) {
+        this.logger = logger;
+        this.nodeStorage = nodeStorage;
+        this.networkClient = networkClient;
+        this.cryptoProvider = cryptoProvider;
+    }
+    async getServerTokenResponseAsync(response, 
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _networkClient, 
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _networkRequest, 
+    // eslint-disable-next-line @typescript-eslint/no-unused-vars
+    _networkRequestOptions) {
+        return this.getServerTokenResponse(response);
+    }
+    getServerTokenResponse(response) {
+        let refreshIn, expiresIn;
+        if (response.body.expires_on) {
+            expiresIn = response.body.expires_on - TimeUtils.nowSeconds();
+            // compute refresh_in as 1/2 of expires_in, but only if expires_in > 2h
+            if (expiresIn > 2 * 3600) {
+                refreshIn = expiresIn / 2;
+            }
+        }
+        const serverTokenResponse = {
+            status: response.status,
+            // success
+            access_token: response.body.access_token,
+            expires_in: expiresIn,
+            scope: response.body.resource,
+            token_type: response.body.token_type,
+            refresh_in: refreshIn,
+            // error
+            correlation_id: response.body.correlation_id || response.body.correlationId,
+            error: typeof response.body.error === "string"
+                ? response.body.error
+                : response.body.error?.code,
+            error_description: response.body.message ||
+                (typeof response.body.error === "string"
+                    ? response.body.error_description
+                    : response.body.error?.message),
+            error_codes: response.body.error_codes,
+            timestamp: response.body.timestamp,
+            trace_id: response.body.trace_id,
+        };
+        return serverTokenResponse;
+    }
+    async acquireTokenWithManagedIdentity(managedIdentityRequest, managedIdentityId, fakeAuthority, refreshAccessToken) {
+        const networkRequest = this.createRequest(managedIdentityRequest.resource, managedIdentityId);
+        const headers = networkRequest.headers;
+        headers[HeaderNames.CONTENT_TYPE] = Constants.URL_FORM_CONTENT_TYPE;
+        const networkRequestOptions = { headers };
+        if (Object.keys(networkRequest.bodyParameters).length) {
+            networkRequestOptions.body =
+                networkRequest.computeParametersBodyString();
+        }
+        const reqTimestamp = TimeUtils.nowSeconds();
+        let response;
+        try {
+            // Sources that send POST requests: Cloud Shell
+            if (networkRequest.httpMethod === HttpMethod.POST) {
+                response =
+                    await this.networkClient.sendPostRequestAsync(networkRequest.computeUri(), networkRequestOptions);
+                // Sources that send GET requests: App Service, Azure Arc, IMDS, Service Fabric
+            }
+            else {
+                response =
+                    await this.networkClient.sendGetRequestAsync(networkRequest.computeUri(), networkRequestOptions);
+            }
+        }
+        catch (error) {
+            if (error instanceof AuthError) {
+                throw error;
+            }
+            else {
+                throw createClientAuthError(ClientAuthErrorCodes.networkError);
+            }
+        }
+        const responseHandler = new ResponseHandler(managedIdentityId.id, this.nodeStorage, this.cryptoProvider, this.logger, null, null);
+        const serverTokenResponse = await this.getServerTokenResponseAsync(response, this.networkClient, networkRequest, networkRequestOptions);
+        responseHandler.validateTokenResponse(serverTokenResponse, refreshAccessToken);
+        // caches the token
+        return responseHandler.handleServerTokenResponse(serverTokenResponse, fakeAuthority, reqTimestamp, managedIdentityRequest);
+    }
+    getManagedIdentityUserAssignedIdQueryParameterKey(managedIdentityIdType) {
+        switch (managedIdentityIdType) {
+            case ManagedIdentityIdType.USER_ASSIGNED_CLIENT_ID:
+                this.logger.info("[Managed Identity] Adding user assigned client id to the request.");
+                return ManagedIdentityUserAssignedIdQueryParameterNames.MANAGED_IDENTITY_CLIENT_ID;
+            case ManagedIdentityIdType.USER_ASSIGNED_RESOURCE_ID:
+                this.logger.info("[Managed Identity] Adding user assigned resource id to the request.");
+                return ManagedIdentityUserAssignedIdQueryParameterNames.MANAGED_IDENTITY_RESOURCE_ID;
