Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replaced relative link with absolute links and remove locale #11317

Merged
merged 3 commits into from
Sep 18, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

[![Packages](https://img.shields.io/badge/packages-latest-blue.svg)](https://azure.github.io/azure-sdk/releases/latest/js.html) [![Dependencies](https://img.shields.io/badge/dependency-report-blue.svg)](https://azuresdkartifacts.blob.core.windows.net/azure-sdk-for-js/dependencies/dependencies.html) [![DependencyGraph](https://img.shields.io/badge/dependency-graph-blue.svg)](https://azuresdkartifacts.blob.core.windows.net/azure-sdk-for-js/dependencies/InterdependencyGraph.html)

This repository is for active development of the Azure SDK for JavaScript (NodeJS & Browser). For consumers of the SDK we recommend visiting our [public developer docs](https://docs.microsoft.com/en-us/javascript/azure/) or our versioned [developer docs](https://azure.github.io/azure-sdk-for-js).
This repository is for active development of the Azure SDK for JavaScript (NodeJS & Browser). For consumers of the SDK we recommend visiting our [public developer docs](https://docs.microsoft.com/javascript/azure/) or our versioned [developer docs](https://azure.github.io/azure-sdk-for-js).

## Getting started

Expand Down Expand Up @@ -41,7 +41,7 @@ Libraries which enable you to provision specific resources. They are responsible
Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) <[email protected]>. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the [Security TechCenter](https://www.microsoft.com/msrc/faqs-report-an-issue).

## Contributing
For details on contributing to this repository, see the [contributing guide](CONTRIBUTING.md).
For details on contributing to this repository, see the [contributing guide](https://github.com/Azure/azure-sdk-for-js/blob/master/CONTRIBUTING.md).

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit
https://cla.microsoft.com.
Expand Down
6 changes: 3 additions & 3 deletions SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,15 @@

Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).

If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below.
If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://docs.microsoft.com/previous-versions/tn-archive/cc751383(v=technet.10)), please report it to us as described below.

## Reporting Security Issues

**Please do not report security vulnerabilities through public GitHub issues.**

Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).

If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/msrc/pgp-key-msrc).

You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).

Expand All @@ -36,6 +36,6 @@ We prefer all communications to be in English.

## Policy

Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/msrc/cvd).

<!-- END MICROSOFT SECURITY.MD BLOCK -->
4 changes: 2 additions & 2 deletions common/smoke-test/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ uses package dependencies, loads all packages into a single process, and
executes code samples to ensure basic end to end scenarios work as expected.

Smoke Tests are meant to be run periodically in an Azure DevOps pipeline. See
[`smoke-tests.yml`](./smoke-tests.yml) to configure Smoke Tests in an Azure
[`smoke-tests.yml`](https://github.com/Azure/azure-sdk-for-js/blob/master/common/smoke-test/smoke-tests.yml) to configure Smoke Tests in an Azure
DevOps pipeline. When run in an Azure DevOps pipeline specify the `-CI` flag to
ensure environment variables are properly set and error/warning messages are
properly surfaced during the execution.
Expand All @@ -23,7 +23,7 @@ package.
- AAD Application with `Owner` permissions to an Azure subscription
- PowerShell 7
- Node 12.x
- Azure SDK for JS [`dev-tool`](../tools/dev-tool)
- Azure SDK for JS [`dev-tool`](https://github.com/Azure/azure-sdk-for-js/blob/master/common/tools/dev-tool)

## Configuring Samples

Expand Down
4 changes: 2 additions & 2 deletions documentation/Bundling.md
Original file line number Diff line number Diff line change
Expand Up @@ -365,7 +365,7 @@ Once this is done, you can use parcel by configuring your project in the way tha

### Parcel with Javascript

Parcel uses [browserslist](https://github.com/browserslist/browserslist) to configure what polyfills are needed when bundling. Azure SDK libraries generally target the ES2015 version of JavaScript and use some modern features of JavaScript, including [generators](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/function*), so let's edit `package.json` to target the latest version of three popular browsers:
Parcel uses [browserslist](https://github.com/browserslist/browserslist) to configure what polyfills are needed when bundling. Azure SDK libraries generally target the ES2015 version of JavaScript and use some modern features of JavaScript, including [generators](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Statements/function*), so let's edit `package.json` to target the latest version of three popular browsers:

```json
"browserslist": [
Expand Down Expand Up @@ -413,7 +413,7 @@ This will emit a compiled version of `index.html`, as well as any included scrip

### Parcel with TypeScript

Parcel uses [browserslist](https://github.com/browserslist/browserslist) to configure what polyfills are needed when bundling. The Azure SDK uses some modern features of JavaScript, including [async functions](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/async_function), so let's edit `package.json` to target the latest version of three popular browsers:
Parcel uses [browserslist](https://github.com/browserslist/browserslist) to configure what polyfills are needed when bundling. The Azure SDK uses some modern features of JavaScript, including [async functions](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Statements/async_function), so let's edit `package.json` to target the latest version of three popular browsers:

