@azure/msal-browser 4.14.0 → 4.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +15 -3
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
- package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.d.ts +2 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +43 -14
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +42 -15
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +4 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +15 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.d.ts +11 -1
- package/dist/request/RequestHelpers.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +32 -3
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +233 -172
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
- package/lib/msal-browser.cjs +259 -180
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +259 -180
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -69
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +4 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/RequestHelpers.d.ts +11 -1
- package/lib/types/request/RequestHelpers.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/controllers/NestedAppAuthController.ts +18 -2
- package/src/interaction_client/PopupClient.ts +161 -63
- package/src/interaction_client/RedirectClient.ts +86 -35
- package/src/interaction_client/SilentIframeClient.ts +49 -28
- package/src/interaction_client/StandardInteractionClient.ts +13 -2
- package/src/interaction_handler/SilentHandler.ts +24 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +48 -0
- package/src/request/RequestHelpers.ts +45 -0
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.16.0 2025-07-23 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -82,6 +82,10 @@ const HttpStatus = {
|
|
|
82
82
|
SERVER_ERROR_RANGE_END: 599,
|
|
83
83
|
MULTI_SIDED_ERROR: 600,
|
|
84
84
|
};
|
|
85
|
+
const HttpMethod$1 = {
|
|
86
|
+
GET: "GET",
|
|
87
|
+
POST: "POST",
|
|
88
|
+
};
|
|
85
89
|
const OIDC_DEFAULT_SCOPES = [
|
|
86
90
|
Constants.OPENID_SCOPE,
|
|
87
91
|
Constants.PROFILE_SCOPE,
|
|
@@ -132,16 +136,8 @@ const PromptValue = {
|
|
|
132
136
|
SELECT_ACCOUNT: "select_account",
|
|
133
137
|
CONSENT: "consent",
|
|
134
138
|
NONE: "none",
|
|
135
|
-
CREATE: "create",
|
|
136
139
|
NO_SESSION: "no_session",
|
|
137
140
|
};
|
|
138
|
-
/**
|
|
139
|
-
* allowed values for codeVerifier
|
|
140
|
-
*/
|
|
141
|
-
const CodeChallengeMethodValues = {
|
|
142
|
-
PLAIN: "plain",
|
|
143
|
-
S256: "S256",
|
|
144
|
-
};
|
|
145
141
|
/**
|
|
146
142
|
* Allowed values for response_type
|
|
147
143
|
*/
|
|
@@ -282,7 +278,7 @@ const JsonWebTokenTypes = {
|
|
|
282
278
|
// Token renewal offset default in seconds
|
|
283
279
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
284
280
|
|
|
285
|
-
/*! @azure/msal-common v15.
|
|
281
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
286
282
|
/*
|
|
287
283
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
288
284
|
* Licensed under the MIT License.
|
|
@@ -293,7 +289,7 @@ const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
|
293
289
|
const unexpectedError = "unexpected_error";
|
|
294
290
|
const postRequestFailed$1 = "post_request_failed";
|
|
295
291
|
|
|
296
|
-
/*! @azure/msal-common v15.
|
|
292
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
297
293
|
|
|
298
294
|
/*
|
|
299
295
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -328,7 +324,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
328
324
|
: AuthErrorMessages[code]);
|
|
329
325
|
}
|
|
330
326
|
|
|
331
|
-
/*! @azure/msal-common v15.
|
|
327
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
332
328
|
/*
|
|
333
329
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
334
330
|
* Licensed under the MIT License.
|
|
@@ -378,7 +374,7 @@ const missingTenantIdError = "missing_tenant_id_error";
|
|
|
378
374
|
const methodNotImplemented = "method_not_implemented";
|
|
379
375
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
380
376
|
|
|
381
|
-
/*! @azure/msal-common v15.
|
|
377
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
382
378
|
|
|
383
379
|
/*
|
|
384
380
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -452,7 +448,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
452
448
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
453
449
|
}
|
|
454
450
|
|
|
455
|
-
/*! @azure/msal-common v15.
|
|
451
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
456
452
|
|
|
457
453
|
/*
|
|
458
454
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -491,7 +487,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
491
487
|
},
|
|
492
488
|
};
|
|
493
489
|
|
|
494
|
-
/*! @azure/msal-common v15.
|
|
490
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
495
491
|
|
|
496
492
|
/*
|
|
497
493
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -682,12 +678,12 @@ class Logger {
|
|
|
682
678
|
}
|
|
683
679
|
}
|
|
684
680
|
|
|
685
|
-
/*! @azure/msal-common v15.
|
|
681
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
686
682
|
/* eslint-disable header/header */
|
|
687
683
|
const name$1 = "@azure/msal-common";
|
|
688
|
-
const version$1 = "15.
|
|
684
|
+
const version$1 = "15.9.0";
|
|
689
685
|
|
|
690
|
-
/*! @azure/msal-common v15.
|
|
686
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
691
687
|
/*
|
|
692
688
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
693
689
|
* Licensed under the MIT License.
|
|
@@ -696,7 +692,7 @@ const AzureCloudInstance = {
|
|
|
696
692
|
// AzureCloudInstance is not specified.
|
|
697
693
|
None: "none"};
|
|
698
694
|
|
|
699
|
-
/*! @azure/msal-common v15.
|
|
695
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
700
696
|
|
|
701
697
|
/*
|
|
702
698
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -757,7 +753,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
757
753
|
}
|
|
758
754
|
}
|
|
759
755
|
|
|
760
|
-
/*! @azure/msal-common v15.
