[Identity] Bump msal-node dep (Azure#13179)

* Bump msal-node dependency and update package version

* Bump msal-node dependency and update package version

* Address feedback

* Address feedback

* Address feedback

* Address feedback

Author: Jonathan Turner

common/config/rush/pnpm-lock.yaml

@@ -1,5 +1,9 @@
 # Release History
 
+## 1.2.2 (2021-01-12)
+
+- Upgrading to the msal-node dependency due to a severe vulnerability in Axios. Link to the documented vulnerability: [link](https://npmjs.com/advisories/1594). Fixes issue [13088](https://github.com/Azure/azure-sdk-for-js/issues/13088).
+
 ## 1.2.1 (2021-01-07)
 
 - Upgrading to Axios 0.21.1 due to a severe vulnerability in Axios. Link to the documented vulnerability: [link](https://npmjs.com/advisories/1594). Fixes issue [13088](https://github.com/Azure/azure-sdk-for-js/issues/13088).

sdk/identity/identity/CHANGELOG.md

@@ -1,7 +1,7 @@
 {
   "name": "@azure/identity",
   "sdk-type": "client",
-  "version": "1.2.1",
+  "version": "1.2.2",
   "description": "Provides credential implementations for Azure SDK libraries that can authenticate with Azure Active Directory",
   "main": "dist/index.js",
   "module": "dist-esm/src/index.js",
@@ -83,7 +83,7 @@
     "@azure/core-http": "^1.2.0",
     "@azure/core-tracing": "1.0.0-preview.9",
     "@azure/logger": "^1.0.0",
-    "@azure/msal-node": "1.0.0-beta.1",
+    "@azure/msal-node": "1.0.0-beta.3",
     "@opentelemetry/api": "^0.10.2",
     "axios": "^0.21.1",
     "events": "^3.0.0",

sdk/identity/identity/package.json

@@ -111,10 +111,14 @@ export class MsalClient {
     try {
       const response = await this.pca!.acquireTokenSilent(silentRequest);
       logger.info("Successful silent token acquisition");
-      return {
-        expiresOnTimestamp: response.expiresOn.getTime(),
-        token: response.accessToken
-      };
+      if (response && response.expiresOn) {
+        return {
+          expiresOnTimestamp: response.expiresOn.getTime(),
+          token: response.accessToken
+        };
+      } else {
+        throw new AuthenticationRequired("Could not authenticate silently using the cache");
+      }
     } catch (e) {
       throw new AuthenticationRequired("Could not authenticate silently using the cache");
     }
@@ -126,21 +130,23 @@ export class MsalClient {
     return this.pca!.getAuthCodeUrl(request);
   }
 
-  async acquireTokenByCode(request: AuthorizationCodeRequest): Promise<AuthenticationResult> {
+  async acquireTokenByCode(
+    request: AuthorizationCodeRequest
+  ): Promise<AuthenticationResult | null> {
     await this.prepareClientApplications();
 
     return this.pca!.acquireTokenByCode(request);
   }
 
-  async acquireTokenByDeviceCode(request: DeviceCodeRequest): Promise<AuthenticationResult> {
+  async acquireTokenByDeviceCode(request: DeviceCodeRequest): Promise<AuthenticationResult | null> {
     await this.prepareClientApplications();
 
     return this.pca!.acquireTokenByDeviceCode(request);
   }
 
   async acquireTokenByClientCredential(
     request: ClientCredentialRequest
-  ): Promise<AuthenticationResult> {
+  ): Promise<AuthenticationResult | null> {
     await this.prepareClientApplications();
 
     return this.cca!.acquireTokenByClientCredential(request);

sdk/identity/identity/src/client/msalClient.ts

@@ -160,12 +160,16 @@ export class DeviceCodeCredential implements TokenCredential {
   ): Promise<AccessToken | null> {
     try {
       const deviceResponse = await this.msalClient.acquireTokenByDeviceCode(deviceCodeRequest);
-      const expiresOnTimestamp = deviceResponse.expiresOn.getTime();
-      logger.getToken.info(formatSuccess(scopes));
-      return {
-        expiresOnTimestamp,
-        token: deviceResponse.accessToken
-      };
+      if (deviceResponse && deviceResponse.expiresOn) {
+        const expiresOnTimestamp = deviceResponse.expiresOn.getTime();
+        logger.getToken.info(formatSuccess(scopes));
+        return {
+          expiresOnTimestamp,
+          token: deviceResponse.accessToken
+        };
+      } else {
+        throw new Error("Did not receive token with a valid expiration");
+      }
     } catch (error) {
       throw new Error(`Device Authentication Error "${JSON.stringify(error)}"`);
     }

sdk/identity/identity/src/credentials/deviceCodeCredential.ts

@@ -137,14 +137,22 @@ export class InteractiveBrowserCredential implements TokenCredential {
         try {
           const authResponse = await this.msalClient.acquireTokenByCode(tokenRequest);
           const successMessage = `Authentication Complete. You can close the browser and return to the application.`;
-          const expiresOnTimestamp = authResponse?.expiresOn.valueOf();
-          res.status(200).send(successMessage);
-          logger.getToken.info(formatSuccess(scopeArray));
-
-          resolve({
-            expiresOnTimestamp,
-            token: authResponse.accessToken
-          });
+          if (authResponse && authResponse.expiresOn) {
+            const expiresOnTimestamp = authResponse?.expiresOn.valueOf();
+            res.status(200).send(successMessage);
+            logger.getToken.info(formatSuccess(scopeArray));
+
+            resolve({
+              expiresOnTimestamp,
+              token: authResponse.accessToken
+            });
+          } else {
+            reject(
+              new Error(
+                `Interactive Browser Authentication Error "Did not receive token with a valid expiration"`
+              )
+            );
+          }
         } catch (error) {
           const errorMessage = formatError(
             scopeArray,