@azure/msal-browser 4.15.0 → 4.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +15 -3
- package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
- package/dist/controllers/StandardController.mjs +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
- package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
- package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
- package/dist/interaction_client/PopupClient.d.ts +2 -1
- package/dist/interaction_client/PopupClient.d.ts.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +43 -14
- package/dist/interaction_client/PopupClient.mjs.map +1 -1
- package/dist/interaction_client/RedirectClient.d.ts +5 -0
- package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
- package/dist/interaction_client/RedirectClient.mjs +42 -15
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +13 -7
- package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
- package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.d.ts +1 -0
- package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +12 -3
- package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +4 -0
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +15 -2
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.d.ts +11 -1
- package/dist/request/RequestHelpers.d.ts.map +1 -1
- package/dist/request/RequestHelpers.mjs +32 -3
- package/dist/request/RequestHelpers.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +230 -94
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
- package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
- package/lib/msal-browser.cjs +256 -98
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +256 -98
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +68 -68
- package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/interaction_client/PopupClient.d.ts +2 -1
- package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
- package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
- package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
- package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
- package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
- package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
- package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +4 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/RequestHelpers.d.ts +11 -1
- package/lib/types/request/RequestHelpers.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/controllers/NestedAppAuthController.ts +18 -2
- package/src/interaction_client/PopupClient.ts +161 -63
- package/src/interaction_client/RedirectClient.ts +86 -35
- package/src/interaction_client/SilentIframeClient.ts +49 -28
- package/src/interaction_client/StandardInteractionClient.ts +13 -2
- package/src/interaction_handler/SilentHandler.ts +24 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +48 -0
- package/src/request/RequestHelpers.ts +45 -0
package/lib/msal-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.16.0 2025-07-23 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
/*! @azure/msal-common v15.
|
|
5
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6
6
|
/*
|
|
7
7
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8
8
|
* Licensed under the MIT License.
|
|
@@ -82,6 +82,10 @@ const HttpStatus = {
|
|
|
82
82
|
SERVER_ERROR_RANGE_END: 599,
|
|
83
83
|
MULTI_SIDED_ERROR: 600,
|
|
84
84
|
};
|
|
85
|
+
const HttpMethod = {
|
|
86
|
+
GET: "GET",
|
|
87
|
+
POST: "POST",
|
|
88
|
+
};
|
|
85
89
|
const OIDC_DEFAULT_SCOPES = [
|
|
86
90
|
Constants.OPENID_SCOPE,
|
|
87
91
|
Constants.PROFILE_SCOPE,
|
|
@@ -277,7 +281,7 @@ const JsonWebTokenTypes = {
|
|
|
277
281
|
// Token renewal offset default in seconds
|
|
278
282
|
const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
|
|
279
283
|
|
|
280
|
-
/*! @azure/msal-common v15.
|
|
284
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
281
285
|
/*
|
|
282
286
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
283
287
|
* Licensed under the MIT License.
|
|
@@ -294,7 +298,7 @@ var AuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
294
298
|
unexpectedError: unexpectedError
|
|
295
299
|
});
|
|
296
300
|
|
|
297
|
-
/*! @azure/msal-common v15.
|
|
301
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
298
302
|
|
|
299
303
|
/*
|
|
300
304
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -343,7 +347,7 @@ function createAuthError(code, additionalMessage) {
|
|
|
343
347
|
: AuthErrorMessages[code]);
|
|
344
348
|
}
|
|
345
349
|
|
|
346
|
-
/*! @azure/msal-common v15.
|
|
350
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
347
351
|
/*
|
|
348
352
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
349
353
|
* Licensed under the MIT License.
|
|
@@ -441,7 +445,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
441
445
|
userTimeoutReached: userTimeoutReached
|
|
442
446
|
});
|
|
443
447
|
|
|
444
|
-
/*! @azure/msal-common v15.
|
|
448
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
445
449
|
|
|
446
450
|
/*
|
|
447
451
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -693,7 +697,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
693
697
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
694
698
|
}
|
|
695
699
|
|
|
696
|
-
/*! @azure/msal-common v15.
|
|
700
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
697
701
|
|
|
698
702
|
/*
|
|
699
703
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -732,7 +736,7 @@ const DEFAULT_CRYPTO_IMPLEMENTATION = {
|
|
|
732
736
|
},
|
|
733
737
|
};
|
|
734
738
|
|
|
735
|
-
/*! @azure/msal-common v15.
|
|
739
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
736
740
|
|
|
737
741
|
/*
|
|
738
742
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -923,12 +927,12 @@ class Logger {
|
|
|
923
927
|
}
|
|
924
928
|
}
|
|
925
929
|
|
|
926
|
-
/*! @azure/msal-common v15.
|
|
930
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
927
931
|
/* eslint-disable header/header */
|
|
928
932
|
const name$1 = "@azure/msal-common";
|
|
929
|
-
const version$1 = "15.
