@azure/msal-browser 4.12.0 → 4.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (201) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/IPlatformAuthHandler.d.ts +12 -0
  5. package/dist/broker/nativeBroker/IPlatformAuthHandler.d.ts.map +1 -0
  6. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts +30 -0
  8. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -0
  9. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +143 -0
  10. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs.map +1 -0
  11. package/dist/broker/nativeBroker/{NativeMessageHandler.d.ts → PlatformAuthExtensionHandler.d.ts} +16 -16
  12. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -0
  13. package/dist/broker/nativeBroker/{NativeMessageHandler.mjs → PlatformAuthExtensionHandler.mjs} +66 -58
  14. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs.map +1 -0
  15. package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts +26 -0
  16. package/dist/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -0
  17. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +108 -0
  18. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs.map +1 -0
  19. package/dist/broker/nativeBroker/{NativeRequest.d.ts → PlatformAuthRequest.d.ts} +34 -3
  20. package/dist/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -0
  21. package/dist/broker/nativeBroker/{NativeResponse.d.ts → PlatformAuthResponse.d.ts} +24 -2
  22. package/dist/broker/nativeBroker/PlatformAuthResponse.d.ts.map +1 -0
  23. package/dist/cache/AccountManager.mjs +1 -1
  24. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  25. package/dist/cache/BrowserCacheManager.d.ts +6 -2
  26. package/dist/cache/BrowserCacheManager.d.ts.map +1 -1
  27. package/dist/cache/BrowserCacheManager.mjs +17 -2
  28. package/dist/cache/BrowserCacheManager.mjs.map +1 -1
  29. package/dist/cache/CacheHelpers.mjs +1 -1
  30. package/dist/cache/CookieStorage.mjs +1 -1
  31. package/dist/cache/DatabaseStorage.mjs +1 -1
  32. package/dist/cache/LocalStorage.mjs +1 -1
  33. package/dist/cache/MemoryStorage.mjs +1 -1
  34. package/dist/cache/SessionStorage.mjs +1 -1
  35. package/dist/cache/TokenCache.mjs +1 -1
  36. package/dist/config/Configuration.mjs +1 -1
  37. package/dist/controllers/ControllerFactory.mjs +1 -1
  38. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  39. package/dist/controllers/StandardController.d.ts +2 -2
  40. package/dist/controllers/StandardController.d.ts.map +1 -1
  41. package/dist/controllers/StandardController.mjs +30 -29
  42. package/dist/controllers/StandardController.mjs.map +1 -1
  43. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  44. package/dist/crypto/BrowserCrypto.mjs +1 -1
  45. package/dist/crypto/CryptoOps.mjs +1 -1
  46. package/dist/crypto/PkceGenerator.mjs +1 -1
  47. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  48. package/dist/encode/Base64Decode.mjs +1 -1
  49. package/dist/encode/Base64Encode.mjs +1 -1
  50. package/dist/error/BrowserAuthError.mjs +1 -1
  51. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  52. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  53. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  54. package/dist/error/NativeAuthError.mjs +1 -1
  55. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  56. package/dist/error/NestedAppAuthError.mjs +1 -1
  57. package/dist/event/EventHandler.mjs +1 -1
  58. package/dist/event/EventMessage.d.ts +10 -1
  59. package/dist/event/EventMessage.d.ts.map +1 -1
  60. package/dist/event/EventMessage.mjs +1 -1
  61. package/dist/event/EventMessage.mjs.map +1 -1
  62. package/dist/event/EventType.d.ts +1 -0
  63. package/dist/event/EventType.d.ts.map +1 -1
  64. package/dist/event/EventType.mjs +2 -1
  65. package/dist/event/EventType.mjs.map +1 -1
  66. package/dist/index.d.ts +2 -1
  67. package/dist/index.d.ts.map +1 -1
  68. package/dist/index.mjs +2 -1
  69. package/dist/index.mjs.map +1 -1
  70. package/dist/interaction_client/BaseInteractionClient.d.ts +3 -3
  71. package/dist/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  72. package/dist/interaction_client/BaseInteractionClient.mjs +3 -3
  73. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  74. package/dist/interaction_client/{NativeInteractionClient.d.ts → PlatformAuthInteractionClient.d.ts} +21 -23
  75. package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -0
  76. package/dist/interaction_client/{NativeInteractionClient.mjs → PlatformAuthInteractionClient.mjs} +80 -111
  77. package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -0
  78. package/dist/interaction_client/PopupClient.d.ts +2 -2
  79. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  80. package/dist/interaction_client/PopupClient.mjs +7 -7
  81. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  82. package/dist/interaction_client/RedirectClient.d.ts +2 -2
  83. package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
  84. package/dist/interaction_client/RedirectClient.mjs +7 -8
  85. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  86. package/dist/interaction_client/SilentAuthCodeClient.d.ts +2 -2
  87. package/dist/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  88. package/dist/interaction_client/SilentAuthCodeClient.mjs +3 -3
  89. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  90. package/dist/interaction_client/SilentIframeClient.d.ts +2 -2
  91. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  92. package/dist/interaction_client/SilentIframeClient.mjs +7 -8
  93. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  94. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  95. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  96. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  97. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  98. package/dist/naa/BridgeError.mjs +1 -1
  99. package/dist/naa/BridgeProxy.mjs +1 -1
  100. package/dist/naa/BridgeStatusCode.mjs +1 -1
  101. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  102. package/dist/navigation/NavigationClient.mjs +3 -3
  103. package/dist/navigation/NavigationClient.mjs.map +1 -1
  104. package/dist/network/FetchClient.mjs +1 -1