+            case ManagedIdentityIdType.USER_ASSIGNED_OBJECT_ID:
+                this.logger.info("[Managed Identity] Adding user assigned object id to the request.");
+                return ManagedIdentityUserAssignedIdQueryParameterNames.MANAGED_IDENTITY_OBJECT_ID;
+            default:
+                throw createManagedIdentityError(invalidManagedIdentityIdType);
+        }
+    }
+}
+BaseManagedIdentitySource.getValidatedEnvVariableUrlString = (envVariableStringName, envVariable, sourceName, logger) => {
+    try {
+        return new UrlString(envVariable).urlString;
+    }
+    catch (error) {
+        logger.info(`[Managed Identity] ${sourceName} managed identity is unavailable because the '${envVariableStringName}' environment variable is malformed.`);
+        throw createManagedIdentityError(MsiEnvironmentVariableUrlMalformedErrorCodes[envVariableStringName]);
+    }
+};
+
+export { BaseManagedIdentitySource, ManagedIdentityUserAssignedIdQueryParameterNames };
+//# sourceMappingURL=BaseManagedIdentitySource.mjs.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/BaseManagedIdentitySource.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"BaseManagedIdentitySource.mjs","sources":["../../../src/client/ManagedIdentitySources/BaseManagedIdentitySource.ts"],"sourcesContent":[null],"names":["ManagedIdentityErrorCodes.invalidManagedIdentityIdType","ManagedIdentityErrorCodes\r\n            .MsiEnvironmentVariableUrlMalformedErrorCodes"],"mappings":";;;;;;;AAAA;;;AAGG;AA+BH;;AAEG;AACU,MAAA,gDAAgD,GAAG;AAC5D,IAAA,0BAA0B,EAAE,WAAW;AACvC,IAAA,0BAA0B,EAAE,WAAW;AACvC,IAAA,4BAA4B,EAAE,WAAW;EAClC;MAIW,yBAAyB,CAAA;AAM3C,IAAA,WAAA,CACI,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAAA;AAE9B,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;AACrB,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;AAC/B,QAAA,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;AACnC,QAAA,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;KACxC;IAOM,MAAM,2BAA2B,CACpC,QAAuD;;IAEvD,cAA8B;;IAE9B,eAAiD;;IAEjD,sBAA6C,EAAA;AAE7C,QAAA,OAAO,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;KAChD;AAEM,IAAA,sBAAsB,CACzB,QAAuD,EAAA;QAEvD,IAAI,SAAS,EAAE,SAA6B,CAAC;AAC7C,QAAA,IAAI,QAAQ,CAAC,IAAI,CAAC,UAAU,EAAE;YAC1B,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC;;AAG9D,YAAA,IAAI,SAAS,GAAG,CAAC,GAAG,IAAI,EAAE;AACtB,gBAAA,SAAS,GAAG,SAAS,GAAG,CAAC,CAAC;AAC7B,aAAA;AACJ,SAAA;AAED,QAAA,MAAM,mBAAmB,GAAqC;YAC1D,MAAM,EAAE,QAAQ,CAAC,MAAM;;AAGvB,YAAA,YAAY,EAAE,QAAQ,CAAC,IAAI,CAAC,YAAY;AACxC,YAAA,UAAU,EAAE,SAAS;AACrB,YAAA,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;AAC7B,YAAA,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;AACpC,YAAA,UAAU,EAAE,SAAS;;YAGrB,cAAc,EACV,QAAQ,CAAC,IAAI,CAAC,cAAc,IAAI,QAAQ,CAAC,IAAI,CAAC,aAAa;YAC/D,KAAK,EACD,OAAO,QAAQ,CAAC,IAAI,CAAC,KAAK,KAAK,QAAQ;AACnC,kBAAE,QAAQ,CAAC,IAAI,CAAC,KAAK;AACrB,kBAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI;AACnC,YAAA,iBAAiB,EACb,QAAQ,CAAC,IAAI,CAAC,OAAO;AACrB,iBAAC,OAAO,QAAQ,CAAC,IAAI,CAAC,KAAK,KAAK,QAAQ;AACpC,sBAAE,QAAQ,CAAC,IAAI,CAAC,iBAAiB;sBAC/B,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC;AACvC,YAAA,WAAW,EAAE,QAAQ,CAAC,IAAI,CAAC,WAAW;AACtC,YAAA,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS;AAClC,YAAA,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ;SACnC,CAAC;AAEF,QAAA,OAAO,mBAAmB,CAAC;KAC9B;IAEM,MAAM,+BAA+B,CACxC,sBAA8C,EAC9C,iBAAoC,EACpC,aAAwB,EACxB,kBAA4B,EAAA;AAE5B,QAAA,MAAM,cAAc,GAChB,IAAI,CAAC,aAAa,CACd,sBAAsB,CAAC,QAAQ,EAC/B,iBAAiB,CACpB,CAAC;AAEN,QAAA,MAAM,OAAO,GAA2B,cAAc,CAAC,OAAO,CAAC;QAC/D,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,SAAS,CAAC,qBAAqB,CAAC;AAEpE,QAAA,MAAM,qBAAqB,GAA0B,EAAE,OAAO,EAAE,CAAC;QAEjE,IAAI,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,MAAM,EAAE;AACnD,YAAA,qBAAqB,CAAC,IAAI;gBACtB,cAAc,CAAC,2BAA2B,EAAE,CAAC;AACpD,SAAA;AAED,QAAA,MAAM,YAAY,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC;AAC5C,QAAA,IAAI,QAAuD,CAAC;QAC5D,IAAI;;AAEA,YAAA,IAAI,cAAc,CAAC,UAAU,KAAK,UAAU,CAAC,IAAI,EAAE;gBAC/C,QAAQ;AACJ,oBAAA,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CACzC,cAAc,CAAC,UAAU,EAAE,EAC3B,qBAAqB,CACxB,CAAC;;AAET,aAAA;AAAM,iBAAA;gBACH,QAAQ;AACJ,oBAAA,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACxC,cAAc,CAAC,UAAU,EAAE,EAC3B,qBAAqB,CACxB,CAAC;AACT,aAAA;AACJ,SAAA;AAAC,QAAA,OAAO,KAAK,EAAE;YACZ,IAAI,KAAK,YAAY,SAAS,EAAE;AAC5B,gBAAA,MAAM,KAAK,CAAC;AACf,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,qBAAqB,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC;AAClE,aAAA;AACJ,SAAA;QAED,MAAM,eAAe,GAAG,IAAI,eAAe,CACvC,iBAAiB,CAAC,EAAE,EACpB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,MAAM,EACX,IAAI,EACJ,IAAI,CACP,CAAC;AAEF,QAAA,MAAM,mBAAmB,GACrB,MAAM,IAAI,CAAC,2BAA2B,CAClC,QAAQ,EACR,IAAI,CAAC,aAAa,EAClB,cAAc,EACd,qBAAqB,CACxB,CAAC;AAEN,QAAA,eAAe,CAAC,qBAAqB,CACjC,mBAAmB,EACnB,kBAAkB,CACrB,CAAC;;AAGF,QAAA,OAAO,eAAe,CAAC,yBAAyB,CAC5C,mBAAmB,EACnB,aAAa,EACb,YAAY,EACZ,sBAAsB,CACzB,CAAC;KACL;AAEM,IAAA,iDAAiD,CACpD,qBAA4C,EAAA;AAE5C,QAAA,QAAQ,qBAAqB;YACzB,KAAK,qBAAqB,CAAC,uBAAuB;AAC9C,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,mEAAmE,CACtE,CAAC;gBACF,OAAO,gDAAgD,CAAC,0BAA0B,CAAC;YAEvF,KAAK,qBAAqB,CAAC,yBAAyB;AAChD,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,qEAAqE,CACxE,CAAC;gBACF,OAAO,gDAAgD,CAAC,4BAA4B,CAAC;YAEzF,KAAK,qBAAqB,CAAC,uBAAuB;AAC9C,gBAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,mEAAmE,CACtE,CAAC;gBACF,OAAO,gDAAgD,CAAC,0BAA0B,CAAC;AACvF,YAAA;AACI,gBAAA,MAAM,0BAA0B,CAC5BA,4BAAsD,CACzD,CAAC;AACT,SAAA;KACJ;;AAEa,yBAAgC,CAAA,gCAAA,GAAG,CAC7C,qBAA6B,EAC7B,WAAmB,EACnB,UAAkB,EAClB,MAAc,KACN;IACR,IAAI;AACA,QAAA,OAAO,IAAI,SAAS,CAAC,WAAW,CAAC,CAAC,SAAS,CAAC;AAC/C,KAAA;AAAC,IAAA,OAAO,KAAK,EAAE;QACZ,MAAM,CAAC,IAAI,CACP,CAAA,mBAAA,EAAsB,UAAU,CAAiD,8CAAA,EAAA,qBAAqB,CAAsC,oCAAA,CAAA,CAC/I,CAAC;QAEF,MAAM,0BAA0B,CAC5BC,4CACiD,CAC7C,qBAAqB,CACxB,CACJ,CAAC;AACL,KAAA;AACL,CAAC;;;;"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/CloudShell.d.ts

@@ -0,0 +1,17 @@
+import { INetworkModule, Logger } from "@azure/msal-common/node";
+import { ManagedIdentityRequestParameters } from "../../config/ManagedIdentityRequestParameters.js";
+import { BaseManagedIdentitySource } from "./BaseManagedIdentitySource.js";
+import { NodeStorage } from "../../cache/NodeStorage.js";
+import { CryptoProvider } from "../../crypto/CryptoProvider.js";
+import { ManagedIdentityId } from "../../config/ManagedIdentityId.js";
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/CloudShellManagedIdentitySource.cs
+ */
+export declare class CloudShell extends BaseManagedIdentitySource {
+    private msiEndpoint;
+    constructor(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, msiEndpoint: string);
+    static getEnvironmentVariables(): Array<string | undefined>;
+    static tryCreate(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, managedIdentityId: ManagedIdentityId): CloudShell | null;
+    createRequest(resource: string): ManagedIdentityRequestParameters;
+}
+//# sourceMappingURL=CloudShell.d.ts.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/CloudShell.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"CloudShell.d.ts","sourceRoot":"","sources":["../../../src/client/ManagedIdentitySources/CloudShell.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,gCAAgC,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAahE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AAEtE;;GAEG;AACH,qBAAa,UAAW,SAAQ,yBAAyB;IACrD,OAAO,CAAC,WAAW,CAAS;gBAGxB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,WAAW,EAAE,MAAM;WAOT,uBAAuB,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,CAAC;WAOpD,SAAS,CACnB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,iBAAiB,EAAE,iBAAiB,GACrC,UAAU,GAAG,IAAI;IAwCb,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,gCAAgC;CAc3E"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/CloudShell.mjs

@@ -0,0 +1,49 @@
+/*! @azure/msal-node v2.16.2 2024-11-19 */
+'use strict';
+import { ManagedIdentityRequestParameters } from '../../config/ManagedIdentityRequestParameters.mjs';
+import { BaseManagedIdentitySource } from './BaseManagedIdentitySource.mjs';
+import { ManagedIdentityEnvironmentVariableNames, ManagedIdentitySourceNames, ManagedIdentityIdType, METADATA_HEADER_NAME, RESOURCE_BODY_OR_QUERY_PARAMETER_NAME, HttpMethod } from '../../utils/Constants.mjs';
+import { createManagedIdentityError } from '../../error/ManagedIdentityError.mjs';
+import { unableToCreateCloudShell } from '../../error/ManagedIdentityErrorCodes.mjs';
+
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/CloudShellManagedIdentitySource.cs
+ */
+class CloudShell extends BaseManagedIdentitySource {
+    constructor(logger, nodeStorage, networkClient, cryptoProvider, msiEndpoint) {
+        super(logger, nodeStorage, networkClient, cryptoProvider);
+        this.msiEndpoint = msiEndpoint;
+    }
+    static getEnvironmentVariables() {
+        const msiEndpoint = process.env[ManagedIdentityEnvironmentVariableNames.MSI_ENDPOINT];
+        return [msiEndpoint];
+    }
+    static tryCreate(logger, nodeStorage, networkClient, cryptoProvider, managedIdentityId) {
+        const [msiEndpoint] = CloudShell.getEnvironmentVariables();
+        // if the msi endpoint environment variable is undefined, this MSI provider is unavailable.