|
|
933
|
+
const version$1 = "15.9.0";
|
|
930
934
|
|
|
931
|
-
/*! @azure/msal-common v15.
|
|
935
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
932
936
|
/*
|
|
933
937
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
934
938
|
* Licensed under the MIT License.
|
|
@@ -948,7 +952,7 @@ const AzureCloudInstance = {
|
|
|
948
952
|
AzureUsGovernment: "https://login.microsoftonline.us",
|
|
949
953
|
};
|
|
950
954
|
|
|
951
|
-
/*! @azure/msal-common v15.
|
|
955
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
952
956
|
|
|
953
957
|
/*
|
|
954
958
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1009,7 +1013,7 @@ function checkMaxAge(authTime, maxAge) {
|
|
|
1009
1013
|
}
|
|
1010
1014
|
}
|
|
1011
1015
|
|
|
1012
|
-
/*! @azure/msal-common v15.
|
|
1016
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1013
1017
|
/*
|
|
1014
1018
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1015
1019
|
* Licensed under the MIT License.
|
|
@@ -1064,7 +1068,7 @@ function wasClockTurnedBack(cachedAt) {
|
|
|
1064
1068
|
return cachedAtSec > nowSeconds();
|
|
1065
1069
|
}
|
|
1066
1070
|
|
|
1067
|
-
/*! @azure/msal-common v15.
|
|
1071
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1068
1072
|
|
|
1069
1073
|
/*
|
|
1070
1074
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1391,7 +1395,7 @@ function isAuthorityMetadataExpired(metadata) {
|
|
|
1391
1395
|
return metadata.expiresAt <= nowSeconds();
|
|
1392
1396
|
}
|
|
1393
1397
|
|
|
1394
|
-
/*! @azure/msal-common v15.
|
|
1398
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1395
1399
|
/*
|
|
1396
1400
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1397
1401
|
* Licensed under the MIT License.
|
|
@@ -1416,7 +1420,9 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
|
|
|
1416
1420
|
const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
1417
1421
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
1418
1422
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
1419
|
-
const authorityMismatch = "authority_mismatch";
|
|
1423
|
+
const authorityMismatch = "authority_mismatch";
|
|
1424
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
1425
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
1420
1426
|
|
|
1421
1427
|
var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
1422
1428
|
__proto__: null,
|
|
@@ -1428,9 +1434,11 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1428
1434
|
emptyInputScopesError: emptyInputScopesError,
|
|
1429
1435
|
invalidAuthenticationHeader: invalidAuthenticationHeader,
|
|
1430
1436
|
invalidAuthorityMetadata: invalidAuthorityMetadata,
|
|
1437
|
+
invalidAuthorizePostBodyParameters: invalidAuthorizePostBodyParameters,
|
|
1431
1438
|
invalidClaims: invalidClaims,
|
|
1432
1439
|
invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
|
|
1433
1440
|
invalidCodeChallengeMethod: invalidCodeChallengeMethod,
|
|
1441
|
+
invalidRequestMethodForEAR: invalidRequestMethodForEAR,
|
|
1434
1442
|
logoutRequestEmpty: logoutRequestEmpty,
|
|
1435
1443
|
missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
|
|
1436
1444
|
missingSshJwk: missingSshJwk,
|
|
@@ -1443,7 +1451,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
1443
1451
|
urlParseError: urlParseError
|
|
1444
1452
|
});
|
|
1445
1453
|
|
|
1446
|
-
/*! @azure/msal-common v15.
|
|
1454
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1447
1455
|
|
|
1448
1456
|
/*
|
|
1449
1457
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1471,6 +1479,8 @@ const ClientConfigurationErrorMessages = {
|
|
|
1471
1479
|
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
1472
1480
|
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
1473
1481
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
1482
|
+
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
1483
|
+
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
1474
1484
|
};
|
|
1475
1485
|
/**
|
|
1476
1486
|
* ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
|
|
@@ -1561,6 +1571,14 @@ const ClientConfigurationErrorMessage = {
|
|
|
1561
1571
|
code: authorityMismatch,
|
|
1562
1572
|
desc: ClientConfigurationErrorMessages[authorityMismatch],
|
|
1563
1573
|
},
|
|
1574
|
+
invalidAuthorizePostBodyParameters: {
|
|
1575
|
+
code: invalidAuthorizePostBodyParameters,
|
|
1576
|
+
desc: ClientConfigurationErrorMessages[invalidAuthorizePostBodyParameters],
|
|
1577
|
+
},
|
|
1578
|
+
invalidRequestMethodForEAR: {
|
|
1579
|
+
code: invalidRequestMethodForEAR,
|
|
1580
|
+
desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
|
|
1581
|
+
},
|
|
1564
1582
|
};
|
|
1565
1583
|
/**
|
|
1566
1584
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -1576,7 +1594,7 @@ function createClientConfigurationError(errorCode) {
|
|
|
1576
1594
|
return new ClientConfigurationError(errorCode);
|
|
1577
1595
|
}
|
|
1578
1596
|
|
|
1579
|
-
/*! @azure/msal-common v15.