  105. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  106. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  107. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  108. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  109. package/dist/packageMetadata.d.ts +1 -1
  110. package/dist/packageMetadata.mjs +2 -2
  111. package/dist/protocol/Authorize.d.ts +4 -4
  112. package/dist/protocol/Authorize.d.ts.map +1 -1
  113. package/dist/protocol/Authorize.mjs +10 -9
  114. package/dist/protocol/Authorize.mjs.map +1 -1
  115. package/dist/request/RequestHelpers.mjs +1 -1
  116. package/dist/response/ResponseHandler.mjs +1 -1
  117. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  118. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  119. package/dist/utils/BrowserConstants.d.ts +8 -1
  120. package/dist/utils/BrowserConstants.d.ts.map +1 -1
  121. package/dist/utils/BrowserConstants.mjs +11 -4
  122. package/dist/utils/BrowserConstants.mjs.map +1 -1
  123. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  124. package/dist/utils/BrowserUtils.mjs +1 -1
  125. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  126. package/lib/msal-browser.cjs +1541 -1320
  127. package/lib/msal-browser.cjs.map +1 -1
  128. package/lib/msal-browser.js +1541 -1320
  129. package/lib/msal-browser.js.map +1 -1
  130. package/lib/msal-browser.min.js +66 -66
  131. package/lib/types/broker/nativeBroker/IPlatformAuthHandler.d.ts +12 -0
  132. package/lib/types/broker/nativeBroker/IPlatformAuthHandler.d.ts.map +1 -0
  133. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts +30 -0
  134. package/lib/types/broker/nativeBroker/PlatformAuthDOMHandler.d.ts.map +1 -0
  135. package/lib/types/broker/nativeBroker/{NativeMessageHandler.d.ts → PlatformAuthExtensionHandler.d.ts} +16 -16
  136. package/lib/types/broker/nativeBroker/PlatformAuthExtensionHandler.d.ts.map +1 -0
  137. package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts +26 -0
  138. package/lib/types/broker/nativeBroker/PlatformAuthProvider.d.ts.map +1 -0
  139. package/lib/types/broker/nativeBroker/{NativeRequest.d.ts → PlatformAuthRequest.d.ts} +34 -3
  140. package/lib/types/broker/nativeBroker/PlatformAuthRequest.d.ts.map +1 -0
  141. package/lib/types/broker/nativeBroker/{NativeResponse.d.ts → PlatformAuthResponse.d.ts} +24 -2
  142. package/lib/types/broker/nativeBroker/PlatformAuthResponse.d.ts.map +1 -0
  143. package/lib/types/cache/BrowserCacheManager.d.ts +6 -2
  144. package/lib/types/cache/BrowserCacheManager.d.ts.map +1 -1
  145. package/lib/types/controllers/StandardController.d.ts +2 -2
  146. package/lib/types/controllers/StandardController.d.ts.map +1 -1
  147. package/lib/types/event/EventMessage.d.ts +10 -1
  148. package/lib/types/event/EventMessage.d.ts.map +1 -1
  149. package/lib/types/event/EventType.d.ts +1 -0
  150. package/lib/types/event/EventType.d.ts.map +1 -1
  151. package/lib/types/index.d.ts +2 -1
  152. package/lib/types/index.d.ts.map +1 -1
  153. package/lib/types/interaction_client/BaseInteractionClient.d.ts +3 -3
  154. package/lib/types/interaction_client/BaseInteractionClient.d.ts.map +1 -1
  155. package/lib/types/interaction_client/{NativeInteractionClient.d.ts → PlatformAuthInteractionClient.d.ts} +21 -23
  156. package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -0
  157. package/lib/types/interaction_client/PopupClient.d.ts +2 -2
  158. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  159. package/lib/types/interaction_client/RedirectClient.d.ts +2 -2
  160. package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
  161. package/lib/types/interaction_client/SilentAuthCodeClient.d.ts +2 -2
  162. package/lib/types/interaction_client/SilentAuthCodeClient.d.ts.map +1 -1
  163. package/lib/types/interaction_client/SilentIframeClient.d.ts +2 -2
  164. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  165. package/lib/types/packageMetadata.d.ts +1 -1
  166. package/lib/types/protocol/Authorize.d.ts +4 -4
  167. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  168. package/lib/types/utils/BrowserConstants.d.ts +8 -1
  169. package/lib/types/utils/BrowserConstants.d.ts.map +1 -1
  170. package/package.json +2 -2
  171. package/src/broker/nativeBroker/IPlatformAuthHandler.ts +17 -0
  172. package/src/broker/nativeBroker/PlatformAuthDOMHandler.ts +248 -0
  173. package/src/broker/nativeBroker/{NativeMessageHandler.ts → PlatformAuthExtensionHandler.ts} +90 -79
  174. package/src/broker/nativeBroker/PlatformAuthProvider.ts +164 -0
  175. package/src/broker/nativeBroker/{NativeRequest.ts → PlatformAuthRequest.ts} +41 -2
  176. package/src/broker/nativeBroker/{NativeResponse.ts → PlatformAuthResponse.ts} +25 -1
  177. package/src/cache/BrowserCacheManager.ts +27 -3
  178. package/src/controllers/StandardController.ts +51 -45
  179. package/src/event/EventMessage.ts +11 -0
  180. package/src/event/EventType.ts +1 -0
  181. package/src/index.ts +3 -0
  182. package/src/interaction_client/BaseInteractionClient.ts +4 -4
  183. package/src/interaction_client/{NativeInteractionClient.ts → PlatformAuthInteractionClient.ts} +136 -167
  184. package/src/interaction_client/PopupClient.ts +8 -7
  185. package/src/interaction_client/RedirectClient.ts +12 -12
  186. package/src/interaction_client/SilentAuthCodeClient.ts +3 -3
  187. package/src/interaction_client/SilentIframeClient.ts +12 -12
  188. package/src/navigation/NavigationClient.ts +2 -2
  189. package/src/packageMetadata.ts +1 -1
  190. package/src/protocol/Authorize.ts +12 -10
  191. package/src/utils/BrowserConstants.ts +9 -1
  192. package/dist/broker/nativeBroker/NativeMessageHandler.d.ts.map +0 -1
  193. package/dist/broker/nativeBroker/NativeMessageHandler.mjs.map +0 -1
  194. package/dist/broker/nativeBroker/NativeRequest.d.ts.map +0 -1
  195. package/dist/broker/nativeBroker/NativeResponse.d.ts.map +0 -1
  196. package/dist/interaction_client/NativeInteractionClient.d.ts.map +0 -1
  197. package/dist/interaction_client/NativeInteractionClient.mjs.map +0 -1
  198. package/lib/types/broker/nativeBroker/NativeMessageHandler.d.ts.map +0 -1
  199. package/lib/types/broker/nativeBroker/NativeRequest.d.ts.map +0 -1
  200. package/lib/types/broker/nativeBroker/NativeResponse.d.ts.map +0 -1
  201. package/lib/types/interaction_client/NativeInteractionClient.d.ts.map +0 -1
@@ -4,7 +4,7 @@
4
4
  */
5
5
 