|
|
756
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
761
757
|
/*
|
|
762
758
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
763
759
|
* Licensed under the MIT License.
|
|
@@ -812,7 +808,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
812
808
|
return cachedAtSec > nowSeconds();
|
|
813
809
|
}
|
|
814
810
|
|
|
815
|
-
/*! @azure/msal-common v15.
|
|
811
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
816
812
|
|
|
817
813
|
/*
|
|
818
814
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1139,7 +1135,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
1139
1135
|
return metadata.expiresAt <= nowSeconds();
|
|
1140
1136
|
}
|
|
1141
1137
|
|
|
1142
|
-
/*! @azure/msal-common v15.
|
|
1138
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1143
1139
|
/*
|
|
1144
1140
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1145
1141
|
* Licensed under the MIT License.
|
|
@@ -1150,7 +1146,6 @@ const authorityUriInsecure = "authority_uri_insecure";
|
|
|
1150
1146
|
const urlParseError = "url_parse_error";
|
|
1151
1147
|
const urlEmptyError = "empty_url_error";
|
|
1152
1148
|
const emptyInputScopesError = "empty_input_scopes_error";
|
|
1153
|
-
const invalidPromptValue = "invalid_prompt_value";
|
|
1154
1149
|
const invalidClaims = "invalid_claims";
|
|
1155
1150
|
const tokenRequestEmpty = "token_request_empty";
|
|
1156
1151
|
const logoutRequestEmpty = "logout_request_empty";
|
|
@@ -1165,9 +1160,11 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
|
|
|
1165
1160
|
const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
1166
1161
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
1167
1162
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
1168
|
-
const authorityMismatch = "authority_mismatch";
|
|
1163
|
+
const authorityMismatch = "authority_mismatch";
|
|
1164
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
1165
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
1169
1166
|
|
|
1170
|
-
/*! @azure/msal-common v15.
|
|
1167
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1171
1168
|
|
|
1172
1169
|
/*
|
|
1173
1170
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1180,7 +1177,6 @@ const ClientConfigurationErrorMessages = {
|
|
|
1180
1177
|
[urlParseError]: "URL could not be parsed into appropriate segments.",
|
|
1181
1178
|
[urlEmptyError]: "URL was empty or null.",
|
|
1182
1179
|
[emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
|
|
1183
|
-
[invalidPromptValue]: "Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",
|
|
1184
1180
|
[invalidClaims]: "Given claims parameter must be a stringified JSON object.",
|
|
1185
1181
|
[tokenRequestEmpty]: "Token request was empty and not found in cache.",
|
|
1186
1182
|
[logoutRequestEmpty]: "The logout request was null or undefined.",
|
|
@@ -1196,6 +1192,8 @@ const ClientConfigurationErrorMessages = {
|
|
|
1196
1192
|
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
1197
1193
|
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
1198
1194
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
1195
|
+
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
1196
|
+
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
1199
1197
|
};
|
|
1200
1198
|
/**
|
|
1201
1199
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -1211,7 +1209,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
1211
1209
|
return new ClientConfigurationError(errorCode);
|
|
1212
1210
|
}
|
|
1213
1211
|
|
|
1214
|
-
/*! @azure/msal-common v15.
|
|
1212
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1215
1213
|
/*
|
|
1216
1214
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1217
1215
|
* Licensed under the MIT License.
|
|
@@ -1308,7 +1306,7 @@ class StringUtils {
|
|
|
1308
1306
|
}
|
|
1309
1307
|
}
|
|
1310
1308
|
|
|
1311
|
-
/*! @azure/msal-common v15.
|
|
1309
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1312
1310
|
|
|
1313
1311
|
/*
|
|
1314
1312
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1499,7 +1497,7 @@ class ScopeSet {
|
|
|
1499
1497
|
}
|
|
1500
1498
|
}
|
|
1501
1499
|
|
|
1502
|
-
/*! @azure/msal-common v15.
|
|
1500
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1503
1501
|
|
|
1504
1502
|
/*
|
|
1505
1503
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1539,7 +1537,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1539
1537
|
};
|
|
1540
1538
|
}
|
|
1541
1539
|
|
|
1542
|
-
/*! @azure/msal-common v15.
|
|
1540
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1543
1541
|
/*
|
|
1544
1542
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1545
1543
|
* Licensed under the MIT License.
|
|
@@ -1618,7 +1616,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1618
1616
|
return updatedAccountInfo;
|
|
1619
1617
|
}
|
|
1620
1618
|
|
|
1621
|
-
/*! @azure/msal-common v15.
|
|
1619
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1622
1620
|
/*
|
|
1623
1621
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1624
1622
|
* Licensed under the MIT License.
|
|
@@ -1633,7 +1631,7 @@ const AuthorityType = {
|
|
|
1633
1631
|
Ciam: 3,
|
|
1634
1632
|
};
|
|
1635
1633
|
|
|
1636
|
-
/*! @azure/msal-common v15.
|
|
1634
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1637
1635
|
/*
|
|
1638
1636
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1639
1637
|
* Licensed under the MIT License.
|
|
@@ -1655,7 +1653,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
1655
1653
|
return null;
|
|
1656
1654
|
}
|
|
1657
1655
|
|
|
1658
|
-
/*! @azure/msal-common v15.
|
|
1656
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1659
1657
|
/*
|
|
1660
1658
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1661
1659
|
* Licensed under the MIT License.
|
|
@@ -1679,7 +1677,7 @@ const ProtocolMode = {
|
|
|
1679
1677
|
EAR: "EAR",
|
|
1680
1678
|
};
|
|
1681
1679
|
|
|
1682
|
-
/*! @azure/msal-common v15.
