MCPcopy Index your code
hub / github.com/ChinaSiro/claude-code-sourcemap / constructor

Method constructor

package/cli.js:392–392  ·  view source on GitHub ↗
(q)

Source from the content-addressed store, hash-verified

390 "AZURE_TENANT_ID",
391 "AZURE_CLIENT_ID",
392 "AZURE_FEDERATED_TOKEN_FILE". See the troubleshooting guide for more information: https://aka.ms/azsdk/js/identity/workloadidentitycredential/troubleshoot`;throw Od6.info(_),new x4(_)}return Od6.info("Invoking getToken() of Client Assertion Credential"),this.client.getToken(q,K)}async readFileContents(){if(this.cacheDate!==void 0&&Date.now()-this.cacheDate>=300000)this.azureFederatedTokenFileContent=void 0;if(!this.federatedTokenFilePath)throw new x4(`${_$6}: is unavailable. Invalid file path provided ${this.federatedTokenFilePath}.`);if(!this.azureFederatedTokenFileContent){let K=(await bQ9(this.federatedTokenFilePath,"utf8")).trim();if(!K)throw new x4(`${_$6}: is unavailable. No content on the file ${this.federatedTokenFilePath}.`);else this.azureFederatedTokenFileContent=K,this.cacheDate=Date.now()}return this.azureFederatedTokenFileContent}}var _$6="WorkloadIdentityCredential",xQ9,Od6;var fW8=y(()=>{yO();DW8();ZP();GP();xQ9=["AZURE_TENANT_ID","AZURE_CLIENT_ID","AZURE_FEDERATED_TOKEN_FILE"],Od6=T9(_$6)});var aVq="ManagedIdentityCredential - Token Exchange",IQ9,GZ1;var sVq=y(()=>{fW8();yO();IQ9=T9(aVq),GZ1={name:"tokenExchangeMsi",async isAvailable(q){let K=process.env,_=Boolean((q||K.AZURE_CLIENT_ID)&&K.AZURE_TENANT_ID&&process.env.AZURE_FEDERATED_TOKEN_FILE);if(!_)IQ9.info(`${aVq}: Unavailable. The environment variables needed are: AZURE_CLIENT_ID (or the client ID sent through the parameters), AZURE_TENANT_ID and AZURE_FEDERATED_TOKEN_FILE`);return _},async getToken(q,K={}){let{scopes:_,clientId:z}=q,Y={};return new Bn(Object.assign(Object.assign({clientId:z,tenantId:process.env.AZURE_TENANT_ID,tokenFilePath:process.env.AZURE_FEDERATED_TOKEN_FILE},Y),{disableInstanceDiscovery:!0})).getToken(_,K)}}});class B86{constructor(q,K){var _,z;this.msiRetryConfig={maxRetries:5,startDelayInMs:800,intervalIncrement:2};let Y;if(typeof q==="string")this.clientId=q,Y=K!==null&&K!==void 0?K:{};else this.clientId=q===null||q===void 0?void 0:q.clientId,Y=q!==null&&q!==void 0?q:{};this.resourceId=Y===null||Y===void 0?void 0:Y.resourceId,this.objectId=Y===null||Y===void 0?void 0:Y.objectId;let $=[{key:"clientId",value:this.clientId},{key:"resourceId",value:this.resourceId},{key:"objectId",value:this.objectId}].filter((O)=>O.value);if($.length>1)throw Error(`ManagedIdentityCredential: only one of 'clientId', 'resourceId', or 'objectId' can be provided. Received values: ${JSON.stringify({clientId:this.clientId,resourceId:this.resourceId,objectId:this.objectId})}`);if(Y.allowInsecureConnection=!0,((_=Y.retryOptions)===null||_===void 0?void 0:_.maxRetries)!==void 0)this.msiRetryConfig.maxRetries=Y.retryOptions.maxRetries;this.identityClient=new mg(Object.assign(Object.assign({},Y),{additionalPolicies:[{policy:VVq(this.msiRetryConfig),position:"perCall"}]})),this.managedIdentityApp=new ng({managedIdentityIdParams:{userAssignedClientId:this.clientId,userAssignedResourceId:this.resourceId,userAssignedObjectId:this.objectId},system:{disableInternalRetries:!0,networkClient:this.identityClient,loggerOptions:{logLevel:MW8(eM8()),piiLoggingEnabled:(z=Y.loggingOptions)===null||z===void 0?void 0:z.enableUnsafeSupportLogging,loggerCallback:JW8(aE)}}}),this.isAvailableIdentityClient=new mg(Object.assign(Object.assign({},Y),{retryOptions:{maxRetries:0}}));let A=this.managedIdentityApp.getManagedIdentitySource();if(A==="CloudShell"){if(this.clientId||this.resourceId||this.objectId)throw aE.warning(`CloudShell MSI detected with user-provided IDs - throwing. Received values: ${JSON.stringify({clientId:this.clientId,resourceId:this.resourceId,objectId:this.objectId})}.