@azure/msal-browser 4.14.0 → 4.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (307) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/LocalStorage.mjs +1 -1
  15. package/dist/cache/MemoryStorage.mjs +1 -1
  16. package/dist/cache/SessionStorage.mjs +1 -1
  17. package/dist/cache/TokenCache.mjs +1 -1
  18. package/dist/config/Configuration.mjs +1 -1
  19. package/dist/controllers/ControllerFactory.mjs +1 -1
  20. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  21. package/dist/controllers/NestedAppAuthController.mjs +15 -3
  22. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  23. package/dist/controllers/StandardController.mjs +1 -1
  24. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  25. package/dist/crypto/BrowserCrypto.mjs +1 -1
  26. package/dist/crypto/CryptoOps.mjs +1 -1
  27. package/dist/crypto/PkceGenerator.mjs +1 -1
  28. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  29. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  30. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  31. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  32. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  33. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  34. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  35. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  36. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  37. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  38. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  39. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  40. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  42. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  43. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  44. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  45. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  46. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  47. package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
  48. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  49. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  50. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  51. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  52. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  53. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  54. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  55. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  56. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  57. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  58. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  60. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  141. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  142. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  143. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  144. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  145. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  146. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  147. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  148. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  149. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  150. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  151. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  152. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  153. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  154. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
  155. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
  156. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
  157. package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
  158. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
  159. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
  160. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
  161. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
  162. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  163. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  164. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  165. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
  166. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  167. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  168. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  169. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
  170. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  171. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  172. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
  173. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  174. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
  175. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  176. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  177. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  178. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  179. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  180. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  181. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  182. package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
  183. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  184. package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
  185. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  186. package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
  187. package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
  188. package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
  189. package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
  190. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  191. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  192. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  193. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  194. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  195. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  196. package/dist/encode/Base64Decode.mjs +1 -1
  197. package/dist/encode/Base64Encode.mjs +1 -1
  198. package/dist/error/BrowserAuthError.mjs +1 -1
  199. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  200. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  201. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  202. package/dist/error/NativeAuthError.mjs +1 -1
  203. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  204. package/dist/error/NestedAppAuthError.mjs +1 -1
  205. package/dist/event/EventHandler.mjs +1 -1
  206. package/dist/event/EventMessage.mjs +1 -1
  207. package/dist/event/EventType.mjs +1 -1
  208. package/dist/index.mjs +1 -1
  209. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  210. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  211. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  212. package/dist/interaction_client/PopupClient.d.ts +2 -1
  213. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  214. package/dist/interaction_client/PopupClient.mjs +43 -14
  215. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  216. package/dist/interaction_client/RedirectClient.d.ts +5 -0
  217. package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
  218. package/dist/interaction_client/RedirectClient.mjs +42 -15
  219. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  220. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  221. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  222. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  223. package/dist/interaction_client/SilentIframeClient.mjs +13 -7
  224. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  225. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  226. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  227. package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
  228. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  229. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  230. package/dist/interaction_handler/SilentHandler.d.ts +1 -0
  231. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  232. package/dist/interaction_handler/SilentHandler.mjs +12 -3
  233. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  234. package/dist/naa/BridgeError.mjs +1 -1
  235. package/dist/naa/BridgeProxy.mjs +1 -1
  236. package/dist/naa/BridgeStatusCode.mjs +1 -1
  237. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  238. package/dist/navigation/NavigationClient.mjs +1 -1
  239. package/dist/network/FetchClient.mjs +1 -1
  240. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  241. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  242. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  243. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  244. package/dist/packageMetadata.d.ts +1 -1
  245. package/dist/packageMetadata.mjs +2 -2
  246. package/dist/protocol/Authorize.d.ts +4 -0
  247. package/dist/protocol/Authorize.d.ts.map +1 -1
  248. package/dist/protocol/Authorize.mjs +15 -2
  249. package/dist/protocol/Authorize.mjs.map +1 -1
  250. package/dist/request/RequestHelpers.d.ts +11 -1
  251. package/dist/request/RequestHelpers.d.ts.map +1 -1
  252. package/dist/request/RequestHelpers.mjs +32 -3
  253. package/dist/request/RequestHelpers.mjs.map +1 -1
  254. package/dist/response/ResponseHandler.mjs +1 -1
  255. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  256. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  257. package/dist/utils/BrowserConstants.mjs +1 -1
  258. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  259. package/dist/utils/BrowserUtils.mjs +1 -1
  260. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  261. package/lib/custom-auth-path/msal-custom-auth.cjs +233 -172
  262. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  263. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  264. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  265. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
  266. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
  267. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
  268. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
  269. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  270. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  271. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
  272. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  273. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  274. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
  275. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  276. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
  277. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
  278. package/lib/msal-browser.cjs +259 -180
  279. package/lib/msal-browser.cjs.map +1 -1
  280. package/lib/msal-browser.js +259 -180
  281. package/lib/msal-browser.js.map +1 -1
  282. package/lib/msal-browser.min.js +68 -69
  283. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  284. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  285. package/lib/types/interaction_client/PopupClient.d.ts +2 -1
  286. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  287. package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
  288. package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
  289. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  290. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  291. package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
  292. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  293. package/lib/types/packageMetadata.d.ts +1 -1
  294. package/lib/types/protocol/Authorize.d.ts +4 -0
  295. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  296. package/lib/types/request/RequestHelpers.d.ts +11 -1
  297. package/lib/types/request/RequestHelpers.d.ts.map +1 -1
  298. package/package.json +2 -2
  299. package/src/controllers/NestedAppAuthController.ts +18 -2
  300. package/src/interaction_client/PopupClient.ts +161 -63
  301. package/src/interaction_client/RedirectClient.ts +86 -35
  302. package/src/interaction_client/SilentIframeClient.ts +49 -28
  303. package/src/interaction_client/StandardInteractionClient.ts +13 -2
  304. package/src/interaction_handler/SilentHandler.ts +24 -1
  305. package/src/packageMetadata.ts +1 -1
  306. package/src/protocol/Authorize.ts +48 -0
  307. package/src/request/RequestHelpers.ts +45 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.14.0 2025-07-01 */
1
+ /*! @azure/msal-browser v4.16.0 2025-07-23 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -82,6 +82,10 @@ const HttpStatus = {
82
82
  SERVER_ERROR_RANGE_END: 599,
83
83
  MULTI_SIDED_ERROR: 600,
84
84
  };
85
+ const HttpMethod$1 = {
86
+ GET: "GET",
87
+ POST: "POST",
88
+ };
85
89
  const OIDC_DEFAULT_SCOPES = [
86
90
  Constants.OPENID_SCOPE,
87
91
  Constants.PROFILE_SCOPE,
@@ -132,16 +136,8 @@ const PromptValue = {
132
136
  SELECT_ACCOUNT: "select_account",
133
137
  CONSENT: "consent",
134
138
  NONE: "none",
135
- CREATE: "create",
136
139
  NO_SESSION: "no_session",
137
140
  };
138
- /**
139
- * allowed values for codeVerifier
140
- */
141
- const CodeChallengeMethodValues = {
142
- PLAIN: "plain",
143
- S256: "S256",
144
- };
145
141
  /**
146
142
  * Allowed values for response_type
147
143
  */
@@ -282,7 +278,7 @@ const JsonWebTokenTypes = {
282
278
  // Token renewal offset default in seconds
283
279
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
284
280
 