|
|
1597
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1580
1598
|
/*
|
|
1581
1599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1582
1600
|
* Licensed under the MIT License.
|
|
@@ -1673,7 +1691,7 @@ class StringUtils {
|
|
|
1673
1691
|
}
|
|
1674
1692
|
}
|
|
1675
1693
|
|
|
1676
|
-
/*! @azure/msal-common v15.
|
|
1694
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1677
1695
|
|
|
1678
1696
|
/*
|
|
1679
1697
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1864,7 +1882,7 @@ class ScopeSet {
|
|
|
1864
1882
|
}
|
|
1865
1883
|
}
|
|
1866
1884
|
|
|
1867
|
-
/*! @azure/msal-common v15.
|
|
1885
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1868
1886
|
|
|
1869
1887
|
/*
|
|
1870
1888
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1904,7 +1922,7 @@ function buildClientInfoFromHomeAccountId(homeAccountId) {
|
|
|
1904
1922
|
};
|
|
1905
1923
|
}
|
|
1906
1924
|
|
|
1907
|
-
/*! @azure/msal-common v15.
|
|
1925
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1908
1926
|
/*
|
|
1909
1927
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1910
1928
|
* Licensed under the MIT License.
|
|
@@ -1983,7 +2001,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
1983
2001
|
return updatedAccountInfo;
|
|
1984
2002
|
}
|
|
1985
2003
|
|
|
1986
|
-
/*! @azure/msal-common v15.
|
|
2004
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
1987
2005
|
/*
|
|
1988
2006
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
1989
2007
|
* Licensed under the MIT License.
|
|
@@ -1998,7 +2016,7 @@ const AuthorityType = {
|
|
|
1998
2016
|
Ciam: 3,
|
|
1999
2017
|
};
|
|
2000
2018
|
|
|
2001
|
-
/*! @azure/msal-common v15.
|
|
2019
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2002
2020
|
/*
|
|
2003
2021
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2004
2022
|
* Licensed under the MIT License.
|
|
@@ -2020,7 +2038,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
|
|
|
2020
2038
|
return null;
|
|
2021
2039
|
}
|
|
2022
2040
|
|
|
2023
|
-
/*! @azure/msal-common v15.
|
|
2041
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2024
2042
|
/*
|
|
2025
2043
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2026
2044
|
* Licensed under the MIT License.
|
|
@@ -2044,7 +2062,7 @@ const ProtocolMode = {
|
|
|
2044
2062
|
EAR: "EAR",
|
|
2045
2063
|
};
|
|
2046
2064
|
|
|
2047
|
-
/*! @azure/msal-common v15.
|
|
2065
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2048
2066
|
|
|
2049
2067
|
/*
|
|
2050
2068
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2287,7 +2305,7 @@ class AccountEntity {
|
|
|
2287
2305
|
}
|
|
2288
2306
|
}
|
|
2289
2307
|
|
|
2290
|
-
/*! @azure/msal-common v15.
|
|
2308
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2291
2309
|
|
|
2292
2310
|
/*
|
|
2293
2311
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2352,7 +2370,7 @@ function mapToQueryString(parameters, encodeExtraParams = true, extraQueryParame
|
|
|
2352
2370
|
return queryParameterArray.join("&");
|
|
2353
2371
|
}
|
|
2354
2372
|
|
|
2355
|
-
/*! @azure/msal-common v15.
|
|
2373
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2356
2374
|
|
|
2357
2375
|
/*
|
|
2358
2376
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2516,7 +2534,7 @@ class UrlString {
|
|
|
2516
2534
|
}
|
|
2517
2535
|
}
|
|
2518
2536
|
|
|
2519
|
-
/*! @azure/msal-common v15.
|
|
2537
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2520
2538
|
|
|
2521
2539
|
/*
|
|
2522
2540
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2655,7 +2673,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2655
2673
|
return null;
|
|
2656
2674
|
}
|
|
2657
2675
|
|
|
2658
|
-
/*! @azure/msal-common v15.
|
|
2676
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2659
2677
|
/*
|
|
2660
2678
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
2661
2679
|
* Licensed under the MIT License.
|
|
@@ -2663,7 +2681,7 @@ function getCloudDiscoveryMetadataFromNetworkResponse(response, authorityHost) {
|
|
|
2663
2681
|
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
2664
2682
|
const cacheErrorUnknown = "cache_error_unknown";
|
|
2665
2683
|
|
|
2666
|
-
/*! @azure/msal-common v15.
|
|
2684
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2667
2685
|
|
|
2668
2686
|
/*
|
|
2669
2687
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -2708,7 +2726,7 @@ function createCacheError(e) {
|
|
|
2708
2726
|
}
|
|
2709
2727
|
}
|
|
2710
2728
|
|
|
2711
|
-
/*! @azure/msal-common v15.