6
6
  import {
7
- NativeConstants,
7
+ PlatformAuthConstants,
8
8
  NativeExtensionMethod,
9
9
  } from "../../utils/BrowserConstants.js";
10
10
  import {
@@ -12,7 +12,6 @@ import {
12
12
  AuthError,
13
13
  createAuthError,
14
14
  AuthErrorCodes,
15
- AuthenticationScheme,
16
15
  InProgressPerformanceEvent,
17
16
  PerformanceEvents,
18
17
  IPerformanceClient,
@@ -20,14 +19,16 @@ import {
20
19
  import {
21
20
  NativeExtensionRequest,
22
21
  NativeExtensionRequestBody,
23
- } from "./NativeRequest.js";
22
+ PlatformAuthRequest,
23
+ } from "./PlatformAuthRequest.js";
24
24
  import { createNativeAuthError } from "../../error/NativeAuthError.js";
25
25
  import {
26
26
  createBrowserAuthError,
27
27
  BrowserAuthErrorCodes,
28
28
  } from "../../error/BrowserAuthError.js";
29
- import { BrowserConfiguration } from "../../config/Configuration.js";
30
29
  import { createNewGuid } from "../../crypto/BrowserCrypto.js";
30
+ import { PlatformAuthResponse } from "./PlatformAuthResponse.js";
31
+ import { IPlatformAuthHandler } from "./IPlatformAuthHandler.js";
31
32
 
