@azure/msal-browser 4.15.0 → 4.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (307) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/LocalStorage.mjs +1 -1
  15. package/dist/cache/MemoryStorage.mjs +1 -1
  16. package/dist/cache/SessionStorage.mjs +1 -1
  17. package/dist/cache/TokenCache.mjs +1 -1
  18. package/dist/config/Configuration.mjs +1 -1
  19. package/dist/controllers/ControllerFactory.mjs +1 -1
  20. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  21. package/dist/controllers/NestedAppAuthController.mjs +15 -3
  22. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  23. package/dist/controllers/StandardController.mjs +1 -1
  24. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  25. package/dist/crypto/BrowserCrypto.mjs +1 -1
  26. package/dist/crypto/CryptoOps.mjs +1 -1
  27. package/dist/crypto/PkceGenerator.mjs +1 -1
  28. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  29. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  30. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  31. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  32. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  33. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  34. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  35. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  36. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  37. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  38. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  39. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  40. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  42. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  43. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  44. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  45. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  46. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  47. package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
  48. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  49. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  50. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  51. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  52. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  53. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  54. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  55. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  56. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  57. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  58. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  60. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  141. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  142. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  143. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  144. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  145. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  146. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  147. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  148. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  149. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  150. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  151. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  152. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  153. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  154. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
  155. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
  156. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
  157. package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
  158. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
  159. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
  160. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
  161. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
  162. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  163. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  164. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  165. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
  166. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  167. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  168. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  169. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
  170. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  171. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  172. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
  173. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  174. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
  175. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  176. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  177. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  178. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  179. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  180. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  181. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  182. package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
  183. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  184. package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
  185. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  186. package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
  187. package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
  188. package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
  189. package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
  190. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  191. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  192. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  193. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  194. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  195. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  196. package/dist/encode/Base64Decode.mjs +1 -1
  197. package/dist/encode/Base64Encode.mjs +1 -1
  198. package/dist/error/BrowserAuthError.mjs +1 -1
  199. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  200. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  201. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  202. package/dist/error/NativeAuthError.mjs +1 -1
  203. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  204. package/dist/error/NestedAppAuthError.mjs +1 -1
  205. package/dist/event/EventHandler.mjs +1 -1
  206. package/dist/event/EventMessage.mjs +1 -1
  207. package/dist/event/EventType.mjs +1 -1
  208. package/dist/index.mjs +1 -1
  209. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  210. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  211. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  212. package/dist/interaction_client/PopupClient.d.ts +2 -1
  213. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  214. package/dist/interaction_client/PopupClient.mjs +43 -14
  215. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  216. package/dist/interaction_client/RedirectClient.d.ts +5 -0
  217. package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
  218. package/dist/interaction_client/RedirectClient.mjs +42 -15
  219. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  220. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  221. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  222. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  223. package/dist/interaction_client/SilentIframeClient.mjs +13 -7
  224. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  225. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  226. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  227. package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
  228. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  229. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  230. package/dist/interaction_handler/SilentHandler.d.ts +1 -0
  231. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  232. package/dist/interaction_handler/SilentHandler.mjs +12 -3
  233. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  234. package/dist/naa/BridgeError.mjs +1 -1
  235. package/dist/naa/BridgeProxy.mjs +1 -1
  236. package/dist/naa/BridgeStatusCode.mjs +1 -1
  237. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  238. package/dist/navigation/NavigationClient.mjs +1 -1
  239. package/dist/network/FetchClient.mjs +1 -1
  240. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  241. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  242. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  243. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  244. package/dist/packageMetadata.d.ts +1 -1
  245. package/dist/packageMetadata.mjs +2 -2
  246. package/dist/protocol/Authorize.d.ts +4 -0
  247. package/dist/protocol/Authorize.d.ts.map +1 -1
  248. package/dist/protocol/Authorize.mjs +15 -2
  249. package/dist/protocol/Authorize.mjs.map +1 -1
  250. package/dist/request/RequestHelpers.d.ts +11 -1
  251. package/dist/request/RequestHelpers.d.ts.map +1 -1
  252. package/dist/request/RequestHelpers.mjs +32 -3
  253. package/dist/request/RequestHelpers.mjs.map +1 -1
  254. package/dist/response/ResponseHandler.mjs +1 -1
  255. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  256. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  257. package/dist/utils/BrowserConstants.mjs +1 -1
  258. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  259. package/dist/utils/BrowserUtils.mjs +1 -1
  260. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  261. package/lib/custom-auth-path/msal-custom-auth.cjs +230 -94
  262. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  263. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  264. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  265. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
  266. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
  267. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
  268. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
  269. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  270. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  271. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
  272. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  273. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  274. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
  275. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  276. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
  277. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
  278. package/lib/msal-browser.cjs +256 -98
  279. package/lib/msal-browser.cjs.map +1 -1
  280. package/lib/msal-browser.js +256 -98
  281. package/lib/msal-browser.js.map +1 -1
  282. package/lib/msal-browser.min.js +68 -68
  283. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  284. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  285. package/lib/types/interaction_client/PopupClient.d.ts +2 -1
  286. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  287. package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
  288. package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
  289. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  290. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  291. package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
  292. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  293. package/lib/types/packageMetadata.d.ts +1 -1
  294. package/lib/types/protocol/Authorize.d.ts +4 -0
  295. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  296. package/lib/types/request/RequestHelpers.d.ts +11 -1
  297. package/lib/types/request/RequestHelpers.d.ts.map +1 -1
  298. package/package.json +2 -2
  299. package/src/controllers/NestedAppAuthController.ts +18 -2
  300. package/src/interaction_client/PopupClient.ts +161 -63
  301. package/src/interaction_client/RedirectClient.ts +86 -35
  302. package/src/interaction_client/SilentIframeClient.ts +49 -28
  303. package/src/interaction_client/StandardInteractionClient.ts +13 -2
  304. package/src/interaction_handler/SilentHandler.ts +24 -1
  305. package/src/packageMetadata.ts +1 -1
  306. package/src/protocol/Authorize.ts +48 -0
  307. package/src/request/RequestHelpers.ts +45 -0
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-browser v4.15.0 2025-07-08 */
1
+ /*! @azure/msal-browser v4.16.0 2025-07-23 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6
6
  /*
7
7
  * Copyright (c) Microsoft Corporation. All rights reserved.
8
8
  * Licensed under the MIT License.
@@ -82,6 +82,10 @@ const HttpStatus = {
82
82
  SERVER_ERROR_RANGE_END: 599,
83
83
  MULTI_SIDED_ERROR: 600,
84
84
  };
85
+ const HttpMethod = {
86
+ GET: "GET",
87
+ POST: "POST",
88
+ };
85
89
  const OIDC_DEFAULT_SCOPES = [
86
90
  Constants.OPENID_SCOPE,
87
91
  Constants.PROFILE_SCOPE,
@@ -277,7 +281,7 @@ const JsonWebTokenTypes = {
277
281
  // Token renewal offset default in seconds
278
282
  const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
279
283
 
