@azure/msal-browser 4.14.0 → 4.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +15 -3
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
- package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.d.ts +2 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +43 -14
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +42 -15
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +4 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +15 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.d.ts +11 -1
- package/dist/request/RequestHelpers.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +32 -3
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +233 -172
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
- package/lib/msal-browser.cjs +259 -180
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +259 -180
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -69
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +4 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/RequestHelpers.d.ts +11 -1
- package/lib/types/request/RequestHelpers.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/controllers/NestedAppAuthController.ts +18 -2
- package/src/interaction_client/PopupClient.ts +161 -63
- package/src/interaction_client/RedirectClient.ts +86 -35
- package/src/interaction_client/SilentIframeClient.ts +49 -28
- package/src/interaction_client/StandardInteractionClient.ts +13 -2
- package/src/interaction_handler/SilentHandler.ts +24 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +48 -0
- package/src/request/RequestHelpers.ts +45 -0
package/lib/msal-browser.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.16.0 2025-07-23 */
|
|
2
2
|
'use strict';
|
|
3
3
|
(function (global, factory) {
|
|
4
4
|
typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
(global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.msal = {}));
|
|
7
7
|
})(this, (function (exports) { 'use strict';
|
|
8
8
|
|
|
9
|
-
/*! @azure/msal-common v15.
|
|
9
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
10
10
|
/*
|
|
11
11
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
12
12
|
* Licensed under the MIT License.
|
|
@@ -86,6 +86,10 @@
|
|
|
86
86
|
SERVER_ERROR_RANGE_END: 599,
|
|
87
87
|
MULTI_SIDED_ERROR: 600,
|
|
88
88
|
};
|
|
89
|
+
const HttpMethod = {
|
|
90
|
+
GET: "GET",
|
|
91
|
+
POST: "POST",
|
|
92
|
+
};
|
|
89
93
|
const OIDC_DEFAULT_SCOPES = [
|
|
90
94
|
Constants.OPENID_SCOPE,
|
|
91
95
|
Constants.PROFILE_SCOPE,
|
|
@@ -139,13 +143,6 @@
|
|
|
139
143
|
CREATE: "create",
|
|
140
144
|
NO_SESSION: "no_session",
|
|
141
145
|
};
|
|
142
|
-
/**
|
|
143
|
-
* allowed values for codeVerifier
|
|
144
|
-
*/
|
|
145
|
-
const CodeChallengeMethodValues = {
|
|
146
|
-
PLAIN: "plain",
|
|
147
|
-
S256: "S256",
|
|
148
|
-
};
|
|
149
146
|
/**
|
|
150
147
|
* Allowed values for response_type
|
|
151
148
|
*/
|
|
@@ -288,7 +285,7 @@
|
|
|
288
285
|
// Token renewal offset default in seconds
|
|
289
286
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
290
287
|
|
|
291
|
-
/*! @azure/msal-common v15.
|
|
288
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
292
289
|
/*
|
|
293
290
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
294
291
|
* Licensed under the MIT License.
|
|
@@ -305,7 +302,7 @@
|
|
|
305
302
|
unexpectedError: unexpectedError
|
|
306
303
|
});
|
|
307
304
|
|
|
308
|
-
/*! @azure/msal-common v15.
|
|
305
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
309
306
|
|
|
310
307
|
/*
|
|
311
308
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -354,7 +351,7 @@
|
|
|
354
351
|
: AuthErrorMessages[code]);
|
|
355
352
|
}
|
|
356
353
|
|
|
357
|
-
/*! @azure/msal-common v15.
|
|
354
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
358
355
|
/*
|
|
359
356
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
360
357
|
* Licensed under the MIT License.
|
|
@@ -452,7 +449,7 @@
|
|
|
452
449
|
userTimeoutReached: userTimeoutReached
|
|
453
450
|
});
|
|
454
451
|
|
|
455
|
-
/*! @azure/msal-common v15.
|
|
452
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
456
453
|
|
|
457
454
|
/*
|
|
458
455
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -704,7 +701,7 @@
|
|
|
704
701
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
705
702
|
}
|
|
706
703
|
|
|
707
|
-
/*! @azure/msal-common v15.
|
|
704
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
708
705
|
|
|
709
706
|
/*
|
|
710
707
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -743,7 +740,7 @@
|
|
|
743
740
|
},
|
|
744
741
|
};
|
|
745
742
|
|
|
746
|
-
/*! @azure/msal-common v15.
|
|
743
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
747
744
|
|
|
748
745
|
/*
|
|
749
746
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -934,12 +931,12 @@
|
|
|
934
931
|
}
|
|
935
932
|
}
|
|
936
933
|
|
|
937
|
-
/*! @azure/msal-common v15.
|
|
934
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
938
935
|
/* eslint-disable header/header */
|
|
939
936
|
const name$1 = "@azure/msal-common";
|
|
940
|
-
const version$1 = "15.
|
|
937
|
+
const version$1 = "15.9.0";
|
|
941
938
|
|
|
942
|
-
/*! @azure/msal-common v15.
|
|
939
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
943
940
|
/*
|
|
944
941
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
945
942
|
* Licensed under the MIT License.
|
|
@@ -959,7 +956,7 @@
|
|
|
959
956
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
960
957
|
};
|
|
961
958
|
|
|
962
|
-
/*! @azure/msal-common v15.
|
|
959
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
963
960
|
|
|
964
961
|
/*
|
|
965
962
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1020,7 +1017,7 @@
|
|
|
1020
1017
|
}
|
|
1021
1018
|
}
|
|
1022
1019
|
|
|
1023
|
-
/*! @azure/msal-common v15.
|
|
1020
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1024
1021
|
/*
|
|
1025
1022
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1026
1023
|
* Licensed under the MIT License.
|
|
@@ -1075,7 +1072,7 @@
|
|
|
1075
1072
|
return cachedAtSec > nowSeconds();
|
|
1076
1073
|
}
|
|
1077
1074
|
|
|
1078
|
-
/*! @azure/msal-common v15.
