59 lines
3.8 KiB
TypeScript
59 lines
3.8 KiB
TypeScript
|
import { ClientApplication } from "./ClientApplication.js";
|
||
|
import { Configuration } from "../config/Configuration.js";
|
||
|
import { AuthenticationResult, IAppTokenProvider } from "@azure/msal-common";
|
||
|
import { IConfidentialClientApplication } from "./IConfidentialClientApplication.js";
|
||
|
import { OnBehalfOfRequest } from "../request/OnBehalfOfRequest.js";
|
||
|
import { ClientCredentialRequest } from "../request/ClientCredentialRequest.js";
|
||
|
/**
|
||
|
* This class is to be used to acquire tokens for confidential client applications (webApp, webAPI). Confidential client applications
|
||
|
* will configure application secrets, client certificates/assertions as applicable
|
||
|
* @public
|
||
|
*/
|
||
|
export declare class ConfidentialClientApplication extends ClientApplication implements IConfidentialClientApplication {
|
||
|
private appTokenProvider?;
|
||
|
/**
|
||
|
* Constructor for the ConfidentialClientApplication
|
||
|
*
|
||
|
* Required attributes in the Configuration object are:
|
||
|
* - clientID: the application ID of your application. You can obtain one by registering your application with our application registration portal
|
||
|
* - authority: the authority URL for your application.
|
||
|
* - client credential: Must set either client secret, certificate, or assertion for confidential clients. You can obtain a client secret from the application registration portal.
|
||
|
*
|
||
|
* In Azure AD, authority is a URL indicating of the form https://login.microsoftonline.com/\{Enter_the_Tenant_Info_Here\}.
|
||
|
* If your application supports Accounts in one organizational directory, replace "Enter_the_Tenant_Info_Here" value with the Tenant Id or Tenant name (for example, contoso.microsoft.com).
|
||
|
* If your application supports Accounts in any organizational directory, replace "Enter_the_Tenant_Info_Here" value with organizations.
|
||
|
* If your application supports Accounts in any organizational directory and personal Microsoft accounts, replace "Enter_the_Tenant_Info_Here" value with common.
|
||
|
* To restrict support to Personal Microsoft accounts only, replace "Enter_the_Tenant_Info_Here" value with consumers.
|
||
|
*
|
||
|
* In Azure B2C, authority is of the form https://\{instance\}/tfp/\{tenant\}/\{policyName\}/
|
||
|
* Full B2C functionality will be available in this library in future versions.
|
||
|
*
|
||
|
* @param Configuration - configuration object for the MSAL ConfidentialClientApplication instance
|
||
|
*/
|
||
|
constructor(configuration: Configuration);
|
||
|
/**
|
||
|
* This extensibility point only works for the client_credential flow, i.e. acquireTokenByClientCredential and
|
||
|
* is meant for Azure SDK to enhance Managed Identity support.
|
||
|
*
|
||
|
* @param IAppTokenProvider - Extensibility interface, which allows the app developer to return a token from a custom source.
|
||
|
*/
|
||
|
SetAppTokenProvider(provider: IAppTokenProvider): void;
|
||
|
/**
|
||
|
* Acquires tokens from the authority for the application (not for an end user).
|
||
|
*/
|
||
|
acquireTokenByClientCredential(request: ClientCredentialRequest): Promise<AuthenticationResult | null>;
|
||
|
/**
|
||
|
* Acquires tokens from the authority for the application.
|
||
|
*
|
||
|
* Used in scenarios where the current app is a middle-tier service which was called with a token
|
||
|
* representing an end user. The current app can use the token (oboAssertion) to request another
|
||
|
* token to access downstream web API, on behalf of that user.
|
||
|
*
|
||
|
* The current middle-tier app has no user interaction to obtain consent.
|
||
|
* See how to gain consent upfront for your middle-tier app from this article.
|
||
|
* https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow#gaining-consent-for-the-middle-tier-application
|
||
|
*/
|
||
|
acquireTokenOnBehalfOf(request: OnBehalfOfRequest): Promise<AuthenticationResult | null>;
|
||
|
private setClientCredential;
|
||
|
}
|
||
|
//# sourceMappingURL=ConfidentialClientApplication.d.ts.map
|