280
- /*! @azure/msal-common v15.8.1 2025-07-08 */
284
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
281
285
  /*
282
286
  * Copyright (c) Microsoft Corporation. All rights reserved.
283
287
  * Licensed under the MIT License.
@@ -294,7 +298,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
294
298
  unexpectedError: unexpectedError
295
299
  });
296
300
 
297
- /*! @azure/msal-common v15.8.1 2025-07-08 */
301
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
298
302
 
299
303
  /*
300
304
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -343,7 +347,7 @@ function createAuthError(code, additionalMessage) {
343
347
  : AuthErrorMessages[code]);
344
348
  }
345
349
 
346
- /*! @azure/msal-common v15.8.1 2025-07-08 */
350
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
347
351
  /*
348
352
  * Copyright (c) Microsoft Corporation. All rights reserved.
349
353
  * Licensed under the MIT License.
@@ -441,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
441
445
  userTimeoutReached: userTimeoutReached
442
446
  });
443
447
 
444
- /*! @azure/msal-common v15.8.1 2025-07-08 */
448
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
445
449
 
446
450
  /*
447
451
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -693,7 +697,7 @@ function createClientAuthError(errorCode, additionalMessage) {
693
697
  return new ClientAuthError(errorCode, additionalMessage);
694
698
  }
695
699
 
696
- /*! @azure/msal-common v15.8.1 2025-07-08 */
700
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
697
701
 
698
702
  /*
699
703
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -732,7 +736,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
732
736
  },
733
737
  };
734
738
 
735
- /*! @azure/msal-common v15.8.1 2025-07-08 */
739
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
736
740
 
737
741
  /*
738
742
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -923,12 +927,12 @@ class Logger {
923
927
  }
924
928
  }
925
929
 
926
- /*! @azure/msal-common v15.8.1 2025-07-08 */
930
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
927
931
  /* eslint-disable header/header */
928
932
  const name$1 = "@azure/msal-common";
929
- const version$1 = "15.8.1";
933
+ const version$1 = "15.9.0";
930
934
 
931
- /*! @azure/msal-common v15.8.1 2025-07-08 */
935
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
932
936
  /*
933
937
  * Copyright (c) Microsoft Corporation. All rights reserved.
934
938
  * Licensed under the MIT License.
@@ -948,7 +952,7 @@ const AzureCloudInstance = {
948
952
  AzureUsGovernment: "https://login.microsoftonline.us",
949
953
  };
950
954
 
951
- /*! @azure/msal-common v15.8.1 2025-07-08 */
955
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
952
956
 
953
957
  /*
954
958
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1009,7 +1013,7 @@ function checkMaxAge(authTime, maxAge) {
1009
1013
  }
1010
1014
  }
1011
1015
 
1012
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1016
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1013
1017
  /*
1014
1018
  * Copyright (c) Microsoft Corporation. All rights reserved.
1015
1019
  * Licensed under the MIT License.
@@ -1064,7 +1068,7 @@ function wasClockTurnedBack(cachedAt) {
1064
1068
  return cachedAtSec > nowSeconds();
1065
1069
  }
1066
1070
 
1067
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1071
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1068
1072
 
1069
1073
  /*
1070
1074
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1391,7 +1395,7 @@ function isAuthorityMetadataExpired(metadata) {
1391
1395
  return metadata.expiresAt <= nowSeconds();
1392
1396
  }
1393
1397
 