285
- /*! @azure/msal-common v15.8.0 2025-07-01 */
281
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
286
282
  /*
287
283
  * Copyright (c) Microsoft Corporation. All rights reserved.
288
284
  * Licensed under the MIT License.
@@ -293,7 +289,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
293
289
  const unexpectedError = "unexpected_error";
294
290
  const postRequestFailed$1 = "post_request_failed";
295
291
 
296
- /*! @azure/msal-common v15.8.0 2025-07-01 */
292
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
297
293
 
298
294
  /*
299
295
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -328,7 +324,7 @@ function createAuthError(code, additionalMessage) {
328
324
  : AuthErrorMessages[code]);
329
325
  }
330
326
 
331
- /*! @azure/msal-common v15.8.0 2025-07-01 */
327
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
332
328
  /*
333
329
  * Copyright (c) Microsoft Corporation. All rights reserved.
334
330
  * Licensed under the MIT License.
@@ -378,7 +374,7 @@ const missingTenantIdError = "missing_tenant_id_error";
378
374
  const methodNotImplemented = "method_not_implemented";
379
375
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
380
376
 
381
- /*! @azure/msal-common v15.8.0 2025-07-01 */
377
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
382
378
 
383
379
  /*
384
380
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -452,7 +448,7 @@ function createClientAuthError(errorCode, additionalMessage) {
452
448
  return new ClientAuthError(errorCode, additionalMessage);
453
449
  }
454
450
 
455
- /*! @azure/msal-common v15.8.0 2025-07-01 */
451
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
456
452
 
457
453
  /*
458
454
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -491,7 +487,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
491
487
  },
492
488
  };
493
489
 
494
- /*! @azure/msal-common v15.8.0 2025-07-01 */
490
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
495
491
 
496
492
  /*
497
493
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -682,12 +678,12 @@ class Logger {
682
678
  }
683
679
  }
684
680
 
685
- /*! @azure/msal-common v15.8.0 2025-07-01 */
681
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
686
682
  /* eslint-disable header/header */
687
683
  const name$1 = "@azure/msal-common";
688
- const version$1 = "15.8.0";
684
+ const version$1 = "15.9.0";
689
685
 
690
- /*! @azure/msal-common v15.8.0 2025-07-01 */
686
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
691
687
  /*
692
688
  * Copyright (c) Microsoft Corporation. All rights reserved.
693
689
  * Licensed under the MIT License.
@@ -696,7 +692,7 @@ const AzureCloudInstance = {
696
692
  // AzureCloudInstance is not specified.
697
693
  None: "none"};
698
694
 
699
- /*! @azure/msal-common v15.8.0 2025-07-01 */
695
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
700
696
 
701
697
  /*
702
698
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -757,7 +753,7 @@ function checkMaxAge(authTime, maxAge) {
757
753
  }
758
754
  }
759
755
 
760
- /*! @azure/msal-common v15.8.0 2025-07-01 */
756
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
761
757
  /*
762
758
  * Copyright (c) Microsoft Corporation. All rights reserved.
763
759
  * Licensed under the MIT License.
@@ -812,7 +808,7 @@ function wasClockTurnedBack(cachedAt) {
812
808
  return cachedAtSec > nowSeconds();
813
809
  }
814
810
 
815
- /*! @azure/msal-common v15.8.0 2025-07-01 */
811
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
816
812
 
