@azure/msal-browser 4.14.0 → 4.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +15 -3
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
- package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.d.ts +2 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +43 -14
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +42 -15
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +4 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +15 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.d.ts +11 -1
- package/dist/request/RequestHelpers.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +32 -3
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +233 -172
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
- package/lib/msal-browser.cjs +259 -180
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +259 -180
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -69
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +4 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/RequestHelpers.d.ts +11 -1
- package/lib/types/request/RequestHelpers.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/controllers/NestedAppAuthController.ts +18 -2
- package/src/interaction_client/PopupClient.ts +161 -63
- package/src/interaction_client/RedirectClient.ts +86 -35
- package/src/interaction_client/SilentIframeClient.ts +49 -28
- package/src/interaction_client/StandardInteractionClient.ts +13 -2
- package/src/interaction_handler/SilentHandler.ts +24 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +48 -0
- package/src/request/RequestHelpers.ts +45 -0
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.16.0 2025-07-23 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -82,6 +82,10 @@ const HttpStatus = {
|
|
|
82
82
|
SERVER_ERROR_RANGE_END: 599,
|
|
83
83
|
MULTI_SIDED_ERROR: 600,
|
|
84
84
|
};
|
|
85
|
+
const HttpMethod = {
|
|
86
|
+
GET: "GET",
|
|
87
|
+
POST: "POST",
|
|
88
|
+
};
|
|
85
89
|
const OIDC_DEFAULT_SCOPES = [
|
|
86
90
|
Constants.OPENID_SCOPE,
|
|
87
91
|
Constants.PROFILE_SCOPE,
|
|
@@ -135,13 +139,6 @@ const PromptValue = {
|
|
|
135
139
|
CREATE: "create",
|
|
136
140
|
NO_SESSION: "no_session",
|
|
137
141
|
};
|
|
138
|
-
/**
|
|
139
|
-
* allowed values for codeVerifier
|
|
140
|
-
*/
|
|
141
|
-
const CodeChallengeMethodValues = {
|
|
142
|
-
PLAIN: "plain",
|
|
143
|
-
S256: "S256",
|
|
144
|
-
};
|
|
145
142
|
/**
|
|
146
143
|
* Allowed values for response_type
|
|
147
144
|
*/
|
|
@@ -284,7 +281,7 @@ const JsonWebTokenTypes = {
|
|
|
284
281
|
// Token renewal offset default in seconds
|
|
285
282
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
286
283
|
|
|
287
|
-
/*! @azure/msal-common v15.
|
|
284
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
288
285
|
/*
|
|
289
286
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
290
287
|
* Licensed under the MIT License.
|
|
@@ -301,7 +298,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
301
298
|
unexpectedError: unexpectedError
|
|
302
299
|
});
|
|
303
300
|
|
|
304
|
-
/*! @azure/msal-common v15.
|
|
301
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
305
302
|
|
|
306
303
|
/*
|
|
307
304
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -350,7 +347,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
350
347
|
: AuthErrorMessages[code]);
|
|
351
348
|
}
|
|
352
349
|
|
|
353
|
-
/*! @azure/msal-common v15.
|
|
350
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
354
351
|
/*
|
|
355
352
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
356
353
|
* Licensed under the MIT License.
|
|
@@ -448,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
448
445
|
userTimeoutReached: userTimeoutReached
|
|
449
446
|
});
|
|
450
447
|
|
|
451
|
-
/*! @azure/msal-common v15.
|
|
448
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
452
449
|
|
|
453
450
|
/*
|
|
454
451
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -700,7 +697,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
700
697
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
701
698
|
}
|
|
702
699
|
|
|
703
|
-
/*! @azure/msal-common v15.
|
|
700
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
704
701
|
|
|
705
702
|
/*
|
|
706
703
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -739,7 +736,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
739
736
|
},
|
|
740
737
|
};
|
|
741
738
|
|
|
742
|
-
/*! @azure/msal-common v15.
|
|
739
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
743
740
|
|
|
744
741
|
/*
|
|
745
742
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -930,12 +927,12 @@ class Logger {
|
|
|
930
927
|
}
|
|
931
928
|
}
|
|
932
929
|
|
|
933
|
-
/*! @azure/msal-common v15.
|
|
930
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
934
931
|
/* eslint-disable header/header */
|
|
935
932
|
const name$1 = "@azure/msal-common";
|
|
936
|
-
const version$1 = "15.
|
|
933
|
+
const version$1 = "15.9.0";
|
|
937
934
|
|
|
938
|
-
/*! @azure/msal-common v15.
|
|
935
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
939
936
|
/*
|
|
940
937
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
941
938
|
* Licensed under the MIT License.
|
|
@@ -955,7 +952,7 @@ const AzureCloudInstance = {
|
|
|
955
952
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
956
953
|
};
|
|
957
954
|
|
|
958
|
-
/*! @azure/msal-common v15.
|
|
955
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
959
956
|
|
|
960
957
|
/*
|
|
961
958
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1016,7 +1013,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1016
1013
|
}
|
|
1017
1014
|
}
|
|
1018
1015
|
|
|
1019
|
-
/*! @azure/msal-common v15.
|
|
1016
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1020
1017
|
/*
|
|
1021
1018
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1022
1019
|
* Licensed under the MIT License.
|
|
@@ -1071,7 +1068,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
1071
1068
|
return cachedAtSec > nowSeconds();
|
|
1072
1069
|
}
|
|
1073
1070
|
|
|
1074
|
-
/*! @azure/msal-common v15.
|
|
1071
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1075
1072
|
|
|
1076
1073
|
/*
|
|
1077
1074
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1398,7 +1395,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
1398
1395
|
return metadata.expiresAt <= nowSeconds();
|
|
1399
1396
|
}
|
|
1400
1397
|
|
|
1401
|
-
/*! @azure/msal-common v15.
|
|
1398
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1402
1399
|
/*
|
|
1403
1400
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1404
1401
|
* Licensed under the MIT License.
