Catch Dpapi Require error (#7412)

For usages of msal-node-extensions that don't need persistance - like if you just want to use the Broker. We are hitting this in VS Code because we are trying to bundle our code with Webpack... but since the require of DPAPI happens regardless of what features you use, we get an error from locating this `.node` file, which I have not included in our bundle. --------- Co-authored-by: Thomas Norling <[email protected]>
AzureAD · Nov 14, 2024 · 2b750fb · 2b750fb
1 parent f810915
commit 2b750fb
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 12 deletions.
diff --git a/change/@azure-msal-node-extensions-ad5fa611-2a29-46aa-b273-c3a6ff98add1.json b/change/@azure-msal-node-extensions-ad5fa611-2a29-46aa-b273-c3a6ff98add1.json
@@ -0,0 +1,7 @@
+{
+  "type": "minor",
+  "comment": "Allow requiring msal-node-extensions without Dpapi dependency",
+  "packageName": "@azure/msal-node-extensions",
+  "email": "[email protected]",
+  "dependentChangeType": "patch"
+}
diff --git a/extensions/msal-node-extensions/src/Dpapi.ts b/extensions/msal-node-extensions/src/Dpapi.ts
@@ -18,26 +18,32 @@ export interface DpapiBindings {
     ): Uint8Array;
 }
 
-class defaultDpapi implements DpapiBindings {
+class UnavailableDpapi implements DpapiBindings {
+    constructor(private readonly errorMessage: string) {}
+
     protectData(): Uint8Array {
-        throw new Error("Dpapi is not supported on this platform");
+        throw new Error(this.errorMessage);
     }
     unprotectData(): Uint8Array {
-        throw new Error("Dpapi is not supported on this platform");
+        throw new Error(this.errorMessage);
     }
 }
 
 let Dpapi: DpapiBindings;
 if (process.platform !== "win32") {
-    Dpapi = new defaultDpapi();
+    Dpapi = new UnavailableDpapi("Dpapi is not supported on this platform");
 } else {
     // In .mjs files, require is not defined. We need to use createRequire to get a require function
     const safeRequire =
         typeof require !== "undefined"
             ? require
             : createRequire(import.meta.url);
 
-    Dpapi = safeRequire(`../bin/${process.arch}/dpapi`);
+    try {
+        Dpapi = safeRequire(`../bin/${process.arch}/dpapi`);
+    } catch (e) {
+        Dpapi = new UnavailableDpapi("Dpapi bindings unavailable");
+    }
 }
 
 export { Dpapi };
diff --git a/extensions/msal-node-extensions/test/dpapi-addon/Dpapi.spec.ts b/extensions/msal-node-extensions/test/dpapi-addon/Dpapi.spec.ts
@@ -8,8 +8,8 @@ import { DataProtectionScope } from "../../src/persistence/DataProtectionScope";
 import { platform } from "process";
 
 // DPAPI is only available on windows
-if (platform === "win32") {
-    describe("Test DPAPI addon", () => {
+describe("Test DPAPI addon", () => {
+    if (platform === "win32") {
         test("Protect and Unprotect data", () => {
             const data = Buffer.from("DPAPITestString");
 
@@ -58,8 +58,10 @@ if (platform === "win32") {
             );
             expect(decryptedData).toEqual(data);
         });
-    });
-} else {
-    // Jest require that a .spec.ts file contain at least one test.
-    test("Empty test", () => {});
-}
+    } else {
+        test("Should throw on non-Windows", () => {
+            const data = Buffer.from("DPAPITestString");
+            expect(() => Dpapi.protectData(data, null, DataProtectionScope.LocalMachine)).toThrow();
+        });
+    }
+});