|
|
1680
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1683
1681
|
|
|
1684
1682
|
/*
|
|
1685
1683
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1922,7 +1920,7 @@ class AccountEntity {
|
|
|
1922
1920
|
}
|
|
1923
1921
|
}
|
|
1924
1922
|
|
|
1925
|
-
/*! @azure/msal-common v15.
|
|
1923
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1926
1924
|
|
|
1927
1925
|
/*
|
|
1928
1926
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1987,7 +1985,7 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
|
|
|
1987
1985
|
return queryParameterArray.join("&");
|
|
1988
1986
|
}
|
|
1989
1987
|
|
|
1990
|
-
/*! @azure/msal-common v15.
|
|
1988
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1991
1989
|
|
|
1992
1990
|
/*
|
|
1993
1991
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2151,7 +2149,7 @@ class UrlString {
|
|
|
2151
2149
|
}
|
|
2152
2150
|
}
|
|
2153
2151
|
|
|
2154
|
-
/*! @azure/msal-common v15.
|
|
2152
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2155
2153
|
|
|
2156
2154
|
/*
|
|
2157
2155
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2290,7 +2288,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2290
2288
|
return null;
|
|
2291
2289
|
}
|
|
2292
2290
|
|
|
2293
|
-
/*! @azure/msal-common v15.
|
|
2291
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2294
2292
|
/*
|
|
2295
2293
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2296
2294
|
* Licensed under the MIT License.
|
|
@@ -2298,7 +2296,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2298
2296
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2299
2297
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2300
2298
|
|
|
2301
|
-
/*! @azure/msal-common v15.
|
|
2299
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2302
2300
|
|
|
2303
2301
|
/*
|
|
2304
2302
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2343,7 +2341,7 @@ function createCacheError(e) {
|
|
|
2343
2341
|
}
|
|
2344
2342
|
}
|
|
2345
2343
|
|
|
2346
|
-
/*! @azure/msal-common v15.
|
|
2344
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2347
2345
|
|
|
2348
2346
|
/*
|
|
2349
2347
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3509,7 +3507,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3509
3507
|
}
|
|
3510
3508
|
}
|
|
3511
3509
|
|
|
3512
|
-
/*! @azure/msal-common v15.
|
|
3510
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3513
3511
|
/*
|
|
3514
3512
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3515
3513
|
* Licensed under the MIT License.
|
|
@@ -3776,7 +3774,7 @@ const PerformanceEvents = {
|
|
|
3776
3774
|
const PerformanceEventStatus = {
|
|
3777
3775
|
InProgress: 1};
|
|
3778
3776
|
|
|
3779
|
-
/*! @azure/msal-common v15.
|
|
3777
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3780
3778
|
|
|
3781
3779
|
/*
|
|
3782
3780
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3855,7 +3853,7 @@ class StubPerformanceClient {
|
|
|
3855
3853
|
}
|
|
3856
3854
|
}
|
|
3857
3855
|
|
|
3858
|
-
/*! @azure/msal-common v15.
|
|
3856
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3859
3857
|
|
|
3860
3858
|
/*
|
|
3861
3859
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3955,7 +3953,7 @@ function isOidcProtocolMode(config) {
|
|
|
3955
3953
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
3956
3954
|
}
|
|
3957
3955
|
|
|
3958
|
-
/*! @azure/msal-common v15.
|
|
3956
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3959
3957
|
/*
|
|
3960
3958
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3961
3959
|
* Licensed under the MIT License.
|
|
@@ -3965,7 +3963,7 @@ const CcsCredentialType = {
|
|
|
3965
3963
|
UPN: "UPN",
|
|
3966
3964
|
};
|
|
3967
3965
|
|
|
3968
|
-
/*! @azure/msal-common v15.
|
|
3966
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3969
3967
|
/*
|
|
3970
3968
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3971
3969
|
* Licensed under the MIT License.
|
|
@@ -4015,7 +4013,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
4015
4013
|
const EAR_JWK = "ear_jwk";
|
|
4016
4014
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4017
4015
|
|
|
4018
|
-
/*! @azure/msal-common v15.
|
|
4016
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4019
4017
|
|
|
4020
4018
|
/*
|
|
4021
4019
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4381,9 +4379,21 @@ function addEARParameters(parameters, jwk) {
|
|
|
4381
4379
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
4382
4380
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
4383
4381
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
4382
|
+
}
|
|
4383
|
+
/**
|
|
4384
|
+
* Adds authorize body parameters to the request parameters
|
|
4385
|
+
* @param parameters
|
|
4386
|
+
* @param bodyParameters
|
|
4387
|
+
*/
|
|
4388
|
+
function addPostBodyParameters(parameters, bodyParameters) {
|
|
4389
|
+
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
4390
|
+
if (value) {
|
|
4391
|
+
parameters.set(key, value);
|
|
4392
|
+
}
|
|
4393
|
+
});
|
|
4384
4394
|
}
|
|
4385
4395
|
|
|
4386
|
-
/*! @azure/msal-common v15.
|
|
4396
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4387
4397
|
/*
|
|
4388
4398
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4389
4399
|
* Licensed under the MIT License.
|
|
@@ -4395,7 +4405,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
4395
4405
|
response.hasOwnProperty("jwks_uri"));
|
|
4396
4406
|
}
|
|
4397
4407
|
|
|
4398
|
-
/*! @azure/msal-common v15.
|
|
4408
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4399
4409
|
/*
|
|
4400
4410
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4401
4411
|
* Licensed under the MIT License.