|
|
@@ -1409,7 +1406,6 @@ const authorityUriInsecure = "authority_uri_insecure";
|
|
|
1409
1406
|
const urlParseError = "url_parse_error";
|
|
1410
1407
|
const urlEmptyError = "empty_url_error";
|
|
1411
1408
|
const emptyInputScopesError = "empty_input_scopes_error";
|
|
1412
|
-
const invalidPromptValue = "invalid_prompt_value";
|
|
1413
1409
|
const invalidClaims = "invalid_claims";
|
|
1414
1410
|
const tokenRequestEmpty = "token_request_empty";
|
|
1415
1411
|
const logoutRequestEmpty = "logout_request_empty";
|
|
@@ -1424,7 +1420,9 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
|
|
|
1424
1420
|
const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
1425
1421
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
1426
1422
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
1427
|
-
const authorityMismatch = "authority_mismatch";
|
|
1423
|
+
const authorityMismatch = "authority_mismatch";
|
|
1424
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
1425
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
1428
1426
|
|
|
1429
1427
|
var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
1430
1428
|
__proto__: null,
|
|
@@ -1436,10 +1434,11 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1436
1434
|
emptyInputScopesError: emptyInputScopesError,
|
|
1437
1435
|
invalidAuthenticationHeader: invalidAuthenticationHeader,
|
|
1438
1436
|
invalidAuthorityMetadata: invalidAuthorityMetadata,
|
|
1437
|
+
invalidAuthorizePostBodyParameters: invalidAuthorizePostBodyParameters,
|
|
1439
1438
|
invalidClaims: invalidClaims,
|
|
1440
1439
|
invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
|
|
1441
1440
|
invalidCodeChallengeMethod: invalidCodeChallengeMethod,
|
|
1442
|
-
|
|
1441
|
+
invalidRequestMethodForEAR: invalidRequestMethodForEAR,
|
|
1443
1442
|
logoutRequestEmpty: logoutRequestEmpty,
|
|
1444
1443
|
missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
|
|
1445
1444
|
missingSshJwk: missingSshJwk,
|
|
@@ -1452,7 +1451,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1452
1451
|
urlParseError: urlParseError
|
|
1453
1452
|
});
|
|
1454
1453
|
|
|
1455
|
-
/*! @azure/msal-common v15.
|
|
1454
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1456
1455
|
|
|
1457
1456
|
/*
|
|
1458
1457
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1465,7 +1464,6 @@ const ClientConfigurationErrorMessages = {
|
|
|
1465
1464
|
[urlParseError]: "URL could not be parsed into appropriate segments.",
|
|
1466
1465
|
[urlEmptyError]: "URL was empty or null.",
|
|
1467
1466
|
[emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
|
|
1468
|
-
[invalidPromptValue]: "Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",
|
|
1469
1467
|
[invalidClaims]: "Given claims parameter must be a stringified JSON object.",
|
|
1470
1468
|
[tokenRequestEmpty]: "Token request was empty and not found in cache.",
|
|
1471
1469
|
[logoutRequestEmpty]: "The logout request was null or undefined.",
|
|
@@ -1481,6 +1479,8 @@ const ClientConfigurationErrorMessages = {
|
|
|
1481
1479
|
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
1482
1480
|
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
1483
1481
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
1482
|
+
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
1483
|
+
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
1484
1484
|
};
|
|
1485
1485
|
/**
|
|
1486
1486
|
* ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
|
|
@@ -1511,10 +1511,6 @@ const ClientConfigurationErrorMessage = {
|
|
|
1511
1511
|
code: emptyInputScopesError,
|
|
1512
1512
|
desc: ClientConfigurationErrorMessages[emptyInputScopesError],
|
|
1513
1513
|
},
|
|
1514
|
-
invalidPrompt: {
|
|
1515
|
-
code: invalidPromptValue,
|
|
1516
|
-
desc: ClientConfigurationErrorMessages[invalidPromptValue],
|
|
1517
|
-
},
|
|
1518
1514
|
invalidClaimsRequest: {
|
|
1519
1515
|
code: invalidClaims,
|
|
1520
1516
|
desc: ClientConfigurationErrorMessages[invalidClaims],
|
|
@@ -1575,6 +1571,14 @@ const ClientConfigurationErrorMessage = {
|
|
|
1575
1571
|
code: authorityMismatch,
|
|
1576
1572
|
desc: ClientConfigurationErrorMessages[authorityMismatch],
|
|
1577
1573
|
},
|
|
1574
|
+
invalidAuthorizePostBodyParameters: {
|
|
1575
|
+
code: invalidAuthorizePostBodyParameters,
|
|
1576
|
+
desc: ClientConfigurationErrorMessages[invalidAuthorizePostBodyParameters],
|
|
1577
|
+
},
|
|
1578
|
+
invalidRequestMethodForEAR: {
|
|
1579
|
+
code: invalidRequestMethodForEAR,
|
|
1580
|
+
desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
|
|
1581
|
+
},
|
|
1578
1582
|
};
|
|
1579
1583
|
/**
|
|
1580
1584
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -1590,7 +1594,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
1590
1594
|
return new ClientConfigurationError(errorCode);
|
|
1591
1595
|
}
|
|
1592
1596
|
|
|
1593
|
-
/*! @azure/msal-common v15.
|
|
1597
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1594
1598
|
/*
|
|
1595
1599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1596
1600
|
* Licensed under the MIT License.
|
|
@@ -1687,7 +1691,7 @@ class StringUtils {
|
|
|
1687
1691
|
}
|
|
1688
1692
|
}
|
|
1689
1693
|
|
|
1690
|
-
/*! @azure/msal-common v15.
|
|
1694
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1691
1695
|
|
|
1692
1696
|
/*
|
|
1693
1697
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1878,7 +1882,7 @@ class ScopeSet {
|
|
|
1878
1882
|
}
|
|
1879
1883
|
}
|
|
1880
1884
|
|
|
1881
|
-
/*! @azure/msal-common v15.
|
|
1885
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1882
1886
|
|
|
1883
1887
|
/*
|
|
1884
1888
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1918,7 +1922,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1918
1922
|
};
|
|
1919
1923
|
}
|
|
1920
1924
|
|
|
1921
|
-
/*! @azure/msal-common v15.
