@azure/msal-browser 4.12.0 → 4.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/IPlatformAuthHandler.d.ts +12 -0
- package/dist/broker/nativeBroker/IPlatformAuthHandler.d.ts.map +1 -0
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts +30 -0
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -0
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +143 -0
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -0
- package/dist/broker/nativeBroker/{NativeMessageHandler.d.ts → PlatformAuthExtensionHandler.d.ts} +16 -16
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -0
- package/dist/broker/nativeBroker/{NativeMessageHandler.mjs → PlatformAuthExtensionHandler.mjs} +66 -58
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -0
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +26 -0
- package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -0
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +108 -0
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -0
- package/dist/broker/nativeBroker/{NativeRequest.d.ts → PlatformAuthRequest.d.ts} +34 -3
- package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -0
- package/dist/broker/nativeBroker/{NativeResponse.d.ts → PlatformAuthResponse.d.ts} +24 -2
- package/dist/broker/nativeBroker/PlatformAuthResponse.d.ts.map +1 -0
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.d.ts +6 -2
- package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
- package/dist/cache/BrowserCacheManager.mjs +17 -2
- package/dist/cache/BrowserCacheManager.mjs.map +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts +2 -2
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +30 -29
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.d.ts +10 -1
- package/dist/event/EventMessage.d.ts.map +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventMessage.mjs.map +1 -1
- package/dist/event/EventType.d.ts +1 -0
- package/dist/event/EventType.d.ts.map +1 -1
- package/dist/event/EventType.mjs +2 -1
- package/dist/event/EventType.mjs.map +1 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.mjs +2 -1
- package/dist/index.mjs.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.d.ts +3 -3
- package/dist/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +3 -3
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/{NativeInteractionClient.d.ts → PlatformAuthInteractionClient.d.ts} +21 -23
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -0
- package/dist/interaction_client/{NativeInteractionClient.mjs → PlatformAuthInteractionClient.mjs} +80 -111
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -0
- package/dist/interaction_client/PopupClient.d.ts +2 -2
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +7 -7
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +2 -2
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +7 -8
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.d.ts +2 -2
- package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +3 -3
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts +2 -2
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +7 -8
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +4 -4
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +10 -9
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.d.ts +8 -1
- package/dist/utils/BrowserConstants.d.ts.map +1 -1
- package/dist/utils/BrowserConstants.mjs +11 -4
- package/dist/utils/BrowserConstants.mjs.map +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/msal-browser.cjs +1539 -1318
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +1539 -1318
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +66 -66
- package/lib/types/broker/nativeBroker/IPlatformAuthHandler.d.ts +12 -0
- package/lib/types/broker/nativeBroker/IPlatformAuthHandler.d.ts.map +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts +30 -0
- package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -0
- package/lib/types/broker/nativeBroker/{NativeMessageHandler.d.ts → PlatformAuthExtensionHandler.d.ts} +16 -16
- package/lib/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -0
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +26 -0
- package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -0
- package/lib/types/broker/nativeBroker/{NativeRequest.d.ts → PlatformAuthRequest.d.ts} +34 -3
- package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -0
- package/lib/types/broker/nativeBroker/{NativeResponse.d.ts → PlatformAuthResponse.d.ts} +24 -2
- package/lib/types/broker/nativeBroker/PlatformAuthResponse.d.ts.map +1 -0
- package/lib/types/cache/BrowserCacheManager.d.ts +6 -2
- package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
- package/lib/types/controllers/StandardController.d.ts +2 -2
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/event/EventMessage.d.ts +10 -1
- package/lib/types/event/EventMessage.d.ts.map +1 -1
- package/lib/types/event/EventType.d.ts +1 -0
- package/lib/types/event/EventType.d.ts.map +1 -1
- package/lib/types/index.d.ts +2 -1
- package/lib/types/index.d.ts.map +1 -1
- package/lib/types/interaction_client/BaseInteractionClient.d.ts +3 -3
- package/lib/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_client/{NativeInteractionClient.d.ts → PlatformAuthInteractionClient.d.ts} +21 -23
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -0