|
|
1075
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1079
1076
|
|
|
1080
1077
|
/*
|
|
1081
1078
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1402,7 +1399,7 @@
|
|
|
1402
1399
|
return metadata.expiresAt <= nowSeconds();
|
|
1403
1400
|
}
|
|
1404
1401
|
|
|
1405
|
-
/*! @azure/msal-common v15.
|
|
1402
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1406
1403
|
/*
|
|
1407
1404
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1408
1405
|
* Licensed under the MIT License.
|
|
@@ -1413,7 +1410,6 @@
|
|
|
1413
1410
|
const urlParseError = "url_parse_error";
|
|
1414
1411
|
const urlEmptyError = "empty_url_error";
|
|
1415
1412
|
const emptyInputScopesError = "empty_input_scopes_error";
|
|
1416
|
-
const invalidPromptValue = "invalid_prompt_value";
|
|
1417
1413
|
const invalidClaims = "invalid_claims";
|
|
1418
1414
|
const tokenRequestEmpty = "token_request_empty";
|
|
1419
1415
|
const logoutRequestEmpty = "logout_request_empty";
|
|
@@ -1428,7 +1424,9 @@
|
|
|
1428
1424
|
const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
1429
1425
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
1430
1426
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
1431
|
-
const authorityMismatch = "authority_mismatch";
|
|
1427
|
+
const authorityMismatch = "authority_mismatch";
|
|
1428
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
1429
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
1432
1430
|
|
|
1433
1431
|
var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
1434
1432
|
__proto__: null,
|
|
@@ -1440,10 +1438,11 @@
|
|
|
1440
1438
|
emptyInputScopesError: emptyInputScopesError,
|
|
1441
1439
|
invalidAuthenticationHeader: invalidAuthenticationHeader,
|
|
1442
1440
|
invalidAuthorityMetadata: invalidAuthorityMetadata,
|
|
1441
|
+
invalidAuthorizePostBodyParameters: invalidAuthorizePostBodyParameters,
|
|
1443
1442
|
invalidClaims: invalidClaims,
|
|
1444
1443
|
invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
|
|
1445
1444
|
invalidCodeChallengeMethod: invalidCodeChallengeMethod,
|
|
1446
|
-
|
|
1445
|
+
invalidRequestMethodForEAR: invalidRequestMethodForEAR,
|
|
1447
1446
|
logoutRequestEmpty: logoutRequestEmpty,
|
|
1448
1447
|
missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
|
|
1449
1448
|
missingSshJwk: missingSshJwk,
|
|
@@ -1456,7 +1455,7 @@
|
|
|
1456
1455
|
urlParseError: urlParseError
|
|
1457
1456
|
});
|
|
1458
1457
|
|
|
1459
|
-
/*! @azure/msal-common v15.
|
|
1458
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1460
1459
|
|
|
1461
1460
|
/*
|
|
1462
1461
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1469,7 +1468,6 @@
|
|
|
1469
1468
|
[urlParseError]: "URL could not be parsed into appropriate segments.",
|
|
1470
1469
|
[urlEmptyError]: "URL was empty or null.",
|
|
1471
1470
|
[emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
|
|
1472
|
-
[invalidPromptValue]: "Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",
|
|
1473
1471
|
[invalidClaims]: "Given claims parameter must be a stringified JSON object.",
|
|
1474
1472
|
[tokenRequestEmpty]: "Token request was empty and not found in cache.",
|
|
1475
1473
|
[logoutRequestEmpty]: "The logout request was null or undefined.",
|
|
@@ -1485,6 +1483,8 @@
|
|
|
1485
1483
|
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
1486
1484
|
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
1487
1485
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
1486
|
+
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
1487
|
+
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
1488
1488
|
};
|
|
1489
1489
|
/**
|
|
1490
1490
|
* ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
|
|
@@ -1515,10 +1515,6 @@
|
|
|
1515
1515
|
code: emptyInputScopesError,
|
|
1516
1516
|
desc: ClientConfigurationErrorMessages[emptyInputScopesError],
|
|
1517
1517
|
},
|
|
1518
|
-
invalidPrompt: {
|
|
1519
|
-
code: invalidPromptValue,
|
|
1520
|
-
desc: ClientConfigurationErrorMessages[invalidPromptValue],
|
|
1521
|
-
},
|
|
1522
1518
|
invalidClaimsRequest: {
|
|
1523
1519
|
code: invalidClaims,
|
|
1524
1520
|
desc: ClientConfigurationErrorMessages[invalidClaims],
|
|
@@ -1579,6 +1575,14 @@
|
|
|
1579
1575
|
code: authorityMismatch,
|
|
1580
1576
|
desc: ClientConfigurationErrorMessages[authorityMismatch],
|
|
1581
1577
|
},
|
|
1578
|
+
invalidAuthorizePostBodyParameters: {
|
|
1579
|
+
code: invalidAuthorizePostBodyParameters,
|
|
1580
|
+
desc: ClientConfigurationErrorMessages[invalidAuthorizePostBodyParameters],
|
|
1581
|
+
},
|
|
1582
|
+
invalidRequestMethodForEAR: {
|
|
1583
|
+
code: invalidRequestMethodForEAR,
|
|
1584
|
+
desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
|
|
1585
|
+
},
|
|
1582
1586
|
};
|
|
1583
1587
|
/**
|
|
1584
1588
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -1594,7 +1598,7 @@
|
|
|
1594
1598
|
return new ClientConfigurationError(errorCode);
|
|
1595
1599
|
}
|
|
1596
1600
|
|
|
1597
|
-
/*! @azure/msal-common v15.
|
|
1601
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1598
1602
|
/*
|
|
1599
1603
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1600
1604
|
* Licensed under the MIT License.
|
|
@@ -1691,7 +1695,7 @@
|
|
|
1691
1695
|
}
|
|
1692
1696
|
}
|
|
1693
1697
|
|
|
1694
|
-
/*! @azure/msal-common v15.
|
|
1698
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1695
1699
|
|
|
1696
1700
|
/*
|
|
1697
1701
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1882,7 +1886,7 @@
|
|
|
1882
1886
|
}
|
|
1883
1887
|
}
|
|
1884
1888
|
|
|
1885
|
-
/*! @azure/msal-common v15.