|
|
1925
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1922
1926
|
/*
|
|
1923
1927
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1924
1928
|
* Licensed under the MIT License.
|
|
@@ -1997,7 +2001,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1997
2001
|
return updatedAccountInfo;
|
|
1998
2002
|
}
|
|
1999
2003
|
|
|
2000
|
-
/*! @azure/msal-common v15.
|
|
2004
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2001
2005
|
/*
|
|
2002
2006
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2003
2007
|
* Licensed under the MIT License.
|
|
@@ -2012,7 +2016,7 @@ const AuthorityType = {
|
|
|
2012
2016
|
Ciam: 3,
|
|
2013
2017
|
};
|
|
2014
2018
|
|
|
2015
|
-
/*! @azure/msal-common v15.
|
|
2019
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2016
2020
|
/*
|
|
2017
2021
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2018
2022
|
* Licensed under the MIT License.
|
|
@@ -2034,7 +2038,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2034
2038
|
return null;
|
|
2035
2039
|
}
|
|
2036
2040
|
|
|
2037
|
-
/*! @azure/msal-common v15.
|
|
2041
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2038
2042
|
/*
|
|
2039
2043
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2040
2044
|
* Licensed under the MIT License.
|
|
@@ -2058,7 +2062,7 @@ const ProtocolMode = {
|
|
|
2058
2062
|
EAR: "EAR",
|
|
2059
2063
|
};
|
|
2060
2064
|
|
|
2061
|
-
/*! @azure/msal-common v15.
|
|
2065
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2062
2066
|
|
|
2063
2067
|
/*
|
|
2064
2068
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2301,7 +2305,7 @@ class AccountEntity {
|
|
|
2301
2305
|
}
|
|
2302
2306
|
}
|
|
2303
2307
|
|
|
2304
|
-
/*! @azure/msal-common v15.
|
|
2308
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2305
2309
|
|
|
2306
2310
|
/*
|
|
2307
2311
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2366,7 +2370,7 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
|
|
|
2366
2370
|
return queryParameterArray.join("&");
|
|
2367
2371
|
}
|
|
2368
2372
|
|
|
2369
|
-
/*! @azure/msal-common v15.
|
|
2373
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2370
2374
|
|
|
2371
2375
|
/*
|
|
2372
2376
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2530,7 +2534,7 @@ class UrlString {
|
|
|
2530
2534
|
}
|
|
2531
2535
|
}
|
|
2532
2536
|
|
|
2533
|
-
/*! @azure/msal-common v15.
|
|
2537
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2534
2538
|
|
|
2535
2539
|
/*
|
|
2536
2540
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2669,7 +2673,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2669
2673
|
return null;
|
|
2670
2674
|
}
|
|
2671
2675
|
|
|
2672
|
-
/*! @azure/msal-common v15.
|
|
2676
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2673
2677
|
/*
|
|
2674
2678
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2675
2679
|
* Licensed under the MIT License.
|
|
@@ -2677,7 +2681,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2677
2681
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2678
2682
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2679
2683
|
|
|
2680
|
-
/*! @azure/msal-common v15.
|
|
2684
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2681
2685
|
|
|
2682
2686
|
/*
|
|
2683
2687
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2722,7 +2726,7 @@ function createCacheError(e) {
|
|
|
2722
2726
|
}
|
|
2723
2727
|
}
|
|
2724
2728
|
|
|
2725
|
-
/*! @azure/msal-common v15.
|
|
2729
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2726
2730
|
|
|
2727
2731
|
/*
|
|
2728
2732
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3889,7 +3893,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3889
3893
|
}
|
|
3890
3894
|
}
|
|
3891
3895
|
|
|
3892
|
-
/*! @azure/msal-common v15.
|
|
3896
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3893
3897
|
/*
|
|
3894
3898
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3895
3899
|
* Licensed under the MIT License.
|
|
@@ -4401,7 +4405,7 @@ const IntFields = new Set([
|
|
|
4401
4405
|
"encryptedCacheExpiredCount",
|
|
4402
4406
|
]);
|
|
4403
4407
|
|
|
4404
|
-
/*! @azure/msal-common v15.
|
|
4408
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4405
4409
|
|
|
4406
4410
|
/*
|
|
4407
4411
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4480,7 +4484,7 @@ class StubPerformanceClient {
|
|
|
4480
4484
|
}
|
|
4481
4485
|
}
|
|
4482
4486
|
|
|
4483
|
-
/*! @azure/msal-common v15.
|
|
4487
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4484
4488
|
|
|
4485
4489
|
/*
|
|
4486
4490
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4580,7 +4584,7 @@ function isOidcProtocolMode(config) {
|
|
|
4580
4584
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
4581
4585
|
}
|
|
4582
4586
|
|
|
4583
|
-
/*! @azure/msal-common v15.
|
|
4587
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4584
4588
|
/*
|
|
4585
4589
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4586
4590
|
* Licensed under the MIT License.
|
|
@@ -4590,7 +4594,7 @@ const CcsCredentialType = {
|
|
|
4590
4594
|
UPN: "UPN",
|
|
4591
4595
|
};
|
|
4592
4596
|
|
|
4593
|
-
/*! @azure/msal-common v15.
|
|
4597
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4594
4598
|
/*
|
|
4595
4599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4596
4600
|
* Licensed under the MIT License.
|
|
@@ -4640,7 +4644,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
4640
4644
|
const EAR_JWK = "ear_jwk";
|
|
4641
4645
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4642
4646
|
|
|
4643
|
-
/*! @azure/msal-common v15.
|
|
4647
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4644
4648
|
|
|
4645
4649
|
/*
|
|
4646
4650
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5006,9 +5010,21 @@ function addEARParameters(parameters, jwk) {
|
|
|
5006
5010
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
5007
5011
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
5008
5012
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
5013
|
+
}
|
|
5014
|
+
/**
|
|
5015
|
+
* Adds authorize body parameters to the request parameters
|
|
5016
|
+
* @param parameters
|
|
5017
|
+
* @param bodyParameters
|
|
5018
|
+
*/
|
|
5019
|
+
function addPostBodyParameters(parameters, bodyParameters) {
|
|
5020
|
+
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
5021
|
+
if (value) {
|
|
5022
|
+
parameters.set(key, value);
|
|
5023
|
+
}
|
|
5024
|
+
});
|
|
5009
5025
|
}
|
|
5010
5026
|
|
|
5011
|
-
/*! @azure/msal-common v15.