|
|
@@ -4405,7 +4415,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
4405
4415
|
response.hasOwnProperty("metadata"));
|
|
4406
4416
|
}
|
|
4407
4417
|
|
|
4408
|
-
/*! @azure/msal-common v15.
|
|
4418
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4409
4419
|
/*
|
|
4410
4420
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4411
4421
|
* Licensed under the MIT License.
|
|
@@ -4415,7 +4425,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
4415
4425
|
response.hasOwnProperty("error_description"));
|
|
4416
4426
|
}
|
|
4417
4427
|
|
|
4418
|
-
/*! @azure/msal-common v15.
|
|
4428
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4419
4429
|
/*
|
|
4420
4430
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4421
4431
|
* Licensed under the MIT License.
|
|
@@ -4511,7 +4521,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
4511
4521
|
};
|
|
4512
4522
|
};
|
|
4513
4523
|
|
|
4514
|
-
/*! @azure/msal-common v15.
|
|
4524
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4515
4525
|
|
|
4516
4526
|
/*
|
|
4517
4527
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4617,7 +4627,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
4617
4627
|
},
|
|
4618
4628
|
};
|
|
4619
4629
|
|
|
4620
|
-
/*! @azure/msal-common v15.
|
|
4630
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4621
4631
|
|
|
4622
4632
|
/*
|
|
4623
4633
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5456,7 +5466,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
5456
5466
|
};
|
|
5457
5467
|
}
|
|
5458
5468
|
|
|
5459
|
-
/*! @azure/msal-common v15.
|
|
5469
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5460
5470
|
|
|
5461
5471
|
/*
|
|
5462
5472
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5487,7 +5497,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
5487
5497
|
}
|
|
5488
5498
|
}
|
|
5489
5499
|
|
|
5490
|
-
/*! @azure/msal-common v15.
|
|
5500
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5491
5501
|
|
|
5492
5502
|
/*
|
|
5493
5503
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5506,7 +5516,7 @@ class ServerError extends AuthError {
|
|
|
5506
5516
|
}
|
|
5507
5517
|
}
|
|
5508
5518
|
|
|
5509
|
-
/*! @azure/msal-common v15.
|
|
5519
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5510
5520
|
/*
|
|
5511
5521
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5512
5522
|
* Licensed under the MIT License.
|
|
@@ -5527,7 +5537,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
5527
5537
|
};
|
|
5528
5538
|
}
|
|
5529
5539
|
|
|
5530
|
-
/*! @azure/msal-common v15.
|
|
5540
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5531
5541
|
|
|
5532
5542
|
/*
|
|
5533
5543
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5614,7 +5624,7 @@ class ThrottlingUtils {
|
|
|
5614
5624
|
}
|
|
5615
5625
|
}
|
|
5616
5626
|
|
|
5617
|
-
/*! @azure/msal-common v15.
|
|
5627
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5618
5628
|
|
|
5619
5629
|
/*
|
|
5620
5630
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5645,7 +5655,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
5645
5655
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
5646
5656
|
}
|
|
5647
5657
|
|
|
5648
|
-
/*! @azure/msal-common v15.
|
|
5658
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5649
5659
|
|
|
5650
5660
|
/*
|
|
5651
5661
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5793,7 +5803,7 @@ class BaseClient {
|
|
|
5793
5803
|
}
|
|
5794
5804
|
}
|
|
5795
5805
|
|
|
5796
|
-
/*! @azure/msal-common v15.
|
|
5806
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5797
5807
|
/*
|
|
5798
5808
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5799
5809
|
* Licensed under the MIT License.
|
|
@@ -5809,7 +5819,7 @@ const consentRequired = "consent_required";
|
|
|
5809
5819
|
const loginRequired = "login_required";
|
|
5810
5820
|
const badToken = "bad_token";
|
|
5811
5821
|
|
|
5812
|
-
/*! @azure/msal-common v15.
|
|
5822
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5813
5823
|
|
|
5814
5824
|
/*
|
|
5815
5825
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5881,7 +5891,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
5881
5891
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
5882
5892
|
}
|
|
5883
5893
|
|
|
5884
|
-
/*! @azure/msal-common v15.
|
|
5894
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5885
5895
|
|
|
5886
5896
|
/*
|
|
5887
5897
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5953,7 +5963,7 @@ class ProtocolUtils {
|
|
|
5953
5963
|
}
|
|
5954
5964
|
}
|
|
5955
5965
|
|
|
5956
|
-
/*! @azure/msal-common v15.
|
|
5966
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5957
5967
|
|
|
5958
5968
|
/*
|
|
5959
5969
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6035,7 +6045,7 @@ class PopTokenGenerator {
|
|
|
6035
6045
|
}
|
|
6036
6046
|
}
|
|
6037
6047
|
|
|
6038
|
-
/*! @azure/msal-common v15.
|
|
6048
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6039
6049
|
/*
|
|
6040
6050
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6041
6051
|
* Licensed under the MIT License.
|
|
@@ -6062,7 +6072,7 @@ class PopTokenGenerator {
|
|
|
6062
6072
|
}
|
|
6063
6073
|
}
|
|
6064
6074
|
|
|
6065
|
-
/*! @azure/msal-common v15.
|
|
6075
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6066
6076
|
|
|
6067
6077
|
/*
|
|
6068
6078
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6393,74 +6403,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
6393
6403
|
return baseAccount;
|
|
6394
6404
|
}
|
|
6395
6405
|
|
|
6396
|
-
/*! @azure/msal-common v15.
|
|
6397
|
-
|
|
6398
|
-
/*
|
|
6399
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6400
|
-
* Licensed under the MIT License.