1394
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1398
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1395
1399
  /*
1396
1400
  * Copyright (c) Microsoft Corporation. All rights reserved.
1397
1401
  * Licensed under the MIT License.
@@ -1416,7 +1420,9 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
1416
1420
  const invalidAuthenticationHeader = "invalid_authentication_header";
1417
1421
  const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
1418
1422
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
1419
- const authorityMismatch = "authority_mismatch";
1423
+ const authorityMismatch = "authority_mismatch";
1424
+ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
1425
+ const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
1420
1426
 
1421
1427
  var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1422
1428
  __proto__: null,
@@ -1428,9 +1434,11 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1428
1434
  emptyInputScopesError: emptyInputScopesError,
1429
1435
  invalidAuthenticationHeader: invalidAuthenticationHeader,
1430
1436
  invalidAuthorityMetadata: invalidAuthorityMetadata,
1437
+ invalidAuthorizePostBodyParameters: invalidAuthorizePostBodyParameters,
1431
1438
  invalidClaims: invalidClaims,
1432
1439
  invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
1433
1440
  invalidCodeChallengeMethod: invalidCodeChallengeMethod,
1441
+ invalidRequestMethodForEAR: invalidRequestMethodForEAR,
1434
1442
  logoutRequestEmpty: logoutRequestEmpty,
1435
1443
  missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
1436
1444
  missingSshJwk: missingSshJwk,
@@ -1443,7 +1451,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
1443
1451
  urlParseError: urlParseError
1444
1452
  });
1445
1453
 
1446
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1454
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1447
1455
 
1448
1456
  /*
1449
1457
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1471,6 +1479,8 @@ const ClientConfigurationErrorMessages = {
1471
1479
  [cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
1472
1480
  [cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
1473
1481
  [authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
1482
+ [invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
1483
+ [invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
1474
1484
  };
1475
1485
  /**
1476
1486
  * ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
@@ -1561,6 +1571,14 @@ const ClientConfigurationErrorMessage = {
1561
1571
  code: authorityMismatch,
1562
1572
  desc: ClientConfigurationErrorMessages[authorityMismatch],
1563
1573
  },
1574
+ invalidAuthorizePostBodyParameters: {
1575
+ code: invalidAuthorizePostBodyParameters,
1576
+ desc: ClientConfigurationErrorMessages[invalidAuthorizePostBodyParameters],
1577
+ },
1578
+ invalidRequestMethodForEAR: {
1579
+ code: invalidRequestMethodForEAR,
1580
+ desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
1581
+ },
1564
1582
  };
1565
1583
  /**
1566
1584
  * Error thrown when there is an error in configuration of the MSAL.js library.
@@ -1576,7 +1594,7 @@ function createClientConfigurationError(errorCode) {
1576
1594
  return new ClientConfigurationError(errorCode);
1577
1595
  }
1578
1596
 
1579
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1597
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1580
1598
  /*
1581
1599
  * Copyright (c) Microsoft Corporation. All rights reserved.
1582
1600
  * Licensed under the MIT License.
@@ -1673,7 +1691,7 @@ class StringUtils {
1673
1691
  }
1674
1692
  }
1675
1693
 
1676
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1694
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1677
1695
 
1678
1696
  /*
1679
1697
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1864,7 +1882,7 @@ class ScopeSet {
1864
1882
  }
1865
1883
  }
1866
1884
 
1867
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1885
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1868
1886
 
1869
1887
  /*
1870
1888
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1904,7 +1922,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
1904
1922
  };
1905
1923
  }
1906
1924
 
1907
- /*! @azure/msal-common v15.8.1 2025-07-08 */
1925
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1908
1926
  /*
1909
1927
  * Copyright (c) Microsoft Corporation. All rights reserved.
1910
1928
  * Licensed under the MIT License.
@@ -1983,7 +2001,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
1983
2001
  return updatedAccountInfo;
1984
2002
  }
1985
2003
 
1986
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2004
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
1987
2005
  /*
1988
2006
  * Copyright (c) Microsoft Corporation. All rights reserved.
1989
2007
  * Licensed under the MIT License.
@@ -1998,7 +2016,7 @@ const AuthorityType = {
1998
2016
  Ciam: 3,
1999
2017
  };
2000
2018
 
2001
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2019
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2002
2020
  /*
2003
2021
  * Copyright (c) Microsoft Corporation. All rights reserved.
2004
2022
  * Licensed under the MIT License.
@@ -2020,7 +2038,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
2020
2038
  return null;
2021
2039
  }
2022
2040
 
2023
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2041
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2024
2042
  /*
2025
2043
  * Copyright (c) Microsoft Corporation. All rights reserved.
2026
2044
  * Licensed under the MIT License.
@@ -2044,7 +2062,7 @@ const ProtocolMode = {
2044
2062
  EAR: "EAR",
2045
2063
  };
2046
2064
 
2047
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2065
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2048
2066
 
2049
2067
  /*
2050
2068
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2287,7 +2305,7 @@ class AccountEntity {
2287
2305
  }
2288
2306
  }
2289
2307
 
2290
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2308
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2291
2309
 
2292
2310
  /*
2293
2311
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2352,7 +2370,7 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
2352
2370
  return queryParameterArray.join("&");
2353
2371
  }
2354
2372
 