|
|
5027
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5012
5028
|
/*
|
|
5013
5029
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5014
5030
|
* Licensed under the MIT License.
|
|
@@ -5020,7 +5036,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5020
5036
|
response.hasOwnProperty("jwks_uri"));
|
|
5021
5037
|
}
|
|
5022
5038
|
|
|
5023
|
-
/*! @azure/msal-common v15.
|
|
5039
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5024
5040
|
/*
|
|
5025
5041
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5026
5042
|
* Licensed under the MIT License.
|
|
@@ -5030,7 +5046,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5030
5046
|
response.hasOwnProperty("metadata"));
|
|
5031
5047
|
}
|
|
5032
5048
|
|
|
5033
|
-
/*! @azure/msal-common v15.
|
|
5049
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5034
5050
|
/*
|
|
5035
5051
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5036
5052
|
* Licensed under the MIT License.
|
|
@@ -5040,7 +5056,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5040
5056
|
response.hasOwnProperty("error_description"));
|
|
5041
5057
|
}
|
|
5042
5058
|
|
|
5043
|
-
/*! @azure/msal-common v15.
|
|
5059
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5044
5060
|
/*
|
|
5045
5061
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5046
5062
|
* Licensed under the MIT License.
|
|
@@ -5136,7 +5152,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
5136
5152
|
};
|
|
5137
5153
|
};
|
|
5138
5154
|
|
|
5139
|
-
/*! @azure/msal-common v15.
|
|
5155
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5140
5156
|
|
|
5141
5157
|
/*
|
|
5142
5158
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5242,7 +5258,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5242
5258
|
},
|
|
5243
5259
|
};
|
|
5244
5260
|
|
|
5245
|
-
/*! @azure/msal-common v15.
|
|
5261
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5246
5262
|
|
|
5247
5263
|
/*
|
|
5248
5264
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6081,7 +6097,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6081
6097
|
};
|
|
6082
6098
|
}
|
|
6083
6099
|
|
|
6084
|
-
/*! @azure/msal-common v15.
|
|
6100
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6085
6101
|
|
|
6086
6102
|
/*
|
|
6087
6103
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6112,7 +6128,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6112
6128
|
}
|
|
6113
6129
|
}
|
|
6114
6130
|
|
|
6115
|
-
/*! @azure/msal-common v15.
|
|
6131
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6116
6132
|
|
|
6117
6133
|
/*
|
|
6118
6134
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6131,7 +6147,7 @@ class ServerError extends AuthError {
|
|
|
6131
6147
|
}
|
|
6132
6148
|
}
|
|
6133
6149
|
|
|
6134
|
-
/*! @azure/msal-common v15.
|
|
6150
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6135
6151
|
/*
|
|
6136
6152
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6137
6153
|
* Licensed under the MIT License.
|
|
@@ -6152,7 +6168,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
6152
6168
|
};
|
|
6153
6169
|
}
|
|
6154
6170
|
|
|
6155
|
-
/*! @azure/msal-common v15.
|
|
6171
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6156
6172
|
|
|
6157
6173
|
/*
|
|
6158
6174
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6239,7 +6255,7 @@ class ThrottlingUtils {
|
|
|
6239
6255
|
}
|
|
6240
6256
|
}
|
|
6241
6257
|
|
|
6242
|
-
/*! @azure/msal-common v15.
|
|
6258
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6243
6259
|
|
|
6244
6260
|
/*
|
|
6245
6261
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6270,7 +6286,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
6270
6286
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6271
6287
|
}
|
|
6272
6288
|
|
|
6273
|
-
/*! @azure/msal-common v15.
|
|
6289
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6274
6290
|
|
|
6275
6291
|
/*
|
|
6276
6292
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6418,7 +6434,7 @@ class BaseClient {
|
|
|
6418
6434
|
}
|
|
6419
6435
|
}
|
|
6420
6436
|
|
|
6421
|
-
/*! @azure/msal-common v15.
|
|
6437
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6422
6438
|
/*
|
|
6423
6439
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6424
6440
|
* Licensed under the MIT License.
|
|
@@ -6446,7 +6462,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
6446
6462
|
uxNotAllowed: uxNotAllowed
|
|
6447
6463
|
});
|
|
6448
6464
|
|
|
6449
|
-
/*! @azure/msal-common v15.
|
|
6465
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6450
6466
|
|
|
6451
6467
|
/*
|
|
6452
6468
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6536,7 +6552,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
6536
6552
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6537
6553
|
}
|
|
6538
6554
|
|
|
6539
|
-
/*! @azure/msal-common v15.
|
|
6555
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6540
6556
|
|
|
6541
6557
|
/*
|
|
6542
6558
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6608,7 +6624,7 @@ class ProtocolUtils {
|
|
|
6608
6624
|
}
|
|
6609
6625
|
}
|
|
6610
6626
|
|
|
6611
|
-
/*! @azure/msal-common v15.
|
|
6627
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6612
6628
|
|
|
6613
6629
|
/*
|
|
6614
6630
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6690,7 +6706,7 @@ class PopTokenGenerator {
|
|
|
6690
6706
|
}
|
|
6691
6707
|
}
|
|
6692
6708
|
|
|
6693
|
-
/*! @azure/msal-common v15.
|
|
6709
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6694
6710
|
/*
|
|
6695
6711
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6696
6712
|
* Licensed under the MIT License.
|
|
@@ -6717,7 +6733,7 @@ class PopTokenGenerator {
|
|
|
6717
6733
|
}
|
|
6718
6734
|
}
|
|
6719
6735
|
|
|
6720
|
-
/*! @azure/msal-common v15.
|
|
6736
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6721
6737
|
|
|
6722
6738
|
/*
|
|
6723
6739
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7048,74 +7064,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7048
7064
|
return baseAccount;
|
|
7049
7065
|
}
|
|
7050
7066
|
|
|
7051
|
-
/*! @azure/msal-common v15.