|
|
6401
|
-
*/
|
|
6402
|
-
/**
|
|
6403
|
-
* Validates server consumable params from the "request" objects
|
|
6404
|
-
*/
|
|
6405
|
-
class RequestValidator {
|
|
6406
|
-
/**
|
|
6407
|
-
* Utility to check if the `redirectUri` in the request is a non-null value
|
|
6408
|
-
* @param redirectUri
|
|
6409
|
-
*/
|
|
6410
|
-
static validateRedirectUri(redirectUri) {
|
|
6411
|
-
if (!redirectUri) {
|
|
6412
|
-
throw createClientConfigurationError(redirectUriEmpty);
|
|
6413
|
-
}
|
|
6414
|
-
}
|
|
6415
|
-
/**
|
|
6416
|
-
* Utility to validate prompt sent by the user in the request
|
|
6417
|
-
* @param prompt
|
|
6418
|
-
*/
|
|
6419
|
-
static validatePrompt(prompt) {
|
|
6420
|
-
const promptValues = [];
|
|
6421
|
-
for (const value in PromptValue) {
|
|
6422
|
-
promptValues.push(PromptValue[value]);
|
|
6423
|
-
}
|
|
6424
|
-
if (promptValues.indexOf(prompt) < 0) {
|
|
6425
|
-
throw createClientConfigurationError(invalidPromptValue);
|
|
6426
|
-
}
|
|
6427
|
-
}
|
|
6428
|
-
static validateClaims(claims) {
|
|
6429
|
-
try {
|
|
6430
|
-
JSON.parse(claims);
|
|
6431
|
-
}
|
|
6432
|
-
catch (e) {
|
|
6433
|
-
throw createClientConfigurationError(invalidClaims);
|
|
6434
|
-
}
|
|
6435
|
-
}
|
|
6436
|
-
/**
|
|
6437
|
-
* Utility to validate code_challenge and code_challenge_method
|
|
6438
|
-
* @param codeChallenge
|
|
6439
|
-
* @param codeChallengeMethod
|
|
6440
|
-
*/
|
|
6441
|
-
static validateCodeChallengeParams(codeChallenge, codeChallengeMethod) {
|
|
6442
|
-
if (!codeChallenge || !codeChallengeMethod) {
|
|
6443
|
-
throw createClientConfigurationError(pkceParamsMissing);
|
|
6444
|
-
}
|
|
6445
|
-
else {
|
|
6446
|
-
this.validateCodeChallengeMethod(codeChallengeMethod);
|
|
6447
|
-
}
|
|
6448
|
-
}
|
|
6449
|
-
/**
|
|
6450
|
-
* Utility to validate code_challenge_method
|
|
6451
|
-
* @param codeChallengeMethod
|
|
6452
|
-
*/
|
|
6453
|
-
static validateCodeChallengeMethod(codeChallengeMethod) {
|
|
6454
|
-
if ([
|
|
6455
|
-
CodeChallengeMethodValues.PLAIN,
|
|
6456
|
-
CodeChallengeMethodValues.S256,
|
|
6457
|
-
].indexOf(codeChallengeMethod) < 0) {
|
|
6458
|
-
throw createClientConfigurationError(invalidCodeChallengeMethod);
|
|
6459
|
-
}
|
|
6460
|
-
}
|
|
6461
|
-
}
|
|
6462
|
-
|
|
6463
|
-
/*! @azure/msal-common v15.8.0 2025-07-01 */
|
|
6406
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6464
6407
|
/*
|
|
6465
6408
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6466
6409
|
* Licensed under the MIT License.
|
|
@@ -6478,7 +6421,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
6478
6421
|
}
|
|
6479
6422
|
}
|
|
6480
6423
|
|
|
6481
|
-
/*! @azure/msal-common v15.
|
|
6424
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6482
6425
|
|
|
6483
6426
|
/*
|
|
6484
6427
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6572,7 +6515,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6572
6515
|
*/
|
|
6573
6516
|
if (!this.includeRedirectUri) {
|
|
6574
6517
|
// Just validate
|
|
6575
|
-
|
|
6518
|
+
if (!request.redirectUri) {
|
|
6519
|
+
throw createClientConfigurationError(redirectUriEmpty);
|
|
6520
|
+
}
|
|
6576
6521
|
}
|
|
6577
6522
|
else {
|
|
6578
6523
|
// Validate and include redirect uri
|
|
@@ -6711,7 +6656,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
6711
6656
|
}
|
|
6712
6657
|
}
|
|
6713
6658
|
|
|
6714
|
-
/*! @azure/msal-common v15.
|
|
6659
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6715
6660
|
|
|
6716
6661
|
/*
|
|
6717
6662
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6920,7 +6865,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
6920
6865
|
}
|
|
6921
6866
|
}
|
|
6922
6867
|
|
|
6923
|
-
/*! @azure/msal-common v15.
|
|
6868
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6924
6869
|
|
|
6925
6870
|
/*
|
|
6926
6871
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7018,7 +6963,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7018
6963
|
}
|
|
7019
6964
|
}
|
|
7020
6965
|
|
|
7021
|
-
/*! @azure/msal-common v15.
|
|
6966
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7022
6967
|
|
|
7023
6968
|
/*
|
|
7024
6969
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7033,7 +6978,7 @@ const StubbedNetworkModule = {
|
|
|
7033
6978
|
},
|
|
7034
6979
|
};
|
|
7035
6980
|
|
|
7036
|
-
/*! @azure/msal-common v15.
