eeymoo/ai-agent-deep-dive
1
0
Fork 0
mirror of https://github.com/tvytlx/ai-agent-deep-dive.git synced 2026-04-05 08:34:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add extracted source directory and README navigation

Browse Source
This commit is contained in:
Shawn Bot
2026-03-31 14:56:06 +00:00
parent 6252bb6eb5
commit 91e01d755b
4757 changed files with 984951 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

860
extracted-source/node_modules/@azure/msal-common/dist/authority/Authority.mjs generated vendored Normal file
View File

@@ -0,0 +1,860 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
import { AuthorityType } from './AuthorityType.mjs';
import { isOpenIdConfigResponse } from './OpenIdConfigResponse.mjs';
import { UrlString } from '../url/UrlString.mjs';
import { createClientAuthError } from '../error/ClientAuthError.mjs';
import { Constants, AuthorityMetadataSource, RegionDiscoveryOutcomes, AADAuthorityConstants } from '../utils/Constants.mjs';
import { EndpointMetadata, getCloudDiscoveryMetadataFromHardcodedValues, getCloudDiscoveryMetadataFromNetworkResponse, InstanceDiscoveryMetadataAliases } from './AuthorityMetadata.mjs';
import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
import { ProtocolMode } from './ProtocolMode.mjs';
import { AzureCloudInstance } from './AuthorityOptions.mjs';
import { isCloudInstanceDiscoveryResponse } from './CloudInstanceDiscoveryResponse.mjs';
import { isCloudInstanceDiscoveryErrorResponse } from './CloudInstanceDiscoveryErrorResponse.mjs';
import { RegionDiscovery } from './RegionDiscovery.mjs';
import { AuthError } from '../error/AuthError.mjs';
import { PerformanceEvents } from '../telemetry/performance/PerformanceEvent.mjs';
import { invokeAsync } from '../utils/FunctionWrappers.mjs';
import { generateAuthorityMetadataExpiresAt, updateAuthorityEndpointMetadata, isAuthorityMetadataExpired, updateCloudDiscoveryMetadata } from '../cache/utils/CacheHelpers.mjs';
import { endpointResolutionError, endSessionEndpointNotSupported, openIdConfigError } from '../error/ClientAuthErrorCodes.mjs';
import { invalidAuthorityMetadata, untrustedAuthority, invalidCloudDiscoveryMetadata } from '../error/ClientConfigurationErrorCodes.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* The authority class validates the authority URIs used by the user, and retrieves the OpenID Configuration Data from the
* endpoint. It will store the pertinent config data in this object for use during token calls.
* @internal
*/
class Authority {
constructor(authority, networkInterface, cacheManager, authorityOptions, logger, correlationId, performanceClient, managedIdentity) {
this.canonicalAuthority = authority;
this._canonicalAuthority.validateAsUri();
this.networkInterface = networkInterface;
this.cacheManager = cacheManager;
this.authorityOptions = authorityOptions;
this.regionDiscoveryMetadata = {
region_used: undefined,
region_source: undefined,
region_outcome: undefined,
};
this.logger = logger;
this.performanceClient = performanceClient;
this.correlationId = correlationId;
this.managedIdentity = managedIdentity || false;
this.regionDiscovery = new RegionDiscovery(networkInterface, this.logger, this.performanceClient, this.correlationId);
}
/**
* Get {@link AuthorityType}
* @param authorityUri {@link IUri}
* @private
*/
getAuthorityType(authorityUri) {
// CIAM auth url pattern is being standardized as: <tenant>.ciamlogin.com
if (authorityUri.HostNameAndPort.endsWith(Constants.CIAM_AUTH_URL)) {
return AuthorityType.Ciam;
}
const pathSegments = authorityUri.PathSegments;
if (pathSegments.length) {
switch (pathSegments[0].toLowerCase()) {
case Constants.ADFS:
return AuthorityType.Adfs;
case Constants.DSTS:
return AuthorityType.Dsts;
}
}
return AuthorityType.Default;
}
// See above for AuthorityType
get authorityType() {
return this.getAuthorityType(this.canonicalAuthorityUrlComponents);
}
/**
* ProtocolMode enum representing the way endpoints are constructed.
*/
get protocolMode() {
return this.authorityOptions.protocolMode;
}
/**
* Returns authorityOptions which can be used to reinstantiate a new authority instance
*/
get options() {
return this.authorityOptions;
}
/**
* A URL that is the authority set by the developer
*/
get canonicalAuthority() {
return this._canonicalAuthority.urlString;
}
/**
* Sets canonical authority.
*/
set canonicalAuthority(url) {
this._canonicalAuthority = new UrlString(url);
this._canonicalAuthority.validateAsUri();
this._canonicalAuthorityUrlComponents = null;
}
/**
* Get authority components.
*/
get canonicalAuthorityUrlComponents() {
if (!this._canonicalAuthorityUrlComponents) {
this._canonicalAuthorityUrlComponents =
this._canonicalAuthority.getUrlComponents();
}
return this._canonicalAuthorityUrlComponents;
}
/**
* Get hostname and port i.e. login.microsoftonline.com
*/
get hostnameAndPort() {
return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase();
}
/**
* Get tenant for authority.
*/
get tenant() {
return this.canonicalAuthorityUrlComponents.PathSegments[0];
}
/**
* OAuth /authorize endpoint for requests
*/
get authorizationEndpoint() {
if (this.discoveryComplete()) {
return this.replacePath(this.metadata.authorization_endpoint);
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
/**
* OAuth /token endpoint for requests
*/
get tokenEndpoint() {
if (this.discoveryComplete()) {
return this.replacePath(this.metadata.token_endpoint);
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
get deviceCodeEndpoint() {
if (this.discoveryComplete()) {
return this.replacePath(this.metadata.token_endpoint.replace("/token", "/devicecode"));
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
/**
* OAuth logout endpoint for requests
*/
get endSessionEndpoint() {
if (this.discoveryComplete()) {
// ROPC policies may not have end_session_endpoint set
if (!this.metadata.end_session_endpoint) {
throw createClientAuthError(endSessionEndpointNotSupported);
}
return this.replacePath(this.metadata.end_session_endpoint);
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
/**
* OAuth issuer for requests
*/
get selfSignedJwtAudience() {
if (this.discoveryComplete()) {
return this.replacePath(this.metadata.issuer);
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
/**
* Jwks_uri for token signing keys
*/
get jwksUri() {
if (this.discoveryComplete()) {
return this.replacePath(this.metadata.jwks_uri);
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
/**
* Returns a flag indicating that tenant name can be replaced in authority {@link IUri}
* @param authorityUri {@link IUri}
* @private
*/
canReplaceTenant(authorityUri) {
return (authorityUri.PathSegments.length === 1 &&
!Authority.reservedTenantDomains.has(authorityUri.PathSegments[0]) &&
this.getAuthorityType(authorityUri) === AuthorityType.Default &&
this.protocolMode !== ProtocolMode.OIDC);
}
/**
* Replaces tenant in url path with current tenant. Defaults to common.
* @param urlString
*/
replaceTenant(urlString) {
return urlString.replace(/{tenant}|{tenantid}/g, this.tenant);
}
/**
* Replaces path such as tenant or policy with the current tenant or policy.
* @param urlString
*/
replacePath(urlString) {
let endpoint = urlString;
const cachedAuthorityUrl = new UrlString(this.metadata.canonical_authority);
const cachedAuthorityUrlComponents = cachedAuthorityUrl.getUrlComponents();
const cachedAuthorityParts = cachedAuthorityUrlComponents.PathSegments;
const currentAuthorityParts = this.canonicalAuthorityUrlComponents.PathSegments;
currentAuthorityParts.forEach((currentPart, index) => {
let cachedPart = cachedAuthorityParts[index];
if (index === 0 &&
this.canReplaceTenant(cachedAuthorityUrlComponents)) {
const tenantId = new UrlString(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];
/**
* Check if AAD canonical authority contains tenant domain name, for example "testdomain.onmicrosoft.com",
* by comparing its first path segment to the corresponding authorization endpoint path segment, which is
* always resolved with tenant id by OIDC.
*/
if (cachedPart !== tenantId) {
this.logger.verbose(`Replacing tenant domain name ${cachedPart} with id ${tenantId}`);
cachedPart = tenantId;
}
}
if (currentPart !== cachedPart) {
endpoint = endpoint.replace(`/${cachedPart}/`, `/${currentPart}/`);
}
});
return this.replaceTenant(endpoint);
}
/**
* The default open id configuration endpoint for any canonical authority.
*/
get defaultOpenIdConfigurationEndpoint() {
const canonicalAuthorityHost = this.hostnameAndPort;
