port:[#3906] Port Managed Identity (MSI) + Single Tenant from DotNet

libraries/botframework-connector/src/auth/index.ts

@@ -25,7 +25,6 @@ export * from './enterpriseChannelValidation';
 export * from './governmentChannelValidation';
 export * from './governmentConstants';
 export * from './jwtTokenProviderFactory';
-export * from './jwtTokenProviderFactoryInterface';
 export * from './jwtTokenValidation';
 export * from './managedIdentityAppCredentials';
 export * from './managedIdentityAuthenticator';

libraries/botframework-connector/src/auth/jwtTokenProviderFactory.ts

@@ -8,12 +8,23 @@
 
 import { DefaultAzureCredential } from '@azure/identity';
 import { ok } from 'assert';
-import type { JwtTokenProviderFactoryInterface } from './jwtTokenProviderFactoryInterface';
+
+/*
+ * A factory that can create OAuth token providers for generating JWT auth tokens.
+ */
+export interface IJwtTokenProviderFactory {
+    /*
+     * Creates a new instance of the <see cref="DefaultAzureCredential"/> class.
+     * @param appId Client id for the managed identity to be used for acquiring tokens.
+     * @returns A new instance of the <see cref="DefaultAzureCredential"/> class.
+     */
+    createAzureServiceTokenProvider(appId: string): DefaultAzureCredential;
+}
 
 /**
  * @inheritdoc
  */
-export class JwtTokenProviderFactory implements JwtTokenProviderFactoryInterface {
+export class JwtTokenProviderFactory implements IJwtTokenProviderFactory {
     /**
      * @inheritdoc
      */

libraries/botframework-connector/src/auth/managedIdentityAppCredentials.ts

@@ -6,18 +6,18 @@
  * Licensed under the MIT License.
  */
 
-import type { TokenResponse } from 'adal-node';
-import { ok } from 'assert';
 import { AppCredentials } from './appCredentials';
-import type { JwtTokenProviderFactoryInterface } from './jwtTokenProviderFactoryInterface';
+import type { IJwtTokenProviderFactory } from './jwtTokenProviderFactory';
 import { ManagedIdentityAuthenticator } from './managedIdentityAuthenticator';
+import { TokenResponse } from 'adal-node';
+import { ok } from 'assert';
 
 /**
  * Managed Service Identity auth implementation.
  */
 export class ManagedIdentityAppCredentials extends AppCredentials {
-    private readonly tokenProviderFactory: JwtTokenProviderFactoryInterface;
-    private readonly authenticator: ManagedIdentityAuthenticator;
+    private readonly tokenProviderFactory: IJwtTokenProviderFactory;
+    private authenticator: ManagedIdentityAuthenticator;
 
     /**
      * Managed Identity for AAD credentials auth and caching.
@@ -26,7 +26,7 @@ export class ManagedIdentityAppCredentials extends AppCredentials {
      * @param oAuthScope The scope for the token.
      * @param tokenProviderFactory The JWT token provider factory to use.
      */
-    constructor(appId: string, oAuthScope: string, tokenProviderFactory: JwtTokenProviderFactoryInterface) {
+    constructor(appId: string, oAuthScope: string, tokenProviderFactory: IJwtTokenProviderFactory) {
         super(appId, null, oAuthScope);
 
         ok(appId?.trim(), 'ManagedIdentityAppCredentials.constructor(): missing appId.');

libraries/botframework-connector/src/auth/managedIdentityAuthenticator.ts

@@ -7,9 +7,9 @@
  */
 
 import type { AccessToken, DefaultAzureCredential } from '@azure/identity';
+import type { IJwtTokenProviderFactory } from './jwtTokenProviderFactory';
 import { ok } from 'assert';
 import { retry } from 'botbuilder-stdlib';
-import type { JwtTokenProviderFactoryInterface } from './jwtTokenProviderFactoryInterface';
 
 /**
  * Abstraction to acquire tokens from a Managed Service Identity.
@@ -25,8 +25,8 @@ export class ManagedIdentityAuthenticator {
      * @param resource Resource for which to acquire the token.
      * @param tokenProviderFactory The JWT token provider factory to use.
      */
-    constructor(appId: string, resource: string, tokenProviderFactory: JwtTokenProviderFactoryInterface) {
-        ok(appId?.trim(), 'ManagedIdentityAuthenticator.constructor(): missing appId.');
+    constructor(appId: string, resource: string, tokenProviderFactory: IJwtTokenProviderFactory) {
+        ok(appId?.trim(), 'ManagedIdentityAuthenticator.constructor(): missing appid.');
         ok(resource?.trim(), 'ManagedIdentityAuthenticator.constructor(): missing resource.');
         ok(tokenProviderFactory, 'ManagedIdentityAuthenticator.constructor(): missing tokenProviderFactory.');
 
@@ -37,7 +37,7 @@ export class ManagedIdentityAuthenticator {
     /**
      * Acquires the security token.
      *
-     * @returns {Promise<AccessToken>} A promise with the `AccessToken` provided by the [JwtTokenProviderFactoryInterface](xref:botframework-connector.JwtTokenProviderFactoryInterface) class.
+     * @returns {Promise<AccessToken>} A promise with the `AccessToken` provided by the [IJwtTokenProviderFactory](xref:botframework-connector.IJwtTokenProviderFactory) class.
      */
     async getToken(): Promise<AccessToken> {
         // Retry gradually, starting from 10 ms up to 5 times.

libraries/botframework-connector/src/auth/managedIdentityServiceClientCredentialsFactory.ts

@@ -6,26 +6,26 @@
  * Licensed under the MIT License.
  */
 
+import type { IJwtTokenProviderFactory } from './jwtTokenProviderFactory';
 import type { ServiceClientCredentials } from '@azure/ms-rest-js';
-import { ok } from 'assert';
-import type { JwtTokenProviderFactoryInterface } from './jwtTokenProviderFactoryInterface';
 import { ManagedIdentityAppCredentials } from './managedIdentityAppCredentials';
 import { ServiceClientCredentialsFactory } from './serviceClientCredentialsFactory';
+import { ok } from 'assert';
 
 /*
  * A Managed Identity implementation of the [ServiceClientCredentialsFactory](xref:botframework-connector.ServiceClientCredentialsFactory) abstract class.
  */
 export class ManagedIdentityServiceClientCredentialsFactory extends ServiceClientCredentialsFactory {
     private readonly appId: string;
-    private readonly tokenProviderFactory: JwtTokenProviderFactoryInterface;
+    private readonly tokenProviderFactory: IJwtTokenProviderFactory;
 
     /**
      * Initializes a new instance of the ManagedIdentityServiceClientCredentialsFactory class.
      *
      * @param appId Client ID for the managed identity assigned to the bot.
      * @param tokenProviderFactory The JWT token provider factory to use.
      */
-    constructor(appId: string, tokenProviderFactory: JwtTokenProviderFactoryInterface) {
+    constructor(appId: string, tokenProviderFactory: IJwtTokenProviderFactory) {
         super();
         ok(appId?.trim(), 'ManagedIdentityServiceClientCredentialsFactory.constructor(): missing appId.');
         ok(