|
|
6981
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7037
6982
|
|
|
7038
6983
|
/*
|
|
7039
6984
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7257,7 +7202,7 @@ function extractLoginHint(account) {
|
|
|
7257
7202
|
return account.idTokenClaims?.login_hint || null;
|
|
7258
7203
|
}
|
|
7259
7204
|
|
|
7260
|
-
/*! @azure/msal-common v15.
|
|
7205
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7261
7206
|
|
|
7262
7207
|
/*
|
|
7263
7208
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7520,7 +7465,7 @@ class ServerTelemetryManager {
|
|
|
7520
7465
|
}
|
|
7521
7466
|
}
|
|
7522
7467
|
|
|
7523
|
-
/*! @azure/msal-common v15.
|
|
7468
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7524
7469
|
/*
|
|
7525
7470
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7526
7471
|
* Licensed under the MIT License.
|
|
@@ -7528,7 +7473,7 @@ class ServerTelemetryManager {
|
|
|
7528
7473
|
const missingKidError = "missing_kid_error";
|
|
7529
7474
|
const missingAlgError = "missing_alg_error";
|
|
7530
7475
|
|
|
7531
|
-
/*! @azure/msal-common v15.
|
|
7476
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7532
7477
|
|
|
7533
7478
|
/*
|
|
7534
7479
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7553,7 +7498,7 @@ function createJoseHeaderError(code) {
|
|
|
7553
7498
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
7554
7499
|
}
|
|
7555
7500
|
|
|
7556
|
-
/*! @azure/msal-common v15.
|
|
7501
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7557
7502
|
|
|
7558
7503
|
/*
|
|
7559
7504
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7926,7 +7871,7 @@ function ensureArgumentIsNotEmptyString(argName, argValue, correlationId) {
|
|
|
7926
7871
|
|
|
7927
7872
|
/* eslint-disable header/header */
|
|
7928
7873
|
const name = "@azure/msal-browser";
|
|
7929
|
-
const version = "4.
|
|
7874
|
+
const version = "4.16.0";
|
|
7930
7875
|
|
|
7931
7876
|
/*
|
|
7932
7877
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10473,6 +10418,35 @@ async function initializeSilentRequest(request, account, config, performanceClie
|
|
|
10473
10418
|
account: account,
|
|
10474
10419
|
forceRefresh: request.forceRefresh || false,
|
|
10475
10420
|
};
|
|
10421
|
+
}
|
|
10422
|
+
/**
|
|
10423
|
+
* Validates that the combination of request method, protocol mode and authorize body parameters is correct.
|
|
10424
|
+
* Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
|
|
10425
|
+
* @param interactionRequest
|
|
10426
|
+
* @param protocolMode
|
|
10427
|
+
* @returns
|
|
10428
|
+
*/
|
|
10429
|
+
function validateRequestMethod(interactionRequest, protocolMode) {
|
|
10430
|
+
let httpMethod;
|
|
10431
|
+
const requestMethod = interactionRequest.httpMethod;
|
|
10432
|
+
if (protocolMode === ProtocolMode.EAR) {
|
|
10433
|
+
// Don't override httpMethod if it is already set, default to POST if not set
|
|
10434
|
+
httpMethod = requestMethod || HttpMethod$1.POST;
|
|
10435
|
+
// Validate that method is not GET if protocol mode is EAR
|
|
10436
|
+
if (httpMethod !== HttpMethod$1.POST) {
|
|
10437
|
+
throw createClientConfigurationError(invalidRequestMethodForEAR);
|
|
10438
|
+
}
|
|
10439
|
+
}
|
|
10440
|
+
else {
|
|
10441
|
+
// For non-EAR protocol modes, default to GET if httpMethod is not set
|
|
10442
|
+
httpMethod = requestMethod || HttpMethod$1.GET;
|
|
10443
|
+
}
|
|
10444
|
+
// Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
|
|
10445
|
+
if (interactionRequest.authorizePostBodyParameters &&
|
|
10446
|
+
httpMethod !== HttpMethod$1.POST) {
|
|
10447
|
+
throw createClientConfigurationError(invalidAuthorizePostBodyParameters);
|
|
10448
|
+
}
|
|
10449
|
+
return httpMethod;
|
|
10476
10450
|
}
|
|
10477
10451
|
|
|
10478
10452
|
/*
|
|
@@ -10649,7 +10623,7 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
10649
10623
|
};
|
|
10650
10624
|
const state = ProtocolUtils.setRequestState(this.browserCrypto, (request && request.state) || Constants.EMPTY_STRING, browserState);
|
|
10651
10625
|
const baseRequest = await invokeAsync(initializeBaseRequest, PerformanceEvents.InitializeBaseRequest, this.logger, this.performanceClient, this.correlationId)({ ...request, correlationId: this.correlationId }, this.config, this.performanceClient, this.logger);
|
|
10652
|
-
const
|
|
10626
|
+
const interactionRequest = {
|
|
10653
