@azure/keyvault-admin

Index

Classes

Interfaces

Type aliases

Variables

Functions

Object literals

mappings

Type aliases

ChallengeState

ChallengeState: { status: "none" } | { originalBody?: RequestBodyType; status: "started" } | { status: "complete" }

internal

Holds the state of Challenge Auth. When making the first request we force Key Vault to begin a challenge by clearing out the request body and storing it locally.

Later on, the authorizeRequestOnChallenge callback will process the challenge and, if ready to resend the original request, reset the body so that it may be sent again.

Once a client has succeeded once, we can start skipping CAE.

KeyVaultBackupOperationState

KeyVaultBackupOperationState: KeyVaultAdminPollOperationState<KeyVaultBackupResult>

An interface representing the publicly available properties of the state of a backup Key Vault's poll operation.

ParsedWWWAuthenticate

ParsedWWWAuthenticate: {}

internal: Holds the known WWWAuthenticate keys and their values as a result of parsing a WWW-Authenticate header.

Type declaration

SUPPORTED_API_VERSIONS

SUPPORTED_API_VERSIONS: "7.2" | "7.3-preview"

Supported API versions

ValidParsedWWWAuthenticateProperties

ValidParsedWWWAuthenticateProperties: typeof validParsedWWWAuthenticateProperties[number]

internal: A union type representing all valid key names in WWW-Authenticate header.

Variables

Const LATEST_API_VERSION

LATEST_API_VERSION: "7.3-preview" = "7.3-preview"

The latest supported Key Vault service API version.

Const SDK_VERSION

SDK_VERSION: string = "4.2.0-beta.2"

Current version of the Key Vault Admin SDK.

Const authenticationScopes

authenticationScopes: string[] = ["https://managedhsm.azure.net/.default"]

Authentication scopes

Const logger

logger: any = createClientLogger("keyvault-admin")

The @azure/logger configuration for this package.

Const validParsedWWWAuthenticateProperties

validParsedWWWAuthenticateProperties: ["authorization", "authorization_url", "resource", "scope", "tenantId"] = ["authorization","authorization_url","resource","scope","tenantId"] as const

internal: Valid key names in WWW-Authenticate header.

Const withTrace

withTrace: TracedFunction = createTraceFunction("Azure.KeyVault.Admin.KeyVaultSelectiveKeyRestorePoller")

internal
internal
internal

Functions

challengeBasedAuthenticationPolicy

challengeBasedAuthenticationPolicy(credential: TokenCredential): RequestPolicyFactory

- Defined in keyvault-common/src/challengeBasedAuthenticationPolicy.ts:57
Creates a new ChallengeBasedAuthenticationPolicy factory.

Parameters
- credential: TokenCredential
  
  The TokenCredential implementation that can supply the challenge token.
Returns RequestPolicyFactory

cleanState

cleanState<TState, TResult>(state: TState): KeyVaultAdminPollOperationState<TResult>

- Defined in keyvault-admin/src/lro/keyVaultAdminPoller.ts:48
Generates a version of the state with only public properties. At least those common for all of the Key Vault Admin pollers.

Type parameters
- TState: KeyVaultAdminPollOperationState<TResult>
- TResult
Parameters
- state: TState
Returns KeyVaultAdminPollOperationState<TResult>

createChallengeCallbacks

createChallengeCallbacks(): ChallengeCallbacks

- Defined in keyvault-admin/src/challengeAuthenticationCallbacks.ts:52
internal

Creates challenge callback handlers to manage CAE lifecycle in Azure Key Vault.

Key Vault supports other authentication schemes, but we ensure challenge authentication is used by first sending a copy of the request, without authorization or content.

when the challenge is received, it will be authenticated and used to send the original request with authorization.

Following the first request of a client, follow-up requests will get the cached token if possible.

Returns ChallengeCallbacks

createTraceFunction

createTraceFunction(prefix: string): TracedFunction

- Defined in keyvault-admin/src/tracingHelpers.ts:35
Returns a function that can be used for tracing options.

example

const withTrace = createTraceFunction("Azure.KeyVault.Certificates.CertificateClient")

internal

Parameters
- prefix: string
  
  The prefix to use, likely the name of the class / client.
Returns TracedFunction

parseKeyvaultIdentifier

parseKeyvaultIdentifier(collection: string, identifier: string | undefined): ParsedKeyVaultEntityIdentifier

- Defined in keyvault-common/src/parseKeyvaultIdentifier.ts:20
Parameters
- collection: string
- identifier: string | undefined
Returns ParsedKeyVaultEntityIdentifier

parseWWWAuthenticate

parseWWWAuthenticate(wwwAuthenticate: string): ParsedWWWAuthenticate

- Defined in keyvault-common/src/parseWWWAuthenticate.ts:42
Parses an WWW-Authenticate response. This transforms a string value like: Bearer authorization="https://some.url/tenantId", resource="https://some.url" into an object like: { authorization: "https://some.url/tenantId", resource: "https://some.url" }

Parameters
- wwwAuthenticate: string
  
  String value in the WWW-Authenticate header
Returns ParsedWWWAuthenticate

Object literals

Const mappings

mappings: object

folderUriParts

folderUriParts(folderUri: string): { folderName: string; folderUri: string }

- Defined in keyvault-admin/src/mappings.ts:52
Parameters
- folderUri: string
Returns { folderName: string; folderUri: string }
- folderName: string
- folderUri: string

roleAssignment

roleAssignment: object

generatedToPublic

generatedToPublic(roleAssignment: RoleAssignment): KeyVaultRoleAssignment

- Defined in keyvault-admin/src/mappings.ts:13
Parameters
- roleAssignment: RoleAssignment
Returns KeyVaultRoleAssignment

roleDefinition

roleDefinition: object

generatedToPublic

generatedToPublic(roleDefinition: RoleDefinition): KeyVaultRoleDefinition

- Defined in keyvault-admin/src/mappings.ts:29
Parameters
- roleDefinition: RoleDefinition
Returns KeyVaultRoleDefinition

Index

Classes

Interfaces

Type aliases

Variables

Functions

Object literals

Type aliases

ChallengeState

KeyVaultBackupOperationState

ParsedWWWAuthenticate

Type declaration

SUPPORTED_API_VERSIONS

ValidParsedWWWAuthenticateProperties

Variables

Const LATEST_API_VERSION

Const SDK_VERSION

Const authenticationScopes

Const logger

Const validParsedWWWAuthenticateProperties

Const withTrace

Functions

challengeBasedAuthenticationPolicy

Parameters

credential: TokenCredential

Returns RequestPolicyFactory

cleanState

Type parameters

TState: KeyVaultAdminPollOperationState<TResult>

TResult

Parameters

state: TState

Returns KeyVaultAdminPollOperationState<TResult>

createChallengeCallbacks

Returns ChallengeCallbacks

createTraceFunction

Parameters

prefix: string

Returns TracedFunction

parseKeyvaultIdentifier

Parameters

collection: string

identifier: string | undefined

Returns ParsedKeyVaultEntityIdentifier

parseWWWAuthenticate

Parameters

wwwAuthenticate: string

Returns ParsedWWWAuthenticate

Object literals

Const mappings

folderUriParts

Parameters

folderUri: string

Returns { folderName: string; folderUri: string }

folderName: string

folderUri: string

roleAssignment

generatedToPublic

Parameters

roleAssignment: RoleAssignment

Returns KeyVaultRoleAssignment

roleDefinition

generatedToPublic

Parameters

roleDefinition: RoleDefinition

Returns KeyVaultRoleDefinition