`),new x4("ManagedIdentityCredential: Specifying a user-assigned managed identity is not supported for CloudShell at runtime. When using Managed Identity in CloudShell, omit the clientId, resourceId, and objectId parameters.")}if(A==="ServiceFabric"){if(this.clientId||this.resourceId||this.objectId)throw aE.warning(`Service Fabric detected with user-provided IDs - throwing. Received values: ${JSON.stringify({clientId:this.clientId,resourceId:this.resourceId,objectId:this.objectId})}.`),new x4(`ManagedIdentityCredential: ${O0q}`)}if(aE.info(`Using ${A} managed identity.`),$.length===1){let{key:O,value:w}=$[0];aE.info(`${A} with ${O}: ${w}`)}}async getToken(q,K={}){aE.getToken.info("Using the MSAL provider for Managed Identity.");let _=kU6(q);if(!_)throw new x4(`ManagedIdentityCredential: Multiple scopes are not supported. Scopes: ${JSON.stringify(q)}`);return xY.withSpan("ManagedIdentityCredential.getToken",K,async()=>{var z;try{let Y=await GZ1.isAvailable(this.clientId),$=this.managedIdentityApp.getManagedIdentitySource(),A=$==="DefaultToImds"||$==="Imds";if(aE.getToken.info(`MSAL Identity source: ${$}`),Y){aE.getToken.info("Using the token exchange managed identity.");let w=await GZ1.getToken({scopes:q,clientId:this.clientId,identityClient:this.identityClient,retryConfig:this.msiRetryConfig,resourceId:this.resourceId});if(w===null)throw new x4("Attempted to use the token exchange managed identity, but received a null response.");return w}else if(A){if(aE.getToken.info("Using the IMDS endpoint to probe for availability."),!await zZ1.isAvailable({scopes:q,clientId:this.clientId,getTokenOptions:K,identityClient:this.isAvailableIdentityClient,resourceId:this.resourceId}))throw new x4("Attempted to use the IMDS endpoint, but it is not available.")}aE.getToken.info("Calling into MSAL for managed identity token.");let O=await this.managedIdentityApp.acquireToken({resource:_});return this.ensureValidMsalToken(q,O,K),aE.getToken.info(AX(q)),{expiresOnTimestamp:O.expiresOn.getTime(),token:O.accessToken,refreshAfterTimestamp:(z=O.refreshOn)===null||z===void 0?void 0:z.getTime(),tokenType:"Bearer"}}catch(Y){if(aE.getToken.error(nz(q,Y)),Y.name==="AuthenticationRequiredError")throw Y;if(uQ9(Y))throw new x4(`ManagedIdentityCredential: Network unreachable. Message: ${Y.message}`,{cause:Y});throw new x4(`ManagedIdentityCredential: Authentication failed. Message ${Y.message}`,{cause:Y})}})}ensureValidMsalToken(q,K,_){let z=(Y)=>{return aE.getToken.info(Y),new BI({scopes:Array.isArray(q)?q:[q],getTokenOptions:_,message:Y})};if(!K)throw z("No response.");if(!K.expiresOn)throw z('Response had no "expiresOn" property.');if(!K.accessToken)throw z('Response had no "accessToken" property.')}}function uQ9(q){if(q.errorCode==="network_error")return!0;if(q.code==="ENETUNREACH"||q.code==="EHOSTUNREACH")return!0;if(q.statusCode===403||q.code===403){if(q.message.includes("unreachable"))return!0}return!1}var aE;var TZ1=y(()=>{nz6();HW8();NU6();ZP();XW8();NVq();yO();mf();yVq();sVq();aE=T9("ManagedIdentityCredential")});function sE(q){return Array.isArray(q)?q:[q]}function UZ6(q,K){if(!q.match(/^[0-9a-zA-Z-_.:/]+$/)){let _=Error("Invalid scope was specified by the user or calling client");throw K.getToken.info(nz(q,_)),_}}function ZW8(q){return q.replace(/\/.default$/,"")}var ig=y(()=>{yO()});function