10627
|
...baseRequest,
|
|
10654
10628
|
redirectUri: redirectUri,
|
|
10655
10629
|
state: state,
|
|
@@ -10657,6 +10631,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
10657
10631
|
responseMode: this.config.auth.OIDCOptions
|
|
10658
10632
|
.serverResponseType,
|
|
10659
10633
|
};
|
|
10634
|
+
const validatedRequest = {
|
|
10635
|
+
...interactionRequest,
|
|
10636
|
+
httpMethod: validateRequestMethod(interactionRequest, this.config.auth.protocolMode),
|
|
10637
|
+
};
|
|
10660
10638
|
// Skip active account lookup if either login hint or session id is set
|
|
10661
10639
|
if (request.loginHint || request.sid) {
|
|
10662
10640
|
return validatedRequest;
|
|
@@ -15569,6 +15547,19 @@ async function getEARForm(frame, config, authority, request, logger, performance
|
|
|
15569
15547
|
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
15570
15548
|
return createForm(frame, url, parameters);
|
|
15571
15549
|
}
|
|
15550
|
+
/**
|
|
15551
|
+
* Gets the form that will be posted to /authorize with request parameters when using POST method
|
|
15552
|
+
*/
|
|
15553
|
+
async function getCodeForm(frame, config, authority, request, logger, performanceClient) {
|
|
15554
|
+
const parameters = await getStandardParameters(config, authority, request, logger, performanceClient);
|
|
15555
|
+
addResponseType(parameters, OAuthResponseType.CODE);
|
|
15556
|
+
addCodeChallengeParams(parameters, request.codeChallenge, request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD);
|
|
15557
|
+
addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
|
|
15558
|
+
const queryParams = new Map();
|
|
15559
|
+
addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
|
|
15560
|
+
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
15561
|
+
return createForm(frame, url, parameters);
|
|
15562
|
+
}
|
|
15572
15563
|
/**
|
|
15573
15564
|
* Creates form element in the provided document with auth parameters in the post body
|
|
15574
15565
|
* @param frame
|
|
@@ -16535,9 +16526,10 @@ class PopupClient extends StandardInteractionClient {
|
|
|
16535
16526
|
* @param pkceCodes
|
|
16536
16527
|
*/
|
|
16537
16528
|
acquireToken(request, pkceCodes) {
|
|
16529
|
+
let popupParams = undefined;
|
|
16538
16530
|
try {
|
|
16539
16531
|
const popupName = this.generatePopupName(request.scopes || OIDC_DEFAULT_SCOPES, request.authority || this.config.auth.authority);
|
|
16540
|
-
|
|
16532
|
+
popupParams = {
|
|
16541
16533
|
popupName,
|
|
16542
16534
|
popupWindowAttributes: request.popupWindowAttributes || {},
|
|
16543
16535
|
popupWindowParent: request.popupWindowParent ?? window,
|
|
@@ -16550,10 +16542,15 @@ class PopupClient extends StandardInteractionClient {
|
|
|
16550
16542
|
return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
|
|
16551
16543
|
}
|
|
16552
16544
|
else {
|
|
16545
|
+
// Pre-validate request method to avoid opening popup if the request is invalid
|
|
16546
|
+
const validatedRequest = {
|
|
16547
|
+
...request,
|
|
16548
|
+
httpMethod: validateRequestMethod(request, this.config.auth.protocolMode),
|
|
16549
|
+
};
|
|
16553
16550
|
// asyncPopups flag is set to false. Opens popup before acquiring token.
|
|
16554
16551
|
this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
|
|
16555
16552
|
popupParams.popup = this.openSizedPopup("about:blank", popupParams);
|
|
16556
|
-
return this.acquireTokenPopupAsync(
|
|
16553
|
+
return this.acquireTokenPopupAsync(validatedRequest, popupParams, pkceCodes);
|
|
16557
16554
|
}
|
|
16558
16555
|
}
|
|
16559
16556
|
catch (e) {
|
|
@@ -16645,15 +16642,20 @@ class PopupClient extends StandardInteractionClient {
|
|
|
16645
16642
|
requestExtraQueryParameters: popupRequest.extraQueryParameters,
|
|
16646
16643
|
account: popupRequest.account,
|
|
16647
16644
|
});
|
|
16648
|
-
|
|
16649
|
-
|
|
16650
|
-
|
|
16651
|
-
|
|
16652
|
-
|
|
16653
|
-
|
|
16654
|
-
|
|
16655
|
-
|
|
16656
|
-
|
|
16645
|
+
if (popupRequest.httpMethod === HttpMethod$1.POST) {
|
|
16646
|
+
return await this.executeCodeFlowWithPost(popupRequest, popupParams, authClient, pkce.verifier);
|
|
16647
|
+
}
|
|
16648
|
+
else {
|
|
16649
|
+
// Create acquire token url.
|
|
16650
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
|
|
16651
|
+
// Show the UI once the url has been created. Get the window handle for the popup.