|
|
7052
|
-
|
|
7053
|
-
/*
|
|
7054
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7055
|
-
* Licensed under the MIT License.
|
|
7056
|
-
*/
|
|
7057
|
-
/**
|
|
7058
|
-
* Validates server consumable params from the "request" objects
|
|
7059
|
-
*/
|
|
7060
|
-
class RequestValidator {
|
|
7061
|
-
/**
|
|
7062
|
-
* Utility to check if the `redirectUri` in the request is a non-null value
|
|
7063
|
-
* @param redirectUri
|
|
7064
|
-
*/
|
|
7065
|
-
static validateRedirectUri(redirectUri) {
|
|
7066
|
-
if (!redirectUri) {
|
|
7067
|
-
throw createClientConfigurationError(redirectUriEmpty);
|
|
7068
|
-
}
|
|
7069
|
-
}
|
|
7070
|
-
/**
|
|
7071
|
-
* Utility to validate prompt sent by the user in the request
|
|
7072
|
-
* @param prompt
|
|
7073
|
-
*/
|
|
7074
|
-
static validatePrompt(prompt) {
|
|
7075
|
-
const promptValues = [];
|
|
7076
|
-
for (const value in PromptValue) {
|
|
7077
|
-
promptValues.push(PromptValue[value]);
|
|
7078
|
-
}
|
|
7079
|
-
if (promptValues.indexOf(prompt) < 0) {
|
|
7080
|
-
throw createClientConfigurationError(invalidPromptValue);
|
|
7081
|
-
}
|
|
7082
|
-
}
|
|
7083
|
-
static validateClaims(claims) {
|
|
7084
|
-
try {
|
|
7085
|
-
JSON.parse(claims);
|
|
7086
|
-
}
|
|
7087
|
-
catch (e) {
|
|
7088
|
-
throw createClientConfigurationError(invalidClaims);
|
|
7089
|
-
}
|
|
7090
|
-
}
|
|
7091
|
-
/**
|
|
7092
|
-
* Utility to validate code_challenge and code_challenge_method
|
|
7093
|
-
* @param codeChallenge
|
|
7094
|
-
* @param codeChallengeMethod
|
|
7095
|
-
*/
|
|
7096
|
-
static validateCodeChallengeParams(codeChallenge, codeChallengeMethod) {
|
|
7097
|
-
if (!codeChallenge || !codeChallengeMethod) {
|
|
7098
|
-
throw createClientConfigurationError(pkceParamsMissing);
|
|
7099
|
-
}
|
|
7100
|
-
else {
|
|
7101
|
-
this.validateCodeChallengeMethod(codeChallengeMethod);
|
|
7102
|
-
}
|
|
7103
|
-
}
|
|
7104
|
-
/**
|
|
7105
|
-
* Utility to validate code_challenge_method
|
|
7106
|
-
* @param codeChallengeMethod
|
|
7107
|
-
*/
|
|
7108
|
-
static validateCodeChallengeMethod(codeChallengeMethod) {
|
|
7109
|
-
if ([
|
|
7110
|
-
CodeChallengeMethodValues.PLAIN,
|
|
7111
|
-
CodeChallengeMethodValues.S256,
|
|
7112
|
-
].indexOf(codeChallengeMethod) < 0) {
|
|
7113
|
-
throw createClientConfigurationError(invalidCodeChallengeMethod);
|
|
7114
|
-
}
|
|
7115
|
-
}
|
|
7116
|
-
}
|
|
7117
|
-
|
|
7118
|
-
/*! @azure/msal-common v15.8.0 2025-07-01 */
|
|
7067
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7119
7068
|
/*
|
|
7120
7069
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7121
7070
|
* Licensed under the MIT License.
|
|
@@ -7133,7 +7082,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
7133
7082
|
}
|
|
7134
7083
|
}
|
|
7135
7084
|
|
|
7136
|
-
/*! @azure/msal-common v15.
|
|
7085
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7137
7086
|
|
|
7138
7087
|
/*
|
|
7139
7088
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7227,7 +7176,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7227
7176
|
*/
|
|
7228
7177
|
if (!this.includeRedirectUri) {
|
|
7229
7178
|
// Just validate
|
|
7230
|
-
|
|
7179
|
+
if (!request.redirectUri) {
|
|
7180
|
+
throw createClientConfigurationError(redirectUriEmpty);
|
|
7181
|
+
}
|
|
7231
7182
|
}
|
|
7232
7183
|
else {
|
|
7233
7184
|
// Validate and include redirect uri
|
|
@@ -7366,7 +7317,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7366
7317
|
}
|
|
7367
7318
|
}
|
|
7368
7319
|
|
|
7369
|
-
/*! @azure/msal-common v15.
|
|
7320
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7370
7321
|
|
|
7371
7322
|
/*
|
|
7372
7323
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7575,7 +7526,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7575
7526
|
}
|
|
7576
7527
|
}
|
|
7577
7528
|
|
|
7578
|
-
/*! @azure/msal-common v15.
|
|
7529
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7579
7530
|
|
|
7580
7531
|
/*
|
|
7581
7532
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7673,7 +7624,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7673
7624
|
}
|
|
7674
7625
|
}
|
|
7675
7626
|
|
|
7676
|
-
/*! @azure/msal-common v15.
|
|
7627
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7677
7628
|
|
|
7678
7629
|
/*
|
|
7679
7630
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7688,7 +7639,7 @@ const StubbedNetworkModule = {
|
|
|
7688
7639
|
},
|
|
7689
7640
|
};
|
|
7690
7641
|
|
|
7691
|
-
/*! @azure/msal-common v15.
|
|
7642
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7692
7643
|
|
|
7693
7644
|
/*
|
|
7694
7645
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7912,7 +7863,7 @@ function extractLoginHint(account) {
|
|
|
7912
7863
|
return account.idTokenClaims?.login_hint || null;
|
|
7913
7864
|
}
|
|
7914
7865
|
|
|
7915
|
-
/*! @azure/msal-common v15.