vZ1(q,K){if(!K.match(/^[0-9a-zA-Z-._ ]+$/)){let _=Error("Invalid subscription provided. You can locate your subscription by following the instructions listed here: https://learn.microsoft.com/azure/azure-portal/get-subscription-tenant-id.");throw q.info(nz("",_)),_}}var tVq=y(()=>{yO()});import mQ9 from"child_process";class wd6{constructor(q){if(q===null||q===void 0?void 0:q.tenantId)OX(vS,q===null||q===void 0?void 0:q.tenantId),this.tenantId=q===null||q===void 0?void 0:q.tenantId;if(q===null||q===void 0?void 0:q.subscription)vZ1(vS,q===null||q===void 0?void 0:q.subscription),this.subscription=q===null||q===void 0?void 0:q.subscription;this.additionallyAllowedTenantIds=fj(q===null||q===void 0?void 0:q.additionallyAllowedTenants),this.timeout=q===null||q===void 0?void 0:q.processTimeoutInMs}async getToken(q,K={}){let _=v2(this.tenantId,K,this.additionallyAllowedTenantIds);if(_)OX(vS,_);if(this.subscription)vZ1(vS,this.subscription);let z=typeof q==="string"?q:q[0];return vS.getToken.info(`Using the scope ${z}`),xY.withSpan(`${this.constructor.name}.getToken`,K,async()=>{var Y,$,A,O;try{UZ6(z,vS);let w=ZW8(z),j=await eVq.getAzureCliAccessToken(w,_,this.subscription,this.timeout),H=(Y=j.stderr)===null||Y===void 0?void 0:Y.match("(.*)az login --scope(.*)"),J=(($=j.stderr)===null||$===void 0?void 0:$.match("(.*)az login(.*)"))&&!H;if(((A=j.stderr)===null||A===void 0?void 0:A.match("az:(.*)not found"))||((O=j.stderr)===null||O===void 0?void 0:O.startsWith("'az' is not recognized"))){let X=new x4("Azure CLI could not be found. Please visit https://aka.ms/azure-cli for installation instructions and then, once installed, authenticate to your Azure account using 'az login'.");throw vS.getToken.info(nz(q,X)),X}if(J){let X=new x4("Please run 'az login' from a command prompt to authenticate before using this credential.");throw vS.getToken.info(nz(q,X)),X}try{let X=j.stdout,P=this.parseRawResponse(X);return vS.getToken.info(AX(q)),P}catch(X){if(j.stderr)throw new x4(j.stderr);throw X}}catch(w){let j=w.name==="CredentialUnavailableError"?w:new x4(w.message||"Unknown error while trying to retrieve the access token");throw vS.getToken.info(nz(q,j)),j}})}parseRawResponse(q){let K=JSON.parse(q),_=K.accessToken,z=Number.parseInt(K.expires_on,10)*1000;if(!isNaN(z))return vS.getToken.info("expires_on is available and is valid, using it"),{token:_,expiresOnTimestamp:z,tokenType:"Bearer"};if(z=new Date(K.expiresOn).getTime(),isNaN(z))throw new x4(`Unexpected response from Azure CLI when getting token. Expected "expiresOn" to be a RFC3339 date string. Got: "${K.expiresOn}"`);return{token:_,expiresOnTimestamp:z,tokenType:"Bearer"}}}var vS,eVq;var kZ1=y(()=>{GP();yO();ig();ZP();mf();tVq();vS=T9("AzureCliCredential"),eVq={getSafeWorkingDir(){if(process.platform==="win32"){let q=process.env.SystemRoot||process.env.SYSTEMROOT;if(!q)vS.getToken.warning("The SystemRoot environment variable is not set. This may cause issues when using the Azure CLI credential."),q="C:\\Windows";return q}else return"/bin"},async getAzureCliAccessToken(q,K,_,z){let Y=[],$=[];if(K)Y=["--tenant",K];if(_)$=["--subscription",`"${_}"`];return new Promise((A,O)=>{try{mQ9.execFile("az",["account","get-access-token","--output","json","--resource",q,...Y,...