if (this.canonicalAuthority.endsWith("v2.0/") ||
this.authorityType === AuthorityType.Adfs ||
(this.protocolMode === ProtocolMode.OIDC &&
!this.isAliasOfKnownMicrosoftAuthority(canonicalAuthorityHost))) {
return `${this.canonicalAuthority}.well-known/openid-configuration`;
}
return `${this.canonicalAuthority}v2.0/.well-known/openid-configuration`;
}
/**
* Boolean that returns whether or not tenant discovery has been completed.
*/
discoveryComplete() {
return !!this.metadata;
}
/**
* Perform endpoint discovery to discover aliases, preferred_cache, preferred_network
* and the /authorize, /token and logout endpoints.
*/
async resolveEndpointsAsync() {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityResolveEndpointsAsync, this.correlationId);
const metadataEntity = this.getCurrentMetadataEntity();
const cloudDiscoverySource = await invokeAsync(this.updateCloudDiscoveryMetadata.bind(this), PerformanceEvents.AuthorityUpdateCloudDiscoveryMetadata, this.logger, this.performanceClient, this.correlationId)(metadataEntity);
this.canonicalAuthority = this.canonicalAuthority.replace(this.hostnameAndPort, metadataEntity.preferred_network);
const endpointSource = await invokeAsync(this.updateEndpointMetadata.bind(this), PerformanceEvents.AuthorityUpdateEndpointMetadata, this.logger, this.performanceClient, this.correlationId)(metadataEntity);
this.updateCachedMetadata(metadataEntity, cloudDiscoverySource, {
source: endpointSource,
});
this.performanceClient?.addFields({
cloudDiscoverySource: cloudDiscoverySource,
authorityEndpointSource: endpointSource,
}, this.correlationId);
}
/**
* Returns metadata entity from cache if it exists, otherwiser returns a new metadata entity built
* from the configured canonical authority
* @returns
*/
getCurrentMetadataEntity() {
let metadataEntity = this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort);
if (!metadataEntity) {
metadataEntity = {
aliases: [],
preferred_cache: this.hostnameAndPort,
preferred_network: this.hostnameAndPort,
canonical_authority: this.canonicalAuthority,
authorization_endpoint: "",
token_endpoint: "",
end_session_endpoint: "",
issuer: "",
aliasesFromNetwork: false,
endpointsFromNetwork: false,
expiresAt: generateAuthorityMetadataExpiresAt(),
jwks_uri: "",
};
}
return metadataEntity;
}
/**
* Updates cached metadata based on metadata source and sets the instance's metadata
* property to the same value
* @param metadataEntity
* @param cloudDiscoverySource
* @param endpointMetadataResult
*/
updateCachedMetadata(metadataEntity, cloudDiscoverySource, endpointMetadataResult) {
if (cloudDiscoverySource !== AuthorityMetadataSource.CACHE &&
endpointMetadataResult?.source !== AuthorityMetadataSource.CACHE) {
// Reset the expiration time unless both values came from a successful cache lookup
metadataEntity.expiresAt =
generateAuthorityMetadataExpiresAt();
metadataEntity.canonical_authority = this.canonicalAuthority;
}
const cacheKey = this.cacheManager.generateAuthorityMetadataCacheKey(metadataEntity.preferred_cache);
this.cacheManager.setAuthorityMetadata(cacheKey, metadataEntity);
this.metadata = metadataEntity;
}
/**
* Update AuthorityMetadataEntity with new endpoints and return where the information came from
* @param metadataEntity
*/
async updateEndpointMetadata(metadataEntity) {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityUpdateEndpointMetadata, this.correlationId);
const localMetadata = this.updateEndpointMetadataFromLocalSources(metadataEntity);
// Further update may be required for hardcoded metadata if regional metadata is preferred
if (localMetadata) {
if (localMetadata.source ===
AuthorityMetadataSource.HARDCODED_VALUES) {
// If the user prefers to use an azure region replace the global endpoints with regional information.
if (this.authorityOptions.azureRegionConfiguration?.azureRegion) {
if (localMetadata.metadata) {
const hardcodedMetadata = await invokeAsync(this.updateMetadataWithRegionalInformation.bind(this), PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation, this.logger, this.performanceClient, this.correlationId)(localMetadata.metadata);
updateAuthorityEndpointMetadata(metadataEntity, hardcodedMetadata, false);
metadataEntity.canonical_authority =
this.canonicalAuthority;
}
}
}
return localMetadata.source;
}
// Get metadata from network if local sources aren't available
let metadata = await invokeAsync(this.getEndpointMetadataFromNetwork.bind(this), PerformanceEvents.AuthorityGetEndpointMetadataFromNetwork, this.logger, this.performanceClient, this.correlationId)();
if (metadata) {
// If the user prefers to use an azure region replace the global endpoints with regional information.
if (this.authorityOptions.azureRegionConfiguration?.azureRegion) {
metadata = await invokeAsync(this.updateMetadataWithRegionalInformation.bind(this), PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation, this.logger, this.performanceClient, this.correlationId)(metadata);
}
updateAuthorityEndpointMetadata(metadataEntity, metadata, true);
return AuthorityMetadataSource.NETWORK;
}
else {
// Metadata could not be obtained from the config, cache, network or hardcoded values
throw createClientAuthError(openIdConfigError, this.defaultOpenIdConfigurationEndpoint);
}
}
/**
* Updates endpoint metadata from local sources and returns where the information was retrieved from and the metadata config
* response if the source is hardcoded metadata
* @param metadataEntity
* @returns
*/
updateEndpointMetadataFromLocalSources(metadataEntity) {
this.logger.verbose("Attempting to get endpoint metadata from authority configuration");
const configMetadata = this.getEndpointMetadataFromConfig();
if (configMetadata) {
this.logger.verbose("Found endpoint metadata in authority configuration");
updateAuthorityEndpointMetadata(metadataEntity, configMetadata, false);
return {
source: AuthorityMetadataSource.CONFIG,
};
}
this.logger.verbose("Did not find endpoint metadata in the config... Attempting to get endpoint metadata from the hardcoded values.");
// skipAuthorityMetadataCache is used to bypass hardcoded authority metadata and force a network metadata cache lookup and network metadata request if no cached response is available.
if (this.authorityOptions.skipAuthorityMetadataCache) {
this.logger.verbose("Skipping hardcoded metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get endpoint metadata from the network metadata cache.");
}
else {
const hardcodedMetadata = this.getEndpointMetadataFromHardcodedValues();
if (hardcodedMetadata) {
updateAuthorityEndpointMetadata(metadataEntity, hardcodedMetadata, false);
return {
source: AuthorityMetadataSource.HARDCODED_VALUES,
metadata: hardcodedMetadata,
};
}
else {
this.logger.verbose("Did not find endpoint metadata in hardcoded values... Attempting to get endpoint metadata from the network metadata cache.");
}
}
// Check cached metadata entity expiration status
const metadataEntityExpired = isAuthorityMetadataExpired(metadataEntity);
if (this.isAuthoritySameType(metadataEntity) &&
metadataEntity.endpointsFromNetwork &&
!metadataEntityExpired) {
// No need to update
this.logger.verbose("Found endpoint metadata in the cache.");
return { source: AuthorityMetadataSource.CACHE };
}
else if (metadataEntityExpired) {
this.logger.verbose("The metadata entity is expired.");
}
return null;
}
/**
* Compares the number of url components after the domain to determine if the cached
* authority metadata can be used for the requested authority. Protects against same domain different
* authority such as login.microsoftonline.com/tenant and login.microsoftonline.com/tfp/tenant/policy
* @param metadataEntity
*/
isAuthoritySameType(metadataEntity) {
const cachedAuthorityUrl = new UrlString(metadataEntity.canonical_authority);
const cachedParts = cachedAuthorityUrl.getUrlComponents().PathSegments;
return (cachedParts.length ===
this.canonicalAuthorityUrlComponents.PathSegments.length);
}
/**
* Parse authorityMetadata config option
*/
getEndpointMetadataFromConfig() {
if (this.authorityOptions.authorityMetadata) {
try {
return JSON.parse(this.authorityOptions.authorityMetadata);
}
catch (e) {
throw createClientConfigurationError(invalidAuthorityMetadata);
}
}
return null;
}
/**
* Gets OAuth endpoints from the given OpenID configuration endpoint.
*
* @param hasHardcodedMetadata boolean
*/
async getEndpointMetadataFromNetwork() {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityGetEndpointMetadataFromNetwork, this.correlationId);
const options = {};
/*