- package/lib/types/interaction_client/PopupClient.d.ts +2 -2
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +2 -2
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts +2 -2
- package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts +2 -2
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +4 -4
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/utils/BrowserConstants.d.ts +8 -1
- package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/broker/nativeBroker/IPlatformAuthHandler.ts +17 -0
- package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +248 -0
- package/src/broker/nativeBroker/{NativeMessageHandler.ts → PlatformAuthExtensionHandler.ts} +90 -79
- package/src/broker/nativeBroker/PlatformAuthProvider.ts +164 -0
- package/src/broker/nativeBroker/{NativeRequest.ts → PlatformAuthRequest.ts} +41 -2
- package/src/broker/nativeBroker/{NativeResponse.ts → PlatformAuthResponse.ts} +25 -1
- package/src/cache/BrowserCacheManager.ts +27 -3
- package/src/controllers/StandardController.ts +51 -45
- package/src/event/EventMessage.ts +11 -0
- package/src/event/EventType.ts +1 -0
- package/src/index.ts +3 -0
- package/src/interaction_client/BaseInteractionClient.ts +4 -4
- package/src/interaction_client/{NativeInteractionClient.ts → PlatformAuthInteractionClient.ts} +136 -167
- package/src/interaction_client/PopupClient.ts +8 -7
- package/src/interaction_client/RedirectClient.ts +12 -12
- package/src/interaction_client/SilentAuthCodeClient.ts +3 -3
- package/src/interaction_client/SilentIframeClient.ts +12 -12
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +12 -10
- package/src/utils/BrowserConstants.ts +9 -1
- package/dist/broker/nativeBroker/NativeMessageHandler.d.ts.map +0 -1
- package/dist/broker/nativeBroker/NativeMessageHandler.mjs.map +0 -1
- package/dist/broker/nativeBroker/NativeRequest.d.ts.map +0 -1
- package/dist/broker/nativeBroker/NativeResponse.d.ts.map +0 -1
- package/dist/interaction_client/NativeInteractionClient.d.ts.map +0 -1
- package/dist/interaction_client/NativeInteractionClient.mjs.map +0 -1
- package/lib/types/broker/nativeBroker/NativeMessageHandler.d.ts.map +0 -1
- package/lib/types/broker/nativeBroker/NativeRequest.d.ts.map +0 -1
- package/lib/types/broker/nativeBroker/NativeResponse.d.ts.map +0 -1
- package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +0 -1
package/src/interaction_client/{NativeInteractionClient.ts → PlatformAuthInteractionClient.ts}
RENAMED
|
@@ -30,8 +30,6 @@ import {
|
|
|
30
30
|
createClientAuthError,
|
|
31
31
|
ClientAuthErrorCodes,
|
|
32
32
|
invokeAsync,
|
|
33
|
-
createAuthError,
|
|
34
|
-
AuthErrorCodes,
|
|
35
33
|
updateAccountTenantProfileData,
|
|
36
34
|
CacheHelpers,
|
|
37
35
|
buildAccountToCache,
|
|
@@ -45,20 +43,18 @@ import { EventHandler } from "../event/EventHandler.js";
|
|
|
45
43
|
import { PopupRequest } from "../request/PopupRequest.js";
|
|
46
44
|
import { SilentRequest } from "../request/SilentRequest.js";
|
|
47
45
|
import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
|
|
48
|
-
import { NativeMessageHandler } from "../broker/nativeBroker/NativeMessageHandler.js";
|
|
49
46
|
import {
|
|
50
|
-
NativeExtensionMethod,
|
|
51
47
|
ApiId,
|
|
52
48
|
TemporaryCacheKeys,
|
|
53
|
-
|
|
49
|
+
PlatformAuthConstants,
|
|
54
50
|
BrowserConstants,
|
|
55
51
|
CacheLookupPolicy,
|
|
56
52
|
} from "../utils/BrowserConstants.js";
|
|
53
|
+
import { PlatformAuthRequest } from "../broker/nativeBroker/PlatformAuthRequest.js";
|
|
57
54
|
import {
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
} from "../broker/nativeBroker/
|
|
61
|
-
import { MATS, NativeResponse } from "../broker/nativeBroker/NativeResponse.js";
|
|
55
|
+
MATS,
|
|
56
|
+
PlatformAuthResponse,
|
|
57
|
+
} from "../broker/nativeBroker/PlatformAuthResponse.js";
|
|
62
58
|
import {
|
|
63
59
|
NativeAuthError,
|
|
64
60
|
NativeAuthErrorCodes,
|
|
@@ -76,11 +72,12 @@ import { SilentCacheClient } from "./SilentCacheClient.js";
|
|
|
76
72
|
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
77
73
|
import { base64Decode } from "../encode/Base64Decode.js";
|
|
78
74
|
import { version } from "../packageMetadata.js";
|
|
75
|
+
import { IPlatformAuthHandler } from "../broker/nativeBroker/IPlatformAuthHandler.js";
|
|
79
76
|
|
|
80
|
-
export class
|
|
77
|
+
export class PlatformAuthInteractionClient extends BaseInteractionClient {
|
|
81
78
|
protected apiId: ApiId;
|
|
82
79
|
protected accountId: string;
|
|
83
|
-
protected
|
|
80
|
+
protected platformAuthProvider: IPlatformAuthHandler;
|
|
84
81
|
protected silentCacheClient: SilentCacheClient;
|
|
85
82
|
protected nativeStorageManager: BrowserCacheManager;
|
|
86
83
|
protected skus: string;
|
|
@@ -94,7 +91,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
94
91
|
navigationClient: INavigationClient,
|
|
95
92
|
apiId: ApiId,
|
|
96
93
|
performanceClient: IPerformanceClient,
|
|
97
|
-
provider:
|
|
94
|
+
provider: IPlatformAuthHandler,
|
|
98
95
|
accountId: string,
|
|
99
96
|
nativeStorageImpl: BrowserCacheManager,
|
|
100
97
|
correlationId?: string
|
|
@@ -112,7 +109,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
112
109
|
);
|
|
113
110
|
this.apiId = apiId;
|
|
114
111
|
this.accountId = accountId;
|
|
115
|
-
this.