+        if (!msiEndpoint) {
+            logger.info(`[Managed Identity] ${ManagedIdentitySourceNames.CLOUD_SHELL} managed identity is unavailable because the '${ManagedIdentityEnvironmentVariableNames.MSI_ENDPOINT} environment variable is not defined.`);
+            return null;
+        }
+        const validatedMsiEndpoint = CloudShell.getValidatedEnvVariableUrlString(ManagedIdentityEnvironmentVariableNames.MSI_ENDPOINT, msiEndpoint, ManagedIdentitySourceNames.CLOUD_SHELL, logger);
+        logger.info(`[Managed Identity] Environment variable validation passed for ${ManagedIdentitySourceNames.CLOUD_SHELL} managed identity. Endpoint URI: ${validatedMsiEndpoint}. Creating ${ManagedIdentitySourceNames.CLOUD_SHELL} managed identity.`);
+        if (managedIdentityId.idType !== ManagedIdentityIdType.SYSTEM_ASSIGNED) {
+            throw createManagedIdentityError(unableToCreateCloudShell);
+        }
+        return new CloudShell(logger, nodeStorage, networkClient, cryptoProvider, msiEndpoint);
+    }
+    createRequest(resource) {
+        const request = new ManagedIdentityRequestParameters(HttpMethod.POST, this.msiEndpoint);
+        request.headers[METADATA_HEADER_NAME] = "true";
+        request.bodyParameters[RESOURCE_BODY_OR_QUERY_PARAMETER_NAME] =
+            resource;
+        return request;
+    }
+}
+
+export { CloudShell };
+//# sourceMappingURL=CloudShell.mjs.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/CloudShell.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"CloudShell.mjs","sources":["../../../src/client/ManagedIdentitySources/CloudShell.ts"],"sourcesContent":[null],"names":["ManagedIdentityErrorCodes.unableToCreateCloudShell"],"mappings":";;;;;;;;AAAA;;;AAGG;AAqBH;;AAEG;AACG,MAAO,UAAW,SAAQ,yBAAyB,CAAA;IAGrD,WACI,CAAA,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAC9B,WAAmB,EAAA;QAEnB,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;AAE1D,QAAA,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;KAClC;AAEM,IAAA,OAAO,uBAAuB,GAAA;QACjC,MAAM,WAAW,GACb,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,YAAY,CAAC,CAAC;QAEtE,OAAO,CAAC,WAAW,CAAC,CAAC;KACxB;IAEM,OAAO,SAAS,CACnB,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAC9B,iBAAoC,EAAA;QAEpC,MAAM,CAAC,WAAW,CAAC,GAAG,UAAU,CAAC,uBAAuB,EAAE,CAAC;;QAG3D,IAAI,CAAC,WAAW,EAAE;AACd,YAAA,MAAM,CAAC,IAAI,CACP,CAAA,mBAAA,EAAsB,0BAA0B,CAAC,WAAW,CAAA,8CAAA,EAAiD,uCAAuC,CAAC,YAAY,CAAA,qCAAA,CAAuC,CAC3M,CAAC;AACF,YAAA,OAAO,IAAI,CAAC;AACf,SAAA;AAED,QAAA,MAAM,oBAAoB,GACtB,UAAU,CAAC,gCAAgC,CACvC,uCAAuC,CAAC,YAAY,EACpD,WAAW,EACX,0BAA0B,CAAC,WAAW,EACtC,MAAM,CACT,CAAC;AAEN,QAAA,MAAM,CAAC,IAAI,CACP,CAAA,8DAAA,EAAiE,0BAA0B,CAAC,WAAW,CAAoC,iCAAA,EAAA,oBAAoB,cAAc,0BAA0B,CAAC,WAAW,CAAA,kBAAA,CAAoB,CAC1O,CAAC;AAEF,QAAA,IACI,iBAAiB,CAAC,MAAM,KAAK,qBAAqB,CAAC,eAAe,EACpE;AACE,YAAA,MAAM,0BAA0B,CAC5BA,wBAAkD,CACrD,CAAC;AACL,SAAA;AAED,QAAA,OAAO,IAAI,UAAU,CACjB,MAAM,EACN,WAAW,EACX,aAAa,EACb,cAAc,EACd,WAAW,CACd,CAAC;KACL;AAEM,IAAA,aAAa,CAAC,QAAgB,EAAA;AACjC,QAAA,MAAM,OAAO,GACT,IAAI,gCAAgC,CAChC,UAAU,CAAC,IAAI,EACf,IAAI,CAAC,WAAW,CACnB,CAAC;AAEN,QAAA,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;AAE/C,QAAA,OAAO,CAAC,cAAc,CAAC,qCAAqC,CAAC;AACzD,YAAA,QAAQ,CAAC;AAEb,QAAA,OAAO,OAAO,CAAC;KAClB;AACJ;;;;"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/Imds.d.ts

@@ -0,0 +1,13 @@
+import { INetworkModule, Logger } from "@azure/msal-common/node";
+import { ManagedIdentityId } from "../../config/ManagedIdentityId.js";
+import { ManagedIdentityRequestParameters } from "../../config/ManagedIdentityRequestParameters.js";
+import { BaseManagedIdentitySource } from "./BaseManagedIdentitySource.js";
+import { CryptoProvider } from "../../crypto/CryptoProvider.js";
+import { NodeStorage } from "../../cache/NodeStorage.js";
+export declare class Imds extends BaseManagedIdentitySource {
+    private identityEndpoint;
+    constructor(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, identityEndpoint: string);