|
|
1889
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1886
1890
|
|
|
1887
1891
|
/*
|
|
1888
1892
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1922,7 +1926,7 @@
|
|
|
1922
1926
|
};
|
|
1923
1927
|
}
|
|
1924
1928
|
|
|
1925
|
-
/*! @azure/msal-common v15.
|
|
1929
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1926
1930
|
/*
|
|
1927
1931
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1928
1932
|
* Licensed under the MIT License.
|
|
@@ -2001,7 +2005,7 @@
|
|
|
2001
2005
|
return updatedAccountInfo;
|
|
2002
2006
|
}
|
|
2003
2007
|
|
|
2004
|
-
/*! @azure/msal-common v15.
|
|
2008
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2005
2009
|
/*
|
|
2006
2010
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2007
2011
|
* Licensed under the MIT License.
|
|
@@ -2016,7 +2020,7 @@
|
|
|
2016
2020
|
Ciam: 3,
|
|
2017
2021
|
};
|
|
2018
2022
|
|
|
2019
|
-
/*! @azure/msal-common v15.
|
|
2023
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2020
2024
|
/*
|
|
2021
2025
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2022
2026
|
* Licensed under the MIT License.
|
|
@@ -2038,7 +2042,7 @@
|
|
|
2038
2042
|
return null;
|
|
2039
2043
|
}
|
|
2040
2044
|
|
|
2041
|
-
/*! @azure/msal-common v15.
|
|
2045
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2042
2046
|
/*
|
|
2043
2047
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2044
2048
|
* Licensed under the MIT License.
|
|
@@ -2062,7 +2066,7 @@
|
|
|
2062
2066
|
EAR: "EAR",
|
|
2063
2067
|
};
|
|
2064
2068
|
|
|
2065
|
-
/*! @azure/msal-common v15.
|
|
2069
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2066
2070
|
|
|
2067
2071
|
/*
|
|
2068
2072
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2305,7 +2309,7 @@
|
|
|
2305
2309
|
}
|
|
2306
2310
|
}
|
|
2307
2311
|
|
|
2308
|
-
/*! @azure/msal-common v15.
|
|
2312
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2309
2313
|
|
|
2310
2314
|
/*
|
|
2311
2315
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2370,7 +2374,7 @@
|
|
|
2370
2374
|
return queryParameterArray.join("&");
|
|
2371
2375
|
}
|
|
2372
2376
|
|
|
2373
|
-
/*! @azure/msal-common v15.
|
|
2377
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2374
2378
|
|
|
2375
2379
|
/*
|
|
2376
2380
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2534,7 +2538,7 @@
|
|
|
2534
2538
|
}
|
|
2535
2539
|
}
|
|
2536
2540
|
|
|
2537
|
-
/*! @azure/msal-common v15.
|
|
2541
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2538
2542
|
|
|
2539
2543
|
/*
|
|
2540
2544
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2673,7 +2677,7 @@
|
|
|
2673
2677
|
return null;
|
|
2674
2678
|
}
|
|
2675
2679
|
|
|
2676
|
-
/*! @azure/msal-common v15.
|
|
2680
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2677
2681
|
/*
|
|
2678
2682
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2679
2683
|
* Licensed under the MIT License.
|
|
@@ -2681,7 +2685,7 @@
|
|
|
2681
2685
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2682
2686
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2683
2687
|
|
|
2684
|
-
/*! @azure/msal-common v15.
|
|
2688
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2685
2689
|
|
|
2686
2690
|
/*
|
|
2687
2691
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2726,7 +2730,7 @@
|
|
|
2726
2730
|
}
|
|
2727
2731
|
}
|
|
2728
2732
|
|
|
2729
|
-
/*! @azure/msal-common v15.
|
|
2733
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2730
2734
|
|
|
2731
2735
|
/*
|
|
2732
2736
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3893,7 +3897,7 @@
|
|
|
3893
3897
|
}
|
|
3894
3898
|
}
|
|
3895
3899
|
|
|
3896
|
-
/*! @azure/msal-common v15.
|
|
3900
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3897
3901
|
/*
|
|
3898
3902
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3899
3903
|
* Licensed under the MIT License.
|
|
@@ -4405,7 +4409,7 @@
|
|
|
4405
4409
|
"encryptedCacheExpiredCount",
|
|
4406
4410
|
]);
|
|
4407
4411
|
|
|
4408
|
-
/*! @azure/msal-common v15.
|
|
4412
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4409
4413
|
|
|
4410
4414
|
/*
|
|
4411
4415
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4484,7 +4488,7 @@
|
|
|
4484
4488
|
}
|
|
4485
4489
|
}
|
|
4486
4490
|
|
|
4487
|
-
/*! @azure/msal-common v15.
|
|
4491
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4488
4492
|
|
|
4489
4493
|
/*
|
|
4490
4494
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4584,7 +4588,7 @@
|
|
|
4584
4588
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
4585
4589
|
}
|
|
4586
4590
|
|
|
4587
|
-
/*! @azure/msal-common v15.
|
|
4591
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4588
4592
|
/*
|
|
4589
4593
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4590
4594
|
* Licensed under the MIT License.
|
|
@@ -4594,7 +4598,7 @@
|
|
|
4594
4598
|
UPN: "UPN",
|
|
4595
4599
|
};
|
|
4596
4600
|
|
|
4597
|
-
/*! @azure/msal-common v15.
|
|
4601
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4598
4602
|
/*
|
|
4599
4603
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4600
4604
|
* Licensed under the MIT License.
|
|
@@ -4644,7 +4648,7 @@
|
|
|
4644
4648
|
const EAR_JWK = "ear_jwk";
|
|
4645
4649
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4646
4650
|
|
|
4647
|
-
/*! @azure/msal-common v15.