817
813
  /*
818
814
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1139,7 +1135,7 @@ function isAuthorityMetadataExpired(metadata) {
1139
1135
  return metadata.expiresAt <= nowSeconds();
1140
1136
  }
1141
1137
 
1142
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1138
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1143
1139
  /*
1144
1140
  * Copyright (c) Microsoft Corporation. All rights reserved.
1145
1141
  * Licensed under the MIT License.
@@ -1150,7 +1146,6 @@ const authorityUriInsecure = "authority_uri_insecure";
1150
1146
  const urlParseError = "url_parse_error";
1151
1147
  const urlEmptyError = "empty_url_error";
1152
1148
  const emptyInputScopesError = "empty_input_scopes_error";
1153
- const invalidPromptValue = "invalid_prompt_value";
1154
1149
  const invalidClaims = "invalid_claims";
1155
1150
  const tokenRequestEmpty = "token_request_empty";
1156
1151
  const logoutRequestEmpty = "logout_request_empty";
@@ -1165,9 +1160,11 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
1165
1160
  const invalidAuthenticationHeader = "invalid_authentication_header";
1166
1161
  const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
1167
1162
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
1168
- const authorityMismatch = "authority_mismatch";
1163
+ const authorityMismatch = "authority_mismatch";
1164
+ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
1165
+ const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
1169
1166
 
1170
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1167
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1171
1168
 
1172
1169
  /*
1173
1170
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1180,7 +1177,6 @@ const ClientConfigurationErrorMessages = {
1180
1177
  [urlParseError]: "URL could not be parsed into appropriate segments.",
1181
1178
  [urlEmptyError]: "URL was empty or null.",
1182
1179
  [emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
1183
- [invalidPromptValue]: "Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",
1184
1180
  [invalidClaims]: "Given claims parameter must be a stringified JSON object.",
1185
1181
  [tokenRequestEmpty]: "Token request was empty and not found in cache.",
1186
1182
  [logoutRequestEmpty]: "The logout request was null or undefined.",
@@ -1196,6 +1192,8 @@ const ClientConfigurationErrorMessages = {
1196
1192
  [cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
1197
1193
  [cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
1198
1194
  [authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
1195
+ [invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
1196
+ [invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
1199
1197
  };
1200
1198
  /**
1201
1199
  * Error thrown when there is an error in configuration of the MSAL.js library.
@@ -1211,7 +1209,7 @@ function createClientConfigurationError(errorCode) {
1211
1209
  return new ClientConfigurationError(errorCode);
1212
1210
  }
1213
1211
 
1214
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1212
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1215
1213
  /*
1216
1214
  * Copyright (c) Microsoft Corporation. All rights reserved.
1217
1215
  * Licensed under the MIT License.
@@ -1308,7 +1306,7 @@ class StringUtils {
1308
1306
  }
1309
1307
  }
1310
1308
 
1311
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1309
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1312
1310
 
1313
1311
  /*
1314
1312
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1499,7 +1497,7 @@ class ScopeSet {
1499
1497
  }
1500
1498
  }
1501
1499
 
1502
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1500
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1503
1501
 
1504
1502
  /*
1505
1503
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1539,7 +1537,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1539
1537
  };
1540
1538
  }
1541
1539
 
1542
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1540
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1543
1541
  /*
1544
1542
  * Copyright (c) Microsoft Corporation. All rights reserved.
1545
1543
  * Licensed under the MIT License.
@@ -1618,7 +1616,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1618
1616
  return updatedAccountInfo;
1619
1617
  }
1620
1618
 
1621
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1619
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1622
1620
  /*
1623
1621
  * Copyright (c) Microsoft Corporation. All rights reserved.
1624
1622
  * Licensed under the MIT License.
@@ -1633,7 +1631,7 @@ const AuthorityType = {
1633
1631
  Ciam: 3,
1634
1632
  };
1635
1633
 
1636
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1634
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1637
1635
  /*
1638
1636
  * Copyright (c) Microsoft Corporation. All rights reserved.
1639
1637
  * Licensed under the MIT License.
@@ -1655,7 +1653,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
1655
1653
  return null;
1656
1654
  }
1657
1655
 
1658
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1656
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1659
1657
  /*
1660
1658
  * Copyright (c) Microsoft Corporation. All rights reserved.
1661
1659
  * Licensed under the MIT License.
@@ -1679,7 +1677,7 @@ const ProtocolMode = {
1679
1677
  EAR: "EAR",
1680
1678
  };
1681
1679
 
1682
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1680
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1683
1681
 
1684
1682
  /*
1685
1683
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1922,7 +1920,7 @@ class AccountEntity {
1922
1920
  }
1923
1921
  }
1924
1922
 
1925
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1923
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1926
1924
 
1927
1925
  /*
1928
1926
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1987,7 +1985,7 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
1987
1985
  return queryParameterArray.join("&");
1988
1986
  }
1989
1987
 
1990
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1988
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1991
1989
 
1992
1990
  /*
1993
1991
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2151,7 +2149,7 @@ class UrlString {
2151
2149
  }
2152
2150
  }
2153
2151
 
2154
- /*! @azure/msal-common v15.8.0 2025-07-01 */
2152
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2155
2153
 
2156
2154
  /*
2157
2155
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2290,7 +2288,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2290
2288
  return null;
2291
2289
  }
2292
2290
 
