Add PBandGraphOauth scaffold and auth UI

This commit is contained in:
2025-12-19 05:42:29 +00:00
commit b51963f5d7
6264 changed files with 606430 additions and 0 deletions
+178
View File
@@ -0,0 +1,178 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import { HttpStatus } from "@azure/msal-common/node";
// MSI Constants. Docs for MSI are available here https://docs.microsoft.com/azure/app-service/overview-managed-identity
export const AUTHORIZATION_HEADER_NAME: string = "Authorization";
export const METADATA_HEADER_NAME: string = "Metadata";
export const APP_SERVICE_SECRET_HEADER_NAME: string = "X-IDENTITY-HEADER";
export const SERVICE_FABRIC_SECRET_HEADER_NAME: string = "secret";
export const API_VERSION_QUERY_PARAMETER_NAME: string = "api-version";
export const RESOURCE_BODY_OR_QUERY_PARAMETER_NAME: string = "resource";
export const DEFAULT_MANAGED_IDENTITY_ID = "system_assigned_managed_identity";
export const MANAGED_IDENTITY_DEFAULT_TENANT = "managed_identity";
export const DEFAULT_AUTHORITY_FOR_MANAGED_IDENTITY = `https://login.microsoftonline.com/${MANAGED_IDENTITY_DEFAULT_TENANT}/`;
/**
* Managed Identity Environment Variable Names
*/
export const ManagedIdentityEnvironmentVariableNames = {
AZURE_POD_IDENTITY_AUTHORITY_HOST: "AZURE_POD_IDENTITY_AUTHORITY_HOST",
IDENTITY_ENDPOINT: "IDENTITY_ENDPOINT",
IDENTITY_HEADER: "IDENTITY_HEADER",
IDENTITY_SERVER_THUMBPRINT: "IDENTITY_SERVER_THUMBPRINT",
IMDS_ENDPOINT: "IMDS_ENDPOINT",
MSI_ENDPOINT: "MSI_ENDPOINT",
} as const;
export type ManagedIdentityEnvironmentVariableNames =
(typeof ManagedIdentityEnvironmentVariableNames)[keyof typeof ManagedIdentityEnvironmentVariableNames];
/**
* Managed Identity Source Names
* @public
*/
export const ManagedIdentitySourceNames = {
APP_SERVICE: "AppService",
AZURE_ARC: "AzureArc",
CLOUD_SHELL: "CloudShell",
DEFAULT_TO_IMDS: "DefaultToImds",
IMDS: "Imds",
SERVICE_FABRIC: "ServiceFabric",
} as const;
/**
* The ManagedIdentitySourceNames type
* @public
*/
export type ManagedIdentitySourceNames =
(typeof ManagedIdentitySourceNames)[keyof typeof ManagedIdentitySourceNames];
/**
* Managed Identity Ids
*/
export const ManagedIdentityIdType = {
SYSTEM_ASSIGNED: "system-assigned",
USER_ASSIGNED_CLIENT_ID: "user-assigned-client-id",
USER_ASSIGNED_RESOURCE_ID: "user-assigned-resource-id",
USER_ASSIGNED_OBJECT_ID: "user-assigned-object-id",
} as const;
export type ManagedIdentityIdType =
(typeof ManagedIdentityIdType)[keyof typeof ManagedIdentityIdType];
/**
* http methods
*/
export const HttpMethod = {
GET: "get",
POST: "post",
} as const;
export type HttpMethod = (typeof HttpMethod)[keyof typeof HttpMethod];
export const ProxyStatus = {
SUCCESS: HttpStatus.SUCCESS,
SUCCESS_RANGE_START: HttpStatus.SUCCESS_RANGE_START,
SUCCESS_RANGE_END: HttpStatus.SUCCESS_RANGE_END,
SERVER_ERROR: HttpStatus.SERVER_ERROR,
} as const;
export type ProxyStatus = (typeof ProxyStatus)[keyof typeof ProxyStatus];
/**
* Constants used for region discovery
*/
export const REGION_ENVIRONMENT_VARIABLE = "REGION_NAME";
export const MSAL_FORCE_REGION = "MSAL_FORCE_REGION";
/**
* Constant used for PKCE
*/
export const RANDOM_OCTET_SIZE = 32;
/**
* Constants used in PKCE
*/
export const Hash = {
SHA256: "sha256",
};
/**
* Constants for encoding schemes
*/
export const CharSet = {
CV_CHARSET:
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~",
};
/**
* Cache Constants
*/
export const CACHE = {
FILE_CACHE: "fileCache",
EXTENSION_LIB: "extenstion_library",
};
/**
* Constants
*/
export const Constants = {
MSAL_SKU: "msal.js.node",
JWT_BEARER_ASSERTION_TYPE:
"urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
AUTHORIZATION_PENDING: "authorization_pending",
HTTP_PROTOCOL: "http://",
LOCALHOST: "localhost",
};
/**
* API Codes for Telemetry purposes.