|
|
112
|
+
this.platformAuthProvider = provider;
|
|
116
113
|
this.nativeStorageManager = nativeStorageImpl;
|
|
117
114
|
this.silentCacheClient = new SilentCacheClient(
|
|
118
115
|
config,
|
|
@@ -126,27 +123,22 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
126
123
|
correlationId
|
|
127
124
|
);
|
|
128
125
|
|
|
129
|
-
const extensionName =
|
|
130
|
-
|
|
131
|
-
NativeConstants.PREFERRED_EXTENSION_ID
|
|
132
|
-
? "chrome"
|
|
133
|
-
: this.nativeMessageHandler.getExtensionId()?.length
|
|
134
|
-
? "unknown"
|
|
135
|
-
: undefined;
|
|
126
|
+
const extensionName = this.platformAuthProvider.getExtensionName();
|
|
127
|
+
|
|
136
128
|
this.skus = ServerTelemetryManager.makeExtraSkuString({
|
|
137
129
|
libraryName: BrowserConstants.MSAL_SKU,
|
|
138
130
|
libraryVersion: version,
|
|
139
131
|
extensionName: extensionName,
|
|
140
|
-
extensionVersion: this.
|
|
132
|
+
extensionVersion: this.platformAuthProvider.getExtensionVersion(),
|
|
141
133
|
});
|
|
142
134
|
}
|
|
143
135
|
|
|
144
136
|
/**
|
|
145
137
|
* Adds SKUs to request extra query parameters
|
|
146
|
-
* @param request {
|
|
138
|
+
* @param request {PlatformAuthRequest}
|
|
147
139
|
* @private
|
|
148
140
|
*/
|
|
149
|
-
private addRequestSKUs(request:
|
|
141
|
+
private addRequestSKUs(request: PlatformAuthRequest): void {
|
|
150
142
|
request.extraParameters = {
|
|
151
143
|
...request.extraParameters,
|
|
152
144
|
[AADServerParamKeys.X_CLIENT_EXTRA_SKU]: this.skus,
|
|
@@ -177,6 +169,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
177
169
|
const serverTelemetryManager = this.initializeServerTelemetryManager(
|
|
178
170
|
this.apiId
|
|
179
171
|
);
|
|
172
|
+
|
|
180
173
|
try {
|
|
181
174
|
// initialize native request
|
|
182
175
|
const nativeRequest = await this.initializeNativeRequest(request);
|
|
@@ -206,18 +199,8 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
206
199
|
);
|
|
207
200
|
}
|
|
208
201
|
|
|
209
|
-
const
|
|
210
|
-
|
|
211
|
-
// fall back to native calls
|
|
212
|
-
const messageBody: NativeExtensionRequestBody = {
|
|
213
|
-
method: NativeExtensionMethod.GetToken,
|
|
214
|
-
request: nativeTokenRequest,
|
|
215
|
-
};
|
|
216
|
-
|
|
217
|
-
const response: object =
|
|
218
|
-
await this.nativeMessageHandler.sendMessage(messageBody);
|
|
219
|
-
const validatedResponse: NativeResponse =
|
|
220
|
-
this.validateNativeResponse(response);
|
|
202
|
+
const validatedResponse: PlatformAuthResponse =
|
|
203
|
+
await this.platformAuthProvider.sendMessage(nativeRequest);
|
|
221
204
|
|
|
222
205
|
return await this.handleNativeResponse(
|
|
223
206
|
validatedResponse,
|
|
@@ -257,7 +240,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
257
240
|
* @returns CommonSilentFlowRequest
|
|
258
241
|
*/
|
|
259
242
|
private createSilentCacheRequest(
|
|
260
|
-
request:
|
|
243
|
+
request: PlatformAuthRequest,
|
|
261
244
|
cachedAccount: AccountInfo
|
|
262
245
|
): CommonSilentFlowRequest {
|
|
263
246
|
return {
|
|
@@ -277,7 +260,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
277
260
|
*/
|
|
278
261
|
protected async acquireTokensFromCache(
|
|
279
262
|
nativeAccountId: string,
|
|
280
|
-
request:
|
|
263
|
+
request: PlatformAuthRequest
|
|
281
264
|
): Promise<AuthenticationResult> {
|
|
282
265
|
if (!nativeAccountId) {
|
|
283
266
|
this.logger.warning(
|
|
@@ -339,15 +322,8 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
339
322
|
remainingParameters
|
|
340
323
|
);
|
|
341
324
|
|
|
342
|
-
const messageBody: NativeExtensionRequestBody = {
|
|
343
|
-
method: NativeExtensionMethod.GetToken,
|
|
344
|
-
request: nativeRequest,
|
|
345
|
-
};
|
|
346
|
-
|
|
347
325
|
try {
|
|
348
|
-
|
|
349
|
-
await this.nativeMessageHandler.sendMessage(messageBody);
|
|
350
|
-
this.validateNativeResponse(response);
|
|
326
|
+
await this.platformAuthProvider.sendMessage(nativeRequest);
|
|
351
327
|
} catch (e) {
|
|
352
328
|
// Only throw fatal errors here to allow application to fallback to regular redirect. Otherwise proceed and the error will be thrown in handleRedirectPromise
|
|
353
329
|
if (e instanceof NativeAuthError) {
|
|
@@ -427,30 +403,24 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
427
403
|
)
|
|
428
404
|
);
|
|
429
405
|
|
|
430
|
-
const messageBody: NativeExtensionRequestBody = {
|
|
431
|
-
method: NativeExtensionMethod.GetToken,
|
|
432
|
-
request: request,
|
|
433
|
-
};
|
|
434
|
-
|
|
435
406
|
const reqTimestamp = TimeUtils.nowSeconds();
|
|
436
407
|
|
|
437
408
|
try {
|
|
438
409
|
this.logger.verbose(
|
|
439
410
|
"NativeInteractionClient - handleRedirectPromise sending message to native broker."
