Add TokenCredential adapter

lib/credentials/azureIdentityTokenCredentialAdapter.ts

@@ -0,0 +1,51 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License. See License.txt in the project root for license information.
+
+import { ServiceClientCredentials } from "./serviceClientCredentials";
+import { Constants as MSRestConstants } from "../util/constants";
+import { WebResource } from "../webResource";
+
+import { TokenCredential } from "@azure/core-auth";
+import { TokenResponse } from "@azure/ms-rest-nodeauth/dist/lib/credentials/tokenClientCredentials";
+
+const DEFAULT_AUTHORIZATION_SCHEME = "Bearer";
+
+/**
+ * This class provides a simple extension to use {@link TokenCredential} from com.azure:azure-identity library to
+ * use with legacy Azure SDKs that accept {@link ServiceClientCredentials} family of credentials for authentication.
+ */
+export class AzureIdentityCredentialAdapter
+  implements ServiceClientCredentials {
+  private azureTokenCredential: TokenCredential;
+  private scopes: string | string[];
+  constructor(
+    azureTokenCredential: TokenCredential,
+    scopes: string | string[] = "https://management.azure.com/.default"
+  ) {
+    this.azureTokenCredential = azureTokenCredential;
+    this.scopes = scopes;
+  }
+
+  public async getToken(): Promise<TokenResponse> {
+    const accessToken = await this.azureTokenCredential.getToken(this.scopes);
+    if (accessToken !== null) {
+      const result: TokenResponse = {
+        accessToken: accessToken.token,
+        tokenType: DEFAULT_AUTHORIZATION_SCHEME,
+        expiresOn: accessToken.expiresOnTimestamp,
+      };
+      return result;
+    } else {
+        throw new Error("Could find token for scope");
+    }
+  }
+
+  public async signRequest(webResource: WebResource) {
+    const tokenResponse = await this.getToken();
+    webResource.headers.set(
+      MSRestConstants.HeaderConstants.AUTHORIZATION,
+      `${tokenResponse.tokenType} ${tokenResponse.accessToken}`
+    );
+    return Promise.resolve(webResource);
+  }
+}

lib/serviceClient.ts

@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License. See License.txt in the project root for license information.
 
+import { TokenCredential, isTokenCredential } from "@azure/core-auth";
 import { ServiceClientCredentials } from "./credentials/serviceClientCredentials";
 import { DefaultHttpClient } from "./defaultHttpClient";
 import { HttpClient } from "./httpClient";
@@ -30,6 +31,7 @@ import { agentPolicy } from "./policies/agentPolicy";
 import { proxyPolicy, getDefaultProxySettings } from "./policies/proxyPolicy";
 import { throttlingRetryPolicy } from "./policies/throttlingRetryPolicy";
 import { Agent } from "http";
+import { AzureIdentityCredentialAdapter } from "./credentials/azureIdentityTokenCredentialAdapter";
 
 
 /**
@@ -148,12 +150,20 @@ export class ServiceClient {
    * @param {ServiceClientCredentials} [credentials] The credentials object used for authentication.
    * @param {ServiceClientOptions} [options] The service client options that govern the behavior of the client.
    */
-  constructor(credentials?: ServiceClientCredentials, options?: ServiceClientOptions) {
+  constructor(credentials?: ServiceClientCredentials | TokenCredential, options?: ServiceClientOptions) {
     if (!options) {
       options = {};
     }
 
-    if (credentials && !credentials.signRequest) {
+    let serviceClientCredentials: ServiceClientCredentials | undefined;
+    if (isTokenCredential(credentials)) {
+      serviceClientCredentials = new AzureIdentityCredentialAdapter(credentials);
+    } else {
+      serviceClientCredentials = credentials;
+    }
+
+
+    if (serviceClientCredentials && !serviceClientCredentials.signRequest) {
       throw new Error("credentials argument needs to implement signRequest method");
     }
 
@@ -165,7 +175,7 @@ export class ServiceClient {
     if (Array.isArray(options.requestPolicyFactories)) {
       requestPolicyFactories = options.requestPolicyFactories;
     } else {
-      requestPolicyFactories = createDefaultRequestPolicyFactories(credentials, options);
+      requestPolicyFactories = createDefaultRequestPolicyFactories(serviceClientCredentials, options);
       if (options.requestPolicyFactories) {
         const newRequestPolicyFactories: void | RequestPolicyFactory[] = options.requestPolicyFactories(requestPolicyFactories);
         if (newRequestPolicyFactories) {

package.json

@@ -50,6 +50,8 @@
   },
   "license": "MIT",
   "dependencies": {
+    "@azure/core-auth": "1.1.4",
+    "@azure/ms-rest-nodeauth": "^3.0.6",
     "@types/node-fetch": "^2.3.7",
     "@types/tunnel": "0.0.1",
     "abort-controller": "^3.0.0",