+    static tryCreate(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider): Imds;
+    createRequest(resource: string, managedIdentityId: ManagedIdentityId): ManagedIdentityRequestParameters;
+}
+//# sourceMappingURL=Imds.d.ts.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/Imds.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"Imds.d.ts","sourceRoot":"","sources":["../../../src/client/ManagedIdentitySources/Imds.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,OAAO,EAAE,gCAAgC,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAUhE,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AASzD,qBAAa,IAAK,SAAQ,yBAAyB;IAC/C,OAAO,CAAC,gBAAgB,CAAS;gBAG7B,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,gBAAgB,EAAE,MAAM;WAOd,SAAS,CACnB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,GAC/B,IAAI;IA8CA,aAAa,CAChB,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,iBAAiB,GACrC,gCAAgC;CA4BtC"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/Imds.mjs

@@ -0,0 +1,52 @@
+/*! @azure/msal-node v2.16.2 2024-11-19 */
+'use strict';
+import { ManagedIdentityRequestParameters } from '../../config/ManagedIdentityRequestParameters.mjs';
+import { BaseManagedIdentitySource } from './BaseManagedIdentitySource.mjs';
+import { ManagedIdentityEnvironmentVariableNames, ManagedIdentitySourceNames, METADATA_HEADER_NAME, API_VERSION_QUERY_PARAMETER_NAME, RESOURCE_BODY_OR_QUERY_PARAMETER_NAME, ManagedIdentityIdType, HttpMethod } from '../../utils/Constants.mjs';
+
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+// IMDS constants. Docs for IMDS are available here https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http
+const IMDS_TOKEN_PATH = "/metadata/identity/oauth2/token";
+const DEFAULT_IMDS_ENDPOINT = `http://169.254.169.254${IMDS_TOKEN_PATH}`;
+const IMDS_API_VERSION = "2018-02-01";
+// Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/ImdsManagedIdentitySource.cs
+class Imds extends BaseManagedIdentitySource {
+    constructor(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint) {
+        super(logger, nodeStorage, networkClient, cryptoProvider);
+        this.identityEndpoint = identityEndpoint;
+    }
+    static tryCreate(logger, nodeStorage, networkClient, cryptoProvider) {
+        let validatedIdentityEndpoint;
+        if (process.env[ManagedIdentityEnvironmentVariableNames
+            .AZURE_POD_IDENTITY_AUTHORITY_HOST]) {
+            logger.info(`[Managed Identity] Environment variable ${ManagedIdentityEnvironmentVariableNames.AZURE_POD_IDENTITY_AUTHORITY_HOST} for ${ManagedIdentitySourceNames.IMDS} returned endpoint: ${process.env[ManagedIdentityEnvironmentVariableNames
+                .AZURE_POD_IDENTITY_AUTHORITY_HOST]}`);
+            validatedIdentityEndpoint = Imds.getValidatedEnvVariableUrlString(ManagedIdentityEnvironmentVariableNames.AZURE_POD_IDENTITY_AUTHORITY_HOST, `${process.env[ManagedIdentityEnvironmentVariableNames
+                .AZURE_POD_IDENTITY_AUTHORITY_HOST]}${IMDS_TOKEN_PATH}`, ManagedIdentitySourceNames.IMDS, logger);
+        }
+        else {
+            logger.info(`[Managed Identity] Unable to find ${ManagedIdentityEnvironmentVariableNames.AZURE_POD_IDENTITY_AUTHORITY_HOST} environment variable for ${ManagedIdentitySourceNames.IMDS}, using the default endpoint.`);
+            validatedIdentityEndpoint = DEFAULT_IMDS_ENDPOINT;
+        }
+        return new Imds(logger, nodeStorage, networkClient, cryptoProvider, validatedIdentityEndpoint);
+    }
+    createRequest(resource, managedIdentityId) {
+        const request = new ManagedIdentityRequestParameters(HttpMethod.GET, this.identityEndpoint);
+        request.headers[METADATA_HEADER_NAME] = "true";
+        request.queryParameters[API_VERSION_QUERY_PARAMETER_NAME] =
+            IMDS_API_VERSION;
+        request.queryParameters[RESOURCE_BODY_OR_QUERY_PARAMETER_NAME] =
+            resource;