2293
- /*! @azure/msal-common v15.8.0 2025-07-01 */
2291
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2294
2292
  /*
2295
2293
  * Copyright (c) Microsoft Corporation. All rights reserved.
2296
2294
  * Licensed under the MIT License.
@@ -2298,7 +2296,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2298
2296
  const cacheQuotaExceeded = "cache_quota_exceeded";
2299
2297
  const cacheErrorUnknown = "cache_error_unknown";
2300
2298
 
2301
- /*! @azure/msal-common v15.8.0 2025-07-01 */
2299
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2302
2300
 
2303
2301
  /*
2304
2302
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2343,7 +2341,7 @@ function createCacheError(e) {
2343
2341
  }
2344
2342
  }
2345
2343
 
2346
- /*! @azure/msal-common v15.8.0 2025-07-01 */
2344
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2347
2345
 
2348
2346
  /*
2349
2347
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3509,7 +3507,7 @@ class DefaultStorageClass extends CacheManager {
3509
3507
  }
3510
3508
  }
3511
3509
 
3512
- /*! @azure/msal-common v15.8.0 2025-07-01 */
3510
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
3513
3511
  /*
3514
3512
  * Copyright (c) Microsoft Corporation. All rights reserved.
3515
3513
  * Licensed under the MIT License.
@@ -3776,7 +3774,7 @@ const PerformanceEvents = {
3776
3774
  const PerformanceEventStatus = {
3777
3775
  InProgress: 1};
3778
3776
 
3779
- /*! @azure/msal-common v15.8.0 2025-07-01 */
3777
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
3780
3778
 
3781
3779
  /*
3782
3780
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3855,7 +3853,7 @@ class StubPerformanceClient {
3855
3853
  }
3856
3854
  }
3857
3855
 
3858
- /*! @azure/msal-common v15.8.0 2025-07-01 */
3856
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
3859
3857
 
3860
3858
  /*
3861
3859
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3955,7 +3953,7 @@ function isOidcProtocolMode(config) {
3955
3953
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
3956
3954
  }
3957
3955
 
3958
- /*! @azure/msal-common v15.8.0 2025-07-01 */
3956
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
3959
3957
  /*
3960
3958
  * Copyright (c) Microsoft Corporation. All rights reserved.
3961
3959
  * Licensed under the MIT License.
@@ -3965,7 +3963,7 @@ const CcsCredentialType = {
3965
3963
  UPN: "UPN",
3966
3964
  };
3967
3965
 
3968
- /*! @azure/msal-common v15.8.0 2025-07-01 */
3966
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
3969
3967
  /*
3970
3968
  * Copyright (c) Microsoft Corporation. All rights reserved.
3971
3969
  * Licensed under the MIT License.
@@ -4015,7 +4013,7 @@ const INSTANCE_AWARE = "instance_aware";
4015
4013
  const EAR_JWK = "ear_jwk";
4016
4014
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4017
4015
 
4018
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4016
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4019
4017
 
4020
4018
  /*
4021
4019
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4381,9 +4379,21 @@ function addEARParameters(parameters, jwk) {
4381
4379
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
4382
4380
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
4383
4381
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
4382
+ }
4383
+ /**
4384
+ * Adds authorize body parameters to the request parameters
4385
+ * @param parameters
4386
+ * @param bodyParameters
4387
+ */
4388
+ function addPostBodyParameters(parameters, bodyParameters) {
4389
+ Object.entries(bodyParameters).forEach(([key, value]) => {
4390
+ if (value) {
4391
+ parameters.set(key, value);
4392
+ }
4393
+ });
4384
4394
  }
4385
4395
 
4386
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4396
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4387
4397
  /*
4388
4398
  * Copyright (c) Microsoft Corporation. All rights reserved.
4389
4399
  * Licensed under the MIT License.
@@ -4395,7 +4405,7 @@ function isOpenIdConfigResponse(response) {
4395
4405
  response.hasOwnProperty("jwks_uri"));
4396
4406
  }
4397
4407
 
4398
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4408
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4399
4409
  /*
4400
4410
  * Copyright (c) Microsoft Corporation. All rights reserved.
4401
4411
  * Licensed under the MIT License.
@@ -4405,7 +4415,7 @@ function isCloudInstanceDiscoveryResponse(response) {
4405
4415
  response.hasOwnProperty("metadata"));
4406
4416
  }
4407
4417
 
4408
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4418
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4409
4419
  /*
4410
4420
  * Copyright (c) Microsoft Corporation. All rights reserved.
4411
4421
  * Licensed under the MIT License.
@@ -4415,7 +4425,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
4415
4425
  response.hasOwnProperty("error_description"));
4416
4426
  }
4417
4427
 
4418
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4428
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4419
4429
  /*
4420
4430
  * Copyright (c) Microsoft Corporation. All rights reserved.
4421
4431
  * Licensed under the MIT License.
@@ -4511,7 +4521,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
4511
4521
  };
4512
4522
  };
4513
4523
 
4514
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4524
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4515
4525
 
4516
4526
  /*
4517
4527
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4617,7 +4627,7 @@ RegionDiscovery.IMDS_OPTIONS = {
4617
4627
  },
4618
4628
  };
4619
4629
 
4620
- /*! @azure/msal-common v15.8.0 2025-07-01 */
4630
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4621
4631
 
4622
4632
  /*
4623
4633
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5456,7 +5466,7 @@ function buildStaticAuthorityOptions(authOptions) {
5456
5466
  };
5457
5467
  }
5458
5468
 