|
|
440
411
|
);
|
|
441
|
-
const response:
|
|
442
|
-
await this.
|
|
443
|
-
this.
|
|
444
|
-
|
|
445
|
-
response as NativeResponse,
|
|
412
|
+
const response: PlatformAuthResponse =
|
|
413
|
+
await this.platformAuthProvider.sendMessage(request);
|
|
414
|
+
const authResult = await this.handleNativeResponse(
|
|
415
|
+
response,
|
|
446
416
|
request,
|
|
447
417
|
reqTimestamp
|
|
448
418
|
);
|
|
449
|
-
|
|
419
|
+
|
|
450
420
|
const serverTelemetryManager =
|
|
451
421
|
this.initializeServerTelemetryManager(this.apiId);
|
|
452
422
|
serverTelemetryManager.clearNativeBrokerErrorCode();
|
|
453
|
-
return
|
|
423
|
+
return authResult;
|
|
454
424
|
} catch (e) {
|
|
455
425
|
throw e;
|
|
456
426
|
}
|
|
@@ -472,8 +442,8 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
472
442
|
* @param reqTimestamp
|
|
473
443
|
*/
|
|
474
444
|
protected async handleNativeResponse(
|
|
475
|
-
response:
|
|
476
|
-
request:
|
|
445
|
+
response: PlatformAuthResponse,
|
|
446
|
+
request: PlatformAuthRequest,
|
|
477
447
|
reqTimestamp: number
|
|
478
448
|
): Promise<AuthenticationResult> {
|
|
479
449
|
this.logger.trace(
|
|
@@ -566,7 +536,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
566
536
|
* @returns
|
|
567
537
|
*/
|
|
568
538
|
protected createHomeAccountIdentifier(
|
|
569
|
-
response:
|
|
539
|
+
response: PlatformAuthResponse,
|
|
570
540
|
idTokenClaims: TokenClaims
|
|
571
541
|
): string {
|
|
572
542
|
// Save account in browser storage
|
|
@@ -587,13 +557,10 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
587
557
|
* @param request
|
|
588
558
|
* @returns
|
|
589
559
|
*/
|
|
590
|
-
generateScopes(
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
return response.scope
|
|
595
|
-
? ScopeSet.fromString(response.scope)
|
|
596
|
-
: ScopeSet.fromString(request.scope);
|
|
560
|
+
generateScopes(requestScopes: string, responseScopes?: string): ScopeSet {
|
|
561
|
+
return responseScopes
|
|
562
|
+
? ScopeSet.fromString(responseScopes)
|
|
563
|
+
: ScopeSet.fromString(requestScopes);
|
|
597
564
|
}
|
|
598
565
|
|
|
599
566
|
/**
|
|
@@ -602,8 +569,8 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
602
569
|
* @param response
|
|
603
570
|
*/
|
|
604
571
|
async generatePopAccessToken(
|
|
605
|
-
response:
|
|
606
|
-
request:
|
|
572
|
+
response: PlatformAuthResponse,
|
|
573
|
+
request: PlatformAuthRequest
|
|
607
574
|
): Promise<string> {
|
|
608
575
|
if (
|
|
609
576
|
request.tokenType === AuthenticationScheme.POP &&
|
|
@@ -661,20 +628,23 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
661
628
|
* @returns
|
|
662
629
|
*/
|
|
663
630
|
protected async generateAuthenticationResult(
|
|
664
|
-
response:
|
|
665
|
-
request:
|
|
631
|
+
response: PlatformAuthResponse,
|
|
632
|
+
request: PlatformAuthRequest,
|
|
666
633
|
idTokenClaims: TokenClaims,
|
|
667
634
|
accountEntity: AccountEntity,
|
|
668
635
|
authority: string,
|
|
669
636
|
reqTimestamp: number
|
|
670
637
|
): Promise<AuthenticationResult> {
|
|
671
638
|
// Add Native Broker fields to Telemetry
|
|
672
|
-
const mats = this.addTelemetryFromNativeResponse(
|
|
639
|
+
const mats = this.addTelemetryFromNativeResponse(
|
|
640
|
+
response.properties.MATS
|
|
641
|
+
);
|
|
673
642
|
|
|
674
643
|
// If scopes not returned in server response, use request scopes
|
|
675
|
-
const responseScopes =
|
|
676
|
-
|
|
677
|
-
|
|
644
|
+
const responseScopes = this.generateScopes(
|
|
645
|
+
request.scope,
|
|
646
|
+
response.scope
|
|
647
|
+
);
|
|
678
648
|
|
|
679
649
|
const accountProperties = response.account.properties || {};
|
|
680
650
|
const uid =
|
|
@@ -762,8 +732,8 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
762
732
|
* @param reqTimestamp
|
|
763
733
|
*/
|
|
764
734
|
cacheNativeTokens(
|
|
765
|
-
response:
|
|
766
|
-
request:
|
|
735
|
+
response: PlatformAuthResponse,
|
|
736
|
+
request: PlatformAuthRequest,
|
|
767
737
|
homeAccountIdentifier: string,
|
|
768
738
|
idTokenClaims: TokenClaims,
|
|
769
739
|
responseAccessToken: string,
|
|
@@ -787,7 +757,10 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
787
757
|
? parseInt(response.expires_in, 10)
|
|
788
758
|
: response.expires_in) || 0;
|
|
789
759
|
const tokenExpirationSeconds = reqTimestamp + expiresIn;
|
|
790
|
-
const responseScopes = this.generateScopes(
|
|
760
|