+        if (managedIdentityId.idType !== ManagedIdentityIdType.SYSTEM_ASSIGNED) {
+            request.queryParameters[this.getManagedIdentityUserAssignedIdQueryParameterKey(managedIdentityId.idType)] = managedIdentityId.id;
+        }
+        // bodyParameters calculated in BaseManagedIdentity.acquireTokenWithManagedIdentity
+        return request;
+    }
+}
+
+export { Imds };
+//# sourceMappingURL=Imds.mjs.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/Imds.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"Imds.mjs","sources":["../../../src/client/ManagedIdentitySources/Imds.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAAA;;;AAGG;AAkBH;AACA,MAAM,eAAe,GAAW,iCAAiC,CAAC;AAClE,MAAM,qBAAqB,GAAW,CAAyB,sBAAA,EAAA,eAAe,EAAE,CAAC;AAEjF,MAAM,gBAAgB,GAAW,YAAY,CAAC;AAE9C;AACM,MAAO,IAAK,SAAQ,yBAAyB,CAAA;IAG/C,WACI,CAAA,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAC9B,gBAAwB,EAAA;QAExB,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;AAE1D,QAAA,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;KAC5C;IAEM,OAAO,SAAS,CACnB,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAAA;AAE9B,QAAA,IAAI,yBAAiC,CAAC;AAEtC,QAAA,IACI,OAAO,CAAC,GAAG,CACP,uCAAuC;AAClC,aAAA,iCAAiC,CACzC,EACH;AACE,YAAA,MAAM,CAAC,IAAI,CACP,CACI,wCAAA,EAAA,uCAAuC,CAAC,iCAC5C,CAAA,KAAA,EAAQ,0BAA0B,CAAC,IAAI,CACnC,oBAAA,EAAA,OAAO,CAAC,GAAG,CACP,uCAAuC;iBAClC,iCAAiC,CAE9C,CAAE,CAAA,CACL,CAAC;AACF,YAAA,yBAAyB,GAAG,IAAI,CAAC,gCAAgC,CAC7D,uCAAuC,CAAC,iCAAiC,EACzE,CACI,EAAA,OAAO,CAAC,GAAG,CACP,uCAAuC;iBAClC,iCAAiC,CAE9C,CAAG,EAAA,eAAe,CAAE,CAAA,EACpB,0BAA0B,CAAC,IAAI,EAC/B,MAAM,CACT,CAAC;AACL,SAAA;AAAM,aAAA;AACH,YAAA,MAAM,CAAC,IAAI,CACP,CAAA,kCAAA,EAAqC,uCAAuC,CAAC,iCAAiC,CAAA,0BAAA,EAA6B,0BAA0B,CAAC,IAAI,CAAA,6BAAA,CAA+B,CAC5M,CAAC;YACF,yBAAyB,GAAG,qBAAqB,CAAC;AACrD,SAAA;AAED,QAAA,OAAO,IAAI,IAAI,CACX,MAAM,EACN,WAAW,EACX,aAAa,EACb,cAAc,EACd,yBAAyB,CAC5B,CAAC;KACL;IAEM,aAAa,CAChB,QAAgB,EAChB,iBAAoC,EAAA;AAEpC,QAAA,MAAM,OAAO,GACT,IAAI,gCAAgC,CAChC,UAAU,CAAC,GAAG,EACd,IAAI,CAAC,gBAAgB,CACxB,CAAC;AAEN,QAAA,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC;AAE/C,QAAA,OAAO,CAAC,eAAe,CAAC,gCAAgC,CAAC;AACrD,YAAA,gBAAgB,CAAC;AACrB,QAAA,OAAO,CAAC,eAAe,CAAC,qCAAqC,CAAC;AAC1D,YAAA,QAAQ,CAAC;AAEb,QAAA,IACI,iBAAiB,CAAC,MAAM,KAAK,qBAAqB,CAAC,eAAe,EACpE;AACE,YAAA,OAAO,CAAC,eAAe,CACnB,IAAI,CAAC,iDAAiD,CAClD,iBAAiB,CAAC,MAAM,CAC3B,CACJ,GAAG,iBAAiB,CAAC,EAAE,CAAC;AAC5B,SAAA;;AAID,QAAA,OAAO,OAAO,CAAC;KAClB;AACJ;;;;"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/ServiceFabric.d.ts

@@ -0,0 +1,18 @@
+import { INetworkModule, Logger } from "@azure/msal-common/node";
+import { ManagedIdentityId } from "../../config/ManagedIdentityId.js";
+import { ManagedIdentityRequestParameters } from "../../config/ManagedIdentityRequestParameters.js";
+import { BaseManagedIdentitySource } from "./BaseManagedIdentitySource.js";
+import { NodeStorage } from "../../cache/NodeStorage.js";
+import { CryptoProvider } from "../../crypto/CryptoProvider.js";
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/ServiceFabricManagedIdentitySource.cs
+ */
+export declare class ServiceFabric extends BaseManagedIdentitySource {
+    private identityEndpoint;
+    private identityHeader;
+    constructor(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, identityEndpoint: string, identityHeader: string);
+    static getEnvironmentVariables(): Array<string | undefined>;
+    static tryCreate(logger: Logger, nodeStorage: NodeStorage, networkClient: INetworkModule, cryptoProvider: CryptoProvider, managedIdentityId: ManagedIdentityId): ServiceFabric | null;
+    createRequest(resource: string, managedIdentityId: ManagedIdentityId): ManagedIdentityRequestParameters;
+}