32
33
  type ResponseResolvers<T> = {
33
34
  resolve: (value: T | PromiseLike<T>) => void;
@@ -36,7 +37,7 @@ type ResponseResolvers<T> = {
36
37
  ) => void;
37
38
  };
38
39
 
39
- export class NativeMessageHandler {
40
+ export class PlatformAuthExtensionHandler implements IPlatformAuthHandler {
40
41
  private extensionId: string | undefined;
41
42
  private extensionVersion: string | undefined;
42
43
  private logger: Logger;
@@ -48,6 +49,7 @@ export class NativeMessageHandler {
48
49
  private readonly windowListener: (event: MessageEvent) => void;
49
50
  private readonly performanceClient: IPerformanceClient;
50
51
  private readonly handshakeEvent: InProgressPerformanceEvent;
52
+ platformAuthType: string;
51
53
 
52
54
  constructor(
53
55
  logger: Logger,
@@ -66,34 +68,51 @@ export class NativeMessageHandler {
66
68
  this.handshakeEvent = performanceClient.startMeasurement(
67
69
  PerformanceEvents.NativeMessageHandlerHandshake
68
70
  );
71
+ this.platformAuthType =
72
+ PlatformAuthConstants.PLATFORM_EXTENSION_PROVIDER;
69
73
  }
70
74
 
71
75
  /**
72
76
  * Sends a given message to the extension and resolves with the extension response
73
- * @param body
77
+ * @param request
74
78
  */
75
- async sendMessage(body: NativeExtensionRequestBody): Promise<object> {
76
- this.logger.trace("NativeMessageHandler - sendMessage called.");
79
+ async sendMessage(
80
+ request: PlatformAuthRequest
81
+ ): Promise<PlatformAuthResponse> {
82
+ this.logger.trace(this.platformAuthType + " - sendMessage called.");
83
+
84
+ // fall back to native calls
85
+ const messageBody: NativeExtensionRequestBody = {
86
+ method: NativeExtensionMethod.GetToken,
87
+ request: request,
88
+ };
89
+
77
90
  const req: NativeExtensionRequest = {
78
- channel: NativeConstants.CHANNEL_ID,
91
+ channel: PlatformAuthConstants.CHANNEL_ID,
79
92
  extensionId: this.extensionId,
80
93
  responseId: createNewGuid(),
81
- body: body,
94
+ body: messageBody,
82
95
  };
83
96
 
84
97
  this.logger.trace(
85
- "NativeMessageHandler - Sending request to browser extension"
98
+ this.platformAuthType + " - Sending request to browser extension"
86
99
  );
87
100
  this.logger.tracePii(
88
- `NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(
89
- req
90
- )}`
101
+ this.platformAuthType +
102
+ ` - Sending request to browser extension: ${JSON.stringify(
103
+ req
104
+ )}`
91
105
  );
92
106
  this.messageChannel.port1.postMessage(req);
93
107
 
94
- return new Promise((resolve, reject) => {
108
+ const response: object = await new Promise((resolve, reject) => {
95
109
  this.resolvers.set(req.responseId, { resolve, reject });
96
110
  });
111
+
112
+ const validatedResponse: PlatformAuthResponse =
113
+ this.validatePlatformBrokerResponse(response);
114
+
115
+ return validatedResponse;
97
116
  }
98
117
 
99
118
  /**
@@ -107,20 +126,21 @@ export class NativeMessageHandler {
107
126
  logger: Logger,
108
127
  handshakeTimeoutMs: number,
109
128
  performanceClient: IPerformanceClient
110
- ): Promise<NativeMessageHandler> {
111
- logger.trace("NativeMessageHandler - createProvider called.");
129
+ ): Promise<PlatformAuthExtensionHandler> {
130
+ logger.trace("PlatformAuthExtensionHandler - createProvider called.");
131
+
112
132
  try {
113
- const preferredProvider = new NativeMessageHandler(
133
+ const preferredProvider = new PlatformAuthExtensionHandler(
114
134
  logger,
115
135
  handshakeTimeoutMs,
116
136
  performanceClient,
117
- NativeConstants.PREFERRED_EXTENSION_ID
137
+ PlatformAuthConstants.PREFERRED_EXTENSION_ID
118
138
  );
119
139
  await preferredProvider.sendHandshakeRequest();
120
140
  return preferredProvider;
121
141
  } catch (e) {
122
142
  // If preferred extension fails for whatever reason, fallback to using any installed extension
123
- const backupProvider = new NativeMessageHandler(
143
+ const backupProvider = new PlatformAuthExtensionHandler(
124
144
  logger,
125
145
  handshakeTimeoutMs,
126
146
  performanceClient
@@ -135,13 +155,13 @@ export class NativeMessageHandler {
135
155
  */
136
156
  private async sendHandshakeRequest(): Promise<void> {
137
157
  this.logger.trace(
138
- "NativeMessageHandler - sendHandshakeRequest called."
158
+ this.platformAuthType + " - sendHandshakeRequest called."
139
159
  );
140
160
  // Register this event listener before sending handshake
141
161
  window.addEventListener("message", this.windowListener, false); // false is important, because content script message processing should work first
142
162
 
143
163
  const req: NativeExtensionRequest = {
144
- channel: NativeConstants.CHANNEL_ID,
164
+ channel: PlatformAuthConstants.CHANNEL_ID,
145
165
  extensionId: this.extensionId,
146
166
  responseId: createNewGuid(),
147
167
  body: {
@@ -192,7 +212,7 @@ export class NativeMessageHandler {
192
212
  * @param event
193
213
  */
194
214
  private onWindowMessage(event: MessageEvent): void {
195
- this.logger.trace("NativeMessageHandler - onWindowMessage called");
215
+ this.logger.trace(this.platformAuthType + " - onWindowMessage called");
196
216
  // We only accept messages from ourselves
197
217
  if (event.source !== window) {
198
218
  return;
@@ -202,7 +222,7 @@ export class NativeMessageHandler {
202
222
 