```json
"browserslist": [
Expand Down
48 changes: 24 additions & 24 deletions documentation/using-azure-identity.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,10 @@

This document intends to demystify the configuration and use of [Microsoft
identity
platform](https://docs.microsoft.com/en-us/azure/active-directory/develop/),
platform](https://docs.microsoft.com/azure/active-directory/develop/),
also known as Azure Active Directory v2, with the Azure SDK libraries.
Microsoft identity platform implements the [OAuth 2.0 and OpenID Connect
standards](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols)
standards](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols)
to provide authentication for users and services who may be granted access to
Azure services.

Expand All @@ -26,12 +26,12 @@ tenant.
A "tenant" is basically instance of Azure Active Directory associated with your
Azure account. You can follow the instructions on [this quick start guide for
setting up a
tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant)
tenant](https://docs.microsoft.com/azure/active-directory/develop/quickstart-create-new-tenant)
to check if you have AAD tenant already or, if not, create one.

Once you have a tenant, you can create an app registration by following [this
quickstart guide for app
registrations](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app).
registrations](https://docs.microsoft.com/azure/active-directory/develop/quickstart-register-app).
Your app registration holds the configuration for how your application will
authenticate users and services, so it's very important to it set up correctly
before using any of the credential types below. The section on each credential
Expand All @@ -47,7 +47,7 @@ inside of your AAD tenant or if you'd like other organizations and individuals
to use it.

The [app registration quickstart
guide](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-a-new-application-using-the-azure-portal)
guide](https://docs.microsoft.com/azure/active-directory/develop/quickstart-register-app#register-a-new-application-using-the-azure-portal)
gives a helpful breakdown for the various tenancy options in the "Supported
account types" documentation.

Expand All @@ -62,15 +62,15 @@ serve different use cases and application types. A primary differentiator
between these flows is whether the "client" that initiates the flow is running
on a user device or on a system managed by the application developer (like a web
server). The [Microsoft Authentication
Library](https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-client-applications)
Library](https://docs.microsoft.com/azure/active-directory/develop/msal-client-applications)
documentation describes this distinction as _public_ versus _confidential_
clients.

Most of the credential types are strictly public or confidential as they serve a
specific purpose, like authenticating a backend service for use with storage
APIs. Some credentials may be both public or confidential depending on how you
configure them. For example, the [authorization code
flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow)
flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow)
can be initiated from a mobile application _or_ from within a web application
running in a server.

Expand Down Expand Up @@ -106,7 +106,7 @@ environment?**

The identity platform provides an authorization model for Azure services with
[two types of
permissions](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#troubleshooting-permissions-and-consent):
permissions](https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent#troubleshooting-permissions-and-consent):

- **Application permissions** authorize an application to access resources
directly. Administrator consent must be granted to your application.
Expand All @@ -120,7 +120,7 @@ with a _public credential_, you must configure API permissions for the Azure
service you need to access (Key Vault, Storage, etc) so that user accounts can
be authorized to use them through your application. The [quick start guide for
configuring API
permissions](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-configure-app-access-web-apis)
permissions](https://docs.microsoft.com/azure/active-directory/develop/quickstart-configure-app-access-web-apis)
explains how to do this in detail.

### User-Granted Consent
Expand All @@ -130,27 +130,27 @@ delegated permissions, they may be presented with a consent screen that asks
whether they want to grant your application permission to access resources on
their behalf. An example of this consent flow can be found in the [consent
framework documentation
page](https://docs.microsoft.com/en-us/azure/active-directory/develop/consent-framework).
page](https://docs.microsoft.com/azure/active-directory/develop/consent-framework).

An administrator can also grant consent for your application on behalf of all
users. In this case, users may never see a consent screen. If you'd like to
make it easy for an administrator to grant access to all users, follow the
instructions in the [admin consent endpoint request
documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#request-the-permissions-from-a-directory-admin).
documentation](https://docs.microsoft.com/azure/active-directory/develop/v2-permissions-and-consent#request-the-permissions-from-a-directory-admin).

There are some cases where a user may not be allowed to grant consent to an
application. When this occurs, the user may have to speak with an administrator
to have the permissions granted on their behalf. The [user consent
troubleshooting
page](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/application-sign-in-unexpected-user-consent-error)
page](https://docs.microsoft.com/azure/active-directory/manage-apps/application-sign-in-unexpected-user-consent-error)
provides more details on the consent errors a user might encounter.