+//# sourceMappingURL=ServiceFabric.d.ts.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/ServiceFabric.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceFabric.d.ts","sourceRoot":"","sources":["../../../src/client/ManagedIdentitySources/ServiceFabric.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mCAAmC,CAAC;AACtE,OAAO,EAAE,gCAAgC,EAAE,MAAM,kDAAkD,CAAC;AACpG,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAchE;;GAEG;AACH,qBAAa,aAAc,SAAQ,yBAAyB;IACxD,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,cAAc,CAAS;gBAG3B,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,gBAAgB,EAAE,MAAM,EACxB,cAAc,EAAE,MAAM;WAQZ,uBAAuB,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,CAAC;WAkBpD,SAAS,CACnB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,WAAW,EACxB,aAAa,EAAE,cAAc,EAC7B,cAAc,EAAE,cAAc,EAC9B,iBAAiB,EAAE,iBAAiB,GACrC,aAAa,GAAG,IAAI;IA6ChB,aAAa,CAChB,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,iBAAiB,GACrC,gCAAgC;CA6BtC"}

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/ServiceFabric.mjs

@@ -0,0 +1,63 @@
+/*! @azure/msal-node v2.16.2 2024-11-19 */
+'use strict';
+import { ManagedIdentityRequestParameters } from '../../config/ManagedIdentityRequestParameters.mjs';
+import { BaseManagedIdentitySource } from './BaseManagedIdentitySource.mjs';
+import { ManagedIdentityEnvironmentVariableNames, ManagedIdentitySourceNames, ManagedIdentityIdType, SERVICE_FABRIC_SECRET_HEADER_NAME, API_VERSION_QUERY_PARAMETER_NAME, RESOURCE_BODY_OR_QUERY_PARAMETER_NAME, HttpMethod } from '../../utils/Constants.mjs';
+
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+// MSI Constants. Docs for MSI are available here https://docs.microsoft.com/azure/app-service/overview-managed-identity
+const SERVICE_FABRIC_MSI_API_VERSION = "2019-07-01-preview";
+/**
+ * Original source of code: https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/identity/Azure.Identity/src/ServiceFabricManagedIdentitySource.cs
+ */
+class ServiceFabric extends BaseManagedIdentitySource {
+    constructor(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint, identityHeader) {
+        super(logger, nodeStorage, networkClient, cryptoProvider);
+        this.identityEndpoint = identityEndpoint;
+        this.identityHeader = identityHeader;
+    }
+    static getEnvironmentVariables() {
+        const identityEndpoint = process.env[ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT];
+        const identityHeader = process.env[ManagedIdentityEnvironmentVariableNames.IDENTITY_HEADER];
+        const identityServerThumbprint = process.env[ManagedIdentityEnvironmentVariableNames
+            .IDENTITY_SERVER_THUMBPRINT];
+        return [identityEndpoint, identityHeader, identityServerThumbprint];
+    }
+    static tryCreate(logger, nodeStorage, networkClient, cryptoProvider, managedIdentityId) {
+        const [identityEndpoint, identityHeader, identityServerThumbprint] = ServiceFabric.getEnvironmentVariables();
+        /*
+         * if either of the identity endpoint, identity header, or identity server thumbprint
+         * environment variables are undefined, this MSI provider is unavailable.
+         */
+        if (!identityEndpoint || !identityHeader || !identityServerThumbprint) {
+            logger.info(`[Managed Identity] ${ManagedIdentitySourceNames.SERVICE_FABRIC} managed identity is unavailable because one or all of the '${ManagedIdentityEnvironmentVariableNames.IDENTITY_HEADER}', '${ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT}' or '${ManagedIdentityEnvironmentVariableNames.IDENTITY_SERVER_THUMBPRINT}' environment variables are not defined.`);
+            return null;
+        }
+        const validatedIdentityEndpoint = ServiceFabric.getValidatedEnvVariableUrlString(ManagedIdentityEnvironmentVariableNames.IDENTITY_ENDPOINT, identityEndpoint, ManagedIdentitySourceNames.SERVICE_FABRIC, logger);
+        logger.info(`[Managed Identity] Environment variables validation passed for ${ManagedIdentitySourceNames.SERVICE_FABRIC} managed identity. Endpoint URI: ${validatedIdentityEndpoint}. Creating ${ManagedIdentitySourceNames.SERVICE_FABRIC} managed identity.`);