5459
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5469
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5460
5470
 
5461
5471
  /*
5462
5472
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5487,7 +5497,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
5487
5497
  }
5488
5498
  }
5489
5499
 
5490
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5500
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5491
5501
 
5492
5502
  /*
5493
5503
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5506,7 +5516,7 @@ class ServerError extends AuthError {
5506
5516
  }
5507
5517
  }
5508
5518
 
5509
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5519
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5510
5520
  /*
5511
5521
  * Copyright (c) Microsoft Corporation. All rights reserved.
5512
5522
  * Licensed under the MIT License.
@@ -5527,7 +5537,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
5527
5537
  };
5528
5538
  }
5529
5539
 
5530
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5540
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5531
5541
 
5532
5542
  /*
5533
5543
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5614,7 +5624,7 @@ class ThrottlingUtils {
5614
5624
  }
5615
5625
  }
5616
5626
 
5617
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5627
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5618
5628
 
5619
5629
  /*
5620
5630
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5645,7 +5655,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
5645
5655
  return new NetworkError(error, httpStatus, responseHeaders);
5646
5656
  }
5647
5657
 
5648
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5658
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5649
5659
 
5650
5660
  /*
5651
5661
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5793,7 +5803,7 @@ class BaseClient {
5793
5803
  }
5794
5804
  }
5795
5805
 
5796
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5806
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5797
5807
  /*
5798
5808
  * Copyright (c) Microsoft Corporation. All rights reserved.
5799
5809
  * Licensed under the MIT License.
@@ -5809,7 +5819,7 @@ const consentRequired = "consent_required";
5809
5819
  const loginRequired = "login_required";
5810
5820
  const badToken = "bad_token";
5811
5821
 
5812
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5822
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5813
5823
 
5814
5824
  /*
5815
5825
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5881,7 +5891,7 @@ function createInteractionRequiredAuthError(errorCode) {
5881
5891
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
5882
5892
  }
5883
5893
 
5884
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5894
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5885
5895
 
5886
5896
  /*
5887
5897
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5953,7 +5963,7 @@ class ProtocolUtils {
5953
5963
  }
5954
5964
  }
5955
5965
 
5956
- /*! @azure/msal-common v15.8.0 2025-07-01 */
5966
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5957
5967
 
5958
5968
  /*
5959
5969
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6035,7 +6045,7 @@ class PopTokenGenerator {
6035
6045
  }
6036
6046
  }
6037
6047
 
6038
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6048
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6039
6049
  /*
6040
6050
  * Copyright (c) Microsoft Corporation. All rights reserved.
6041
6051
  * Licensed under the MIT License.
@@ -6062,7 +6072,7 @@ class PopTokenGenerator {
6062
6072
  }
6063
6073
  }
6064
6074
 
6065
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6075
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6066
6076
 
6067
6077
  /*
6068
6078
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6393,74 +6403,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
6393
6403
  return baseAccount;
6394
6404
  }
6395
6405
 
6396
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6397
-
6398
- /*
6399
- * Copyright (c) Microsoft Corporation. All rights reserved.
6400
- * Licensed under the MIT License.
6401
- */
6402
- /**
6403
- * Validates server consumable params from the "request" objects
6404
- */
6405
- class RequestValidator {
6406
- /**
6407
- * Utility to check if the `redirectUri` in the request is a non-null value
6408
- * @param redirectUri
6409
- */
6410
- static validateRedirectUri(redirectUri) {
6411
- if (!redirectUri) {
6412
- throw createClientConfigurationError(redirectUriEmpty);
6413
- }
6414
- }
6415
- /**
6416
- * Utility to validate prompt sent by the user in the request
6417
- * @param prompt
6418
- */
6419
- static validatePrompt(prompt) {
6420
- const promptValues = [];
6421
- for (const value in PromptValue) {
6422
- promptValues.push(PromptValue[value]);
6423
- }
6424
- if (promptValues.indexOf(prompt) < 0) {
6425
- throw createClientConfigurationError(invalidPromptValue);
6426
- }
6427
- }
6428
- static validateClaims(claims) {
6429
- try {
6430
- JSON.parse(claims);
6431
- }
6432
- catch (e) {
6433
- throw createClientConfigurationError(invalidClaims);
6434
- }
6435
- }
6436
- /**
6437
- * Utility to validate code_challenge and code_challenge_method
6438
- * @param codeChallenge
6439
- * @param codeChallengeMethod
6440
- */
6441
- static validateCodeChallengeParams(codeChallenge, codeChallengeMethod) {
6442
- if (!codeChallenge || !codeChallengeMethod) {
6443
- throw createClientConfigurationError(pkceParamsMissing);
6444
- }
6445
- else {
6446
- this.validateCodeChallengeMethod(codeChallengeMethod);
6447
- }
6448
- }
6449
- /**
6450
- * Utility to validate code_challenge_method
6451
- * @param codeChallengeMethod
6452
- */
6453
- static validateCodeChallengeMethod(codeChallengeMethod) {
6454
- if ([
6455
- CodeChallengeMethodValues.PLAIN,
6456
- CodeChallengeMethodValues.S256,
6457
- ].indexOf(codeChallengeMethod) < 0) {
6458
- throw createClientConfigurationError(invalidCodeChallengeMethod);
6459
- }
6460
- }
6461
- }
6462
-
6463
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6406
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6464
6407
  /*
6465
6408
  * Copyright (c) Microsoft Corporation. All rights reserved.
6466
6409
  * Licensed under the MIT License.
@@ -6478,7 +6421,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
6478
6421
  }
6479
6422
  }
6480
6423
 