## Credential Types in @azure/identity

### ClientSecretCredential and ClientCertificateCredential

The `ClientSecretCredential` implements the [client credentials
flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow)
flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-client-creds-grant-flow)
to enable confidential clients, like web services, to access Azure resources.
To use this credential, you will need to create a client secret using the
"Certificates & secrets" page for your app registration.
Expand All @@ -159,7 +159,7 @@ The `ClientCertificateCredential` implements the same client credentials flow,
but instead uses a certificate as the means to authenticate the client. You must
must generate your own PEM-formatted certificate for use in this flow and then
[register
it](https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-certificate-credentials#register-your-certificate-with-azure-ad)
it](https://docs.microsoft.com/azure/active-directory/develop/active-directory-certificate-credentials#register-your-certificate-with-azure-ad)
in the "Certificates & secrets" page for your app registration. Using a
certificate to authenticate is recommended as it is generally more secure than
using a client secret.
Expand All @@ -174,7 +174,7 @@ on which credential you are using.
### UsernamePasswordCredential

The `UsernamePasswordCredential` follows the [resource owner password credential
flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc)
flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth-ropc)
to authenticate public or confidential clients. To use this credential, you
will need the `tenantId` and `clientId` of your app and a `username` and
`password` of the user you are authenticating.
Expand All @@ -193,7 +193,7 @@ directly is a major security risk.

> NOTE: This credential type does not work with personal Microsoft accounts or
> multi-factor authentication at this time. See the
> [documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc)
> [documentation](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth-ropc)
> for more information.

### EnvironmentCredential
Expand Down Expand Up @@ -228,7 +228,7 @@ application to learn how to configure environment variables for your deployment.
The `ManagedIdentityCredential` takes advantage of authentication endpoints that
are hosted within the virtual network of applications deployed to Azure virtual
machines, App Services, Functions, Container Services, [and
more](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/services-support-managed-identities).
more](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/services-support-managed-identities).

One important distinction of this credential compared to the others is that it
_does not require an app registration_. This authentication scheme relates to
Expand All @@ -240,10 +240,10 @@ to grant one of two types of managed identity to the resource that runs your
code:

- A [system-assigned
identity](https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity#adding-a-system-assigned-identity)
identity](https://docs.microsoft.com/azure/app-service/overview-managed-identity#adding-a-system-assigned-identity)
which uniquely identifies your resource
- A [user-assigned
identity](https://docs.microsoft.com/en-us/azure/app-service/overview-managed-identity#adding-a-user-assigned-identity)
identity](https://docs.microsoft.com/azure/app-service/overview-managed-identity#adding-a-user-assigned-identity)
which can be assigned to your resource (and others)

Once your resource has an identity assigned, that identity can be granted access
Expand All @@ -256,15 +256,15 @@ the managed identity you wish to use for authentication.

More information on configuring and using managed identities can be found in the
[Managed identities for Azure
resources](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview)
resources](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview)
documentation. There is also a [list of Azure
services](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/services-support-managed-identities#azure-services-that-support-azure-ad-authentication)
services](https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/services-support-managed-identities#azure-services-that-support-azure-ad-authentication)
that have been tested to confirm support for managed identity authentication.

### InteractiveBrowserCredential

The `InteractiveBrowserCredential` follows the [implicit grant
flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow)
flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-implicit-grant-flow)
which enables authentication for clients that run completely in the browser. It
is primarily useful for single-page web applications (SPAs) which need to
authenticate to access Azure resources and APIs directly.
Expand All @@ -285,7 +285,7 @@ creating an `InteractiveBrowserCredential`.
### DeviceCodeCredential

The `DeviceCodeCredential` follows the [device code authorization
flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-device-code)
flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-device-code)
which enables input-constrained devices, like TVs or IoT devices, to
authenticate by having the user enter a provided "device code" into an
authorization site that the user visits on another device.
Expand All @@ -297,7 +297,7 @@ section of the **Authentication** page of your app registration.
### AuthorizationCodeCredential

The `AuthorizationCodeCredential` follows the [authorization code
flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow)
flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow)
which enables server-hosted web applications, native desktop and mobile
applications, and web APIs to access resources on the user's behalf.

Expand Down
1 change: 1 addition & 0 deletions eng/pipelines/templates/steps/analyze.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ steps:
- template: ../../../common/pipelines/templates/steps/verify-links.yml
parameters:
Directory: sdk/${{ parameters.ServiceDirectory }}
CheckLinkGuidance: $true

- script: |
npm ci
Expand Down
Loading