Refactor getCredential function to support shorthand credential types: 'd' for Default, 'cs' for ClientSecret, and 'dc' for DeviceCode. Remove obsolete client-secret-login script.

2026-02-03 22:06:39 +01:00
parent 0806a2b588
commit a8725a7c22
3 changed files with 4 additions and 34 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 # Ignore node modules and config files
 node_modules
 *config.js
+*config.json
 .env

 # MacOS system files
--- a/bin/client-secret-login.mjs
+++ b/bin/client-secret-login.mjs
@@ -1,34 +0,0 @@
-#!/usr/bin/env node
-
-import { ClientSecretCredential } from "@azure/identity";
-import { config } from "../config.js";
-import { createHash } from "crypto";
-
-// We need to wrap the async code in an IIFE
-// Check, authentication using @azure/identity requires a client secret.
-if (config.clientSecret) {
-  console.log("Client secret is set.");
-  // Create the client
-  const credential = new ClientSecretCredential(
-    config.tenantId,
-    config.clientId,
-    config.clientSecret,
-  );
-
-  const token = await credential.getToken(
-    "https://management.azure.com/.default",
-  );
-  if (token) {
-    console.log("Authentication with client secret successful.");
-    const hash = createHash("sha256").update(token.token).digest("hex");
-    console.log("SHA-256 hash of access token:", hash);
-    console.log("Token expires on:", new Date(token.expiresOnTimestamp).toISOString());
-  } else {
-    console.error("Authentication with client secret failed.");
-    process.exit(1);
-  }
-} else {
-  console.warn(
-    "Warning: No client secret generated. Authentication may fail if the application requires a client secret.",
-  );
-}
--- a/src/azure.js
+++ b/src/azure.js
@@ -11,8 +11,10 @@ import { DefaultAzureCredential, ClientSecretCredential, DeviceCodeCredential }

 export async function getCredential(credentialType, options) {
  switch (credentialType) {
+    case "d":
    case "default":
      return new DefaultAzureCredential();
+    case "cs":
    case "clientSecret":
      if (!options.tenantId || !options.clientId || !options.clientSecret) {
        throw new Error("tenantId, clientId, and clientSecret are required for ClientSecretCredential");
@@ -22,6 +24,7 @@ export async function getCredential(credentialType, options) {
        options.clientId,
        options.clientSecret
      );
+    case "dc":
    case "deviceCode":
      if (!options.tenantId || !options.clientId) {
        throw new Error("tenantId and clientId are required for DeviceCodeCredential");