|
|
16652
|
+
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
16653
|
+
this.eventHandler.emitEvent(EventType.POPUP_OPENED, InteractionType.Popup, { popupWindow }, null);
|
|
16654
|
+
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
16655
|
+
const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
|
|
16656
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
16657
|
+
return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
16658
|
+
}
|
|
16657
16659
|
}
|
|
16658
16660
|
catch (e) {
|
|
16659
16661
|
// Close the synchronous popup if an error is thrown before the window unload event is registered
|
|
@@ -16691,6 +16693,23 @@ class PopupClient extends StandardInteractionClient {
|
|
|
16691
16693
|
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
16692
16694
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(popupRequest, serverParams, ApiId.acquireTokenPopup, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
16693
16695
|
}
|
|
16696
|
+
async executeCodeFlowWithPost(request, popupParams, authClient, pkceVerifier) {
|
|
16697
|
+
const correlationId = request.correlationId;
|
|
16698
|
+
// Get the frame handle for the silent request
|
|
16699
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
16700
|
+
requestAuthority: request.authority,
|
|
16701
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
16702
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
16703
|
+
account: request.account,
|
|
16704
|
+
});
|
|
16705
|
+
const popupWindow = popupParams.popup || this.openPopup("about:blank", popupParams);
|
|
16706
|
+
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
16707
|
+
form.submit();
|
|
16708
|
+
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
16709
|
+
const responseString = await invokeAsync(this.monitorPopupForHash.bind(this), PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupWindow, popupParams.popupWindowParent);
|
|
16710
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
16711
|
+
return invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
16712
|
+
}
|
|
16694
16713
|
/**
|
|
16695
16714
|
*
|
|
16696
16715
|
* @param validRequest
|
|
@@ -17042,18 +17061,23 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
17042
17061
|
};
|
|
17043
17062
|
this.browserStorage.cacheAuthorizeRequest(redirectRequest, pkceCodes.verifier);
|
|
17044
17063
|
try {
|
|
17045
|
-
|
|
17046
|
-
|
|
17047
|
-
|
|
17048
|
-
|
|
17049
|
-
|
|
17050
|
-
|
|
17051
|
-
|
|
17052
|
-
|
|
17053
|
-
|
|
17054
|
-
|
|
17055
|
-
|
|
17056
|
-
|
|
17064
|
+
if (redirectRequest.httpMethod === HttpMethod$1.POST) {
|
|
17065
|
+
return await this.executeCodeFlowWithPost(redirectRequest);
|
|
17066
|
+
}
|
|
17067
|
+
else {
|
|
17068
|
+
// Initialize the client
|
|
17069
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
|
|
17070
|
+
serverTelemetryManager,
|
|
17071
|
+
requestAuthority: redirectRequest.authority,
|
|
17072
|
+
requestAzureCloudOptions: redirectRequest.azureCloudOptions,
|
|
17073
|
+
requestExtraQueryParameters: redirectRequest.extraQueryParameters,
|
|
17074
|
+
account: redirectRequest.account,
|
|
17075
|
+
});
|
|
17076
|
+
// Create acquire token url.
|
|
17077
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
|
|
17078
|
+
// Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
|
|
17079
|
+
return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
|
|
17080
|
+
}
|
|
17057
17081
|
}
|
|
17058
17082
|
catch (e) {
|
|
17059
17083
|
if (e instanceof AuthError) {
|
|
@@ -17090,6 +17114,28 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
17090
17114
|
}, this.config.system.redirectNavigationTimeout);
|
|
17091
17115
|
});
|
|
17092
17116
|
}
|
|
17117
|
+
/**
|
|
17118
|
+
* Executes classic Authorization Code flow with a POST request.
|
|
17119
|
+
* @param request
|
|
17120
|
+
*/
|
|
17121
|
+
async executeCodeFlowWithPost(request) {
|
|
17122
|
+
const correlationId = request.correlationId;
|
|
17123
|
+
// Get the frame handle for the silent request
|
|
17124
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
17125
|
+
requestAuthority: request.authority,
|
|
17126
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
17127
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
17128
|
+
account: request.account,
|
|
17129
|
+
});
|
|
17130
|
+
this.browserStorage.cacheAuthorizeRequest(request);
|
|
17131
|
+
const form = await getCodeForm(document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
17132
|
+
form.submit();
|
|
17133
|
+
return new Promise((resolve, reject) => {
|
|
17134
|
+
setTimeout(() => {
|
|
17135
|
+
reject(createBrowserAuthError(timedOut, "failed_to_redirect"));
|
|
17136
|
+
}, this.config.system.redirectNavigationTimeout);
|
|
17137
|
+
});
|
|
17138
|
+
}
|
|
17093
17139
|
/**
|
|
17094
17140
|
* Checks if navigateToLoginRequestUrl is set, and:
|
|
17095
17141
|
* - if true, performs logic to cache and navigate
|
|
@@ -17400,6 +17446,15 @@ async function initiateCodeRequest(requestUrl, performanceClient, logger, correl
|
|
|
17400
17446
|
}
|
|
17401
17447
|
return invoke(loadFrameSync, PerformanceEvents.SilentHandlerLoadFrameSync, logger, performanceClient, correlationId)(requestUrl);
|
|
17402
17448
|
}
|
|
17449
|
+
async function initiateCodeFlowWithPost(config, authority, request, logger, performanceClient) {
|
|
17450
|
+
const frame = createHiddenIframe();
|
|
17451
|
+
if (!frame.contentDocument) {
|
|
17452
|
+
throw "No document associated with iframe!";
|
|
17453
|
+
}
|
|
17454
|
+
const form = await getCodeForm(frame.contentDocument, config, authority, request, logger, performanceClient);
|
|
17455
|
+
form.submit();
|
|
17456
|
+
return frame;
|
|
17457
|
+
}
|
|
17403
17458
|
async function initiateEarRequest(config, authority, request, logger, performanceClient) {
|
|
17404
17459
|
const frame = createHiddenIframe();
|
|
17405
17460
|
if (!frame.contentDocument) {
|
|
@@ -17648,10 +17703,16 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
17648
17703
|
...request,
|
|
17649
17704
|
codeChallenge: pkceCodes.challenge,
|
|
17650
17705
|
};
|
|
17651
|
-
|
|
17652
|
-
|
|
17653
|
-
|
|
17654
|
-
|
|
17706
|
+
let msalFrame;
|
|
17707
|
+
if (request.httpMethod === HttpMethod$1.POST) {
|
|
17708
|
+
msalFrame = await invokeAsync(initiateCodeFlowWithPost, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
17709
|
+
}
|
|
17710
|
+
else {
|
|
17711
|
+
// Create authorize request url
|
|
17712
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
17713
|
+
// Get the frame handle for the silent request
|
|
17714
|
+
msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
17715
|
+
}
|
|
17655
17716
|
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
17656
17717
|
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
17657
17718
|
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|