* Before adding a new code you must claim it in the MSAL Telemetry tracker as these number spaces are shared across all MSALs
* 0-99 Silent Flow
* 600-699 Device Code Flow
* 800-899 Auth Code Flow
*/
export const ApiId = {
acquireTokenSilent: 62,
acquireTokenByUsernamePassword: 371,
acquireTokenByDeviceCode: 671,
acquireTokenByClientCredential: 771,
acquireTokenByCode: 871,
acquireTokenByRefreshToken: 872,
};
export type ApiId = (typeof ApiId)[keyof typeof ApiId];
/**
* JWT constants
*/
export const JwtConstants = {
ALGORITHM: "alg",
RSA_256: "RS256",
PSS_256: "PS256",
X5T_256: "x5t#S256",
X5T: "x5t",
X5C: "x5c",
AUDIENCE: "aud",
EXPIRATION_TIME: "exp",
ISSUER: "iss",
SUBJECT: "sub",
NOT_BEFORE: "nbf",
JWT_ID: "jti",
};
export const LOOPBACK_SERVER_CONSTANTS = {
INTERVAL_MS: 100,
TIMEOUT_MS: 5000,
};
export const AZURE_ARC_SECRET_FILE_MAX_SIZE_BYTES = 4096; // 4 KB
export const MANAGED_IDENTITY_MAX_RETRIES = 3;
export const MANAGED_IDENTITY_RETRY_DELAY = 1000;
export const MANAGED_IDENTITY_HTTP_STATUS_CODES_TO_RETRY_ON = [
HttpStatus.NOT_FOUND,
HttpStatus.REQUEST_TIMEOUT,
HttpStatus.TOO_MANY_REQUESTS,
HttpStatus.SERVER_ERROR,
HttpStatus.SERVICE_UNAVAILABLE,
HttpStatus.GATEWAY_TIMEOUT,
];
+50
View File
@@ -0,0 +1,50 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import { Constants } from "@azure/msal-common/node";
export class EncodingUtils {
/**
* 'utf8': Multibyte encoded Unicode characters. Many web pages and other document formats use UTF-8.
* 'base64': Base64 encoding.
*
* @param str text
*/
static base64Encode(str: string, encoding?: BufferEncoding): string {
return Buffer.from(str, encoding).toString("base64");
}
/**
* encode a URL
* @param str
*/
static base64EncodeUrl(str: string, encoding?: BufferEncoding): string {
return EncodingUtils.base64Encode(str, encoding)
.replace(/=/g, Constants.EMPTY_STRING)
.replace(/\+/g, "-")
.replace(/\//g, "_");
}
/**
* 'utf8': Multibyte encoded Unicode characters. Many web pages and other document formats use UTF-8.
* 'base64': Base64 encoding.
*
* @param base64Str Base64 encoded text
*/
static base64Decode(base64Str: string): string {
return Buffer.from(base64Str, "base64").toString("utf8");
}
/**
* @param base64Str Base64 encoded Url
*/
static base64DecodeUrl(base64Str: string): string {
let str = base64Str.replace(/-/g, "+").replace(/_/g, "/");
while (str.length % 4) {
str += "=";
}
return EncodingUtils.base64Decode(str);
}
}
+61
View File
@@ -0,0 +1,61 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import { NetworkResponse } from "@azure/msal-common/node";
export type UrlToHttpRequestOptions = {
protocol: string;
hostname: string;
hash: string;
search: string;
pathname: string;
path: string;
href: string;
port?: number;
auth?: string;
};
export class NetworkUtils {
static getNetworkResponse<T>(
headers: Record<string, string>,
body: T,
statusCode: number
): NetworkResponse<T> {
return {
headers: headers,
body: body,
status: statusCode,
};
}
/*
* Utility function that converts a URL object into an ordinary options object as expected by the
* http.request and https.request APIs.
* https://github.com/nodejs/node/blob/main/lib/internal/url.js#L1090
*/
static urlToHttpOptions(url: URL): UrlToHttpRequestOptions {
const options: UrlToHttpRequestOptions = {
protocol: url.protocol,
hostname:
url.hostname && url.hostname.startsWith("[")
? url.hostname.slice(1, -1)
: url.hostname,
hash: url.hash,
search: url.search,
pathname: url.pathname,
path: `${url.pathname || ""}${url.search || ""}`,
href: url.href,
};
if (url.port !== "") {
options.port = Number(url.port);
}
if (url.username || url.password) {
options.auth = `${decodeURIComponent(
url.username
)}:${decodeURIComponent(url.password)}`;
}
return options;
}
}