* TODO: Add a timeout if the authority exists in our library's
* hardcoded list of metadata
*/
const openIdConfigurationEndpoint = this.defaultOpenIdConfigurationEndpoint;
this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: attempting to retrieve OAuth endpoints from ${openIdConfigurationEndpoint}`);
try {
const response = await this.networkInterface.sendGetRequestAsync(openIdConfigurationEndpoint, options);
const isValidResponse = isOpenIdConfigResponse(response.body);
if (isValidResponse) {
return response.body;
}
else {
this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: could not parse response as OpenID configuration`);
return null;
}
}
catch (e) {
this.logger.verbose(`Authority.getEndpointMetadataFromNetwork: ${e}`);
return null;
}
}
/**
* Get OAuth endpoints for common authorities.
*/
getEndpointMetadataFromHardcodedValues() {
if (this.hostnameAndPort in EndpointMetadata) {
return EndpointMetadata[this.hostnameAndPort];
}
return null;
}
/**
* Update the retrieved metadata with regional information.
* User selected Azure region will be used if configured.
*/
async updateMetadataWithRegionalInformation(metadata) {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityUpdateMetadataWithRegionalInformation, this.correlationId);
const userConfiguredAzureRegion = this.authorityOptions.azureRegionConfiguration?.azureRegion;
if (userConfiguredAzureRegion) {
if (userConfiguredAzureRegion !==
Constants.AZURE_REGION_AUTO_DISCOVER_FLAG) {
this.regionDiscoveryMetadata.region_outcome =
RegionDiscoveryOutcomes.CONFIGURED_NO_AUTO_DETECTION;
this.regionDiscoveryMetadata.region_used =
userConfiguredAzureRegion;
return Authority.replaceWithRegionalInformation(metadata, userConfiguredAzureRegion);
}
const autodetectedRegionName = await invokeAsync(this.regionDiscovery.detectRegion.bind(this.regionDiscovery), PerformanceEvents.RegionDiscoveryDetectRegion, this.logger, this.performanceClient, this.correlationId)(this.authorityOptions.azureRegionConfiguration
?.environmentRegion, this.regionDiscoveryMetadata);
if (autodetectedRegionName) {
this.regionDiscoveryMetadata.region_outcome =
RegionDiscoveryOutcomes.AUTO_DETECTION_REQUESTED_SUCCESSFUL;
this.regionDiscoveryMetadata.region_used =
autodetectedRegionName;
return Authority.replaceWithRegionalInformation(metadata, autodetectedRegionName);
}
this.regionDiscoveryMetadata.region_outcome =
RegionDiscoveryOutcomes.AUTO_DETECTION_REQUESTED_FAILED;
}
return metadata;
}
/**
* Updates the AuthorityMetadataEntity with new aliases, preferred_network and preferred_cache
* and returns where the information was retrieved from
* @param metadataEntity
* @returns AuthorityMetadataSource
*/
async updateCloudDiscoveryMetadata(metadataEntity) {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityUpdateCloudDiscoveryMetadata, this.correlationId);
const localMetadataSource = this.updateCloudDiscoveryMetadataFromLocalSources(metadataEntity);
if (localMetadataSource) {
return localMetadataSource;
}
// Fallback to network as metadata source
const metadata = await invokeAsync(this.getCloudDiscoveryMetadataFromNetwork.bind(this), PerformanceEvents.AuthorityGetCloudDiscoveryMetadataFromNetwork, this.logger, this.performanceClient, this.correlationId)();
if (metadata) {
updateCloudDiscoveryMetadata(metadataEntity, metadata, true);
return AuthorityMetadataSource.NETWORK;
}
// Metadata could not be obtained from the config, cache, network or hardcoded values
throw createClientConfigurationError(untrustedAuthority);
}
updateCloudDiscoveryMetadataFromLocalSources(metadataEntity) {
this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration");
this.logger.verbosePii(`Known Authorities: ${this.authorityOptions.knownAuthorities ||
Constants.NOT_APPLICABLE}`);
this.logger.verbosePii(`Authority Metadata: ${this.authorityOptions.authorityMetadata ||
Constants.NOT_APPLICABLE}`);
this.logger.verbosePii(`Canonical Authority: ${metadataEntity.canonical_authority || Constants.NOT_APPLICABLE}`);
const metadata = this.getCloudDiscoveryMetadataFromConfig();
if (metadata) {
this.logger.verbose("Found cloud discovery metadata in authority configuration");
updateCloudDiscoveryMetadata(metadataEntity, metadata, false);
return AuthorityMetadataSource.CONFIG;
}
// If the cached metadata came from config but that config was not passed to this instance, we must go to hardcoded values
this.logger.verbose("Did not find cloud discovery metadata in the config... Attempting to get cloud discovery metadata from the hardcoded values.");
if (this.options.skipAuthorityMetadataCache) {
this.logger.verbose("Skipping hardcoded cloud discovery metadata cache since skipAuthorityMetadataCache is set to true. Attempting to get cloud discovery metadata from the network metadata cache.");
}
else {
const hardcodedMetadata = getCloudDiscoveryMetadataFromHardcodedValues(this.hostnameAndPort);
if (hardcodedMetadata) {
this.logger.verbose("Found cloud discovery metadata from hardcoded values.");
updateCloudDiscoveryMetadata(metadataEntity, hardcodedMetadata, false);
return AuthorityMetadataSource.HARDCODED_VALUES;
}
this.logger.verbose("Did not find cloud discovery metadata in hardcoded values... Attempting to get cloud discovery metadata from the network metadata cache.");
}
const metadataEntityExpired = isAuthorityMetadataExpired(metadataEntity);
if (this.isAuthoritySameType(metadataEntity) &&
metadataEntity.aliasesFromNetwork &&
!metadataEntityExpired) {
this.logger.verbose("Found cloud discovery metadata in the cache.");
// No need to update
return AuthorityMetadataSource.CACHE;
}
else if (metadataEntityExpired) {
this.logger.verbose("The metadata entity is expired.");
}
return null;
}
/**
* Parse cloudDiscoveryMetadata config or check knownAuthorities
*/
getCloudDiscoveryMetadataFromConfig() {
// CIAM does not support cloud discovery metadata
if (this.authorityType === AuthorityType.Ciam) {
this.logger.verbose("CIAM authorities do not support cloud discovery metadata, generate the aliases from authority host.");
return Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);
}
// Check if network response was provided in config
if (this.authorityOptions.cloudDiscoveryMetadata) {
this.logger.verbose("The cloud discovery metadata has been provided as a network response, in the config.");
try {
this.logger.verbose("Attempting to parse the cloud discovery metadata.");
const parsedResponse = JSON.parse(this.authorityOptions.cloudDiscoveryMetadata);
const metadata = getCloudDiscoveryMetadataFromNetworkResponse(parsedResponse.metadata, this.hostnameAndPort);
this.logger.verbose("Parsed the cloud discovery metadata.");
if (metadata) {
this.logger.verbose("There is returnable metadata attached to the parsed cloud discovery metadata.");
return metadata;
}
else {
this.logger.verbose("There is no metadata attached to the parsed cloud discovery metadata.");
}
}
catch (e) {
this.logger.verbose("Unable to parse the cloud discovery metadata. Throwing Invalid Cloud Discovery Metadata Error.");
throw createClientConfigurationError(invalidCloudDiscoveryMetadata);
}
}
// If cloudDiscoveryMetadata is empty or does not contain the host, check knownAuthorities
if (this.isInKnownAuthorities()) {
this.logger.verbose("The host is included in knownAuthorities. Creating new cloud discovery metadata from the host.");
return Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);
}
return null;
}
/**
* Called to get metadata from network if CloudDiscoveryMetadata was not populated by config
*
* @param hasHardcodedMetadata boolean
*/
async getCloudDiscoveryMetadataFromNetwork() {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityGetCloudDiscoveryMetadataFromNetwork, this.correlationId);
const instanceDiscoveryEndpoint = `${Constants.AAD_INSTANCE_DISCOVERY_ENDPT}${this.canonicalAuthority}oauth2/v2.0/authorize`;
const options = {};
/*
* TODO: Add a timeout if the authority exists in our library's
* hardcoded list of metadata
*/
let match = null;
try {
const response = await this.networkInterface.sendGetRequestAsync(instanceDiscoveryEndpoint, options);
let typedResponseBody;
let metadata;
if (isCloudInstanceDiscoveryResponse(response.body)) {
typedResponseBody =
response.body;
metadata = typedResponseBody.metadata;
this.logger.verbosePii(`tenant_discovery_endpoint is: ${typedResponseBody.tenant_discovery_endpoint}`);
}
else if (isCloudInstanceDiscoveryErrorResponse(response.body)) {
this.logger.warning(`A CloudInstanceDiscoveryErrorResponse was returned. The cloud instance discovery network request's status code is: ${response.status}`);