|
|
2729
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2712
2730
|
|
|
2713
2731
|
/*
|
|
2714
2732
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -3875,7 +3893,7 @@ class DefaultStorageClass extends CacheManager {
|
|
|
3875
3893
|
}
|
|
3876
3894
|
}
|
|
3877
3895
|
|
|
3878
|
-
/*! @azure/msal-common v15.
|
|
3896
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
3879
3897
|
/*
|
|
3880
3898
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3881
3899
|
* Licensed under the MIT License.
|
|
@@ -4387,7 +4405,7 @@ const IntFields = new Set([
|
|
|
4387
4405
|
"encryptedCacheExpiredCount",
|
|
4388
4406
|
]);
|
|
4389
4407
|
|
|
4390
|
-
/*! @azure/msal-common v15.
|
|
4408
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4391
4409
|
|
|
4392
4410
|
/*
|
|
4393
4411
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4466,7 +4484,7 @@ class StubPerformanceClient {
|
|
|
4466
4484
|
}
|
|
4467
4485
|
}
|
|
4468
4486
|
|
|
4469
|
-
/*! @azure/msal-common v15.
|
|
4487
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4470
4488
|
|
|
4471
4489
|
/*
|
|
4472
4490
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4566,7 +4584,7 @@ function isOidcProtocolMode(config) {
|
|
|
4566
4584
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
4567
4585
|
}
|
|
4568
4586
|
|
|
4569
|
-
/*! @azure/msal-common v15.
|
|
4587
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4570
4588
|
/*
|
|
4571
4589
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4572
4590
|
* Licensed under the MIT License.
|
|
@@ -4576,7 +4594,7 @@ const CcsCredentialType = {
|
|
|
4576
4594
|
UPN: "UPN",
|
|
4577
4595
|
};
|
|
4578
4596
|
|
|
4579
|
-
/*! @azure/msal-common v15.
|
|
4597
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4580
4598
|
/*
|
|
4581
4599
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4582
4600
|
* Licensed under the MIT License.
|
|
@@ -4626,7 +4644,7 @@ const INSTANCE_AWARE = "instance_aware";
|
|
|
4626
4644
|
const EAR_JWK = "ear_jwk";
|
|
4627
4645
|
const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
4628
4646
|
|
|
4629
|
-
/*! @azure/msal-common v15.
|
|
4647
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4630
4648
|
|
|
4631
4649
|
/*
|
|
4632
4650
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4992,9 +5010,21 @@ function addEARParameters(parameters, jwk) {
|
|
|
4992
5010
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
4993
5011
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
4994
5012
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
5013
|
+
}
|
|
5014
|
+
/**
|
|
5015
|
+
* Adds authorize body parameters to the request parameters
|
|
5016
|
+
* @param parameters
|
|
5017
|
+
* @param bodyParameters
|
|
5018
|
+
*/
|
|
5019
|
+
function addPostBodyParameters(parameters, bodyParameters) {
|
|
5020
|
+
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
5021
|
+
if (value) {
|
|
5022
|
+
parameters.set(key, value);
|
|
5023
|
+
}
|
|
5024
|
+
});
|
|
4995
5025
|
}
|
|
4996
5026
|
|
|
4997
|
-
/*! @azure/msal-common v15.
|
|
5027
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
4998
5028
|
/*
|
|
4999
5029
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5000
5030
|
* Licensed under the MIT License.
|
|
@@ -5006,7 +5036,7 @@ function isOpenIdConfigResponse(response) {
|
|
|
5006
5036
|
response.hasOwnProperty("jwks_uri"));
|
|
5007
5037
|
}
|
|
5008
5038
|
|
|
5009
|
-
/*! @azure/msal-common v15.
|
|
5039
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5010
5040
|
/*
|
|
5011
5041
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5012
5042
|
* Licensed under the MIT License.
|
|
@@ -5016,7 +5046,7 @@ function isCloudInstanceDiscoveryResponse(response) {
|
|
|
5016
5046
|
response.hasOwnProperty("metadata"));
|
|
5017
5047
|
}
|
|
5018
5048
|
|
|
5019
|
-
/*! @azure/msal-common v15.
|
|
5049
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5020
5050
|
/*
|
|
5021
5051
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5022
5052
|
* Licensed under the MIT License.
|
|
@@ -5026,7 +5056,7 @@ function isCloudInstanceDiscoveryErrorResponse(response) {
|
|
|
5026
5056
|
response.hasOwnProperty("error_description"));
|
|
5027
5057
|
}
|
|
5028
5058
|
|
|
5029
|
-
/*! @azure/msal-common v15.
|
|
5059
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5030
5060
|
/*
|
|
5031
5061
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5032
5062
|
* Licensed under the MIT License.
|
|
@@ -5122,7 +5152,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
|
|
|
5122
5152
|
};
|
|
5123
5153
|
};
|
|
5124
5154
|
|
|
5125
|
-
/*! @azure/msal-common v15.