6481
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6424
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6482
6425
 
6483
6426
  /*
6484
6427
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6572,7 +6515,9 @@ class AuthorizationCodeClient extends BaseClient {
6572
6515
  */
6573
6516
  if (!this.includeRedirectUri) {
6574
6517
  // Just validate
6575
- RequestValidator.validateRedirectUri(request.redirectUri);
6518
+ if (!request.redirectUri) {
6519
+ throw createClientConfigurationError(redirectUriEmpty);
6520
+ }
6576
6521
  }
6577
6522
  else {
6578
6523
  // Validate and include redirect uri
@@ -6711,7 +6656,7 @@ class AuthorizationCodeClient extends BaseClient {
6711
6656
  }
6712
6657
  }
6713
6658
 
6714
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6659
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6715
6660
 
6716
6661
  /*
6717
6662
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6920,7 +6865,7 @@ class RefreshTokenClient extends BaseClient {
6920
6865
  }
6921
6866
  }
6922
6867
 
6923
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6868
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6924
6869
 
6925
6870
  /*
6926
6871
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7018,7 +6963,7 @@ class SilentFlowClient extends BaseClient {
7018
6963
  }
7019
6964
  }
7020
6965
 
7021
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6966
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7022
6967
 
7023
6968
  /*
7024
6969
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7033,7 +6978,7 @@ const StubbedNetworkModule = {
7033
6978
  },
7034
6979
  };
7035
6980
 
7036
- /*! @azure/msal-common v15.8.0 2025-07-01 */
6981
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7037
6982
 
7038
6983
  /*
7039
6984
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7257,7 +7202,7 @@ function extractLoginHint(account) {
7257
7202
  return account.idTokenClaims?.login_hint || null;
7258
7203
  }
7259
7204
 
7260
- /*! @azure/msal-common v15.8.0 2025-07-01 */
7205
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7261
7206
 
7262
7207
  /*
7263
7208
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7520,7 +7465,7 @@ class ServerTelemetryManager {
7520
7465
  }
7521
7466
  }
7522
7467
 
7523
- /*! @azure/msal-common v15.8.0 2025-07-01 */
7468
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7524
7469
  /*
7525
7470
  * Copyright (c) Microsoft Corporation. All rights reserved.
7526
7471
  * Licensed under the MIT License.
@@ -7528,7 +7473,7 @@ class ServerTelemetryManager {
7528
7473
  const missingKidError = "missing_kid_error";
7529
7474
  const missingAlgError = "missing_alg_error";
7530
7475
 
7531
- /*! @azure/msal-common v15.8.0 2025-07-01 */
7476
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7532
7477
 
7533
7478
  /*
7534
7479
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7553,7 +7498,7 @@ function createJoseHeaderError(code) {
7553
7498
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
7554
7499
  }
7555
7500
 
7556
- /*! @azure/msal-common v15.8.0 2025-07-01 */
7501
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7557
7502
 
7558
7503
  /*
7559
7504
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7926,7 +7871,7 @@ function ensureArgumentIsNotEmptyString(argName, argValue, correlationId) {
7926
7871
 
7927
7872
  /* eslint-disable header/header */
7928
7873
  const name = "@azure/msal-browser";
7929
- const version = "4.14.0";
7874
+ const version = "4.16.0";
7930
7875
 
7931
7876
  /*
7932
7877
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10473,6 +10418,35 @@ async function initializeSilentRequest(request, account, config, performanceClie
10473
10418
  account: account,
10474
10419
  forceRefresh: request.forceRefresh || false,
10475
10420
  };
10421
+ }
10422
+ /**
10423
+ * Validates that the combination of request method, protocol mode and authorize body parameters is correct.
10424
+ * Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
10425
+ * @param interactionRequest
10426
+ * @param protocolMode
10427
+ * @returns
10428
+ */
10429
+ function validateRequestMethod(interactionRequest, protocolMode) {
10430
+ let httpMethod;
10431
+ const requestMethod = interactionRequest.httpMethod;
10432
+ if (protocolMode === ProtocolMode.EAR) {
10433
+ // Don't override httpMethod if it is already set, default to POST if not set
10434
+ httpMethod = requestMethod || HttpMethod$1.POST;
10435
+ // Validate that method is not GET if protocol mode is EAR
10436
+ if (httpMethod !== HttpMethod$1.POST) {
10437
+ throw createClientConfigurationError(invalidRequestMethodForEAR);
10438
+ }
10439
+ }
10440
+ else {
10441
+ // For non-EAR protocol modes, default to GET if httpMethod is not set
10442
+ httpMethod = requestMethod || HttpMethod$1.GET;
10443
+ }
10444
+ // Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
10445
+ if (interactionRequest.authorizePostBodyParameters &&
10446
+ httpMethod !== HttpMethod$1.POST) {
10447
+ throw createClientConfigurationError(invalidAuthorizePostBodyParameters);
10448
+ }
10449
+ return httpMethod;
10476
10450
  }
10477
10451
 