2355
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2373
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2356
2374
 
2357
2375
  /*
2358
2376
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2516,7 +2534,7 @@ class UrlString {
2516
2534
  }
2517
2535
  }
2518
2536
 
2519
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2537
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2520
2538
 
2521
2539
  /*
2522
2540
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2655,7 +2673,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2655
2673
  return null;
2656
2674
  }
2657
2675
 
2658
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2676
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2659
2677
  /*
2660
2678
  * Copyright (c) Microsoft Corporation. All rights reserved.
2661
2679
  * Licensed under the MIT License.
@@ -2663,7 +2681,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
2663
2681
  const cacheQuotaExceeded = "cache_quota_exceeded";
2664
2682
  const cacheErrorUnknown = "cache_error_unknown";
2665
2683
 
2666
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2684
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2667
2685
 
2668
2686
  /*
2669
2687
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -2708,7 +2726,7 @@ function createCacheError(e) {
2708
2726
  }
2709
2727
  }
2710
2728
 
2711
- /*! @azure/msal-common v15.8.1 2025-07-08 */
2729
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2712
2730
 
2713
2731
  /*
2714
2732
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -3875,7 +3893,7 @@ class DefaultStorageClass extends CacheManager {
3875
3893
  }
3876
3894
  }
3877
3895
 
3878
- /*! @azure/msal-common v15.8.1 2025-07-08 */
3896
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
3879
3897
  /*
3880
3898
  * Copyright (c) Microsoft Corporation. All rights reserved.
3881
3899
  * Licensed under the MIT License.
@@ -4387,7 +4405,7 @@ const IntFields = new Set([
4387
4405
  "encryptedCacheExpiredCount",
4388
4406
  ]);
4389
4407
 
4390
- /*! @azure/msal-common v15.8.1 2025-07-08 */
4408
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4391
4409
 
4392
4410
  /*
4393
4411
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4466,7 +4484,7 @@ class StubPerformanceClient {
4466
4484
  }
4467
4485
  }
4468
4486
 
4469
- /*! @azure/msal-common v15.8.1 2025-07-08 */
4487
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4470
4488
 
4471
4489
  /*
4472
4490
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4566,7 +4584,7 @@ function isOidcProtocolMode(config) {
4566
4584
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
4567
4585
  }
4568
4586
 
4569
- /*! @azure/msal-common v15.8.1 2025-07-08 */
4587
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4570
4588
  /*
4571
4589
  * Copyright (c) Microsoft Corporation. All rights reserved.
4572
4590
  * Licensed under the MIT License.
@@ -4576,7 +4594,7 @@ const CcsCredentialType = {
4576
4594
  UPN: "UPN",
4577
4595
  };
4578
4596
 
4579
- /*! @azure/msal-common v15.8.1 2025-07-08 */
4597
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4580
4598
  /*
4581
4599
  * Copyright (c) Microsoft Corporation. All rights reserved.
4582
4600
  * Licensed under the MIT License.
@@ -4626,7 +4644,7 @@ const INSTANCE_AWARE = "instance_aware";
4626
4644
  const EAR_JWK = "ear_jwk";
4627
4645
  const EAR_JWE_CRYPTO = "ear_jwe_crypto";
4628
4646
 
4629
- /*! @azure/msal-common v15.8.1 2025-07-08 */
4647
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4630
4648
 
4631
4649
  /*
4632
4650
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4992,9 +5010,21 @@ function addEARParameters(parameters, jwk) {
4992
5010
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
4993
5011
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
4994
5012
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
5013
+ }
5014
+ /**
5015
+ * Adds authorize body parameters to the request parameters
5016
+ * @param parameters
5017
+ * @param bodyParameters
5018
+ */
5019
+ function addPostBodyParameters(parameters, bodyParameters) {
5020
+ Object.entries(bodyParameters).forEach(([key, value]) => {
5021
+ if (value) {
5022
+ parameters.set(key, value);
5023
+ }
5024
+ });
4995
5025
  }
4996
5026
 
4997
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5027
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
4998
5028
  /*
4999
5029
  * Copyright (c) Microsoft Corporation. All rights reserved.
5000
5030
  * Licensed under the MIT License.
@@ -5006,7 +5036,7 @@ function isOpenIdConfigResponse(response) {
5006
5036
  response.hasOwnProperty("jwks_uri"));
5007
5037
  }
5008
5038
 
5009
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5039
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5010
5040
  /*
5011
5041
  * Copyright (c) Microsoft Corporation. All rights reserved.
5012
5042
  * Licensed under the MIT License.
@@ -5016,7 +5046,7 @@ function isCloudInstanceDiscoveryResponse(response) {
5016
5046
  response.hasOwnProperty("metadata"));
5017
5047
  }
5018
5048
 
5019
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5049
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5020
5050
  /*
5021
5051
  * Copyright (c) Microsoft Corporation. All rights reserved.
5022
5052
  * Licensed under the MIT License.
@@ -5026,7 +5056,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
5026
5056
  response.hasOwnProperty("error_description"));
5027
5057
  }
5028
5058
 