|
|
7866
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7916
7867
|
|
|
7917
7868
|
/*
|
|
7918
7869
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7970,7 +7921,7 @@ class AuthenticationHeaderParser {
|
|
|
7970
7921
|
}
|
|
7971
7922
|
}
|
|
7972
7923
|
|
|
7973
|
-
/*! @azure/msal-common v15.
|
|
7924
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7974
7925
|
|
|
7975
7926
|
/*
|
|
7976
7927
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8233,7 +8184,7 @@ class ServerTelemetryManager {
|
|
|
8233
8184
|
}
|
|
8234
8185
|
}
|
|
8235
8186
|
|
|
8236
|
-
/*! @azure/msal-common v15.
|
|
8187
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8237
8188
|
/*
|
|
8238
8189
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8239
8190
|
* Licensed under the MIT License.
|
|
@@ -8241,7 +8192,7 @@ class ServerTelemetryManager {
|
|
|
8241
8192
|
const missingKidError = "missing_kid_error";
|
|
8242
8193
|
const missingAlgError = "missing_alg_error";
|
|
8243
8194
|
|
|
8244
|
-
/*! @azure/msal-common v15.
|
|
8195
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8245
8196
|
|
|
8246
8197
|
/*
|
|
8247
8198
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8266,7 +8217,7 @@ function createJoseHeaderError(code) {
|
|
|
8266
8217
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8267
8218
|
}
|
|
8268
8219
|
|
|
8269
|
-
/*! @azure/msal-common v15.
|
|
8220
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8270
8221
|
|
|
8271
8222
|
/*
|
|
8272
8223
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8306,7 +8257,7 @@ class JoseHeader {
|
|
|
8306
8257
|
}
|
|
8307
8258
|
}
|
|
8308
8259
|
|
|
8309
|
-
/*! @azure/msal-common v15.
|
|
8260
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8310
8261
|
|
|
8311
8262
|
/*
|
|
8312
8263
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10410,7 +10361,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10410
10361
|
|
|
10411
10362
|
/* eslint-disable header/header */
|
|
10412
10363
|
const name = "@azure/msal-browser";
|
|
10413
|
-
const version = "4.
|
|
10364
|
+
const version = "4.16.0";
|
|
10414
10365
|
|
|
10415
10366
|
/*
|
|
10416
10367
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -13141,6 +13092,35 @@ async function initializeSilentRequest(request, account, config, performanceClie
|
|
|
13141
13092
|
account: account,
|
|
13142
13093
|
forceRefresh: request.forceRefresh || false,
|
|
13143
13094
|
};
|
|
13095
|
+
}
|
|
13096
|
+
/**
|
|
13097
|
+
* Validates that the combination of request method, protocol mode and authorize body parameters is correct.
|
|
13098
|
+
* Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
|
|
13099
|
+
* @param interactionRequest
|
|
13100
|
+
* @param protocolMode
|
|
13101
|
+
* @returns
|
|
13102
|
+
*/
|
|
13103
|
+
function validateRequestMethod(interactionRequest, protocolMode) {
|
|
13104
|
+
let httpMethod;
|
|
13105
|
+
const requestMethod = interactionRequest.httpMethod;
|
|
13106
|
+
if (protocolMode === ProtocolMode.EAR) {
|
|
13107
|
+
// Don't override httpMethod if it is already set, default to POST if not set
|
|
13108
|
+
httpMethod = requestMethod || HttpMethod.POST;
|
|
13109
|
+
// Validate that method is not GET if protocol mode is EAR
|
|
13110
|
+
if (httpMethod !== HttpMethod.POST) {
|
|
13111
|
+
throw createClientConfigurationError(invalidRequestMethodForEAR);
|
|
13112
|
+
}
|
|
13113
|
+
}
|
|
13114
|
+
else {
|
|
13115
|
+
// For non-EAR protocol modes, default to GET if httpMethod is not set
|
|
13116
|
+
httpMethod = requestMethod || HttpMethod.GET;
|
|
13117
|
+
}
|
|
13118
|
+
// Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
|
|
13119
|
+
if (interactionRequest.authorizePostBodyParameters &&
|
|
13120
|
+
httpMethod !== HttpMethod.POST) {
|
|
13121
|
+
throw createClientConfigurationError(invalidAuthorizePostBodyParameters);
|
|
13122
|
+
}
|
|
13123
|
+
return httpMethod;
|
|
13144
13124
|
}
|
|
13145
13125
|
|
|
13146
13126
|
/*
|
|
@@ -13317,7 +13297,7 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
13317
13297
|
};
|
|
13318
13298
|
const state = ProtocolUtils.setRequestState(this.browserCrypto, (request && request.state) || Constants.EMPTY_STRING, browserState);
|
|
13319
13299
|
const baseRequest = await invokeAsync(initializeBaseRequest, PerformanceEvents.InitializeBaseRequest, this.logger, this.performanceClient, this.correlationId)({ ...request, correlationId: this.correlationId }, this.config, this.performanceClient, this.logger);
|
|
13320
|
-
const
|
|
13300
|
+
const interactionRequest = {
|
|
13321
13301
|
...baseRequest,
|
|
13322
13302
|
redirectUri: redirectUri,
|
|
13323
13303
|
state: state,
|
|
@@ -13325,6 +13305,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
13325
13305
|
responseMode: this.config.auth.OIDCOptions
|
|
13326
13306
|
.serverResponseType,
|
|
13327
13307
|
};
|
|
13308
|
+
const validatedRequest = {
|
|
13309
|
+
...interactionRequest,
|
|
13310
|
+
httpMethod: validateRequestMethod(interactionRequest, this.config.auth.protocolMode),
|
|
13311
|
+
};
|
|
13328
13312
|
// Skip active account lookup if either login hint or session id is set
|
|
13329
13313
|
if (request.loginHint || request.sid) {
|
|
13330
13314
|
return validatedRequest;
|
|
@@ -14319,6 +14303,19 @@ async function getEARForm(frame, config, authority, request, logger, performance
|
|
|
14319
14303
|
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
14320
14304
|
return createForm(frame, url, parameters);
|
|
14321
14305
|
}
|
|
14306
|
+
/**
|
|
14307
|
+
* Gets the form that will be posted to /authorize with request parameters when using POST method
|
|
14308
|
+
*/
|
|
14309
|
+
async function getCodeForm(frame, config, authority, request, logger, performanceClient) {
|
|
14310
|
+
const parameters = await getStandardParameters(config, authority, request, logger, performanceClient);
|
|
14311
|
+
addResponseType(parameters, OAuthResponseType.CODE);
|
|
14312
|
+
addCodeChallengeParams(parameters, request.codeChallenge, request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD);