|
|
5155
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5126
5156
|
|
|
5127
5157
|
/*
|
|
5128
5158
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5228,7 +5258,7 @@ RegionDiscovery.IMDS_OPTIONS = {
|
|
|
5228
5258
|
},
|
|
5229
5259
|
};
|
|
5230
5260
|
|
|
5231
|
-
/*! @azure/msal-common v15.
|
|
5261
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
5232
5262
|
|
|
5233
5263
|
/*
|
|
5234
5264
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6067,7 +6097,7 @@ function buildStaticAuthorityOptions(authOptions) {
|
|
|
6067
6097
|
};
|
|
6068
6098
|
}
|
|
6069
6099
|
|
|
6070
|
-
/*! @azure/msal-common v15.
|
|
6100
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6071
6101
|
|
|
6072
6102
|
/*
|
|
6073
6103
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6098,7 +6128,7 @@ async function createDiscoveredInstance(authorityUri, networkClient, cacheManage
|
|
|
6098
6128
|
}
|
|
6099
6129
|
}
|
|
6100
6130
|
|
|
6101
|
-
/*! @azure/msal-common v15.
|
|
6131
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6102
6132
|
|
|
6103
6133
|
/*
|
|
6104
6134
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6117,7 +6147,7 @@ class ServerError extends AuthError {
|
|
|
6117
6147
|
}
|
|
6118
6148
|
}
|
|
6119
6149
|
|
|
6120
|
-
/*! @azure/msal-common v15.
|
|
6150
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6121
6151
|
/*
|
|
6122
6152
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6123
6153
|
* Licensed under the MIT License.
|
|
@@ -6138,7 +6168,7 @@ function getRequestThumbprint(clientId, request, homeAccountId) {
|
|
|
6138
6168
|
};
|
|
6139
6169
|
}
|
|
6140
6170
|
|
|
6141
|
-
/*! @azure/msal-common v15.
|
|
6171
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6142
6172
|
|
|
6143
6173
|
/*
|
|
6144
6174
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6225,7 +6255,7 @@ class ThrottlingUtils {
|
|
|
6225
6255
|
}
|
|
6226
6256
|
}
|
|
6227
6257
|
|
|
6228
|
-
/*! @azure/msal-common v15.
|
|
6258
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6229
6259
|
|
|
6230
6260
|
/*
|
|
6231
6261
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6256,7 +6286,7 @@ function createNetworkError(error, httpStatus, responseHeaders, additionalError)
|
|
|
6256
6286
|
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6257
6287
|
}
|
|
6258
6288
|
|
|
6259
|
-
/*! @azure/msal-common v15.
|
|
6289
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6260
6290
|
|
|
6261
6291
|
/*
|
|
6262
6292
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6404,7 +6434,7 @@ class BaseClient {
|
|
|
6404
6434
|
}
|
|
6405
6435
|
}
|
|
6406
6436
|
|
|
6407
|
-
/*! @azure/msal-common v15.
|
|
6437
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6408
6438
|
/*
|
|
6409
6439
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6410
6440
|
* Licensed under the MIT License.
|
|
@@ -6432,7 +6462,7 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
6432
6462
|
uxNotAllowed: uxNotAllowed
|
|
6433
6463
|
});
|
|
6434
6464
|
|
|
6435
|
-
/*! @azure/msal-common v15.
|
|
6465
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6436
6466
|
|
|
6437
6467
|
/*
|
|
6438
6468
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6522,7 +6552,7 @@ function createInteractionRequiredAuthError(errorCode) {
|
|
|
6522
6552
|
return new InteractionRequiredAuthError(errorCode, InteractionRequiredAuthErrorMessages[errorCode]);
|
|
6523
6553
|
}
|
|
6524
6554
|
|
|
6525
|
-
/*! @azure/msal-common v15.
|
|
6555
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6526
6556
|
|
|
6527
6557
|
/*
|
|
6528
6558
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6594,7 +6624,7 @@ class ProtocolUtils {
|
|
|
6594
6624
|
}
|
|
6595
6625
|
}
|
|
6596
6626
|
|
|
6597
|
-
/*! @azure/msal-common v15.
|
|
6627
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6598
6628
|
|
|
6599
6629
|
/*
|
|
6600
6630
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6676,7 +6706,7 @@ class PopTokenGenerator {
|
|
|
6676
6706
|
}
|
|
6677
6707
|
}
|
|
6678
6708
|
|
|
6679
|
-
/*! @azure/msal-common v15.
|
|
6709
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6680
6710
|
/*
|
|
6681
6711
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6682
6712
|
* Licensed under the MIT License.
|
|
@@ -6703,7 +6733,7 @@ class PopTokenGenerator {
|
|
|
6703
6733
|
}
|
|
6704
6734
|
}
|
|
6705
6735
|
|
|
6706
|
-
/*! @azure/msal-common v15.