10478
10452
  /*
@@ -10649,7 +10623,7 @@ class StandardInteractionClient extends BaseInteractionClient {
10649
10623
  };
10650
10624
  const state = ProtocolUtils.setRequestState(this.browserCrypto, (request && request.state) || Constants.EMPTY_STRING, browserState);
10651
10625
  const baseRequest = await invokeAsync(initializeBaseRequest, PerformanceEvents.InitializeBaseRequest, this.logger, this.performanceClient, this.correlationId)({ ...request, correlationId: this.correlationId }, this.config, this.performanceClient, this.logger);
10652
- const validatedRequest = {
10626
+ const interactionRequest = {
10653
10627
  ...baseRequest,
10654
10628
  redirectUri: redirectUri,
10655
10629
  state: state,
@@ -10657,6 +10631,10 @@ class StandardInteractionClient extends BaseInteractionClient {
10657
10631
  responseMode: this.config.auth.OIDCOptions
10658
10632
  .serverResponseType,
10659
10633
  };
10634
+ const validatedRequest = {
10635
+ ...interactionRequest,
10636
+ httpMethod: validateRequestMethod(interactionRequest, this.config.auth.protocolMode),
10637
+ };
10660
10638
  // Skip active account lookup if either login hint or session id is set
10661
10639
  if (request.loginHint || request.sid) {
10662
10640
  return validatedRequest;
@@ -15569,6 +15547,19 @@ async function getEARForm(frame, config, authority, request, logger, performance
15569
15547
  const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
15570
15548
  return createForm(frame, url, parameters);
15571
15549
  }
15550
+ /**
15551
+ * Gets the form that will be posted to /authorize with request parameters when using POST method
15552
+ */
15553
+ async function getCodeForm(frame, config, authority, request, logger, performanceClient) {
15554
+ const parameters = await getStandardParameters(config, authority, request, logger, performanceClient);
15555
+ addResponseType(parameters, OAuthResponseType.CODE);
15556
+ addCodeChallengeParams(parameters, request.codeChallenge, request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD);
15557
+ addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
15558
+ const queryParams = new Map();
15559
+ addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
15560
+ const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
15561
+ return createForm(frame, url, parameters);
15562
+ }
15572
15563
  /**
15573
15564
  * Creates form element in the provided document with auth parameters in the post body
15574
15565
  * @param frame
@@ -16535,9 +16526,10 @@ class PopupClient extends StandardInteractionClient {
16535
16526
  * @param pkceCodes
16536
16527
  */
16537
16528
  acquireToken(request, pkceCodes) {
16529
+ let popupParams = undefined;
16538
16530
  try {
16539
16531
  const popupName = this.generatePopupName(request.scopes || OIDC_DEFAULT_SCOPES, request.authority || this.config.auth.authority);
16540
- const popupParams = {
16532
+ popupParams = {
16541
16533
  popupName,
16542
16534
  popupWindowAttributes: request.popupWindowAttributes || {},
16543
16535
  popupWindowParent: request.popupWindowParent ?? window,
@@ -16550,10 +16542,15 @@ class PopupClient extends StandardInteractionClient {
16550
16542
  return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
16551
16543
  }
16552
16544
  else {
16545
+ // Pre-validate request method to avoid opening popup if the request is invalid
16546
+ const validatedRequest = {
16547
+ ...request,
16548
+ httpMethod: validateRequestMethod(request, this.config.auth.protocolMode),
16549
+ };
16553
16550
  // asyncPopups flag is set to false. Opens popup before acquiring token.
16554
16551
  this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
16555
16552
  popupParams.popup = this.openSizedPopup("about:blank", popupParams);
16556
- return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
16553
+ return this.acquireTokenPopupAsync(validatedRequest, popupParams, pkceCodes);
16557
16554
  }
16558
16555
  }
16559
16556
  catch (e) {
@@ -16645,15 +16642,20 @@ class PopupClient extends StandardInteractionClient {
16645
16642
  requestExtraQueryParameters: popupRequest.extraQueryParameters,
16646
16643
  account: popupRequest.account,
16647
16644
  });
16648
- // Create acquire token url.
16649
- const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
16650
- // Show the UI once the url has been created. Get the window handle for the popup.
16651
- const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
16652
- this.eventHandler.emitEvent(EventType.POPUP_OPENED, InteractionType.Popup, { popupWindow }, null);
16653
- // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
16654
- const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
16655
- const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
16656
- return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
16645
+ if (popupRequest.httpMethod === HttpMethod$1.POST) {
16646
+ return await this.executeCodeFlowWithPost(popupRequest, popupParams, authClient, pkce.verifier);
16647
+ }
16648
+ else {
16649
+ // Create acquire token url.
16650
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
16651
+ // Show the UI once the url has been created. Get the window handle for the popup.
16652
+ const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
16653
+ this.eventHandler.emitEvent(EventType.POPUP_OPENED, InteractionType.Popup, { popupWindow }, null);
16654
+ // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
16655
+ const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
16656
+ const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
16657
+ return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
16658
+ }
16657
16659
  }
16658
16660
  catch (e) {
16659
16661
  // Close the synchronous popup if an error is thrown before the window unload event is registered
@@ -16691,6 +16693,23 @@ class PopupClient extends StandardInteractionClient {
16691
16693
  const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
16692
16694
  return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(popupRequest, serverParams, ApiId.acquireTokenPopup, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