|
|
4651
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4648
4652
|
|
|
4649
4653
|
/*
|
|
4650
4654
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5010,9 +5014,21 @@
|
|
|
5010
5014
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
5011
5015
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
5012
5016
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
5017
|
+
}
|
|
5018
|
+
/**
|
|
5019
|
+
* Adds authorize body parameters to the request parameters
|
|
5020
|
+
* @param parameters
|
|
5021
|
+
* @param bodyParameters
|
|
5022
|
+
*/
|
|
5023
|
+
function addPostBodyParameters(parameters, bodyParameters) {
|
|
5024
|
+
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
5025
|
+
if (value) {
|
|
5026
|
+
parameters.set(key, value);
|
|
5027
|
+
}
|
|
5028
|
+
});
|
|
5013
5029
|
}
|
|
5014
5030
|
|
|
5015
|
-
/*! @azure/msal-common v15.
|
|
5031
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5016
5032
|
/*
|
|
5017
5033
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5018
5034
|
* Licensed under the MIT License.
|
|
@@ -5024,7 +5040,7 @@
|
|
|
5024
5040
|
response.hasOwnProperty("jwks_uri"));
|
|
5025
5041
|
}
|
|
5026
5042
|
|
|
5027
|
-
/*! @azure/msal-common v15.
|
|
5043
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5028
5044
|
/*
|
|
5029
5045
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5030
5046
|
* Licensed under the MIT License.
|
|
@@ -5034,7 +5050,7 @@
|
|
|
5034
5050
|
response.hasOwnProperty("metadata"));
|
|
5035
5051
|
}
|
|
5036
5052
|
|
|
5037
|
-
/*! @azure/msal-common v15.
|
|
5053
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5038
5054
|
/*
|
|
5039
5055
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5040
5056
|
* Licensed under the MIT License.
|
|
@@ -5044,7 +5060,7 @@
|
|
|
5044
5060
|
response.hasOwnProperty("error_description"));
|
|
5045
5061
|
}
|
|
5046
5062
|
|
|
5047
|
-
/*! @azure/msal-common v15.
|
|
5063
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5048
5064
|
/*
|
|
5049
5065
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5050
5066
|
* Licensed under the MIT License.
|
|
@@ -5140,7 +5156,7 @@
|
|
|
5140
5156
|
};
|
|
5141
5157
|
};
|
|
5142
5158
|
|
|
5143
|
-
/*! @azure/msal-common v15.
|
|
5159
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5144
5160
|
|
|
5145
5161
|
/*
|
|
5146
5162
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5246,7 +5262,7 @@
|
|
|
5246
5262
|
},
|
|
5247
5263
|
};
|
|
5248
5264
|
|
|
5249
|
-
/*! @azure/msal-common v15.
|
|
5265
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5250
5266
|
|
|
5251
5267
|
/*
|
|
5252
5268
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6085,7 +6101,7 @@
|
|
|
6085
6101
|
};
|
|
6086
6102
|
}
|
|
6087
6103
|
|
|
6088
|
-
/*! @azure/msal-common v15.
|
|
6104
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6089
6105
|
|
|
6090
6106
|
/*
|
|
6091
6107
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6116,7 +6132,7 @@
|
|
|
6116
6132
|
}
|
|
6117
6133
|
}
|
|
6118
6134
|
|
|
6119
|
-
/*! @azure/msal-common v15.
|
|
6135
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6120
6136
|
|
|
6121
6137
|
/*
|
|
6122
6138
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6135,7 +6151,7 @@
|
|
|
6135
6151
|
}
|
|
6136
6152
|
}
|
|
6137
6153
|
|
|
6138
|
-
/*! @azure/msal-common v15.
|
|
6154
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6139
6155
|
/*
|
|
6140
6156
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6141
6157
|
* Licensed under the MIT License.
|
|
@@ -6156,7 +6172,7 @@
|
|
|
6156
6172
|
};
|
|
6157
6173
|
}
|
|
6158
6174
|
|
|
6159
|
-
/*! @azure/msal-common v15.
|
|
6175
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6160
6176
|
|
|
6161
6177
|
/*
|
|
6162
6178
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6243,7 +6259,7 @@
|
|
|
6243
6259
|
}
|
|
6244
6260
|
}
|
|
6245
6261
|
|
|
6246
|
-
/*! @azure/msal-common v15.
|
|
6262
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6247
6263
|
|
|
6248
6264
|
/*
|
|
6249
6265
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6274,7 +6290,7 @@
|
|
|
6274
6290
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6275
6291
|
}
|
|
6276
6292
|
|
|
6277
|
-
/*! @azure/msal-common v15.
|
|
6293
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6278
6294
|
|
|
6279
6295
|
/*
|
|
6280
6296
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6422,7 +6438,7 @@
|
|
|
6422
6438
|
}
|
|
6423
6439
|
}
|
|
6424
6440
|
|
|
6425
|
-
/*! @azure/msal-common v15.
|
|
6441
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6426
6442
|
/*
|
|
6427
6443
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6428
6444
|
* Licensed under the MIT License.
|
|
@@ -6450,7 +6466,7 @@
|
|
|
6450
6466
|
uxNotAllowed: uxNotAllowed
|
|
6451
6467
|
});
|
|
6452
6468
|
|
|
6453
|
-
/*! @azure/msal-common v15.
|
|
6469
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6454
6470
|
|
|
6455
6471
|
/*
|
|
6456
6472
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6540,7 +6556,7 @@
|
|
|
6540
6556
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6541
6557
|
}
|
|
6542
6558
|
|
|
6543
|
-
/*! @azure/msal-common v15.
|
|
6559
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6544
6560
|
|
|
6545
6561
|
/*
|
|
6546
6562
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6612,7 +6628,7 @@
|
|
|
6612
6628
|
}
|
|
6613
6629
|
}
|
|
6614
6630
|
|
|
6615
|
-
/*! @azure/msal-common v15.
|
|
6631
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6616
6632
|
|
|
6617
6633
|
/*
|
|
6618
6634
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6694,7 +6710,7 @@
|
|
|
6694
6710
|
}
|
|
6695
6711
|
}
|
|
6696
6712
|
|
|
6697
|
-
/*! @azure/msal-common v15.
|
|
6713
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6698
6714
|
/*
|
|
6699
6715
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6700
6716
|
* Licensed under the MIT License.