+
const responseScopes = this.generateScopes(
|
|
761
|
+
response.scope,
|
|
762
|
+
request.scope
|
|
763
|
+
);
|
|
791
764
|
|
|
792
765
|
const cachedAccessToken: AccessTokenEntity | null =
|
|
793
766
|
CacheHelpers.createAccessTokenEntity(
|
|
@@ -818,10 +791,21 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
818
791
|
);
|
|
819
792
|
}
|
|
820
793
|
|
|
794
|
+
getExpiresInValue(
|
|
795
|
+
tokenType: string,
|
|
796
|
+
expiresIn: string | number | undefined
|
|
797
|
+
): number {
|
|
798
|
+
return tokenType === AuthenticationScheme.POP
|
|
799
|
+
? Constants.SHR_NONCE_VALIDITY
|
|
800
|
+
: (typeof expiresIn === "string"
|
|
801
|
+
? parseInt(expiresIn, 10)
|
|
802
|
+
: expiresIn) || 0;
|
|
803
|
+
}
|
|
804
|
+
|
|
821
805
|
protected addTelemetryFromNativeResponse(
|
|
822
|
-
|
|
806
|
+
matsResponse?: string
|
|
823
807
|
): MATS | null {
|
|
824
|
-
const mats = this.getMATSFromResponse(
|
|
808
|
+
const mats = this.getMATSFromResponse(matsResponse);
|
|
825
809
|
|
|
826
810
|
if (!mats) {
|
|
827
811
|
return null;
|
|
@@ -829,9 +813,9 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
829
813
|
|
|
830
814
|
this.performanceClient.addFields(
|
|
831
815
|
{
|
|
832
|
-
extensionId: this.
|
|
816
|
+
extensionId: this.platformAuthProvider.getExtensionId(),
|
|
833
817
|
extensionVersion:
|
|
834
|
-
this.
|
|
818
|
+
this.platformAuthProvider.getExtensionVersion(),
|
|
835
819
|
matsBrokerVersion: mats.broker_version,
|
|
836
820
|
matsAccountJoinOnStart: mats.account_join_on_start,
|
|
837
821
|
matsAccountJoinOnEnd: mats.account_join_on_end,
|
|
@@ -852,37 +836,15 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
852
836
|
return mats;
|
|
853
837
|
}
|
|
854
838
|
|
|
855
|
-
/**
|
|
856
|
-
* Validates native platform response before processing
|
|
857
|
-
* @param response
|
|
858
|
-
*/
|
|
859
|
-
private validateNativeResponse(response: object): NativeResponse {
|
|
860
|
-
if (
|
|
861
|
-
response.hasOwnProperty("access_token") &&
|
|
862
|
-
response.hasOwnProperty("id_token") &&
|
|
863
|
-
response.hasOwnProperty("client_info") &&
|
|
864
|
-
response.hasOwnProperty("account") &&
|
|
865
|
-
response.hasOwnProperty("scope") &&
|
|
866
|
-
response.hasOwnProperty("expires_in")
|
|
867
|
-
) {
|
|
868
|
-
return response as NativeResponse;
|
|
869
|
-
} else {
|
|
870
|
-
throw createAuthError(
|
|
871
|
-
AuthErrorCodes.unexpectedError,
|
|
872
|
-
"Response missing expected properties."
|
|
873
|
-
);
|
|
874
|
-
}
|
|
875
|
-
}
|
|
876
|
-
|
|
877
839
|
/**
|
|
878
840
|
* Gets MATS telemetry from native response
|
|
879
841
|
* @param response
|
|
880
842
|
* @returns
|
|
881
843
|
*/
|
|
882
|
-
private getMATSFromResponse(
|
|
883
|
-
if (
|
|
844
|
+
private getMATSFromResponse(matsResponse: string | undefined): MATS | null {
|
|
845
|
+
if (matsResponse) {
|
|
884
846
|
try {
|
|
885
|
-
return JSON.parse(
|
|
847
|
+
return JSON.parse(matsResponse);
|
|
886
848
|
} catch (e) {
|
|
887
849
|
this.logger.error(
|
|
888
850
|
"NativeInteractionClient - Error parsing MATS telemetry, returning null instead"
|
|
@@ -915,79 +877,26 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
915
877
|
*/
|
|
916
878
|
protected async initializeNativeRequest(
|
|
917
879
|
request: PopupRequest | SsoSilentRequest
|
|
918
|
-
): Promise<
|
|
880
|
+
): Promise<PlatformAuthRequest> {
|
|
919
881
|
this.logger.trace(
|
|
920
882
|
"NativeInteractionClient - initializeNativeRequest called"
|
|
921
883
|
);
|
|
922
884
|
|
|
923
|
-
const
|
|
924
|
-
request.authority || this.config.auth.authority;
|
|
925
|
-
|
|
926
|
-
if (request.account) {
|
|
927
|
-
// validate authority
|
|
928
|
-
await this.getDiscoveredAuthority({
|
|
929
|
-
requestAuthority,
|
|
930
|
-
requestAzureCloudOptions: request.azureCloudOptions,
|
|
931
|
-
account: request.account,
|
|
932
|
-
});
|
|
933
|
-
}
|
|
934
|
-
|
|
935
|
-
const canonicalAuthority = new UrlString(requestAuthority);
|
|
936
|
-
canonicalAuthority.validateAsUri();
|
|
885
|
+
const canonicalAuthority = await this.getCanonicalAuthority(request);
|
|
937
886
|
|
|
938
887
|
// scopes are expected to be received by the native broker as "scope" and will be added to the request below. Other properties that should be dropped from the request to the native broker can be included in the object destructuring here.