5029
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5059
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5030
5060
  /*
5031
5061
  * Copyright (c) Microsoft Corporation. All rights reserved.
5032
5062
  * Licensed under the MIT License.
@@ -5122,7 +5152,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
5122
5152
  };
5123
5153
  };
5124
5154
 
5125
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5155
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5126
5156
 
5127
5157
  /*
5128
5158
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5228,7 +5258,7 @@ RegionDiscovery.IMDS_OPTIONS = {
5228
5258
  },
5229
5259
  };
5230
5260
 
5231
- /*! @azure/msal-common v15.8.1 2025-07-08 */
5261
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
5232
5262
 
5233
5263
  /*
5234
5264
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6067,7 +6097,7 @@ function buildStaticAuthorityOptions(authOptions) {
6067
6097
  };
6068
6098
  }
6069
6099
 
6070
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6100
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6071
6101
 
6072
6102
  /*
6073
6103
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6098,7 +6128,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
6098
6128
  }
6099
6129
  }
6100
6130
 
6101
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6131
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6102
6132
 
6103
6133
  /*
6104
6134
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6117,7 +6147,7 @@ class ServerError extends AuthError {
6117
6147
  }
6118
6148
  }
6119
6149
 
6120
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6150
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6121
6151
  /*
6122
6152
  * Copyright (c) Microsoft Corporation. All rights reserved.
6123
6153
  * Licensed under the MIT License.
@@ -6138,7 +6168,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
6138
6168
  };
6139
6169
  }
6140
6170
 
6141
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6171
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6142
6172
 
6143
6173
  /*
6144
6174
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6225,7 +6255,7 @@ class ThrottlingUtils {
6225
6255
  }
6226
6256
  }
6227
6257
 
6228
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6258
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6229
6259
 
6230
6260
  /*
6231
6261
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6256,7 +6286,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
6256
6286
  return new NetworkError(error, httpStatus, responseHeaders);
6257
6287
  }
6258
6288
 
6259
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6289
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6260
6290
 
6261
6291
  /*
6262
6292
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6404,7 +6434,7 @@ class BaseClient {
6404
6434
  }
6405
6435
  }
6406
6436
 
6407
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6437
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6408
6438
  /*
6409
6439
  * Copyright (c) Microsoft Corporation. All rights reserved.
6410
6440
  * Licensed under the MIT License.
@@ -6432,7 +6462,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6432
6462
  uxNotAllowed: uxNotAllowed
6433
6463
  });
6434
6464
 
6435
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6465
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6436
6466
 
6437
6467
  /*
6438
6468
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6522,7 +6552,7 @@ function createInteractionRequiredAuthError(errorCode) {
6522
6552
  return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
6523
6553
  }
6524
6554
 
6525
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6555
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6526
6556
 
6527
6557
  /*
6528
6558
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6594,7 +6624,7 @@ class ProtocolUtils {
6594
6624
  }
6595
6625
  }
6596
6626
 
6597
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6627
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6598
6628
 
6599
6629
  /*
6600
6630
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6676,7 +6706,7 @@ class PopTokenGenerator {
6676
6706
  }
6677
6707
  }
6678
6708
 
6679
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6709
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6680
6710
  /*
6681
6711
  * Copyright (c) Microsoft Corporation. All rights reserved.
6682
6712
  * Licensed under the MIT License.
@@ -6703,7 +6733,7 @@ class PopTokenGenerator {
6703
6733
  }
6704
6734
  }
6705
6735
 
6706
- /*! @azure/msal-common v15.8.1 2025-07-08 */
6736
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
6707
6737
 
6708
6738
  /*
6709
6739
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7034,7 +7064,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7034
7064
  return baseAccount;
7035
7065
  }
7036
7066
 
7037
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7067
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7038
7068
  /*
7039
7069
  * Copyright (c) Microsoft Corporation. All rights reserved.
7040
7070
  * Licensed under the MIT License.
@@ -7052,7 +7082,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
7052
7082
  }
7053
7083
  }
7054
7084
 
7055
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7085
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7056
7086
 
7057
7087
  /*
7058
7088
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7287,7 +7317,7 @@ class AuthorizationCodeClient extends BaseClient {
7287
7317
  }
7288
7318
  }
7289
7319
 
7290
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7320
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7291
7321
 
7292
7322
  /*
7293
7323
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7496,7 +7526,7 @@ class RefreshTokenClient extends BaseClient {
7496
7526
  }
7497
7527
  }
7498
7528
 
7499
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7529
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7500
7530
 
7501
7531
  /*
7502
7532
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7594,7 +7624,7 @@ class SilentFlowClient extends BaseClient {
7594
7624
  }
7595
7625
  }
7596
7626
 
7597
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7627
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7598
7628
 
7599
7629
  /*
7600
7630
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7609,7 +7639,7 @@ const StubbedNetworkModule = {
7609
7639
  },
7610
7640
  };
7611
7641
 
7612
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7642
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7613
7643
 
7614
7644
  /*
7615
7645
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7833,7 +7863,7 @@ function extractLoginHint(account) {
7833
7863
  return account.idTokenClaims?.login_hint || null;
7834
7864
  }
7835
7865
 
7836
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7866
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7837
7867
 
7838
7868
  /*
7839
7869
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7891,7 +7921,7 @@ class AuthenticationHeaderParser {
7891
7921
  }
7892
7922
  }
7893
7923
 