|
|
6736
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
6707
6737
|
|
|
6708
6738
|
/*
|
|
6709
6739
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7034,7 +7064,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7034
7064
|
return baseAccount;
|
|
7035
7065
|
}
|
|
7036
7066
|
|
|
7037
|
-
/*! @azure/msal-common v15.
|
|
7067
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7038
7068
|
/*
|
|
7039
7069
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7040
7070
|
* Licensed under the MIT License.
|
|
@@ -7052,7 +7082,7 @@ async function getClientAssertion(clientAssertion, clientId, tokenEndpoint) {
|
|
|
7052
7082
|
}
|
|
7053
7083
|
}
|
|
7054
7084
|
|
|
7055
|
-
/*! @azure/msal-common v15.
|
|
7085
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7056
7086
|
|
|
7057
7087
|
/*
|
|
7058
7088
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7287,7 +7317,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7287
7317
|
}
|
|
7288
7318
|
}
|
|
7289
7319
|
|
|
7290
|
-
/*! @azure/msal-common v15.
|
|
7320
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7291
7321
|
|
|
7292
7322
|
/*
|
|
7293
7323
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7496,7 +7526,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7496
7526
|
}
|
|
7497
7527
|
}
|
|
7498
7528
|
|
|
7499
|
-
/*! @azure/msal-common v15.
|
|
7529
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7500
7530
|
|
|
7501
7531
|
/*
|
|
7502
7532
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7594,7 +7624,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7594
7624
|
}
|
|
7595
7625
|
}
|
|
7596
7626
|
|
|
7597
|
-
/*! @azure/msal-common v15.
|
|
7627
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7598
7628
|
|
|
7599
7629
|
/*
|
|
7600
7630
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7609,7 +7639,7 @@ const StubbedNetworkModule = {
|
|
|
7609
7639
|
},
|
|
7610
7640
|
};
|
|
7611
7641
|
|
|
7612
|
-
/*! @azure/msal-common v15.
|
|
7642
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7613
7643
|
|
|
7614
7644
|
/*
|
|
7615
7645
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7833,7 +7863,7 @@ function extractLoginHint(account) {
|
|
|
7833
7863
|
return account.idTokenClaims?.login_hint || null;
|
|
7834
7864
|
}
|
|
7835
7865
|
|
|
7836
|
-
/*! @azure/msal-common v15.
|
|
7866
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7837
7867
|
|
|
7838
7868
|
/*
|
|
7839
7869
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -7891,7 +7921,7 @@ class AuthenticationHeaderParser {
|
|
|
7891
7921
|
}
|
|
7892
7922
|
}
|
|
7893
7923
|
|
|
7894
|
-
/*! @azure/msal-common v15.
|
|
7924
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
7895
7925
|
|
|
7896
7926
|
/*
|
|
7897
7927
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8154,7 +8184,7 @@ class ServerTelemetryManager {
|
|
|
8154
8184
|
}
|
|
8155
8185
|
}
|
|
8156
8186
|
|
|
8157
|
-
/*! @azure/msal-common v15.
|
|
8187
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8158
8188
|
/*
|
|
8159
8189
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
8160
8190
|
* Licensed under the MIT License.
|
|
@@ -8162,7 +8192,7 @@ class ServerTelemetryManager {
|
|
|
8162
8192
|
const missingKidError = "missing_kid_error";
|
|
8163
8193
|
const missingAlgError = "missing_alg_error";
|
|
8164
8194
|
|
|
8165
|
-
/*! @azure/msal-common v15.
|
|
8195
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8166
8196
|
|
|
8167
8197
|
/*
|
|
8168
8198
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8187,7 +8217,7 @@ function createJoseHeaderError(code) {
|
|
|
8187
8217
|
return new JoseHeaderError(code, JoseHeaderErrorMessages[code]);
|
|
8188
8218
|
}
|
|
8189
8219
|
|
|
8190
|
-
/*! @azure/msal-common v15.
|
|
8220
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8191
8221
|
|
|
8192
8222
|
/*
|
|
8193
8223
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8227,7 +8257,7 @@ class JoseHeader {
|
|
|
8227
8257
|
}
|
|
8228
8258
|
}
|
|
8229
8259
|
|
|
8230
|
-
/*! @azure/msal-common v15.
|
|
8260
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
8231
8261
|
|
|
8232
8262
|
/*
|
|
8233
8263
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -10331,7 +10361,7 @@ function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system
|
|
|
10331
10361
|
|
|
10332
10362
|
/* eslint-disable header/header */
|
|
10333
10363
|
const name = "@azure/msal-browser";
|
|
10334
|
-
const version = "4.
|
|
10364
|
+
const version = "4.16.0";
|
|
10335
10365
|
|
|
10336
10366
|
/*
|
|
10337
10367
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -13062,6 +13092,35 @@ async function initializeSilentRequest(request, account, config, performanceClie
|
|
|
13062
13092
|
account: account,
|
|
13063
13093
|
forceRefresh: request.forceRefresh || false,
|
|
13064
13094
|
};
|
|
13095
|
+
}
|
|
13096
|
+
/**
|
|
13097
|
+
* Validates that the combination of request method, protocol mode and authorize body parameters is correct.