typedResponseBody =
response.body;
if (typedResponseBody.error === Constants.INVALID_INSTANCE) {
this.logger.error("The CloudInstanceDiscoveryErrorResponse error is invalid_instance.");
return null;
}
this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error is ${typedResponseBody.error}`);
this.logger.warning(`The CloudInstanceDiscoveryErrorResponse error description is ${typedResponseBody.error_description}`);
this.logger.warning("Setting the value of the CloudInstanceDiscoveryMetadata (returned from the network) to []");
metadata = [];
}
else {
this.logger.error("AAD did not return a CloudInstanceDiscoveryResponse or CloudInstanceDiscoveryErrorResponse");
return null;
}
this.logger.verbose("Attempting to find a match between the developer's authority and the CloudInstanceDiscoveryMetadata returned from the network request.");
match = getCloudDiscoveryMetadataFromNetworkResponse(metadata, this.hostnameAndPort);
}
catch (error) {
if (error instanceof AuthError) {
this.logger.error(`There was a network error while attempting to get the cloud discovery instance metadata.\nError: ${error.errorCode}\nError Description: ${error.errorMessage}`);
}
else {
const typedError = error;
this.logger.error(`A non-MSALJS error was thrown while attempting to get the cloud instance discovery metadata.\nError: ${typedError.name}\nError Description: ${typedError.message}`);
}
return null;
}
// Custom Domain scenario, host is trusted because Instance Discovery call succeeded
if (!match) {
this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request.");
this.logger.verbose("Creating custom Authority for custom domain scenario.");
match = Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);
}
return match;
}
/**
* Helper function to determine if this host is included in the knownAuthorities config option
*/
isInKnownAuthorities() {
const matches = this.authorityOptions.knownAuthorities.filter((authority) => {
return (authority &&
UrlString.getDomainFromUrl(authority).toLowerCase() ===
this.hostnameAndPort);
});
return matches.length > 0;
}
/**
* helper function to populate the authority based on azureCloudOptions
* @param authorityString
* @param azureCloudOptions
*/
static generateAuthority(authorityString, azureCloudOptions) {
let authorityAzureCloudInstance;
if (azureCloudOptions &&
azureCloudOptions.azureCloudInstance !== AzureCloudInstance.None) {
const tenant = azureCloudOptions.tenant
? azureCloudOptions.tenant
: Constants.DEFAULT_COMMON_TENANT;
authorityAzureCloudInstance = `${azureCloudOptions.azureCloudInstance}/${tenant}/`;
}
return authorityAzureCloudInstance
? authorityAzureCloudInstance
: authorityString;
}
/**
* Creates cloud discovery metadata object from a given host
* @param host
*/
static createCloudDiscoveryMetadataFromHost(host) {
return {
preferred_network: host,
preferred_cache: host,
aliases: [host],
};
}
/**
* helper function to generate environment from authority object
*/
getPreferredCache() {
if (this.managedIdentity) {
return Constants.DEFAULT_AUTHORITY_HOST;
}
else if (this.discoveryComplete()) {
return this.metadata.preferred_cache;
}
else {
throw createClientAuthError(endpointResolutionError);
}
}
/**
* Returns whether or not the provided host is an alias of this authority instance
* @param host
*/
isAlias(host) {
return this.metadata.aliases.indexOf(host) > -1;
}
/**
* Returns whether or not the provided host is an alias of a known Microsoft authority for purposes of endpoint discovery
* @param host
*/
isAliasOfKnownMicrosoftAuthority(host) {
return InstanceDiscoveryMetadataAliases.has(host);
}
/**
* Checks whether the provided host is that of a public cloud authority
*
* @param authority string
* @returns bool
*/
static isPublicCloudAuthority(host) {
return Constants.KNOWN_PUBLIC_CLOUDS.indexOf(host) >= 0;
}
/**
* Rebuild the authority string with the region
*
* @param host string
* @param region string
*/
static buildRegionalAuthorityString(host, region, queryString) {
// Create and validate a Url string object with the initial authority string
const authorityUrlInstance = new UrlString(host);
authorityUrlInstance.validateAsUri();
const authorityUrlParts = authorityUrlInstance.getUrlComponents();
let hostNameAndPort = `${region}.${authorityUrlParts.HostNameAndPort}`;
if (this.isPublicCloudAuthority(authorityUrlParts.HostNameAndPort)) {
hostNameAndPort = `${region}.${Constants.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`;
}
// Include the query string portion of the url
const url = UrlString.constructAuthorityUriFromObject({
...authorityUrlInstance.getUrlComponents(),
HostNameAndPort: hostNameAndPort,
}).urlString;
// Add the query string if a query string was provided
if (queryString)
return `${url}?${queryString}`;
return url;
}
/**
* Replace the endpoints in the metadata object with their regional equivalents.
*
* @param metadata OpenIdConfigResponse
* @param azureRegion string
*/
static replaceWithRegionalInformation(metadata, azureRegion) {
const regionalMetadata = { ...metadata };
regionalMetadata.authorization_endpoint =
Authority.buildRegionalAuthorityString(regionalMetadata.authorization_endpoint, azureRegion);
regionalMetadata.token_endpoint =
Authority.buildRegionalAuthorityString(regionalMetadata.token_endpoint, azureRegion);
if (regionalMetadata.end_session_endpoint) {
regionalMetadata.end_session_endpoint =
Authority.buildRegionalAuthorityString(regionalMetadata.end_session_endpoint, azureRegion);
}
return regionalMetadata;
}
/**
* Transform CIAM_AUTHORIY as per the below rules:
* If no path segments found and it is a CIAM authority (hostname ends with .ciamlogin.com), then transform it
*
* NOTE: The transformation path should go away once STS supports CIAM with the format: `tenantIdorDomain.ciamlogin.com`
* `ciamlogin.com` can also change in the future and we should accommodate the same
*
* @param authority
*/
static transformCIAMAuthority(authority) {
let ciamAuthority = authority;
const authorityUrl = new UrlString(authority);
const authorityUrlComponents = authorityUrl.getUrlComponents();
// check if transformation is needed
if (authorityUrlComponents.PathSegments.length === 0 &&
authorityUrlComponents.HostNameAndPort.endsWith(Constants.CIAM_AUTH_URL)) {
const tenantIdOrDomain = authorityUrlComponents.HostNameAndPort.split(".")[0];
ciamAuthority = `${ciamAuthority}${tenantIdOrDomain}${Constants.AAD_TENANT_DOMAIN_SUFFIX}`;
}
return ciamAuthority;
}
}
// Reserved tenant domain names that will not be replaced with tenant id
Authority.reservedTenantDomains = new Set([
"{tenant}",
"{tenantid}",
AADAuthorityConstants.COMMON,
AADAuthorityConstants.CONSUMERS,
AADAuthorityConstants.ORGANIZATIONS,
]);
/**
* Extract tenantId from authority
*/
function getTenantFromAuthorityString(authority) {
const authorityUrl = new UrlString(authority);
const authorityUrlComponents = authorityUrl.getUrlComponents();
/**
* For credential matching purposes, tenantId is the last path segment of the authority URL:
* AAD Authority - domain/tenantId -> Credentials are cached with realm = tenantId
* B2C Authority - domain/{tenantId}?/.../policy -> Credentials are cached with realm = policy
* tenantId is downcased because B2C policies can have mixed case but tfp claim is downcased
*
* Note that we may not have any path segments in certain OIDC scenarios.
*/
const tenantId = authorityUrlComponents.PathSegments.slice(-1)[0]?.toLowerCase();
switch (tenantId) {
case AADAuthorityConstants.COMMON:
case AADAuthorityConstants.ORGANIZATIONS:
case AADAuthorityConstants.CONSUMERS:
return undefined;
default:
return tenantId;
}
}
function formatAuthorityUri(authorityUri) {
return authorityUri.endsWith(Constants.FORWARD_SLASH)
? authorityUri
: `${authorityUri}${Constants.FORWARD_SLASH}`;
}
function buildStaticAuthorityOptions(authOptions) {
const rawCloudDiscoveryMetadata = authOptions.cloudDiscoveryMetadata;
let cloudDiscoveryMetadata = undefined;
if (rawCloudDiscoveryMetadata) {
try {
cloudDiscoveryMetadata = JSON.parse(rawCloudDiscoveryMetadata);
}
catch (e) {
throw createClientConfigurationError(invalidCloudDiscoveryMetadata);
}
}
return {
canonicalAuthority: authOptions.authority
? formatAuthorityUri(authOptions.authority)
: undefined,
knownAuthorities: authOptions.knownAuthorities,
cloudDiscoveryMetadata: cloudDiscoveryMetadata,
};
}
export { Authority, buildStaticAuthorityOptions, formatAuthorityUri, getTenantFromAuthorityString };
//# sourceMappingURL=Authority.mjs.map