|
|
939
888
|
const { scopes, ...remainingProperties } = request;
|
|
940
889
|
const scopeSet = new ScopeSet(scopes || []);
|
|
941
890
|
scopeSet.appendScopes(OIDC_DEFAULT_SCOPES);
|
|
942
891
|
|
|
943
|
-
const
|
|
944
|
-
// If request is silent, prompt is always none
|
|
945
|
-
switch (this.apiId) {
|
|
946
|
-
case ApiId.ssoSilent:
|
|
947
|
-
case ApiId.acquireTokenSilent_silentFlow:
|
|
948
|
-
this.logger.trace(
|
|
949
|
-
"initializeNativeRequest: silent request sets prompt to none"
|
|
950
|
-
);
|
|
951
|
-
return PromptValue.NONE;
|
|
952
|
-
default:
|
|
953
|
-
break;
|
|
954
|
-
}
|
|
955
|
-
|
|
956
|
-
// Prompt not provided, request may proceed and native broker decides if it needs to prompt
|
|
957
|
-
if (!request.prompt) {
|
|
958
|
-
this.logger.trace(
|
|
959
|
-
"initializeNativeRequest: prompt was not provided"
|
|
960
|
-
);
|
|
961
|
-
return undefined;
|
|
962
|
-
}
|
|
963
|
-
|
|
964
|
-
// If request is interactive, check if prompt provided is allowed to go directly to native broker
|
|
965
|
-
switch (request.prompt) {
|
|
966
|
-
case PromptValue.NONE:
|
|
967
|
-
case PromptValue.CONSENT:
|
|
968
|
-
case PromptValue.LOGIN:
|
|
969
|
-
this.logger.trace(
|
|
970
|
-
"initializeNativeRequest: prompt is compatible with native flow"
|
|
971
|
-
);
|
|
972
|
-
return request.prompt;
|
|
973
|
-
default:
|
|
974
|
-
this.logger.trace(
|
|
975
|
-
`initializeNativeRequest: prompt = ${request.prompt} is not compatible with native flow`
|
|
976
|
-
);
|
|
977
|
-
throw createBrowserAuthError(
|
|
978
|
-
BrowserAuthErrorCodes.nativePromptNotSupported
|
|
979
|
-
);
|
|
980
|
-
}
|
|
981
|
-
};
|
|
982
|
-
|
|
983
|
-
const validatedRequest: NativeTokenRequest = {
|
|
892
|
+
const validatedRequest: PlatformAuthRequest = {
|
|
984
893
|
...remainingProperties,
|
|
985
894
|
accountId: this.accountId,
|
|
986
895
|
clientId: this.config.auth.clientId,
|
|
987
896
|
authority: canonicalAuthority.urlString,
|
|
988
897
|
scope: scopeSet.printScopes(),
|
|
989
898
|
redirectUri: this.getRedirectUri(request.redirectUri),
|
|
990
|
-
prompt: getPrompt(),
|
|
899
|
+
prompt: this.getPrompt(request.prompt),
|
|
991
900
|
correlationId: this.correlationId,
|
|
992
901
|
tokenType: request.authenticationScheme,
|
|
993
902
|
windowTitleSubstring: document.title,
|
|
@@ -1010,7 +919,7 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
1010
919
|
validatedRequest.extraParameters =
|
|
1011
920
|
validatedRequest.extraParameters || {};
|
|
1012
921
|
validatedRequest.extraParameters.telemetry =
|
|
1013
|
-
|
|
922
|
+
PlatformAuthConstants.MATS_TELEMETRY;
|
|
1014
923
|
|
|
1015
924
|
if (request.authenticationScheme === AuthenticationScheme.POP) {
|
|
1016
925
|
// add POP request type
|
|
@@ -1051,12 +960,72 @@ export class NativeInteractionClient extends BaseInteractionClient {
|
|
|
1051
960
|
return validatedRequest;
|
|
1052
961
|
}
|
|
1053
962
|
|
|
963
|
+
private async getCanonicalAuthority(
|
|
964
|
+
request: PopupRequest | SsoSilentRequest
|
|
965
|
+
): Promise<UrlString> {
|
|
966
|
+
const requestAuthority =
|
|
967
|
+
request.authority || this.config.auth.authority;
|
|
968
|
+
|
|
969
|
+
if (request.account) {
|
|
970
|
+
// validate authority
|
|
971
|
+
await this.getDiscoveredAuthority({
|
|
972
|
+
requestAuthority,
|
|
973
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
974
|
+
account: request.account,
|
|
975
|
+
});
|
|
976
|
+
}
|
|
977
|
+
|
|
978
|
+
const canonicalAuthority = new UrlString(requestAuthority);
|
|
979
|
+
canonicalAuthority.validateAsUri();
|
|
980
|
+
return canonicalAuthority;
|
|
981
|
+
}
|
|
982
|
+
|
|
983
|
+
private getPrompt(prompt?: string): string | undefined {
|
|
984
|
+