$],{cwd:eVq.getSafeWorkingDir(),shell:!0,timeout:z},(w,j,H)=>{A({stdout:j,stderr:H,error:w})})}catch(w){O(w)}})}}});import pQ9 from"child_process";class jd6{constructor(q){if(q===null||q===void 0?void 0:q.tenantId)OX(gn,q===null||q===void 0?void 0:q.tenantId),this.tenantId=q===null||q===void 0?void 0:q.tenantId;this.additionallyAllowedTenantIds=fj(q===null||q===void 0?void 0:q.additionallyAllowedTenants),this.timeout=q===null||q===void 0?void 0:q.processTimeoutInMs}async getToken(q,K={}){let _=v2(this.tenantId,K,this.additionallyAllowedTenantIds);if(_)OX(gn,_);let z;if(typeof q==="string")z=[q];else z=q;return gn.getToken.info(`Using the scopes ${q}`),xY.withSpan(`${this.constructor.name}.getToken`,K,async()=>{var Y,$,A,O;try{z.forEach((J)=>{UZ6(J,gn)});let w=await qNq.getAzdAccessToken(z,_,this.timeout),j=((Y=w.stderr)===null||Y===void 0?void 0:Y.match("not logged in, run `azd login` to login"))||(($=w.stderr)===null||$===void 0?void 0:$.match("not logged in, run `azd auth login` to login"));if(((A=w.stderr)===null||A===void 0?void 0:A.match("azd:(.*)not found"))||((O=w.stderr)===null||O===void 0?void 0:O.startsWith("'azd' is not recognized"))||w.error&&w.error.code==="ENOENT"){let J=new x4("Azure Developer CLI couldn't be found. To mitigate this issue, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.");throw gn.getToken.info(nz(q,J)),J}if(j){let J=new x4("Please run 'azd auth login' from a command prompt to authenticate before using this credential. For more information, see the troubleshooting guidelines at https://aka.ms/azsdk/js/identity/azdevclicredential/troubleshoot.");throw gn.getToken.info(nz(q,J)),J}try{let J=JSON.parse(w.stdout);return gn.getToken.info(AX(q)),{token:J.token,expiresOnTimestamp:new Date(J.expiresOn).getTime(),tokenType:"Bearer"}}catch(J){if(w.stderr)throw new x4(w.stderr);throw J}}catch(w){let j=w.name==="CredentialUnavailableError"?w:new x4(w.message||"Unknown error while trying to retrieve the access token");throw gn.getToken.info(nz(q,j)),j}})}}var gn,qNq;var VZ1=y(()=>{yO();ZP();GP();mf();ig();gn=T9("AzureDeveloperCliCredential"),qNq={getSafeWorkingDir(){if(process.platform==="win32"){let q=process.env.SystemRoot||process.env.SYSTEMROOT;if(!q)gn.getToken.warning("The SystemRoot environment variable is not set. This may cause issues when using the Azure Developer CLI credential."),q="C:\\Windows";return q}else return"/bin"},async getAzdAccessToken(q,K,_){let z=[];if(K)z=["--tenant-id",K];return new Promise((Y,$)=>{try{pQ9.execFile("azd",["auth","token","--output","json",...q.reduce((A,O)=>A.concat("--scope",O),[]),...z],{cwd:qNq.getSafeWorkingDir(),timeout:_},(A,O,w)=>{Y({stdout:O,stderr:w,error:A})})}catch(A){$(A)}})}}});import*as KNq from"child_process";var _Nq;var zNq=y(()=>{_Nq={execFile(q,K,_){return new Promise((z,Y)=>{KNq.execFile(q,K,_,($,A,O)=>{if(Buffer.isBuffer(A))A=A.toString("utf8");if(Buffer.isBuffer(O))O=O.toString("utf8");if(O||$)Y(O?Error(O):$);else z(A)})})}}});function ANq(q){if($Nq)return`${q}.exe`;else return q}async function YNq(q,K){let _=[];for(let z of q){let[Y,...$]=z,A=await _Nq.execFile(Y,$,{encoding:"utf8",timeout:K});_.push(A)}return _}class Hd6{constructor(q){if(q===null||q===void 0?void 0:q.tenantId)OX(Fn,q===null||q===void 0?void 0:q.tenantId),this.tenantId=q===null||q===void 0?void 0:q.tenantId;this.additionallyAllowedTenantIds=fj(q===null||q===void 0?void 0:q.additionallyAllowedTenants),this.timeout=q===null||q===void 0?void 0:q.processTimeoutInMs}async getAzurePowerShellAccessToken(q,K,_){for(let z of[...yZ1]){try{await YNq([[z,"/?"]],_)}catch(A){yZ1.shift();continue}let $=(await YNq([[z,"-NoProfile","-NonInteractive","-Command",`
393 $tenantId = "${K!==null&&K!==void 0?K:""}"
394 $m = Import-Module Az.Accounts -MinimumVersion 2.2.0 -PassThru
395 $useSecureString = $m.Version -ge [version]'2.17.0'

Callers

nothing calls this directly

Calls 2

OXFunction · 0.85
fjFunction · 0.85

Tested by

no test coverage detected