39
extracted-source/node_modules/@azure/msal-common/dist/authority/AuthorityFactory.mjs generated vendored Normal file
View File

@@ -0,0 +1,39 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
import { Authority, formatAuthorityUri } from './Authority.mjs';
import { createClientAuthError } from '../error/ClientAuthError.mjs';
import { PerformanceEvents } from '../telemetry/performance/PerformanceEvent.mjs';
import { invokeAsync } from '../utils/FunctionWrappers.mjs';
import { endpointResolutionError } from '../error/ClientAuthErrorCodes.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Create an authority object of the correct type based on the url
* Performs basic authority validation - checks to see if the authority is of a valid type (i.e. aad, b2c, adfs)
*
* Also performs endpoint discovery.
*
* @param authorityUri
* @param networkClient
* @param protocolMode
* @internal
*/
async function createDiscoveredInstance(authorityUri, networkClient, cacheManager, authorityOptions, logger, correlationId, performanceClient) {
performanceClient?.addQueueMeasurement(PerformanceEvents.AuthorityFactoryCreateDiscoveredInstance, correlationId);
const authorityUriFinal = Authority.transformCIAMAuthority(formatAuthorityUri(authorityUri));
// Initialize authority and perform discovery endpoint check.
const acquireTokenAuthority = new Authority(authorityUriFinal, networkClient, cacheManager, authorityOptions, logger, correlationId, performanceClient);
try {
await invokeAsync(acquireTokenAuthority.resolveEndpointsAsync.bind(acquireTokenAuthority), PerformanceEvents.AuthorityResolveEndpointsAsync, logger, performanceClient, correlationId)();
return acquireTokenAuthority;
}
catch (e) {
throw createClientAuthError(endpointResolutionError);
}
}
export { createDiscoveredInstance };
//# sourceMappingURL=AuthorityFactory.mjs.map