|
|
14313
|
+
addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
|
|
14314
|
+
const queryParams = new Map();
|
|
14315
|
+
addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
|
|
14316
|
+
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
14317
|
+
return createForm(frame, url, parameters);
|
|
14318
|
+
}
|
|
14322
14319
|
/**
|
|
14323
14320
|
* Creates form element in the provided document with auth parameters in the post body
|
|
14324
14321
|
* @param frame
|
|
@@ -15010,9 +15007,10 @@ class PopupClient extends StandardInteractionClient {
|
|
|
15010
15007
|
* @param pkceCodes
|
|
15011
15008
|
*/
|
|
15012
15009
|
acquireToken(request, pkceCodes) {
|
|
15010
|
+
let popupParams = undefined;
|
|
15013
15011
|
try {
|
|
15014
15012
|
const popupName = this.generatePopupName(request.scopes || OIDC_DEFAULT_SCOPES, request.authority || this.config.auth.authority);
|
|
15015
|
-
|
|
15013
|
+
popupParams = {
|
|
15016
15014
|
popupName,
|
|
15017
15015
|
popupWindowAttributes: request.popupWindowAttributes || {},
|
|
15018
15016
|
popupWindowParent: request.popupWindowParent ?? window,
|
|
@@ -15025,10 +15023,15 @@ class PopupClient extends StandardInteractionClient {
|
|
|
15025
15023
|
return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
|
|
15026
15024
|
}
|
|
15027
15025
|
else {
|
|
15026
|
+
// Pre-validate request method to avoid opening popup if the request is invalid
|
|
15027
|
+
const validatedRequest = {
|
|
15028
|
+
...request,
|
|
15029
|
+
httpMethod: validateRequestMethod(request, this.config.auth.protocolMode),
|
|
15030
|
+
};
|
|
15028
15031
|
// asyncPopups flag is set to false. Opens popup before acquiring token.
|
|
15029
15032
|
this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
|
|
15030
15033
|
popupParams.popup = this.openSizedPopup("about:blank", popupParams);
|
|
15031
|
-
return this.acquireTokenPopupAsync(
|
|
15034
|
+
return this.acquireTokenPopupAsync(validatedRequest, popupParams, pkceCodes);
|
|
15032
15035
|
}
|
|
15033
15036
|
}
|
|
15034
15037
|
catch (e) {
|
|
@@ -15120,15 +15123,20 @@ class PopupClient extends StandardInteractionClient {
|
|
|
15120
15123
|
requestExtraQueryParameters: popupRequest.extraQueryParameters,
|
|
15121
15124
|
account: popupRequest.account,
|
|
15122
15125
|
});
|
|
15123
|
-
|
|
15124
|
-
|
|
15125
|
-
|
|
15126
|
-
|
|
15127
|
-
|
|
15128
|
-
|
|
15129
|
-
|
|
15130
|
-
|
|
15131
|
-
|
|
15126
|
+
if (popupRequest.httpMethod === HttpMethod.POST) {
|
|
15127
|
+
return await this.executeCodeFlowWithPost(popupRequest, popupParams, authClient, pkce.verifier);
|
|
15128
|
+
}
|
|
15129
|
+
else {
|
|
15130
|
+
// Create acquire token url.
|
|
15131
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
|
|
15132
|
+
// Show the UI once the url has been created. Get the window handle for the popup.
|
|
15133
|
+
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
15134
|
+
this.eventHandler.emitEvent(EventType.POPUP_OPENED, exports.InteractionType.Popup, { popupWindow }, null);
|
|
15135
|
+
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
15136
|
+
const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
|
|
15137
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15138
|
+
return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15139
|
+
}
|
|
15132
15140
|
}
|
|
15133
15141
|
catch (e) {
|
|
15134
15142
|
// Close the synchronous popup if an error is thrown before the window unload event is registered
|
|
@@ -15166,6 +15174,23 @@ class PopupClient extends StandardInteractionClient {
|
|
|
15166
15174
|
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15167
15175
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(popupRequest, serverParams, ApiId.acquireTokenPopup, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15168
15176
|
}
|
|
15177
|
+
async executeCodeFlowWithPost(request, popupParams, authClient, pkceVerifier) {
|
|
15178
|
+
const correlationId = request.correlationId;
|
|
15179
|
+
// Get the frame handle for the silent request
|
|
15180
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
15181
|
+
requestAuthority: request.authority,
|
|
15182
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
15183
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
15184
|
+
account: request.account,
|
|
15185
|
+
});
|
|
15186
|
+
const popupWindow = popupParams.popup || this.openPopup("about:blank", popupParams);
|
|
15187
|
+
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
15188
|
+
form.submit();
|
|
15189
|
+
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
15190
|
+
const responseString = await invokeAsync(this.monitorPopupForHash.bind(this), PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupWindow, popupParams.popupWindowParent);
|
|
15191
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15192
|
+
return invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15193
|
+
}
|
|
15169
15194
|
/**
|
|
15170
15195
|
*
|
|
15171
15196
|
* @param validRequest
|
|
@@ -15517,18 +15542,23 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
15517
15542
|
};
|
|
15518
15543
|
this.browserStorage.cacheAuthorizeRequest(redirectRequest, pkceCodes.verifier);
|
|
15519
15544
|
try {
|
|
15520
|
-
|
|
15521
|
-
|
|
15522
|
-
|
|
15523
|
-
|
|
15524
|
-
|
|
15525
|
-
|
|
15526
|
-
|
|
15527
|
-
|
|
15528
|
-
|
|
15529
|
-
|
|
15530
|
-
|
|
15531
|
-
|
|
15545
|
+
if (redirectRequest.httpMethod === HttpMethod.POST) {
|
|
15546
|
+
return await this.executeCodeFlowWithPost(redirectRequest);
|
|
15547
|
+
}
|
|
15548
|
+
else {
|
|
15549
|
+
// Initialize the client
|
|
15550
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
|
|
15551
|
+
serverTelemetryManager,
|
|
15552
|
+
requestAuthority: redirectRequest.authority,
|
|
15553
|
+
requestAzureCloudOptions: redirectRequest.azureCloudOptions,
|
|
15554
|
+
requestExtraQueryParameters: redirectRequest.extraQueryParameters,
|
|
15555
|
+
account: redirectRequest.account,
|
|
15556
|
+
});
|
|
15557
|
+
// Create acquire token url.