|
|
13098
|
+
* Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
|
|
13099
|
+
* @param interactionRequest
|
|
13100
|
+
* @param protocolMode
|
|
13101
|
+
* @returns
|
|
13102
|
+
*/
|
|
13103
|
+
function validateRequestMethod(interactionRequest, protocolMode) {
|
|
13104
|
+
let httpMethod;
|
|
13105
|
+
const requestMethod = interactionRequest.httpMethod;
|
|
13106
|
+
if (protocolMode === ProtocolMode.EAR) {
|
|
13107
|
+
// Don't override httpMethod if it is already set, default to POST if not set
|
|
13108
|
+
httpMethod = requestMethod || HttpMethod.POST;
|
|
13109
|
+
// Validate that method is not GET if protocol mode is EAR
|
|
13110
|
+
if (httpMethod !== HttpMethod.POST) {
|
|
13111
|
+
throw createClientConfigurationError(invalidRequestMethodForEAR);
|
|
13112
|
+
}
|
|
13113
|
+
}
|
|
13114
|
+
else {
|
|
13115
|
+
// For non-EAR protocol modes, default to GET if httpMethod is not set
|
|
13116
|
+
httpMethod = requestMethod || HttpMethod.GET;
|
|
13117
|
+
}
|
|
13118
|
+
// Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
|
|
13119
|
+
if (interactionRequest.authorizePostBodyParameters &&
|
|
13120
|
+
httpMethod !== HttpMethod.POST) {
|
|
13121
|
+
throw createClientConfigurationError(invalidAuthorizePostBodyParameters);
|
|
13122
|
+
}
|
|
13123
|
+
return httpMethod;
|
|
13065
13124
|
}
|
|
13066
13125
|
|
|
13067
13126
|
/*
|
|
@@ -13238,7 +13297,7 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
13238
13297
|
};
|
|
13239
13298
|
const state = ProtocolUtils.setRequestState(this.browserCrypto, (request && request.state) || Constants.EMPTY_STRING, browserState);
|
|
13240
13299
|
const baseRequest = await invokeAsync(initializeBaseRequest, PerformanceEvents.InitializeBaseRequest, this.logger, this.performanceClient, this.correlationId)({ ...request, correlationId: this.correlationId }, this.config, this.performanceClient, this.logger);
|
|
13241
|
-
const
|
|
13300
|
+
const interactionRequest = {
|
|
13242
13301
|
...baseRequest,
|
|
13243
13302
|
redirectUri: redirectUri,
|
|
13244
13303
|
state: state,
|
|
@@ -13246,6 +13305,10 @@ class StandardInteractionClient extends BaseInteractionClient {
|
|
|
13246
13305
|
responseMode: this.config.auth.OIDCOptions
|
|
13247
13306
|
.serverResponseType,
|
|
13248
13307
|
};
|
|
13308
|
+
const validatedRequest = {
|
|
13309
|
+
...interactionRequest,
|
|
13310
|
+
httpMethod: validateRequestMethod(interactionRequest, this.config.auth.protocolMode),
|
|
13311
|
+
};
|
|
13249
13312
|
// Skip active account lookup if either login hint or session id is set
|
|
13250
13313
|
if (request.loginHint || request.sid) {
|
|
13251
13314
|
return validatedRequest;
|
|
@@ -14240,6 +14303,19 @@ async function getEARForm(frame, config, authority, request, logger, performance
|
|
|
14240
14303
|
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
14241
14304
|
return createForm(frame, url, parameters);
|
|
14242
14305
|
}
|
|
14306
|
+
/**
|
|
14307
|
+
* Gets the form that will be posted to /authorize with request parameters when using POST method
|
|
14308
|
+
*/
|
|
14309
|
+
async function getCodeForm(frame, config, authority, request, logger, performanceClient) {
|
|
14310
|
+
const parameters = await getStandardParameters(config, authority, request, logger, performanceClient);
|
|
14311
|
+
addResponseType(parameters, OAuthResponseType.CODE);
|
|
14312
|
+
addCodeChallengeParams(parameters, request.codeChallenge, request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD);
|
|
14313
|
+
addPostBodyParameters(parameters, request.authorizePostBodyParameters || {});
|
|
14314
|
+
const queryParams = new Map();
|
|
14315
|
+
addExtraQueryParameters(queryParams, request.extraQueryParameters || {});
|
|
14316
|
+
const url = getAuthorizeUrl(authority, queryParams, config.auth.encodeExtraQueryParams, request.extraQueryParameters);
|
|
14317
|
+
return createForm(frame, url, parameters);
|
|
14318
|
+
}
|
|
14243
14319
|
/**
|
|
14244
14320
|
* Creates form element in the provided document with auth parameters in the post body
|
|
14245
14321
|
* @param frame
|
|
@@ -14931,9 +15007,10 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14931
15007
|
* @param pkceCodes
|
|
14932
15008
|
*/
|
|
14933
15009
|
acquireToken(request, pkceCodes) {
|
|
15010
|
+
let popupParams = undefined;
|
|
14934
15011
|
try {
|
|
14935
15012
|
const popupName = this.generatePopupName(request.scopes || OIDC_DEFAULT_SCOPES, request.authority || this.config.auth.authority);
|
|
14936
|
-
|
|
15013
|
+
popupParams = {
|
|
14937
15014
|
popupName,
|
|
14938
15015
|
popupWindowAttributes: request.popupWindowAttributes || {},
|
|
14939
15016
|
popupWindowParent: request.popupWindowParent ?? window,
|
|
@@ -14946,10 +15023,15 @@ class PopupClient extends StandardInteractionClient {
|
|
|
14946
15023
|
return this.acquireTokenPopupAsync(request, popupParams, pkceCodes);
|
|
14947
15024
|
}
|
|
14948
15025
|
else {
|
|
15026
|
+
// Pre-validate request method to avoid opening popup if the request is invalid
|
|
15027
|
+
const validatedRequest = {
|
|
15028
|
+
...request,
|
|
15029
|
+
httpMethod: validateRequestMethod(request, this.config.auth.protocolMode),
|
|
15030
|
+
};
|
|
14949
15031
|
// asyncPopups flag is set to false. Opens popup before acquiring token.