144
extracted-source/node_modules/@azure/msal-common/dist/authority/AuthorityMetadata.mjs generated vendored Normal file
View File

@@ -0,0 +1,144 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
import { UrlString } from '../url/UrlString.mjs';
import { AuthorityMetadataSource } from '../utils/Constants.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const rawMetdataJSON = {
endpointMetadata: {
"login.microsoftonline.com": {
token_endpoint: "https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/token",
jwks_uri: "https://login.microsoftonline.com/{tenantid}/discovery/v2.0/keys",
issuer: "https://login.microsoftonline.com/{tenantid}/v2.0",
authorization_endpoint: "https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize",
end_session_endpoint: "https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/logout",
},
"login.chinacloudapi.cn": {
token_endpoint: "https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/token",
jwks_uri: "https://login.chinacloudapi.cn/{tenantid}/discovery/v2.0/keys",
issuer: "https://login.partner.microsoftonline.cn/{tenantid}/v2.0",
authorization_endpoint: "https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/authorize",
end_session_endpoint: "https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/logout",
},
"login.microsoftonline.us": {
token_endpoint: "https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/token",
jwks_uri: "https://login.microsoftonline.us/{tenantid}/discovery/v2.0/keys",
issuer: "https://login.microsoftonline.us/{tenantid}/v2.0",
authorization_endpoint: "https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",
end_session_endpoint: "https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout",
},
},
instanceDiscoveryMetadata: {
metadata: [
{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: [
"login.microsoftonline.com",
"login.windows.net",
"login.microsoft.com",
"sts.windows.net",
],
},
{
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: [
"login.partner.microsoftonline.cn",
"login.chinacloudapi.cn",
],
},
{
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"],
},
{
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: [
"login.microsoftonline.us",
"login.usgovcloudapi.net",
],
},
{
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"],
},
],
},
};
const EndpointMetadata = rawMetdataJSON.endpointMetadata;
const InstanceDiscoveryMetadata = rawMetdataJSON.instanceDiscoveryMetadata;
const InstanceDiscoveryMetadataAliases = new Set();
InstanceDiscoveryMetadata.metadata.forEach((metadataEntry) => {
metadataEntry.aliases.forEach((alias) => {
InstanceDiscoveryMetadataAliases.add(alias);
});
});
/**
* Attempts to get an aliases array from the static authority metadata sources based on the canonical authority host
* @param staticAuthorityOptions
* @param logger
* @returns
*/
function getAliasesFromStaticSources(staticAuthorityOptions, logger) {
let staticAliases;
const canonicalAuthority = staticAuthorityOptions.canonicalAuthority;
if (canonicalAuthority) {
const authorityHost = new UrlString(canonicalAuthority).getUrlComponents().HostNameAndPort;
staticAliases =
getAliasesFromMetadata(authorityHost, staticAuthorityOptions.cloudDiscoveryMetadata?.metadata, AuthorityMetadataSource.CONFIG, logger) ||
getAliasesFromMetadata(authorityHost, InstanceDiscoveryMetadata.metadata, AuthorityMetadataSource.HARDCODED_VALUES, logger) ||
staticAuthorityOptions.knownAuthorities;
}
return staticAliases || [];
}
/**
* Returns aliases for from the raw cloud discovery metadata passed in
* @param authorityHost
* @param rawCloudDiscoveryMetadata
* @returns
*/
function getAliasesFromMetadata(authorityHost, cloudDiscoveryMetadata, source, logger) {
logger?.trace(`getAliasesFromMetadata called with source: ${source}`);
if (authorityHost && cloudDiscoveryMetadata) {
const metadata = getCloudDiscoveryMetadataFromNetworkResponse(cloudDiscoveryMetadata, authorityHost);
if (metadata) {
logger?.trace(`getAliasesFromMetadata: found cloud discovery metadata in ${source}, returning aliases`);
return metadata.aliases;
}
else {
logger?.trace(`getAliasesFromMetadata: did not find cloud discovery metadata in ${source}`);
}
}
return null;
}
/**
* Get cloud discovery metadata for common authorities
*/
function getCloudDiscoveryMetadataFromHardcodedValues(authorityHost) {
const metadata = getCloudDiscoveryMetadataFromNetworkResponse(InstanceDiscoveryMetadata.metadata, authorityHost);
return metadata;
}
/**
* Searches instance discovery network response for the entry that contains the host in the aliases list
* @param response
* @param authority
*/
function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
for (let i = 0; i < response.length; i++) {
const metadata = response[i];
if (metadata.aliases.includes(authorityHost)) {
return metadata;
}
}
return null;
}
export { EndpointMetadata, InstanceDiscoveryMetadata, InstanceDiscoveryMetadataAliases, getAliasesFromMetadata, getAliasesFromStaticSources, getCloudDiscoveryMetadataFromHardcodedValues, getCloudDiscoveryMetadataFromNetworkResponse, rawMetdataJSON };
//# sourceMappingURL=AuthorityMetadata.mjs.map