|
|
15558
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
|
|
15559
|
+
// Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
|
|
15560
|
+
return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
|
|
15561
|
+
}
|
|
15532
15562
|
}
|
|
15533
15563
|
catch (e) {
|
|
15534
15564
|
if (e instanceof AuthError) {
|
|
@@ -15565,6 +15595,28 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
15565
15595
|
}, this.config.system.redirectNavigationTimeout);
|
|
15566
15596
|
});
|
|
15567
15597
|
}
|
|
15598
|
+
/**
|
|
15599
|
+
* Executes classic Authorization Code flow with a POST request.
|
|
15600
|
+
* @param request
|
|
15601
|
+
*/
|
|
15602
|
+
async executeCodeFlowWithPost(request) {
|
|
15603
|
+
const correlationId = request.correlationId;
|
|
15604
|
+
// Get the frame handle for the silent request
|
|
15605
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
15606
|
+
requestAuthority: request.authority,
|
|
15607
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
15608
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
15609
|
+
account: request.account,
|
|
15610
|
+
});
|
|
15611
|
+
this.browserStorage.cacheAuthorizeRequest(request);
|
|
15612
|
+
const form = await getCodeForm(document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
15613
|
+
form.submit();
|
|
15614
|
+
return new Promise((resolve, reject) => {
|
|
15615
|
+
setTimeout(() => {
|
|
15616
|
+
reject(createBrowserAuthError(timedOut, "failed_to_redirect"));
|
|
15617
|
+
}, this.config.system.redirectNavigationTimeout);
|
|
15618
|
+
});
|
|
15619
|
+
}
|
|
15568
15620
|
/**
|
|
15569
15621
|
* Checks if navigateToLoginRequestUrl is set, and:
|
|
15570
15622
|
* - if true, performs logic to cache and navigate
|
|
@@ -15875,6 +15927,15 @@ async function initiateCodeRequest(requestUrl, performanceClient, logger, correl
|
|
|
15875
15927
|
}
|
|
15876
15928
|
return invoke(loadFrameSync, PerformanceEvents.SilentHandlerLoadFrameSync, logger, performanceClient, correlationId)(requestUrl);
|
|
15877
15929
|
}
|
|
15930
|
+
async function initiateCodeFlowWithPost(config, authority, request, logger, performanceClient) {
|
|
15931
|
+
const frame = createHiddenIframe();
|
|
15932
|
+
if (!frame.contentDocument) {
|
|
15933
|
+
throw "No document associated with iframe!";
|
|
15934
|
+
}
|
|
15935
|
+
const form = await getCodeForm(frame.contentDocument, config, authority, request, logger, performanceClient);
|
|
15936
|
+
form.submit();
|
|
15937
|
+
return frame;
|
|
15938
|
+
}
|
|
15878
15939
|
async function initiateEarRequest(config, authority, request, logger, performanceClient) {
|
|
15879
15940
|
const frame = createHiddenIframe();
|
|
15880
15941
|
if (!frame.contentDocument) {
|
|
@@ -16123,10 +16184,16 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
16123
16184
|
...request,
|
|
16124
16185
|
codeChallenge: pkceCodes.challenge,
|
|
16125
16186
|
};
|
|
16126
|
-
|
|
16127
|
-
|
|
16128
|
-
|
|
16129
|
-
|
|
16187
|
+
let msalFrame;
|
|
16188
|
+
if (request.httpMethod === HttpMethod.POST) {
|
|
16189
|
+
msalFrame = await invokeAsync(initiateCodeFlowWithPost, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
16190
|
+
}
|
|
16191
|
+
else {
|
|
16192
|
+
// Create authorize request url
|
|
16193
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
16194
|
+
// Get the frame handle for the silent request
|
|
16195
|
+
msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
16196
|
+
}
|
|
16130
16197
|
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
16131
16198
|
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
16132
16199
|
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|
|
@@ -18225,7 +18292,13 @@ class NestedAppAuthController {
|
|
|
18225
18292
|
...this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp),
|
|
18226
18293
|
};
|
|
18227
18294
|
// cache the tokens in the response
|
|
18228
|
-
|
|
18295
|
+
try {
|
|
18296
|
+
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
|
|
18297
|
+
await this.hydrateCache(result, request);
|
|
18298
|
+
}
|
|
18299
|
+
catch (error) {
|
|
18300
|
+
this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
|
|
18301
|
+
}
|
|
18229
18302
|
// cache the account context in memory after successful token fetch
|
|
18230
18303
|
this.currentAccountContext = {
|
|
18231
18304
|
homeAccountId: result.account.homeAccountId,
|
|
@@ -18282,7 +18355,13 @@ class NestedAppAuthController {
|
|
|
18282
18355
|
const response = await this.bridgeProxy.getTokenSilent(naaRequest);
|
|
18283
18356
|
const result = this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp);
|
|
18284
18357
|
// cache the tokens in the response
|
|
18285
|
-
|
|
18358
|
+
try {
|
|
18359
|
+
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
|
|
18360
|
+
await this.hydrateCache(result, request);
|
|
18361
|
+
}
|
|
18362
|
+
catch (error) {
|
|
18363
|
+
this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
|
|
18364
|
+
}
|
|
18286
18365
|
// cache the account context in memory after successful token fetch
|
|
18287
18366
|
this.currentAccountContext = {
|
|
18288
18367
|
homeAccountId: result.account.homeAccountId,
|