|
|
@@ -6721,7 +6737,7 @@
|
|
|
6721
6737
|
}
|
|
6722
6738
|
}
|
|
6723
6739
|
|
|
6724
|
-
/*! @azure/msal-common v15.
|
|
6740
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6725
6741
|
|
|
6726
6742
|
/*
|
|
6727
6743
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7052,74 +7068,7 @@
|
|
|
7052
7068
|
return baseAccount;
|
|
7053
7069
|
}
|
|
7054
7070
|
|
|
7055
|
-
/*! @azure/msal-common v15.
|
|
7056
|
-
|
|
7057
|
-
/*
|
|
7058
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7059
|
-
* Licensed under the MIT License.
|
|
7060
|
-
*/
|
|
7061
|
-
/**
|
|
7062
|
-
* Validates server consumable params from the "request" objects
|
|
7063
|
-
*/
|
|
7064
|
-
class RequestValidator {
|
|
7065
|
-
/**
|
|
7066
|
-
* Utility to check if the `redirectUri` in the request is a non-null value
|
|
7067
|
-
* @param redirectUri
|
|
7068
|
-
*/
|
|
7069
|
-
static validateRedirectUri(redirectUri) {
|
|
7070
|
-
if (!redirectUri) {
|
|
7071
|
-
throw createClientConfigurationError(redirectUriEmpty);
|
|
7072
|
-
}
|
|
7073
|
-
}
|
|
7074
|
-
/**
|
|
7075
|
-
* Utility to validate prompt sent by the user in the request
|
|
7076
|
-
* @param prompt
|
|
7077
|
-
*/
|
|
7078
|
-
static validatePrompt(prompt) {
|
|
7079
|
-
const promptValues = [];
|
|
7080
|
-
for (const value in PromptValue) {
|
|
7081
|
-
promptValues.push(PromptValue[value]);
|
|
7082
|
-
}
|
|
7083
|
-
if (promptValues.indexOf(prompt) < 0) {
|
|
7084
|
-
throw createClientConfigurationError(invalidPromptValue);
|
|
7085
|
-
}
|
|
7086
|
-
}
|
|
7087
|
-
static validateClaims(claims) {
|
|
7088
|
-
try {
|
|
7089
|
-
JSON.parse(claims);
|
|
7090
|
-
}
|
|
7091
|
-
catch (e) {
|
|
7092
|
-
throw createClientConfigurationError(invalidClaims);
|
|
7093
|
-
}
|
|
7094
|
-
}
|
|
7095
|
-
/**
|
|
7096
|
-
* Utility to validate code_challenge and code_challenge_method
|
|
7097
|
-
* @param codeChallenge
|
|
7098
|
-
* @param codeChallengeMethod
|
|
7099
|
-
*/
|
|
7100
|
-
static validateCodeChallengeParams(codeChallenge, codeChallengeMethod) {
|
|
7101
|
-
if (!codeChallenge || !codeChallengeMethod) {
|
|
7102
|
-
throw createClientConfigurationError(pkceParamsMissing);
|
|
7103
|
-
}
|
|
7104
|
-
else {
|
|
7105
|
-
this.validateCodeChallengeMethod(codeChallengeMethod);
|
|
7106
|
-
}
|
|
7107
|
-
}
|
|
7108
|
-
/**
|
|
7109
|
-
* Utility to validate code_challenge_method
|
|
7110
|
-
* @param codeChallengeMethod
|
|
7111
|
-
*/
|
|
7112
|
-
static validateCodeChallengeMethod(codeChallengeMethod) {
|
|
7113
|
-
if ([
|
|
7114
|
-
CodeChallengeMethodValues.PLAIN,
|
|
7115
|
-
CodeChallengeMethodValues.S256,
|
|
7116
|
-
].indexOf(codeChallengeMethod) < 0) {
|
|
7117
|
-
throw createClientConfigurationError(invalidCodeChallengeMethod);
|
|
7118
|
-
}
|
|
7119
|
-
}
|
|
7120
|
-
}
|
|
7121
|
-
|
|
7122
|
-
/*! @azure/msal-common v15.8.0 2025-07-01 */
|
|
7071
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7123
7072
|
/*
|
|
7124
7073
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7125
7074
|
* Licensed under the MIT License.
|
|
@@ -7137,7 +7086,7 @@
|
|
|
7137
7086
|
}
|
|
7138
7087
|
}
|
|
7139
7088
|
|
|
7140
|
-
/*! @azure/msal-common v15.
|
|
7089
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7141
7090
|
|
|
7142
7091
|
/*
|
|
7143
7092
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7231,7 +7180,9 @@
|
|
|
7231
7180
|
*/
|
|
7232
7181
|
if (!this.includeRedirectUri) {
|
|
7233
7182
|
// Just validate
|
|
7234
|
-
|
|
7183
|
+
if (!request.redirectUri) {
|
|
7184
|
+
throw createClientConfigurationError(redirectUriEmpty);
|
|
7185
|
+
}
|
|
7235
7186
|
}
|
|
7236
7187
|
else {
|
|
7237
7188
|
// Validate and include redirect uri
|
|
@@ -7370,7 +7321,7 @@
|
|
|
7370
7321
|
}
|
|
7371
7322
|
}
|
|
7372
7323
|
|
|
7373
|
-
/*! @azure/msal-common v15.
|
|
7324
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7374
7325
|
|
|
7375
7326
|
/*
|
|
7376
7327
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7579,7 +7530,7 @@
|
|
|
7579
7530
|
}
|
|
7580
7531
|
}
|
|
7581
7532
|
|
|
7582
|
-
/*! @azure/msal-common v15.
|
|
7533
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7583
7534
|
|
|
7584
7535
|
/*
|
|
7585
7536
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7677,7 +7628,7 @@
|
|
|
7677
7628
|
}
|
|
7678
7629
|
}
|
|
7679
7630
|
|
|
7680
|
-
/*! @azure/msal-common v15.
|
|
7631
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7681
7632
|
|
|
7682
7633
|
/*
|
|
7683
7634
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7692,7 +7643,7 @@
|
|
|
7692
7643
|
},
|
|
7693
7644
|
};
|
|
7694
7645
|
|
|
7695
|
-
/*! @azure/msal-common v15.