23
extracted-source/node_modules/@azure/msal-common/dist/authority/AuthorityOptions.mjs generated vendored Normal file
View File

@@ -0,0 +1,23 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
const AzureCloudInstance = {
// AzureCloudInstance is not specified.
None: "none",
// Microsoft Azure public cloud
AzurePublic: "https://login.microsoftonline.com",
// Microsoft PPE
AzurePpe: "https://login.windows-ppe.net",
// Microsoft Chinese national/regional cloud
AzureChina: "https://login.chinacloudapi.cn",
// Microsoft German national/regional cloud ("Black Forest")
AzureGermany: "https://login.microsoftonline.de",
// US Government cloud
AzureUsGovernment: "https://login.microsoftonline.us",
};
export { AzureCloudInstance };
//# sourceMappingURL=AuthorityOptions.mjs.map

18
extracted-source/node_modules/@azure/msal-common/dist/authority/AuthorityType.mjs generated vendored Normal file
View File

@@ -0,0 +1,18 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Authority types supported by MSAL.
*/
const AuthorityType = {
Default: 0,
Adfs: 1,
Dsts: 2,
Ciam: 3,
};
export { AuthorityType };
//# sourceMappingURL=AuthorityType.mjs.map

13
extracted-source/node_modules/@azure/msal-common/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs generated vendored Normal file
View File

@@ -0,0 +1,13 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
function isCloudInstanceDiscoveryErrorResponse(response) {
return (response.hasOwnProperty("error") &&
response.hasOwnProperty("error_description"));
}
export { isCloudInstanceDiscoveryErrorResponse };
//# sourceMappingURL=CloudInstanceDiscoveryErrorResponse.mjs.map

13
extracted-source/node_modules/@azure/msal-common/dist/authority/CloudInstanceDiscoveryResponse.mjs generated vendored Normal file
View File