203
223
  if (
204
224
  !request.channel ||
205
- request.channel !== NativeConstants.CHANNEL_ID
225
+ request.channel !== PlatformAuthConstants.CHANNEL_ID
206
226
  ) {
207
227
  return;
208
228
  }
@@ -221,7 +241,8 @@ export class NativeMessageHandler {
221
241
  */
222
242
  if (!handshakeResolver) {
223
243
  this.logger.trace(
224
- `NativeMessageHandler.onWindowMessage - resolver can't be found for request ${request.responseId}`
244
+ this.platformAuthType +
245
+ `.onWindowMessage - resolver can't be found for request ${request.responseId}`
225
246
  );
226
247
  return;
227
248
  }
@@ -253,7 +274,9 @@ export class NativeMessageHandler {
253
274
  * @param event
254
275
  */
255
276
  private onChannelMessage(event: MessageEvent): void {
256
- this.logger.trace("NativeMessageHandler - onChannelMessage called.");
277
+ this.logger.trace(
278
+ this.platformAuthType + " - onChannelMessage called."
279
+ );
257
280
  const request = event.data;
258
281
 
259
282
  const resolver = this.resolvers.get(request.responseId);
@@ -270,12 +293,14 @@ export class NativeMessageHandler {
270
293
  }
271
294
  const response = request.body.response;
272
295
  this.logger.trace(
273
- "NativeMessageHandler - Received response from browser extension"
296
+ this.platformAuthType +
297
+ " - Received response from browser extension"
274
298
  );
275
299
  this.logger.tracePii(
276
- `NativeMessageHandler - Received response from browser extension: ${JSON.stringify(
277
- response
278
- )}`
300
+ this.platformAuthType +
301
+ ` - Received response from browser extension: ${JSON.stringify(
302
+ response
303
+ )}`
279
304
  );
280
305
  if (response.status !== "Success") {
281
306
  resolver.reject(
@@ -310,7 +335,8 @@ export class NativeMessageHandler {
310
335
  } else if (method === NativeExtensionMethod.HandshakeResponse) {
311
336
  if (!handshakeResolver) {
312
337
  this.logger.trace(
313
- `NativeMessageHandler.onChannelMessage - resolver can't be found for request ${request.responseId}`
338
+ this.platformAuthType +
339
+ `.onChannelMessage - resolver can't be found for request ${request.responseId}`
314
340
  );
315
341
  return;
316
342
  }
@@ -323,7 +349,8 @@ export class NativeMessageHandler {
323
349
  this.extensionId = request.extensionId;
324
350
  this.extensionVersion = request.body.version;
325
351
  this.logger.verbose(
326
- `NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`
352
+ this.platformAuthType +
353
+ ` - Received HandshakeResponse from extension: ${this.extensionId}`
327
354
  );
328
355
  this.handshakeEvent.end({
329
356
  extensionInstalled: true,
@@ -349,6 +376,30 @@ export class NativeMessageHandler {
349
376
  }
350
377
  }
351
378
 
379
+ /**
380
+ * Validates native platform response before processing
381
+ * @param response
382
+ */
383
+ private validatePlatformBrokerResponse(
384
+ response: object
385
+ ): PlatformAuthResponse {
386
+ if (
387
+ response.hasOwnProperty("access_token") &&
388
+ response.hasOwnProperty("id_token") &&
389
+ response.hasOwnProperty("client_info") &&
390
+ response.hasOwnProperty("account") &&
391
+ response.hasOwnProperty("scope") &&
392
+ response.hasOwnProperty("expires_in")
393
+ ) {
394
+ return response as PlatformAuthResponse;
395
+ } else {
396
+ throw createAuthError(
397
+ AuthErrorCodes.unexpectedError,
398
+ "Response missing expected properties."
399
+ );
400
+ }
401
+ }
402
+
352
403
  /**
353
404
  * Returns the Id for the browser extension this handler is communicating with
354
405
  * @returns
@@ -365,52 +416,12 @@ export class NativeMessageHandler {
365
416
  return this.extensionVersion;
366
417
  }
367
418
 