|
|
7646
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7696
7647
|
|
|
7697
7648
|
/*
|
|
7698
7649
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7916,7 +7867,7 @@
|
|
|
7916
7867
|
return account.idTokenClaims?.login_hint || null;
|
|
7917
7868
|
}
|
|
7918
7869
|
|
|
7919
|
-
/*! @azure/msal-common v15.
|
|
7870
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7920
7871
|
|
|
7921
7872
|
/*
|
|
7922
7873
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7974,7 +7925,7 @@
|
|
|
7974
7925
|
}
|
|
7975
7926
|
}
|
|
7976
7927
|
|
|
7977
|
-
/*! @azure/msal-common v15.
|
|
7928
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7978
7929
|
|
|
7979
7930
|
/*
|
|
7980
7931
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8237,7 +8188,7 @@
|
|
|
8237
8188
|
}
|
|
8238
8189
|
}
|
|
8239
8190
|
|
|
8240
|
-
/*! @azure/msal-common v15.
|
|
8191
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8241
8192
|
/*
|
|
8242
8193
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8243
8194
|
* Licensed under the MIT License.
|
|
@@ -8245,7 +8196,7 @@
|
|
|
8245
8196
|
const missingKidError = "missing_kid_error";
|
|
8246
8197
|
const missingAlgError = "missing_alg_error";
|
|
8247
8198
|
|
|
8248
|
-
/*! @azure/msal-common v15.
|
|
8199
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8249
8200
|
|
|
8250
8201
|
/*
|
|
8251
8202
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8270,7 +8221,7 @@
|
|
|
8270
8221
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8271
8222
|
}
|
|
8272
8223
|
|
|
8273
|
-
/*! @azure/msal-common v15.
|
|
8224
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8274
8225
|
|
|
8275
8226
|
/*
|
|
8276
8227
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8310,7 +8261,7 @@
|
|
|
8310
8261
|
}
|
|
8311
8262
|
}
|
|
8312
8263
|
|
|
8313
|
-
/*! @azure/msal-common v15.
|
|
8264
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8314
8265
|
|
|
8315
8266
|
/*
|
|
8316
8267
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10414,7 +10365,7 @@
|
|
|
10414
10365
|
|
|
10415
10366
|
/* eslint-disable header/header */
|
|
10416
10367
|
const name = "@azure/msal-browser";
|
|
10417
|
-
const version = "4.
|
|
10368
|
+
const version = "4.16.0";
|
|
10418
10369
|
|
|
10419
10370
|
/*
|
|
10420
10371
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -13145,6 +13096,35 @@
|
|
|
13145
13096
|
account: account,
|
|
13146
13097
|
forceRefresh: request.forceRefresh || false,
|
|
13147
13098
|
};
|
|
13099
|
+
}
|
|
13100
|
+
/**
|
|
13101
|
+
* Validates that the combination of request method, protocol mode and authorize body parameters is correct.
|
|
13102
|
+
* Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
|
|
13103
|
+
* @param interactionRequest
|
|
13104
|
+
* @param protocolMode
|
|
13105
|
+
* @returns
|
|
13106
|
+
*/
|
|
13107
|
+
function validateRequestMethod(interactionRequest, protocolMode) {
|
|
13108
|
+
let httpMethod;
|
|
13109
|
+
const requestMethod = interactionRequest.httpMethod;
|
|
13110
|
+
if (protocolMode === ProtocolMode.EAR) {
|
|
13111
|
+
// Don't override httpMethod if it is already set, default to POST if not set
|
|
13112
|
+
httpMethod = requestMethod || HttpMethod.POST;
|
|
13113
|
+
// Validate that method is not GET if protocol mode is EAR
|
|
13114
|
+
if (httpMethod !== HttpMethod.POST) {
|
|
13115
|
+
throw createClientConfigurationError(invalidRequestMethodForEAR);
|
|
13116
|
+
}
|
|
13117
|
+
}
|
|
13118
|
+
else {
|
|
13119
|
+
// For non-EAR protocol modes, default to GET if httpMethod is not set
|
|
13120
|
+
httpMethod = requestMethod || HttpMethod.GET;
|
|
13121
|
+
}
|
|
13122
|
+
// Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
|
|
13123
|
+
if (interactionRequest.authorizePostBodyParameters &&
|
|
13124
|
+
httpMethod !== HttpMethod.POST) {
|
|
13125
|
+
throw createClientConfigurationError(invalidAuthorizePostBodyParameters);
|
|
13126
|
+
}
|
|
13127
|
+
return httpMethod;
|
|
13148
13128
|
}
|
|
13149
13129
|
|
|
13150
13130
|
/*
|
|
@@ -13321,7 +13301,7 @@
|
|
|
13321
13301
|
};
|
|
13322
13302
|
const state = ProtocolUtils.setRequestState(this.browserCrypto, (request && request.state) || Constants.EMPTY_STRING, browserState);
|
|
13323
13303
|
const baseRequest = await invokeAsync(initializeBaseRequest, PerformanceEvents.InitializeBaseRequest, this.logger, this.performanceClient, this.correlationId)({ ...request, correlationId: this.correlationId }, this.config, this.performanceClient, this.logger);
|
|
13324
|
-
const
|
|
13304
|
+
const interactionRequest = {
|
|
13325
13305
|
...baseRequest,
|
|
13326
13306
|
redirectUri: redirectUri,
|
|
13327
13307
|
state: state,
|
|
@@ -13329,6 +13309,10 @@
|
|
|
13329
13309
|
responseMode: this.config.auth.OIDCOptions
|
|
13330
13310
|
.serverResponseType,
|
|
13331
13311
|
};
|
|
13312
|
+
const validatedRequest = {
|
|
13313
|
+
...interactionRequest,
|
|
13314
|
+
httpMethod: validateRequestMethod(interactionRequest, this.config.auth.protocolMode),
|
|
13315
|
+
};
|
|
13332
13316
|
// Skip active account lookup if either login hint or session id is set
|
|
13333
13317
|
if (request.loginHint || request.sid) {
|
|
13334
13318
|
return validatedRequest;
|
|
@@ -14323,6 +14307,19 @@
|
|
|
14323
14307
|
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
14324
14308
|
return createForm(frame, url, parameters);
|
|
14325
14309
|
}
|
|
14310
|
+
/**
|
|
14311
|
+
* Gets the form that will be posted to /authorize with request parameters when using POST method
|
|
14312
|
+
*/
|
|
14313
|
+
async function getCodeForm(frame, config, authority, request, logger, performanceClient) {
|
|
14314
|
+
const parameters = await getStandardParameters(config, authority, request, logger, performanceClient);
|
|
14315
|
+
addResponseType(parameters, OAuthResponseType.CODE);
|
|
14316
|
+