@@ -0,0 +1,13 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
function isCloudInstanceDiscoveryResponse(response) {
return (response.hasOwnProperty("tenant_discovery_endpoint") &&
response.hasOwnProperty("metadata"));
}
export { isCloudInstanceDiscoveryResponse };
//# sourceMappingURL=CloudInstanceDiscoveryResponse.mjs.map

15
extracted-source/node_modules/@azure/msal-common/dist/authority/OpenIdConfigResponse.mjs generated vendored Normal file
View File

@@ -0,0 +1,15 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
function isOpenIdConfigResponse(response) {
return (response.hasOwnProperty("authorization_endpoint") &&
response.hasOwnProperty("token_endpoint") &&
response.hasOwnProperty("issuer") &&
response.hasOwnProperty("jwks_uri"));
}
export { isOpenIdConfigResponse };
//# sourceMappingURL=OpenIdConfigResponse.mjs.map

27
extracted-source/node_modules/@azure/msal-common/dist/authority/ProtocolMode.mjs generated vendored Normal file
View File

@@ -0,0 +1,27 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* Protocol modes supported by MSAL.
*/
const ProtocolMode = {
/**
* Auth Code + PKCE with Entra ID (formerly AAD) specific optimizations and features
*/
AAD: "AAD",
/**
* Auth Code + PKCE without Entra ID specific optimizations and features. For use only with non-Microsoft owned authorities.
* Support is limited for this mode.
*/
OIDC: "OIDC",
/**
* Encrypted Authorize Response (EAR) with Entra ID specific optimizations and features
*/
EAR: "EAR",
};
export { ProtocolMode };
//# sourceMappingURL=ProtocolMode.mjs.map

112
extracted-source/node_modules/@azure/msal-common/dist/authority/RegionDiscovery.mjs generated vendored Normal file
View File

@@ -0,0 +1,112 @@
/*! @azure/msal-common v15.13.1 2025-10-29 */
'use strict';
import { Constants, HttpStatus, RegionDiscoverySources } from '../utils/Constants.mjs';
import { PerformanceEvents } from '../telemetry/performance/PerformanceEvent.mjs';
import { invokeAsync } from '../utils/FunctionWrappers.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
class RegionDiscovery {
constructor(networkInterface, logger, performanceClient, correlationId) {
this.networkInterface = networkInterface;
this.logger = logger;
this.performanceClient = performanceClient;
this.correlationId = correlationId;
}
/**
* Detect the region from the application's environment.
*
* @returns Promise<string | null>
*/
async detectRegion(environmentRegion, regionDiscoveryMetadata) {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RegionDiscoveryDetectRegion, this.correlationId);
// Initialize auto detected region with the region from the envrionment
let autodetectedRegionName = environmentRegion;
// Check if a region was detected from the environment, if not, attempt to get the region from IMDS
if (!autodetectedRegionName) {
const options = RegionDiscovery.IMDS_OPTIONS;
try {
const localIMDSVersionResponse = await invokeAsync(this.getRegionFromIMDS.bind(this), PerformanceEvents.RegionDiscoveryGetRegionFromIMDS, this.logger, this.performanceClient, this.correlationId)(Constants.IMDS_VERSION, options);
if (localIMDSVersionResponse.status === HttpStatus.SUCCESS) {
autodetectedRegionName = localIMDSVersionResponse.body;
regionDiscoveryMetadata.region_source =
RegionDiscoverySources.IMDS;
}
// If the response using the local IMDS version failed, try to fetch the current version of IMDS and retry.
if (localIMDSVersionResponse.status === HttpStatus.BAD_REQUEST) {
const currentIMDSVersion = await invokeAsync(this.getCurrentVersion.bind(this), PerformanceEvents.RegionDiscoveryGetCurrentVersion, this.logger, this.performanceClient, this.correlationId)(options);
if (!currentIMDSVersion) {
regionDiscoveryMetadata.region_source =
RegionDiscoverySources.FAILED_AUTO_DETECTION;
return null;
}
const currentIMDSVersionResponse = await invokeAsync(this.getRegionFromIMDS.bind(this), PerformanceEvents.RegionDiscoveryGetRegionFromIMDS, this.logger, this.performanceClient, this.correlationId)(currentIMDSVersion, options);
if (currentIMDSVersionResponse.status === HttpStatus.SUCCESS) {
autodetectedRegionName =
currentIMDSVersionResponse.body;
regionDiscoveryMetadata.region_source =
RegionDiscoverySources.IMDS;
}
}
}
catch (e) {
regionDiscoveryMetadata.region_source =
RegionDiscoverySources.FAILED_AUTO_DETECTION;
return null;
}
}
else {
regionDiscoveryMetadata.region_source =
RegionDiscoverySources.ENVIRONMENT_VARIABLE;
}
// If no region was auto detected from the environment or from the IMDS endpoint, mark the attempt as a FAILED_AUTO_DETECTION
if (!autodetectedRegionName) {
regionDiscoveryMetadata.region_source =
RegionDiscoverySources.FAILED_AUTO_DETECTION;
}
return autodetectedRegionName || null;
}
/**
* Make the call to the IMDS endpoint
*
* @param imdsEndpointUrl
* @returns Promise<NetworkResponse<string>>
*/
async getRegionFromIMDS(version, options) {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RegionDiscoveryGetRegionFromIMDS, this.correlationId);
return this.networkInterface.sendGetRequestAsync(`${Constants.IMDS_ENDPOINT}?api-version=${version}&format=text`, options, Constants.IMDS_TIMEOUT);
}
/**
* Get the most recent version of the IMDS endpoint available
*
* @returns Promise<string | null>
*/
async getCurrentVersion(options) {
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RegionDiscoveryGetCurrentVersion, this.correlationId);
try {
const response = await this.networkInterface.sendGetRequestAsync(`${Constants.IMDS_ENDPOINT}?format=json`, options);
// When IMDS endpoint is called without the api version query param, bad request response comes back with latest version.
if (response.status === HttpStatus.BAD_REQUEST &&
response.body &&
response.body["newest-versions"] &&
response.body["newest-versions"].length > 0) {
return response.body["newest-versions"][0];
}
return null;
}
catch (e) {
return null;
}
}
}
// Options for the IMDS endpoint request
RegionDiscovery.IMDS_OPTIONS = {
headers: {
Metadata: "true",
},
};
export { RegionDiscovery };
//# sourceMappingURL=RegionDiscovery.mjs.map