16693
16695
  }
16696
+ async executeCodeFlowWithPost(request, popupParams, authClient, pkceVerifier) {
16697
+ const correlationId = request.correlationId;
16698
+ // Get the frame handle for the silent request
16699
+ const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
16700
+ requestAuthority: request.authority,
16701
+ requestAzureCloudOptions: request.azureCloudOptions,
16702
+ requestExtraQueryParameters: request.extraQueryParameters,
16703
+ account: request.account,
16704
+ });
16705
+ const popupWindow = popupParams.popup || this.openPopup("about:blank", popupParams);
16706
+ const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
16707
+ form.submit();
16708
+ // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
16709
+ const responseString = await invokeAsync(this.monitorPopupForHash.bind(this), PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupWindow, popupParams.popupWindowParent);
16710
+ const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
16711
+ return invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
16712
+ }
16694
16713
  /**
16695
16714
  *
16696
16715
  * @param validRequest
@@ -17042,18 +17061,23 @@ class RedirectClient extends StandardInteractionClient {
17042
17061
  };
17043
17062
  this.browserStorage.cacheAuthorizeRequest(redirectRequest, pkceCodes.verifier);
17044
17063
  try {
17045
- // Initialize the client
17046
- const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
17047
- serverTelemetryManager,
17048
- requestAuthority: redirectRequest.authority,
17049
- requestAzureCloudOptions: redirectRequest.azureCloudOptions,
17050
- requestExtraQueryParameters: redirectRequest.extraQueryParameters,
17051
- account: redirectRequest.account,
17052
- });
17053
- // Create acquire token url.
17054
- const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
17055
- // Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
17056
- return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
17064
+ if (redirectRequest.httpMethod === HttpMethod$1.POST) {
17065
+ return await this.executeCodeFlowWithPost(redirectRequest);
17066
+ }
17067
+ else {
17068
+ // Initialize the client
17069
+ const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
17070
+ serverTelemetryManager,
17071
+ requestAuthority: redirectRequest.authority,
17072
+ requestAzureCloudOptions: redirectRequest.azureCloudOptions,
17073
+ requestExtraQueryParameters: redirectRequest.extraQueryParameters,
17074
+ account: redirectRequest.account,
17075
+ });
17076
+ // Create acquire token url.
17077
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
17078
+ // Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
17079
+ return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
17080
+ }
17057
17081
  }
17058
17082
  catch (e) {
17059
17083
  if (e instanceof AuthError) {
@@ -17090,6 +17114,28 @@ class RedirectClient extends StandardInteractionClient {
17090
17114
  }, this.config.system.redirectNavigationTimeout);
17091
17115
  });
17092
17116
  }
17117
+ /**
17118
+ * Executes classic Authorization Code flow with a POST request.
17119
+ * @param request
17120
+ */
17121
+ async executeCodeFlowWithPost(request) {
17122
+ const correlationId = request.correlationId;
17123
+ // Get the frame handle for the silent request
17124
+ const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
17125
+ requestAuthority: request.authority,
17126
+ requestAzureCloudOptions: request.azureCloudOptions,
17127
+ requestExtraQueryParameters: request.extraQueryParameters,
17128
+ account: request.account,
17129
+ });
17130
+ this.browserStorage.cacheAuthorizeRequest(request);
17131
+ const form = await getCodeForm(document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
17132
+ form.submit();
17133
+ return new Promise((resolve, reject) => {
17134
+ setTimeout(() => {
17135
+ reject(createBrowserAuthError(timedOut, "failed_to_redirect"));
17136
+ }, this.config.system.redirectNavigationTimeout);
17137
+ });
17138
+ }
17093
17139
  /**
17094
17140
  * Checks if navigateToLoginRequestUrl is set, and:
17095
17141
  * - if true, performs logic to cache and navigate
@@ -17400,6 +17446,15 @@ async function initiateCodeRequest(requestUrl, performanceClient, logger, correl
17400
17446
  }
17401
17447
  return invoke(loadFrameSync, PerformanceEvents.SilentHandlerLoadFrameSync, logger, performanceClient, correlationId)(requestUrl);
17402
17448
  }
17449
+ async function initiateCodeFlowWithPost(config, authority, request, logger, performanceClient) {
17450
+ const frame = createHiddenIframe();
17451
+ if (!frame.contentDocument) {
17452
+ throw "No document associated with iframe!";
17453
+ }
17454
+ const form = await getCodeForm(frame.contentDocument, config, authority, request, logger, performanceClient);
17455
+ form.submit();
17456
+ return frame;
17457
+ }
17403
17458
  async function initiateEarRequest(config, authority, request, logger, performanceClient) {
17404
17459
  const frame = createHiddenIframe();
17405
17460
  if (!frame.contentDocument) {
@@ -17648,10 +17703,16 @@ class SilentIframeClient extends StandardInteractionClient {
17648
17703
  ...request,
17649
17704
  codeChallenge: pkceCodes.challenge,
17650
17705
  };
17651
- // Create authorize request url
17652
- const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
17653
- // Get the frame handle for the silent request
17654
- const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
17706
+ let msalFrame;
17707
+ if (request.httpMethod === HttpMethod$1.POST) {
17708
+ msalFrame = await invokeAsync(initiateCodeFlowWithPost, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
17709
+ }
17710
+ else {
17711
+ // Create authorize request url
17712
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
17713
+ // Get the frame handle for the silent request
17714
+ msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
17715
+ }
17655
17716
  const responseType = this.config.auth.OIDCOptions.serverResponseType;
17656
17717
  // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
17657
17718
  const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);