addCodeChallengeParams(parameters, request.codeChallenge, request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD);
|
|
14317
|
+
addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
|
|
14318
|
+
const queryParams = new Map();
|
|
14319
|
+
addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
|
|
14320
|
+
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
14321
|
+
return createForm(frame, url, parameters);
|
|
14322
|
+
}
|
|
14326
14323
|
/**
|
|
14327
14324
|
* Creates form element in the provided document with auth parameters in the post body
|
|
14328
14325
|
* @param frame
|
|
@@ -15014,9 +15011,10 @@
|
|
|
15014
15011
|
* @param pkceCodes
|
|
15015
15012
|
*/
|
|
15016
15013
|
acquireToken(request, pkceCodes) {
|
|
15014
|
+
let popupParams = undefined;
|
|
15017
15015
|
try {
|
|
15018
15016
|
const popupName = this.generatePopupName(request.scopes || OIDC_DEFAULT_SCOPES, request.authority || this.config.auth.authority);
|
|
15019
|
-
|
|
15017
|
+
popupParams = {
|
|
15020
15018
|
popupName,
|
|
15021
15019
|
popupWindowAttributes: request.popupWindowAttributes || {},
|
|
15022
15020
|
popupWindowParent: request.popupWindowParent ?? window,
|
|
@@ -15029,10 +15027,15 @@
|
|
|
15029
15027
|
return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
|
|
15030
15028
|
}
|
|
15031
15029
|
else {
|
|
15030
|
+
// Pre-validate request method to avoid opening popup if the request is invalid
|
|
15031
|
+
const validatedRequest = {
|
|
15032
|
+
...request,
|
|
15033
|
+
httpMethod: validateRequestMethod(request, this.config.auth.protocolMode),
|
|
15034
|
+
};
|
|
15032
15035
|
// asyncPopups flag is set to false. Opens popup before acquiring token.
|
|
15033
15036
|
this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
|
|
15034
15037
|
popupParams.popup = this.openSizedPopup("about:blank", popupParams);
|
|
15035
|
-
return this.acquireTokenPopupAsync(
|
|
15038
|
+
return this.acquireTokenPopupAsync(validatedRequest, popupParams, pkceCodes);
|
|
15036
15039
|
}
|
|
15037
15040
|
}
|
|
15038
15041
|
catch (e) {
|
|
@@ -15124,15 +15127,20 @@
|
|
|
15124
15127
|
requestExtraQueryParameters: popupRequest.extraQueryParameters,
|
|
15125
15128
|
account: popupRequest.account,
|
|
15126
15129
|
});
|
|
15127
|
-
|
|
15128
|
-
|
|
15129
|
-
|
|
15130
|
-
|
|
15131
|
-
|
|
15132
|
-
|
|
15133
|
-
|
|
15134
|
-
|
|
15135
|
-
|
|
15130
|
+
if (popupRequest.httpMethod === HttpMethod.POST) {
|
|
15131
|
+
return await this.executeCodeFlowWithPost(popupRequest, popupParams, authClient, pkce.verifier);
|
|
15132
|
+
}
|
|
15133
|
+
else {
|
|
15134
|
+
// Create acquire token url.
|
|
15135
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
|
|
15136
|
+
// Show the UI once the url has been created. Get the window handle for the popup.
|
|
15137
|
+
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
15138
|
+
this.eventHandler.emitEvent(EventType.POPUP_OPENED, exports.InteractionType.Popup, { popupWindow }, null);
|
|
15139
|
+
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
15140
|
+
const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
|
|
15141
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15142
|
+
return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15143
|
+
}
|
|
15136
15144
|
}
|
|
15137
15145
|
catch (e) {
|
|
15138
15146
|
// Close the synchronous popup if an error is thrown before the window unload event is registered
|
|
@@ -15170,6 +15178,23 @@
|
|
|
15170
15178
|
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15171
15179
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(popupRequest, serverParams, ApiId.acquireTokenPopup, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15172
15180
|
}
|
|
15181
|
+
async executeCodeFlowWithPost(request, popupParams, authClient, pkceVerifier) {
|
|
15182
|
+
const correlationId = request.correlationId;
|
|
15183
|
+
// Get the frame handle for the silent request
|
|
15184
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
15185
|
+
requestAuthority: request.authority,
|
|
15186
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
15187
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
15188
|
+
account: request.account,
|
|
15189
|
+
});
|
|
15190
|
+
const popupWindow = popupParams.popup || this.openPopup("about:blank", popupParams);
|
|
15191
|
+
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
15192
|
+
form.submit();
|
|
15193
|
+
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
15194
|
+
const responseString = await invokeAsync(this.monitorPopupForHash.bind(this), PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupWindow, popupParams.popupWindowParent);
|
|
15195
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15196
|
+
return invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15197
|
+
}
|
|
15173
15198
|
/**
|
|
15174
15199
|
*
|
|
15175
15200
|
* @param validRequest
|
|
@@ -15521,18 +15546,23 @@
|
|
|
15521
15546
|
};
|
|
15522
15547
|
this.browserStorage.cacheAuthorizeRequest(redirectRequest, pkceCodes.verifier);
|
|
15523
15548
|
try {
|
|
15524
|
-
|
|
15525
|
-
|
|
15526
|
-
|
|
15527
|
-
|
|
15528
|
-
|
|
15529
|
-
|
|
15530
|
-
|
|
15531
|
-
|
|
15532
|
-
|
|
15533
|
-
|
|
15534
|
-
|
|
15535
|
-
|
|
15549
|
+
if (redirectRequest.httpMethod === HttpMethod.POST) {
|
|
15550
|
+
return await this.executeCodeFlowWithPost(redirectRequest);
|
|
15551
|
+
}
|
|
15552
|
+
else {
|
|
15553
|
+
// Initialize the client
|
|
15554
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
|
|
15555
|
+
serverTelemetryManager,
|
|
15556
|
+
requestAuthority: redirectRequest.authority,
|
|
15557
|
+
requestAzureCloudOptions: redirectRequest.azureCloudOptions,
|
|
15558
|
+
requestExtraQueryParameters: redirectRequest.extraQueryParameters,
|
|
15559
|
+
account: redirectRequest.account,
|
|
15560
|
+
});
|
|
15561
|
+
// Create acquire token url.