// If request is silent, prompt is always none
|
|
985
|
+
switch (this.apiId) {
|
|
986
|
+
case ApiId.ssoSilent:
|
|
987
|
+
case ApiId.acquireTokenSilent_silentFlow:
|
|
988
|
+
this.logger.trace(
|
|
989
|
+
"initializeNativeRequest: silent request sets prompt to none"
|
|
990
|
+
);
|
|
991
|
+
return PromptValue.NONE;
|
|
992
|
+
default:
|
|
993
|
+
break;
|
|
994
|
+
}
|
|
995
|
+
|
|
996
|
+
// Prompt not provided, request may proceed and native broker decides if it needs to prompt
|
|
997
|
+
if (!prompt) {
|
|
998
|
+
this.logger.trace(
|
|
999
|
+
"initializeNativeRequest: prompt was not provided"
|
|
1000
|
+
);
|
|
1001
|
+
return undefined;
|
|
1002
|
+
}
|
|
1003
|
+
|
|
1004
|
+
// If request is interactive, check if prompt provided is allowed to go directly to native broker
|
|
1005
|
+
switch (prompt) {
|
|
1006
|
+
case PromptValue.NONE:
|
|
1007
|
+
case PromptValue.CONSENT:
|
|
1008
|
+
case PromptValue.LOGIN:
|
|
1009
|
+
this.logger.trace(
|
|
1010
|
+
"initializeNativeRequest: prompt is compatible with native flow"
|
|
1011
|
+
);
|
|
1012
|
+
return prompt;
|
|
1013
|
+
default:
|
|
1014
|
+
this.logger.trace(
|
|
1015
|
+
`initializeNativeRequest: prompt = ${prompt} is not compatible with native flow`
|
|
1016
|
+
);
|
|
1017
|
+
throw createBrowserAuthError(
|
|
1018
|
+
BrowserAuthErrorCodes.nativePromptNotSupported
|
|
1019
|
+
);
|
|
1020
|
+
}
|
|
1021
|
+
}
|
|
1022
|
+
|
|
1054
1023
|
/**
|
|
1055
1024
|
* Handles extra broker request parameters
|
|
1056
|
-
* @param request {
|
|
1025
|
+
* @param request {PlatformAuthRequest}
|
|
1057
1026
|
* @private
|
|
1058
1027
|
*/
|
|
1059
|
-
private handleExtraBrokerParams(request:
|
|
1028
|
+
private handleExtraBrokerParams(request: PlatformAuthRequest): void {
|
|
1060
1029
|
const hasExtraBrokerParams =
|
|
1061
1030
|
request.extraParameters &&
|
|
1062
1031
|
request.extraParameters.hasOwnProperty(
|
|
@@ -31,7 +31,6 @@ import { EndSessionPopupRequest } from "../request/EndSessionPopupRequest.js";
|
|
|
31
31
|
import { NavigationOptions } from "../navigation/NavigationOptions.js";
|
|
32
32
|
import * as BrowserUtils from "../utils/BrowserUtils.js";
|
|
33
33
|
import { PopupRequest } from "../request/PopupRequest.js";
|
|
34
|
-
import { NativeMessageHandler } from "../broker/nativeBroker/NativeMessageHandler.js";
|
|
35
34
|
import {
|
|
36
35
|
createBrowserAuthError,
|
|
37
36
|
BrowserAuthErrorCodes,
|
|
@@ -46,7 +45,9 @@ import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
|
46
45
|
import * as ResponseHandler from "../response/ResponseHandler.js";
|
|
47
46
|
import * as Authorize from "../protocol/Authorize.js";
|
|
48
47
|
import { generatePkceCodes } from "../crypto/PkceGenerator.js";
|
|
48
|
+
import { isPlatformAuthAllowed } from "../broker/nativeBroker/PlatformAuthProvider.js";
|
|
49
49
|
import { generateEarKey } from "../crypto/BrowserCrypto.js";
|
|
50
|
+
import { IPlatformAuthHandler } from "../broker/nativeBroker/IPlatformAuthHandler.js";
|
|
50
51
|
|
|
51
52
|
export type PopupParams = {
|
|
52
53
|
popup?: Window | null;
|
|
@@ -68,7 +69,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
68
69
|
navigationClient: INavigationClient,
|
|
69
70
|
performanceClient: IPerformanceClient,
|
|
70
71
|
nativeStorageImpl: BrowserCacheManager,
|
|
71
|
-
|
|
72
|
+
platformAuthHandler?: IPlatformAuthHandler,
|
|
72
73
|
correlationId?: string
|
|
73
74
|
) {
|
|
74
75
|
super(
|
|
@@ -79,7 +80,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
79
80
|
eventHandler,
|
|
80
81
|
navigationClient,
|
|
81
82
|
performanceClient,
|
|
82
|
-
|
|
83
|
+
platformAuthHandler,
|
|
83
84
|
correlationId
|
|
84
85
|
);
|
|
85
86
|
// Properly sets this reference for the unload event.