368
- /**
369
- * Returns boolean indicating whether or not the request should attempt to use native broker
370
- * @param logger
371
- * @param config
372
- * @param nativeExtensionProvider
373
- * @param authenticationScheme
374
- */
375
- static isPlatformBrokerAvailable(
376
- config: BrowserConfiguration,
377
- logger: Logger,
378
- nativeExtensionProvider?: NativeMessageHandler,
379
- authenticationScheme?: AuthenticationScheme
380
- ): boolean {
381
- logger.trace("isPlatformBrokerAvailable called");
382
- if (!config.system.allowPlatformBroker) {
383
- logger.trace(
384
- "isPlatformBrokerAvailable: allowPlatformBroker is not enabled, returning false"
385
- );
386
- // Developer disabled WAM
387
- return false;
388
- }
389
-
390
- if (!nativeExtensionProvider) {
391
- logger.trace(
392
- "isPlatformBrokerAvailable: Platform extension provider is not initialized, returning false"
393
- );
394
- // Extension is not available
395
- return false;
396
- }
397
-
398
- if (authenticationScheme) {
399
- switch (authenticationScheme) {
400
- case AuthenticationScheme.BEARER:
401
- case AuthenticationScheme.POP:
402
- logger.trace(
403
- "isPlatformBrokerAvailable: authenticationScheme is supported, returning true"
404
- );
405
- return true;
406
- default:
407
- logger.trace(
408
- "isPlatformBrokerAvailable: authenticationScheme is not supported, returning false"
409
- );
410
- return false;
411
- }
412
- }
413
-
414
- return true;
419
+ getExtensionName(): string | undefined {
420
+ return this.getExtensionId() ===
421
+ PlatformAuthConstants.PREFERRED_EXTENSION_ID
422
+ ? "chrome"
423
+ : this.getExtensionId()?.length
424
+ ? "unknown"
425
+ : undefined;
415
426
  }
416
427
  }
@@ -0,0 +1,164 @@
1
+ /*
2
+ * Copyright (c) Microsoft Corporation. All rights reserved.
3
+ * Licensed under the MIT License.
4
+ */
5
+
6
+ import {
7
+ LoggerOptions,
8
+ IPerformanceClient,
9
+ Logger,
10
+ AuthenticationScheme,
11
+ StubPerformanceClient,
12
+ } from "@azure/msal-common/browser";
13
+ import { name, version } from "../../packageMetadata.js";
14
+ import {
15
+ BrowserConfiguration,
16
+ DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS,
17
+ } from "../../config/Configuration.js";
18
+ import { PlatformAuthExtensionHandler } from "./PlatformAuthExtensionHandler.js";
19
+ import { IPlatformAuthHandler } from "./IPlatformAuthHandler.js";
20
+ import { PlatformAuthDOMHandler } from "./PlatformAuthDOMHandler.js";
21
+ import { createNewGuid } from "../../crypto/BrowserCrypto.js";
22
+ import {
23
+ BrowserCacheLocation,
24
+ PLATFORM_AUTH_DOM_SUPPORT,
25
+ } from "../../utils/BrowserConstants.js";
26
+
27
+ /**
28
+ * Checks if the platform broker is available in the current environment.
29
+ * @param loggerOptions
30
+ * @param perfClient
31
+ * @returns
32
+ */
33
+ export async function isPlatformBrokerAvailable(
34
+ loggerOptions?: LoggerOptions,
35
+ perfClient?: IPerformanceClient,
36
+ correlationId?: string
37
+ ): Promise<boolean> {
38
+ const logger = new Logger(loggerOptions || {}, name, version);
39
+
40
+ logger.trace("isPlatformBrokerAvailable called");
41
+
42
+ const performanceClient = perfClient || new StubPerformanceClient();
43
+
44
+ if (typeof window === "undefined") {
45
+ logger.trace("Non-browser environment detected, returning false");
46
+ return false;
47
+ }
48
+
49
+ return !!(await getPlatformAuthProvider(
50
+ logger,
51
+ performanceClient,
52
+ correlationId || createNewGuid()
53
+ ));
54
+ }
55
+
56
+ export async function getPlatformAuthProvider(
57
+ logger: Logger,
58
+ performanceClient: IPerformanceClient,
59
+ correlationId: string,
60
+ nativeBrokerHandshakeTimeout?: number
61
+ ): Promise<IPlatformAuthHandler | undefined> {
62
+ logger.trace("getPlatformAuthProvider called", correlationId);
63
+
64
+ const enablePlatformBrokerDOMSupport = isDomEnabledForPlatformAuth();
65
+
66
+ logger.trace(
67
+ "Has client allowed platform auth via DOM API: " +
68
+ enablePlatformBrokerDOMSupport
69
+ );
70
+ let platformAuthProvider: IPlatformAuthHandler | undefined;
71
+ try {
72
+ if (enablePlatformBrokerDOMSupport) {
73
+ // Check if DOM platform API is supported first
74
+ platformAuthProvider = await PlatformAuthDOMHandler.createProvider(
75
+ logger,
76
+ performanceClient,
77
+ correlationId
78
+ );
79
+ }
80
+ if (!platformAuthProvider) {
81
+ logger.trace(
82
+ "Platform auth via DOM API not available, checking for extension"
83
+ );
84
+ /*
85
+ * If DOM APIs are not available, check if browser extension is available.
86
+ * Platform authentication via DOM APIs is preferred over extension APIs.
87
+ */
88
+ platformAuthProvider =
89
+ await PlatformAuthExtensionHandler.createProvider(
90
+ logger,
91
+ nativeBrokerHandshakeTimeout ||
92
+ DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS,
93
+ performanceClient
94
+ );
95
+ }
96
+ } catch (e) {
97
+ logger.trace("Platform auth not available", e as string);
98
+ }
99
+ return platformAuthProvider;
100
+ }
101
+
102
+ /**
103
+ * Returns true if the DOM API support for platform auth is enabled in session storage
104
+ * @returns boolean
105
+ * @deprecated
106
+ */
107
+ export function isDomEnabledForPlatformAuth(): boolean {
108
+ let sessionStorage: Storage | undefined;
109
+ try {
110
+ sessionStorage = window[BrowserCacheLocation.SessionStorage];
111
+ // Mute errors if it's a non-browser environment or cookies are blocked.
112
+ return sessionStorage?.getItem(PLATFORM_AUTH_DOM_SUPPORT) === "true";
113
+ } catch (e) {
114
+ return false;
115
+ }
116
+ }
117
+
118
+ /**
119
+ * Returns boolean indicating whether or not the request should attempt to use native broker
120
+ * @param logger
121
+ * @param config
122
+ * @param platformAuthProvider
123
+ * @param authenticationScheme
124
+ */
125
+ export function isPlatformAuthAllowed(
126
+ config: BrowserConfiguration,
127
+ logger: Logger,
128
+ platformAuthProvider?: IPlatformAuthHandler,
129
+ authenticationScheme?: AuthenticationScheme
130
+ ): boolean {
131
+ logger.trace("isBrokerAvailable called");
132
+ if (!config.system.allowPlatformBroker) {
133
+ logger.trace(
134
+ "isBrokerAvailable: allowPlatformBroker is not enabled, returning false"
135
+ );
136
+ // Developer disabled WAM
137
+ return false;
138
+ }
139
+
140
+ if (!platformAuthProvider) {
141
+ logger.trace(
142
+ "isBrokerAvailable: Platform auth provider is not initialized, returning false"
143
+ );
144
+ // Platform broker auth providers are not available
145
+ return false;
146
+ }
147
+
148
+ if (authenticationScheme) {
149
+ switch (authenticationScheme) {
150
+ case AuthenticationScheme.BEARER:
151
+ case AuthenticationScheme.POP:
152
+ logger.trace(
153
+ "isBrokerAvailable: authenticationScheme is supported, returning true"
154
+ );
155
+ return true;
156
+ default:
157
+ logger.trace(
158
+ "isBrokerAvailable: authenticationScheme is not supported, returning false"
159
+ );
160
+ return false;
161
+ }
162
+ }
163
+ return true;
164
+ }
@@ -9,7 +9,7 @@ import { StoreInCache, StringDict } from "@azure/msal-common/browser";
9
9
  /**
10
10
  * Token request which native broker will use to acquire tokens
11
11
  */
12
- export type NativeTokenRequest = {
12
+ export type PlatformAuthRequest = {
13
13
  accountId: string; // WAM specific account id used for identification of WAM account. This can be any broker-id eventually
14
14
  clientId: string;
15
15
  authority: string;
@@ -40,7 +40,7 @@ export type NativeTokenRequest = {
40
40
  */
41
41
  export type NativeExtensionRequestBody = {
42
42
  method: NativeExtensionMethod;
43
- request?: NativeTokenRequest;
43
+ request?: PlatformAuthRequest;
44
44
  };
45
45
 