+        if (managedIdentityId.idType !== ManagedIdentityIdType.SYSTEM_ASSIGNED) {
+            logger.warning(`[Managed Identity] ${ManagedIdentitySourceNames.SERVICE_FABRIC} user assigned managed identity is configured in the cluster, not during runtime. See also: https://learn.microsoft.com/en-us/azure/service-fabric/configure-existing-cluster-enable-managed-identity-token-service.`);
+        }
+        return new ServiceFabric(logger, nodeStorage, networkClient, cryptoProvider, identityEndpoint, identityHeader);
+    }
+    createRequest(resource, managedIdentityId) {
+        const request = new ManagedIdentityRequestParameters(HttpMethod.GET, this.identityEndpoint);
+        request.headers[SERVICE_FABRIC_SECRET_HEADER_NAME] =
+            this.identityHeader;
+        request.queryParameters[API_VERSION_QUERY_PARAMETER_NAME] =
+            SERVICE_FABRIC_MSI_API_VERSION;
+        request.queryParameters[RESOURCE_BODY_OR_QUERY_PARAMETER_NAME] =
+            resource;
+        if (managedIdentityId.idType !== ManagedIdentityIdType.SYSTEM_ASSIGNED) {
+            request.queryParameters[this.getManagedIdentityUserAssignedIdQueryParameterKey(managedIdentityId.idType)] = managedIdentityId.id;
+        }
+        // bodyParameters calculated in BaseManagedIdentity.acquireTokenWithManagedIdentity
+        return request;
+    }
+}
+
+export { ServiceFabric };
+//# sourceMappingURL=ServiceFabric.mjs.map

node_modules/@azure/msal-node/dist/client/ManagedIdentitySources/ServiceFabric.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"ServiceFabric.mjs","sources":["../../../src/client/ManagedIdentitySources/ServiceFabric.ts"],"sourcesContent":[null],"names":[],"mappings":";;;;;;AAAA;;;AAGG;AAkBH;AACA,MAAM,8BAA8B,GAAW,oBAAoB,CAAC;AAEpE;;AAEG;AACG,MAAO,aAAc,SAAQ,yBAAyB,CAAA;IAIxD,WACI,CAAA,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAC9B,gBAAwB,EACxB,cAAsB,EAAA;QAEtB,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;AAE1D,QAAA,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;AACzC,QAAA,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC;KACxC;AAEM,IAAA,OAAO,uBAAuB,GAAA;QACjC,MAAM,gBAAgB,GAClB,OAAO,CAAC,GAAG,CACP,uCAAuC,CAAC,iBAAiB,CAC5D,CAAC;QACN,MAAM,cAAc,GAChB,OAAO,CAAC,GAAG,CACP,uCAAuC,CAAC,eAAe,CAC1D,CAAC;AACN,QAAA,MAAM,wBAAwB,GAC1B,OAAO,CAAC,GAAG,CACP,uCAAuC;AAClC,aAAA,0BAA0B,CAClC,CAAC;AAEN,QAAA,OAAO,CAAC,gBAAgB,EAAE,cAAc,EAAE,wBAAwB,CAAC,CAAC;KACvE;IAEM,OAAO,SAAS,CACnB,MAAc,EACd,WAAwB,EACxB,aAA6B,EAC7B,cAA8B,EAC9B,iBAAoC,EAAA;AAEpC,QAAA,MAAM,CAAC,gBAAgB,EAAE,cAAc,EAAE,wBAAwB,CAAC,GAC9D,aAAa,CAAC,uBAAuB,EAAE,CAAC;AAE5C;;;AAGG;QACH,IAAI,CAAC,gBAAgB,IAAI,CAAC,cAAc,IAAI,CAAC,wBAAwB,EAAE;YACnE,MAAM,CAAC,IAAI,CACP,CAAA,mBAAA,EAAsB,0BAA0B,CAAC,cAAc,+DAA+D,uCAAuC,CAAC,eAAe,CAAO,IAAA,EAAA,uCAAuC,CAAC,iBAAiB,CAAA,MAAA,EAAS,uCAAuC,CAAC,0BAA0B,CAA0C,wCAAA,CAAA,CAC7W,CAAC;AACF,YAAA,OAAO,IAAI,CAAC;AACf,SAAA;AAED,QAAA,MAAM,yBAAyB,GAC3B,aAAa,CAAC,gCAAgC,CAC1C,uCAAuC,CAAC,iBAAiB,EACzD,gBAAgB,EAChB,0BAA0B,CAAC,cAAc,EACzC,MAAM,CACT,CAAC;AAEN,QAAA,MAAM,CAAC,IAAI,CACP,CAAA,+DAAA,EAAkE,0BAA0B,CAAC,cAAc,CAAoC,iCAAA,EAAA,yBAAyB,cAAc,0BAA0B,CAAC,cAAc,CAAA,kBAAA,CAAoB,CACtP,CAAC;AAEF,QAAA,IACI,iBAAiB,CAAC,MAAM,KAAK,qBAAqB,CAAC,eAAe,EACpE;YACE,MAAM,CAAC,OAAO,CACV,CAAA,mBAAA,EAAsB,0BAA0B,CAAC,cAAc,CAAsN,oNAAA,CAAA,CACxR,CAAC;AACL,SAAA;AAED,QAAA,OAAO,IAAI,aAAa,CACpB,MAAM,EACN,WAAW,EACX,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,cAAc,CACjB,CAAC;KACL;IAEM,aAAa,CAChB,QAAgB,EAChB,iBAAoC,EAAA;AAEpC,QAAA,MAAM,OAAO,GACT,IAAI,gCAAgC,CAChC,UAAU,CAAC,GAAG,EACd,IAAI,CAAC,gBAAgB,CACxB,CAAC;AAEN,QAAA,OAAO,CAAC,OAAO,CAAC,iCAAiC,CAAC;YAC9C,IAAI,CAAC,cAAc,CAAC;AAExB,QAAA,OAAO,CAAC,eAAe,CAAC,gCAAgC,CAAC;AACrD,YAAA,8BAA8B,CAAC;AACnC,QAAA,OAAO,CAAC,eAAe,CAAC,qCAAqC,CAAC;AAC1D,YAAA,QAAQ,CAAC;AAEb,QAAA,IACI,iBAAiB,CAAC,MAAM,KAAK,qBAAqB,CAAC,eAAe,EACpE;AACE,YAAA,OAAO,CAAC,eAAe,CACnB,IAAI,CAAC,iDAAiD,CAClD,iBAAiB,CAAC,MAAM,CAC3B,CACJ,GAAG,iBAAiB,CAAC,EAAE,CAAC;AAC5B,SAAA;;AAID,QAAA,OAAO,OAAO,CAAC;KAClB;AACJ;;;;"}