From fd7416e7318278ec465e8fbec657e4990b388ba2 Mon Sep 17 00:00:00 2001 From: Thomas Norling Date: Wed, 19 Jul 2023 12:11:08 -0700 Subject: [PATCH 1/2] Address policheck failures (#6250) Updates references to "national" with "national/regional" as per Policheck suggestion --- ...-msal-common-dd2743c6-8721-466d-ae67-4cebc1641215.json | 7 +++++++ lib/msal-common/docs/authority.md | 8 ++++---- lib/msal-common/src/authority/AuthorityOptions.ts | 4 ++-- 3 files changed, 13 insertions(+), 6 deletions(-) create mode 100644 change/@azure-msal-common-dd2743c6-8721-466d-ae67-4cebc1641215.json diff --git a/change/@azure-msal-common-dd2743c6-8721-466d-ae67-4cebc1641215.json b/change/@azure-msal-common-dd2743c6-8721-466d-ae67-4cebc1641215.json new file mode 100644 index 0000000000..10f104b8dd --- /dev/null +++ b/change/@azure-msal-common-dd2743c6-8721-466d-ae67-4cebc1641215.json @@ -0,0 +1,7 @@ +{ + "type": "prerelease", + "comment": "Update comments to address Policheck rules", + "packageName": "@azure/msal-common", + "email": "thomas.norling@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/lib/msal-common/docs/authority.md b/lib/msal-common/docs/authority.md index 9bfce3f13b..aaf97c6b5c 100644 --- a/lib/msal-common/docs/authority.md +++ b/lib/msal-common/docs/authority.md @@ -44,7 +44,7 @@ The correct authority URL that you need pass to MSAL is ultimately determined by The authority domain for the global Azure AD instance is `login.microsoftonline.com`. This domain has several aliases (e.g. `login.microsoft.com`) published on the [discovery endpoint](https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/authorize). For resiliency and performance, MSAL keeps a record of these in cache (see: [AuthorityMetadata.ts](../src/authority/AuthorityMetadata.ts)). MSAL trusts authority URLs with any of these aliases by default. -> :warning: The authority domain differs for national Azure deployments, such as Azure China. See [National clouds](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud) for more. +> :warning: The authority domain differs for national/regional Azure deployments, such as Azure China. See [National clouds](https://docs.microsoft.com/azure/active-directory/develop/authentication-national-cloud) for more. The authority domain should be followed by a tenant identifier. The tenant identifier controls the [sign-in audience](https://docs.microsoft.com/azure/active-directory/develop/v2-supported-account-types) for your app (see also: [Tenancy in Azure AD](https://docs.microsoft.com/azure/active-directory/develop/single-and-multi-tenant-apps)). It can take one of the values below: @@ -133,11 +133,11 @@ MSAL can be configured to acquire tokens from any OIDC-compliant IdP. See [initi - You can obtain the authority URL required for your app via the **Endpoints** panel on the Azure portal [App Registration](https://aka.ms/appregistrations) experience. - You can improve MSAL's performance during token acquisition by providing authority information out-of-band. See [Performance](./performance.md) for how to do so. -- When working with national clouds, consider using the [instance-aware](../../msal-browser/docs/instance-aware.md) flow, which indicates the particular instance the tokens are obtained from and Microsoft Graph hosts that they can be used with. +- When working with national/regional clouds, consider using the [instance-aware](../../msal-browser/docs/instance-aware.md) flow, which indicates the particular instance the tokens are obtained from and Microsoft Graph hosts that they can be used with. ## More information - [OAuth 2.0 and OpenID Connect (OIDC) in the Microsoft identity platform](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols) - [Microsoft identity platform and OpenID Connect protocol](https://docs.microsoft.com/azure/active-directory/develop/v2-protocols-oidc) -- [Use MSAL in a national cloud environment](https://docs.microsoft.com/azure/active-directory/develop/msal-national-cloud?tabs=javascript) -- [National Graph deployments](https://docs.microsoft.com/graph/deployments) +- [Use MSAL in a national/regional cloud environment](https://docs.microsoft.com/azure/active-directory/develop/msal-national-cloud?tabs=javascript) +- [National/Regional Graph deployments](https://docs.microsoft.com/graph/deployments) diff --git a/lib/msal-common/src/authority/AuthorityOptions.ts b/lib/msal-common/src/authority/AuthorityOptions.ts index 6f4e21fdd9..3d4009c3ad 100644 --- a/lib/msal-common/src/authority/AuthorityOptions.ts +++ b/lib/msal-common/src/authority/AuthorityOptions.ts @@ -25,10 +25,10 @@ export const AzureCloudInstance = { // Microsoft PPE AzurePpe: "https://login.windows-ppe.net", - // Microsoft Chinese national cloud + // Microsoft Chinese national/regional cloud AzureChina: "https://login.chinacloudapi.cn", - // Microsoft German national cloud ("Black Forest") + // Microsoft German national/regional cloud ("Black Forest") AzureGermany: "https://login.microsoftonline.de", // US Government cloud From 4969f288b7db1a2654f0ea3e3d7d151e34cb1c6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Jul 2023 19:24:50 +0000 Subject: [PATCH 2/2] Bump word-wrap from 1.2.3 to 1.2.4 (#6249) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
Release notes

Sourced from word-wrap's releases.

1.2.4

What's Changed

New Contributors

Full Changelog: https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=word-wrap&package-manager=npm_and_yarn&previous-version=1.2.3&new-version=1.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AzureAD/microsoft-authentication-library-for-js/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index f52e3c3515..618e2f6e85 100644 --- a/package-lock.json +++ b/package-lock.json @@ -55,7 +55,6 @@ "extensions/msal-node-extensions": { "name": "@azure/msal-node-extensions", "version": "1.0.0-beta.1", - "hasInstallScript": true, "license": "MIT", "dependencies": { "@azure/msal-common": "14.0.0-beta.1", @@ -50830,9 +50829,9 @@ "integrity": "sha512-CC1bOL87PIWSBhDcTrdeLo6eGT7mCFtrg0uIJtqJUFyK+eJnzl8A1niH56uu7KMa5XFrtiV+AQuHO3n7DsHnLQ==" }, "node_modules/word-wrap": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", - "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.4.tgz", + "integrity": "sha512-2V81OA4ugVo5pRo46hAoD2ivUJx8jXmWXfUkY4KFNw0hEptvN0QfH3K4nHiwzGeKl5rFKedV48QVoqYavy4YpA==", "engines": { "node": ">=0.10.0" } @@ -60757,6 +60756,7 @@ } }, "samples/msal-node-samples/auth-code-distributed-cache": { + "name": "msal-node-webapp", "version": "1.0.0", "license": "ISC", "dependencies": {