|
|
15562
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
|
|
15563
|
+
// Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
|
|
15564
|
+
return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
|
|
15565
|
+
}
|
|
15536
15566
|
}
|
|
15537
15567
|
catch (e) {
|
|
15538
15568
|
if (e instanceof AuthError) {
|
|
@@ -15569,6 +15599,28 @@
|
|
|
15569
15599
|
}, this.config.system.redirectNavigationTimeout);
|
|
15570
15600
|
});
|
|
15571
15601
|
}
|
|
15602
|
+
/**
|
|
15603
|
+
* Executes classic Authorization Code flow with a POST request.
|
|
15604
|
+
* @param request
|
|
15605
|
+
*/
|
|
15606
|
+
async executeCodeFlowWithPost(request) {
|
|
15607
|
+
const correlationId = request.correlationId;
|
|
15608
|
+
// Get the frame handle for the silent request
|
|
15609
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
15610
|
+
requestAuthority: request.authority,
|
|
15611
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
15612
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
15613
|
+
account: request.account,
|
|
15614
|
+
});
|
|
15615
|
+
this.browserStorage.cacheAuthorizeRequest(request);
|
|
15616
|
+
const form = await getCodeForm(document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
15617
|
+
form.submit();
|
|
15618
|
+
return new Promise((resolve, reject) => {
|
|
15619
|
+
setTimeout(() => {
|
|
15620
|
+
reject(createBrowserAuthError(timedOut, "failed_to_redirect"));
|
|
15621
|
+
}, this.config.system.redirectNavigationTimeout);
|
|
15622
|
+
});
|
|
15623
|
+
}
|
|
15572
15624
|
/**
|
|
15573
15625
|
* Checks if navigateToLoginRequestUrl is set, and:
|
|
15574
15626
|
* - if true, performs logic to cache and navigate
|
|
@@ -15879,6 +15931,15 @@
|
|
|
15879
15931
|
}
|
|
15880
15932
|
return invoke(loadFrameSync, PerformanceEvents.SilentHandlerLoadFrameSync, logger, performanceClient, correlationId)(requestUrl);
|
|
15881
15933
|
}
|
|
15934
|
+
async function initiateCodeFlowWithPost(config, authority, request, logger, performanceClient) {
|
|
15935
|
+
const frame = createHiddenIframe();
|
|
15936
|
+
if (!frame.contentDocument) {
|
|
15937
|
+
throw "No document associated with iframe!";
|
|
15938
|
+
}
|
|
15939
|
+
const form = await getCodeForm(frame.contentDocument, config, authority, request, logger, performanceClient);
|
|
15940
|
+
form.submit();
|
|
15941
|
+
return frame;
|
|
15942
|
+
}
|
|
15882
15943
|
async function initiateEarRequest(config, authority, request, logger, performanceClient) {
|
|
15883
15944
|
const frame = createHiddenIframe();
|
|
15884
15945
|
if (!frame.contentDocument) {
|
|
@@ -16127,10 +16188,16 @@
|
|
|
16127
16188
|
...request,
|
|
16128
16189
|
codeChallenge: pkceCodes.challenge,
|
|
16129
16190
|
};
|
|
16130
|
-
|
|
16131
|
-
|
|
16132
|
-
|
|
16133
|
-
|
|
16191
|
+
let msalFrame;
|
|
16192
|
+
if (request.httpMethod === HttpMethod.POST) {
|
|
16193
|
+
msalFrame = await invokeAsync(initiateCodeFlowWithPost, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
16194
|
+
}
|
|
16195
|
+
else {
|
|
16196
|
+
// Create authorize request url
|
|
16197
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
16198
|
+
// Get the frame handle for the silent request
|
|
16199
|
+
msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
16200
|
+
}
|
|
16134
16201
|
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
16135
16202
|
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
16136
16203
|
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|
|
@@ -18229,7 +18296,13 @@
|
|
|
18229
18296
|
...this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp),
|
|
18230
18297
|
};
|
|
18231
18298
|
// cache the tokens in the response
|
|
18232
|
-
|
|
18299
|
+
try {
|
|
18300
|
+
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
|
|
18301
|
+
await this.hydrateCache(result, request);
|
|
18302
|
+
}
|
|
18303
|
+
catch (error) {
|
|
18304
|
+
this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
|
|
18305
|
+
}
|
|
18233
18306
|
// cache the account context in memory after successful token fetch
|
|
18234
18307
|
this.currentAccountContext = {
|
|
18235
18308
|
homeAccountId: result.account.homeAccountId,
|
|
@@ -18286,7 +18359,13 @@
|
|
|
18286
18359
|
const response = await this.bridgeProxy.getTokenSilent(naaRequest);
|
|
18287
18360
|
const result = this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp);
|
|
18288
18361
|
// cache the tokens in the response
|
|
18289
|
-
|
|
18362
|
+
try {
|
|
18363
|
+
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
|
|
18364
|
+
await this.hydrateCache(result, request);
|
|
18365
|
+
}
|
|
18366
|
+
catch (error) {
|
|
18367
|
+
this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
|
|
18368
|
+
}
|
|
18290
18369
|
// cache the account context in memory after successful token fetch
|
|
18291
18370
|
this.currentAccountContext = {
|
|
18292
18371
|
homeAccountId: result.account.homeAccountId,
|