46
46
  /**
@@ -52,3 +52,42 @@ export type NativeExtensionRequest = {
52
52
  extensionId?: string;
53
53
  body: NativeExtensionRequestBody;
54
54
  };
55
+
56
+ export type PlatformDOMTokenRequest = {
57
+ brokerId: string;
58
+ accountId?: string;
59
+ clientId: string;
60
+ authority: string;
61
+ scope: string;
62
+ redirectUri: string;
63
+ correlationId: string;
64
+ isSecurityTokenService: boolean;
65
+ state?: string;
66
+ /*
67
+ * Known optional parameters will go into extraQueryParameters.
68
+ * List of known parameters is:
69
+ * "prompt", "nonce", "claims", "loginHint", "instanceAware", "windowTitleSubstring", "extendedExpiryToken", "storeInCache",
70
+ * ProofOfPossessionParams: "reqCnf", "keyId", "tokenType", "shrClaims", "shrNonce", "resourceRequestMethod", "resourceRequestUri", "signPopToken"
71
+ */
72
+ extraParameters?: DOMExtraParameters;
73
+ embeddedClientId?: string;
74
+ storeInCache?: StoreInCache; // Object of booleans indicating whether to store tokens in the cache or not (default is true)
75
+ };
76
+
77
+ export type DOMExtraParameters = StringDict & {
78
+ prompt?: string;
79
+ nonce?: string;
80
+ claims?: string;
81
+ loginHint?: string;
82
+ instanceAware?: string;
83
+ windowTitleSubstring?: string;
84
+ extendedExpiryToken?: string;
85
+ reqCnf?: string;
86
+ keyId?: string;
87
+ tokenType?: string;
88
+ shrClaims?: string;
89
+ shrNonce?: string;
90
+ resourceRequestMethod?: string;
91
+ resourceRequestUri?: string;
92
+ signPopToken?: string; // Set to true only if token request deos not contain a PoP keyId
93
+ };
@@ -15,7 +15,7 @@ export type NativeAccountInfo = {
15
15
  /**
16
16
  * Token response returned by Native Platform
17
17
  */
18
- export type NativeResponse = {
18
+ export type PlatformAuthResponse = {
19
19
  access_token: string;
20
20
  account: NativeAccountInfo;
21
21
  client_info: string;
@@ -54,3 +54,27 @@ export type MATS = {
54
54
  http_status?: number;
55
55
  http_event_count?: number;
56
56
  };
57
+
58
+ export type PlatformDOMTokenResponse = {
59
+ isSuccess: boolean;
60
+ state?: string;
61
+ accessToken: string;
62
+ expiresIn: number;
63
+ account: NativeAccountInfo;
64
+ clientInfo: string;
65
+ idToken: string;
66
+ scopes: string;
67
+ proofOfPossessionPayload?: string;
68
+ extendedLifetimeToken?: boolean;
69
+ error: ErrorResult;
70
+ properties?: Record<string, string>;
71
+ };
72
+
73
+ export type ErrorResult = {
74
+ code: string;
75
+ description?: string;
76
+ errorCode: string;
77
+ protocolError?: string;
78
+ status: string;
79
+ properties?: object;
80
+ };
@@ -53,7 +53,7 @@ import { LocalStorage } from "./LocalStorage.js";
53
53
  import { SessionStorage } from "./SessionStorage.js";
54
54
  import { MemoryStorage } from "./MemoryStorage.js";
55
55
  import { IWindowStorage } from "./IWindowStorage.js";
56
- import { NativeTokenRequest } from "../broker/nativeBroker/NativeRequest.js";
56
+ import { PlatformAuthRequest } from "../broker/nativeBroker/PlatformAuthRequest.js";
57
57
  import { AuthenticationResult } from "../response/AuthenticationResult.js";
58
58
  import { SilentRequest } from "../request/SilentRequest.js";
59
59
  import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
@@ -66,6 +66,7 @@ import { getAccountKeys, getTokenKeys } from "./CacheHelpers.js";
66
66
  import { EventType } from "../event/EventType.js";
67
67
  import { EventHandler } from "../event/EventHandler.js";
68
68
  import { clearHash } from "../utils/BrowserUtils.js";
69
+ import { version } from "../packageMetadata.js";
69
70
 