7894
- /*! @azure/msal-common v15.8.1 2025-07-08 */
7924
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
7895
7925
 
7896
7926
  /*
7897
7927
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8154,7 +8184,7 @@ class ServerTelemetryManager {
8154
8184
  }
8155
8185
  }
8156
8186
 
8157
- /*! @azure/msal-common v15.8.1 2025-07-08 */
8187
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
8158
8188
  /*
8159
8189
  * Copyright (c) Microsoft Corporation. All rights reserved.
8160
8190
  * Licensed under the MIT License.
@@ -8162,7 +8192,7 @@ class ServerTelemetryManager {
8162
8192
  const missingKidError = "missing_kid_error";
8163
8193
  const missingAlgError = "missing_alg_error";
8164
8194
 
8165
- /*! @azure/msal-common v15.8.1 2025-07-08 */
8195
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
8166
8196
 
8167
8197
  /*
8168
8198
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8187,7 +8217,7 @@ function createJoseHeaderError(code) {
8187
8217
  return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
8188
8218
  }
8189
8219
 
8190
- /*! @azure/msal-common v15.8.1 2025-07-08 */
8220
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
8191
8221
 
8192
8222
  /*
8193
8223
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8227,7 +8257,7 @@ class JoseHeader {
8227
8257
  }
8228
8258
  }
8229
8259
 
8230
- /*! @azure/msal-common v15.8.1 2025-07-08 */
8260
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
8231
8261
 
8232
8262
  /*
8233
8263
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -10331,7 +10361,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
10331
10361
 
10332
10362
  /* eslint-disable header/header */
10333
10363
  const name = "@azure/msal-browser";
10334
- const version = "4.15.0";
10364
+ const version = "4.16.0";
10335
10365
 
10336
10366
  /*
10337
10367
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -13062,6 +13092,35 @@ async function initializeSilentRequest(request, account, config, performanceClie
13062
13092
  account: account,
13063
13093
  forceRefresh: request.forceRefresh || false,
13064
13094
  };
13095
+ }
13096
+ /**
13097
+ * Validates that the combination of request method, protocol mode and authorize body parameters is correct.
13098
+ * Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
13099
+ * @param interactionRequest
13100
+ * @param protocolMode
13101
+ * @returns
13102
+ */
13103
+ function validateRequestMethod(interactionRequest, protocolMode) {
13104
+ let httpMethod;
13105
+ const requestMethod = interactionRequest.httpMethod;
13106
+ if (protocolMode === ProtocolMode.EAR) {
13107
+ // Don't override httpMethod if it is already set, default to POST if not set
13108
+ httpMethod = requestMethod || HttpMethod.POST;
13109
+ // Validate that method is not GET if protocol mode is EAR
13110
+ if (httpMethod !== HttpMethod.POST) {
13111
+ throw createClientConfigurationError(invalidRequestMethodForEAR);
13112
+ }
13113
+ }
13114
+ else {
13115
+ // For non-EAR protocol modes, default to GET if httpMethod is not set
13116
+ httpMethod = requestMethod || HttpMethod.GET;
13117
+ }
13118
+ // Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
13119
+ if (interactionRequest.authorizePostBodyParameters &&
13120
+ httpMethod !== HttpMethod.POST) {
13121
+ throw createClientConfigurationError(invalidAuthorizePostBodyParameters);
13122
+ }
13123
+ return httpMethod;
13065
13124
  }
13066
13125
 