|
|
@@ -222,10 +223,10 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
222
223
|
BrowserUtils.preconnect(validRequest.authority);
|
|
223
224
|
}
|
|
224
225
|
|
|
225
|
-
const isPlatformBroker =
|
|
226
|
+
const isPlatformBroker = isPlatformAuthAllowed(
|
|
226
227
|
this.config,
|
|
227
228
|
this.logger,
|
|
228
|
-
this.
|
|
229
|
+
this.platformAuthProvider,
|
|
229
230
|
request.authenticationScheme
|
|
230
231
|
);
|
|
231
232
|
validRequest.platformBroker = isPlatformBroker;
|
|
@@ -348,7 +349,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
348
349
|
this.eventHandler,
|
|
349
350
|
this.logger,
|
|
350
351
|
this.performanceClient,
|
|
351
|
-
this.
|
|
352
|
+
this.platformAuthProvider
|
|
352
353
|
);
|
|
353
354
|
} catch (e) {
|
|
354
355
|
// Close the synchronous popup if an error is thrown before the window unload event is registered
|
|
@@ -447,7 +448,7 @@ export class PopupClient extends StandardInteractionClient {
|
|
|
447
448
|
this.eventHandler,
|
|
448
449
|
this.logger,
|
|
449
450
|
this.performanceClient,
|
|
450
|
-
this.
|
|
451
|
+
this.platformAuthProvider
|
|
451
452
|
);
|
|
452
453
|
}
|
|
453
454
|
|
|
@@ -37,7 +37,6 @@ import {
|
|
|
37
37
|
BrowserAuthErrorCodes,
|
|
38
38
|
} from "../error/BrowserAuthError.js";
|
|
39
39
|
import { RedirectRequest } from "../request/RedirectRequest.js";
|
|
40
|
-
import { NativeMessageHandler } from "../broker/nativeBroker/NativeMessageHandler.js";
|
|
41
40
|
import { BrowserConfiguration } from "../config/Configuration.js";
|
|
42
41
|
import { BrowserCacheManager } from "../cache/BrowserCacheManager.js";
|
|
43
42
|
import { EventHandler } from "../event/EventHandler.js";
|
|
@@ -47,7 +46,9 @@ import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
|
47
46
|
import * as ResponseHandler from "../response/ResponseHandler.js";
|
|
48
47
|
import * as Authorize from "../protocol/Authorize.js";
|
|
49
48
|
import { generatePkceCodes } from "../crypto/PkceGenerator.js";
|
|
49
|
+
import { isPlatformAuthAllowed } from "../broker/nativeBroker/PlatformAuthProvider.js";
|
|
50
50
|
import { generateEarKey } from "../crypto/BrowserCrypto.js";
|
|
51
|
+
import { IPlatformAuthHandler } from "../broker/nativeBroker/IPlatformAuthHandler.js";
|
|
51
52
|
|
|
52
53
|
function getNavigationType(): NavigationTimingType | undefined {
|
|
53
54
|
if (
|
|
@@ -77,7 +78,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
77
78
|
navigationClient: INavigationClient,
|
|
78
79
|
performanceClient: IPerformanceClient,
|
|
79
80
|
nativeStorageImpl: BrowserCacheManager,
|
|
80
|
-
|
|
81
|
+
platformAuthHandler?: IPlatformAuthHandler,
|
|
81
82
|
correlationId?: string
|
|
82
83
|
) {
|
|
83
84
|
super(
|
|
@@ -88,7 +89,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
88
89
|
eventHandler,
|
|
89
90
|
navigationClient,
|
|
90
91
|
performanceClient,
|
|
91
|
-
|
|
92
|
+
platformAuthHandler,
|
|
92
93
|
correlationId
|
|
93
94
|
);
|
|
94
95
|
this.nativeStorage = nativeStorageImpl;
|
|
@@ -107,13 +108,12 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
107
108
|
this.correlationId
|
|
108
109
|
)(request, InteractionType.Redirect);
|
|
109
110
|
|
|
110
|
-
validRequest.platformBroker =
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
);
|
|
111
|
+
validRequest.platformBroker = isPlatformAuthAllowed(
|
|
112
|
+
this.config,
|
|
113
|
+
this.logger,
|
|
114
|
+
this.platformAuthProvider,
|
|
115
|
+
request.authenticationScheme
|
|
116
|
+
);
|
|
117
117
|
|
|
118
118
|
const handleBackButton = (event: PageTransitionEvent) => {
|
|
119
119
|
// Clear temporary cache if the back button is clicked during the redirect flow.
|
|
@@ -554,7 +554,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
554
554
|
this.eventHandler,
|
|
555
555
|
this.logger,
|
|
556
556
|
this.performanceClient,
|
|
557
|
-
this.
|
|
557
|
+
this.platformAuthProvider
|
|
558
558
|
);
|
|
559
559
|
}
|
|
560
560
|
|
|
@@ -583,7 +583,7 @@ export class RedirectClient extends StandardInteractionClient {
|
|
|
583
583
|
this.eventHandler,
|
|
584
584
|
this.logger,
|
|
585
585
|
this.performanceClient,
|
|
586
|
-
this.
|
|
586
|
+
this.platformAuthProvider
|
|
587
587
|
);
|
|
588
588
|
}
|
|
589
589
|
|