70
71
  /**
71
72
  * This class implements the cache storage interface for MSAL through browser local or session storage.
@@ -123,6 +124,29 @@ export class BrowserCacheManager extends CacheManager {
123
124
 
124
125
  async initialize(correlationId: string): Promise<void> {
125
126
  await this.browserStorage.initialize(correlationId);
127
+ this.trackVersionChanges(correlationId);
128
+ }
129
+
130
+ /**
131
+ * Tracks upgrades and downgrades for telemetry and debugging purposes
132
+ */
133
+ private trackVersionChanges(correlationId: string): void {
134
+ const previousVersion = this.browserStorage.getItem(
135
+ StaticCacheKeys.VERSION
136
+ );
137
+ if (previousVersion) {
138
+ this.logger.info(
139
+ `MSAL.js was last initialized by version: ${previousVersion}`
140
+ );
141
+ this.performanceClient.addFields(
142
+ { previousLibraryVersion: previousVersion },
143
+ correlationId
144
+ );
145
+ }
146
+
147
+ if (previousVersion !== version) {
148
+ this.browserStorage.setItem(StaticCacheKeys.VERSION, version);
149
+ }
126
150
  }
127
151
 
128
152
  /**
@@ -1162,7 +1186,7 @@ export class BrowserCacheManager extends CacheManager {
1162
1186
  /**
1163
1187
  * Gets cached native request for redirect flows
1164
1188
  */
1165
- getCachedNativeRequest(): NativeTokenRequest | null {
1189
+ getCachedNativeRequest(): PlatformAuthRequest | null {
1166
1190
  this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");
1167
1191
  const cachedRequest = this.getTemporaryCache(
1168
1192
  TemporaryCacheKeys.NATIVE_REQUEST,
@@ -1177,7 +1201,7 @@ export class BrowserCacheManager extends CacheManager {
1177
1201
 
1178
1202
  const parsedRequest = this.validateAndParseJson(
1179
1203
  cachedRequest
1180
- ) as NativeTokenRequest;
1204
+ ) as PlatformAuthRequest;
1181
1205
  if (!parsedRequest) {
1182
1206
  this.logger.error(
1183
1207
  "BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"