13067
13126
  /*
@@ -13238,7 +13297,7 @@ class StandardInteractionClient extends BaseInteractionClient {
13238
13297
  };
13239
13298
  const state = ProtocolUtils.setRequestState(this.browserCrypto, (request && request.state) || Constants.EMPTY_STRING, browserState);
13240
13299
  const baseRequest = await invokeAsync(initializeBaseRequest, PerformanceEvents.InitializeBaseRequest, this.logger, this.performanceClient, this.correlationId)({ ...request, correlationId: this.correlationId }, this.config, this.performanceClient, this.logger);
13241
- const validatedRequest = {
13300
+ const interactionRequest = {
13242
13301
  ...baseRequest,
13243
13302
  redirectUri: redirectUri,
13244
13303
  state: state,
@@ -13246,6 +13305,10 @@ class StandardInteractionClient extends BaseInteractionClient {
13246
13305
  responseMode: this.config.auth.OIDCOptions
13247
13306
  .serverResponseType,
13248
13307
  };
13308
+ const validatedRequest = {
13309
+ ...interactionRequest,
13310
+ httpMethod: validateRequestMethod(interactionRequest, this.config.auth.protocolMode),
13311
+ };
13249
13312
  // Skip active account lookup if either login hint or session id is set
13250
13313
  if (request.loginHint || request.sid) {
13251
13314
  return validatedRequest;
@@ -14240,6 +14303,19 @@ async function getEARForm(frame, config, authority, request, logger, performance
14240
14303
  const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
14241
14304
  return createForm(frame, url, parameters);
14242
14305
  }
14306
+ /**
14307
+ * Gets the form that will be posted to /authorize with request parameters when using POST method
14308
+ */
14309
+ async function getCodeForm(frame, config, authority, request, logger, performanceClient) {
14310
+ const parameters = await getStandardParameters(config, authority, request, logger, performanceClient);
14311
+ addResponseType(parameters, OAuthResponseType.CODE);
14312
+ addCodeChallengeParams(parameters, request.codeChallenge, request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD);
14313
+ addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
14314
+ const queryParams = new Map();
14315
+ addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
14316
+ const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
14317
+ return createForm(frame, url, parameters);
14318
+ }
14243
14319
  /**
14244
14320
  * Creates form element in the provided document with auth parameters in the post body
14245
14321
  * @param frame
@@ -14931,9 +15007,10 @@ class PopupClient extends StandardInteractionClient {
14931
15007
  * @param pkceCodes
14932
15008
  */
14933
15009
  acquireToken(request, pkceCodes) {
15010
+ let popupParams = undefined;
14934
15011
  try {
14935
15012
  const popupName = this.generatePopupName(request.scopes || OIDC_DEFAULT_SCOPES, request.authority || this.config.auth.authority);
14936
- const popupParams = {
15013
+ popupParams = {
14937
15014
  popupName,
14938
15015
  popupWindowAttributes: request.popupWindowAttributes || {},
14939
15016
  popupWindowParent: request.popupWindowParent ?? window,
@@ -14946,10 +15023,15 @@ class PopupClient extends StandardInteractionClient {
14946
15023
  return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
14947
15024
  }
14948
15025
  else {
15026
+ // Pre-validate request method to avoid opening popup if the request is invalid
15027
+ const validatedRequest = {
15028
+ ...request,
15029
+ httpMethod: validateRequestMethod(request, this.config.auth.protocolMode),
15030
+ };
14949
15031
  // asyncPopups flag is set to false. Opens popup before acquiring token.
14950
15032
  this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
14951
15033
  popupParams.popup = this.openSizedPopup("about:blank", popupParams);
14952
- return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
15034
+ return this.acquireTokenPopupAsync(validatedRequest, popupParams, pkceCodes);
14953
15035
  }
14954
15036
  }
14955
15037
  catch (e) {
@@ -15041,15 +15123,20 @@ class PopupClient extends StandardInteractionClient {
15041
15123
  requestExtraQueryParameters: popupRequest.extraQueryParameters,
15042
15124
  account: popupRequest.account,
15043
15125
  });
15044
- // Create acquire token url.
15045
- const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
15046
- // Show the UI once the url has been created. Get the window handle for the popup.
15047
- const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
15048
- this.eventHandler.emitEvent(EventType.POPUP_OPENED, exports.InteractionType.Popup, { popupWindow }, null);
15049
- // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
15050
- const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
15051
- const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
15052
- return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15126
+ if (popupRequest.httpMethod === HttpMethod.POST) {
15127
+ return await this.executeCodeFlowWithPost(popupRequest, popupParams, authClient, pkce.verifier);
15128
+ }
15129
+ else {
15130
+ // Create acquire token url.
15131
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
15132
+ // Show the UI once the url has been created. Get the window handle for the popup.
15133
+ const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
15134
+ this.eventHandler.emitEvent(EventType.POPUP_OPENED, exports.InteractionType.Popup, { popupWindow }, null);
15135
+ // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
15136
+ const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
15137
+ const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
15138
+ return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15139
+ }
15053
15140
  }
15054
15141
  catch (e) {
15055
15142
  // Close the synchronous popup if an error is thrown before the window unload event is registered
@@ -15087,6 +15174,23 @@ class PopupClient extends StandardInteractionClient {
15087
15174
  const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
15088
15175
  return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(popupRequest, serverParams, ApiId.acquireTokenPopup, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15089
15176
  }
15177
+ async executeCodeFlowWithPost(request, popupParams, authClient, pkceVerifier) {
15178
+ const correlationId = request.correlationId;
15179
+ // Get the frame handle for the silent request
15180
+ const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
15181
+ requestAuthority: request.authority,
15182
+ requestAzureCloudOptions: request.azureCloudOptions,
15183
+ requestExtraQueryParameters: request.extraQueryParameters,
15184
+ account: request.account,
15185
+ });
15186
+ const popupWindow = popupParams.popup || this.openPopup("about:blank", popupParams);
15187
+ const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
15188
+ form.submit();
15189
+ // Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
15190
+ const responseString = await invokeAsync(this.monitorPopupForHash.bind(this), PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupWindow, popupParams.popupWindowParent);
15191
+ const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
15192
+ return invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
15193
+ }
15090
15194
  /**
15091
15195
  *
15092
15196
  * @param validRequest
@@ -15438,18 +15542,23 @@ class RedirectClient extends StandardInteractionClient {
15438
15542
  };
15439
15543
  this.browserStorage.cacheAuthorizeRequest(redirectRequest, pkceCodes.verifier);
15440
15544
  try {
15441
- // Initialize the client
15442
- const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
15443
- serverTelemetryManager,
15444
- requestAuthority: redirectRequest.authority,
15445
- requestAzureCloudOptions: redirectRequest.azureCloudOptions,
15446
- requestExtraQueryParameters: redirectRequest.extraQueryParameters,
15447
- account: redirectRequest.account,
15448
- });
15449
- // Create acquire token url.
15450
- const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
15451
- // Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
15452
- return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
15545
+ if (redirectRequest.httpMethod === HttpMethod.POST) {
15546
+ return await this.executeCodeFlowWithPost(redirectRequest);
15547
+ }
15548
+ else {
15549
+ // Initialize the client
15550
+ const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
15551
+ serverTelemetryManager,
15552
+ requestAuthority: redirectRequest.authority,
15553
+ requestAzureCloudOptions: redirectRequest.azureCloudOptions,
15554
+ requestExtraQueryParameters: redirectRequest.extraQueryParameters,
15555
+ account: redirectRequest.account,
15556
+ });
15557
+ // Create acquire token url.
15558
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
15559
+ // Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
15560
+ return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
15561
+ }
15453
15562
  }
15454
15563
  catch (e) {
15455
15564
  if (e instanceof AuthError) {
@@ -15486,6 +15595,28 @@ class RedirectClient extends StandardInteractionClient {
15486
15595
  }, this.config.system.redirectNavigationTimeout);
15487
15596
  });
15488
15597
  }
15598
+ /**
15599
+ * Executes classic Authorization Code flow with a POST request.
15600
+ * @param request
15601
+ */
15602
+ async executeCodeFlowWithPost(request) {
15603
+ const correlationId = request.correlationId;
15604
+ // Get the frame handle for the silent request
15605
+ const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
15606
+ requestAuthority: request.authority,
15607
+ requestAzureCloudOptions: request.azureCloudOptions,
15608
+ requestExtraQueryParameters: request.extraQueryParameters,
15609
+ account: request.account,
15610
+ });
15611
+ this.browserStorage.cacheAuthorizeRequest(request);
15612
+ const form = await getCodeForm(document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
15613
+ form.submit();
15614
+ return new Promise((resolve, reject) => {
15615
+ setTimeout(() => {
15616
+ reject(createBrowserAuthError(timedOut, "failed_to_redirect"));
15617
+ }, this.config.system.redirectNavigationTimeout);
15618
+ });
15619
+ }
15489
15620
  /**
15490
15621
  * Checks if navigateToLoginRequestUrl is set, and:
15491
15622
  * - if true, performs logic to cache and navigate
@@ -15796,6 +15927,15 @@ async function initiateCodeRequest(requestUrl, performanceClient, logger, correl
15796
15927
  }
15797
15928
  return invoke(loadFrameSync, PerformanceEvents.SilentHandlerLoadFrameSync, logger, performanceClient, correlationId)(requestUrl);
15798
15929
  }
15930
+ async function initiateCodeFlowWithPost(config, authority, request, logger, performanceClient) {
15931
+ const frame = createHiddenIframe();
15932
+ if (!frame.contentDocument) {
15933
+ throw "No document associated with iframe!";
15934
+ }
15935
+ const form = await getCodeForm(frame.contentDocument, config, authority, request, logger, performanceClient);
15936
+ form.submit();
15937
+ return frame;
15938
+ }
15799
15939
  async function initiateEarRequest(config, authority, request, logger, performanceClient) {
15800
15940
  const frame = createHiddenIframe();
15801
15941
  if (!frame.contentDocument) {
@@ -16044,10 +16184,16 @@ class SilentIframeClient extends StandardInteractionClient {
16044
16184
  ...request,
16045
16185
  codeChallenge: pkceCodes.challenge,
16046
16186
  };
16047
- // Create authorize request url
16048
- const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
16049
- // Get the frame handle for the silent request
16050
- const msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
16187
+ let msalFrame;
16188
+ if (request.httpMethod === HttpMethod.POST) {
16189
+ msalFrame = await invokeAsync(initiateCodeFlowWithPost, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
16190
+ }
16191
+ else {
16192
+ // Create authorize request url
16193
+ const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
16194
+ // Get the frame handle for the silent request
16195
+ msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
16196
+ }
16051
16197
  const responseType = this.config.auth.OIDCOptions.serverResponseType;
16052
16198
  // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
16053
16199
  const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
@@ -18146,7 +18292,13 @@ class NestedAppAuthController {
18146
18292
  ...this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp),
18147
18293
  };
18148
18294
  // cache the tokens in the response
18149
- await this.hydrateCache(result, request);
18295
+ try {
18296
+ // cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
18297
+ await this.hydrateCache(result, request);
18298
+ }
18299
+ catch (error) {
18300
+ this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
18301
+ }
18150
18302
  // cache the account context in memory after successful token fetch
18151
18303
  this.currentAccountContext = {
18152
18304
  homeAccountId: result.account.homeAccountId,
@@ -18203,7 +18355,13 @@ class NestedAppAuthController {
18203
18355
  const response = await this.bridgeProxy.getTokenSilent(naaRequest);
18204
18356
  const result = this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp);
18205
18357
  // cache the tokens in the response
18206
- await this.hydrateCache(result, request);
18358
+ try {
18359
+ // cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
18360
+ await this.hydrateCache(result, request);
18361
+ }
18362
+ catch (error) {
18363
+ this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
18364
+ }
18207
18365
  // cache the account context in memory after successful token fetch
18208
18366
  this.currentAccountContext = {
18209
18367
  homeAccountId: result.account.homeAccountId,