|
|
14950
15032
|
this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
|
|
14951
15033
|
popupParams.popup = this.openSizedPopup("about:blank", popupParams);
|
|
14952
|
-
return this.acquireTokenPopupAsync(
|
|
15034
|
+
return this.acquireTokenPopupAsync(validatedRequest, popupParams, pkceCodes);
|
|
14953
15035
|
}
|
|
14954
15036
|
}
|
|
14955
15037
|
catch (e) {
|
|
@@ -15041,15 +15123,20 @@ class PopupClient extends StandardInteractionClient {
|
|
|
15041
15123
|
requestExtraQueryParameters: popupRequest.extraQueryParameters,
|
|
15042
15124
|
account: popupRequest.account,
|
|
15043
15125
|
});
|
|
15044
|
-
|
|
15045
|
-
|
|
15046
|
-
|
|
15047
|
-
|
|
15048
|
-
|
|
15049
|
-
|
|
15050
|
-
|
|
15051
|
-
|
|
15052
|
-
|
|
15126
|
+
if (popupRequest.httpMethod === HttpMethod.POST) {
|
|
15127
|
+
return await this.executeCodeFlowWithPost(popupRequest, popupParams, authClient, pkce.verifier);
|
|
15128
|
+
}
|
|
15129
|
+
else {
|
|
15130
|
+
// Create acquire token url.
|
|
15131
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, popupRequest, this.logger, this.performanceClient);
|
|
15132
|
+
// Show the UI once the url has been created. Get the window handle for the popup.
|
|
15133
|
+
const popupWindow = this.initiateAuthRequest(navigateUrl, popupParams);
|
|
15134
|
+
this.eventHandler.emitEvent(EventType.POPUP_OPENED, exports.InteractionType.Popup, { popupWindow }, null);
|
|
15135
|
+
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
15136
|
+
const responseString = await this.monitorPopupForHash(popupWindow, popupParams.popupWindowParent);
|
|
15137
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15138
|
+
return await invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkce.verifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15139
|
+
}
|
|
15053
15140
|
}
|
|
15054
15141
|
catch (e) {
|
|
15055
15142
|
// Close the synchronous popup if an error is thrown before the window unload event is registered
|
|
@@ -15087,6 +15174,23 @@ class PopupClient extends StandardInteractionClient {
|
|
|
15087
15174
|
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15088
15175
|
return invokeAsync(handleResponseEAR, PerformanceEvents.HandleResponseEar, this.logger, this.performanceClient, correlationId)(popupRequest, serverParams, ApiId.acquireTokenPopup, this.config, discoveredAuthority, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15089
15176
|
}
|
|
15177
|
+
async executeCodeFlowWithPost(request, popupParams, authClient, pkceVerifier) {
|
|
15178
|
+
const correlationId = request.correlationId;
|
|
15179
|
+
// Get the frame handle for the silent request
|
|
15180
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
15181
|
+
requestAuthority: request.authority,
|
|
15182
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
15183
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
15184
|
+
account: request.account,
|
|
15185
|
+
});
|
|
15186
|
+
const popupWindow = popupParams.popup || this.openPopup("about:blank", popupParams);
|
|
15187
|
+
const form = await getCodeForm(popupWindow.document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
15188
|
+
form.submit();
|
|
15189
|
+
// Monitor the popup for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
15190
|
+
const responseString = await invokeAsync(this.monitorPopupForHash.bind(this), PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(popupWindow, popupParams.popupWindowParent);
|
|
15191
|
+
const serverParams = invoke(deserializeResponse, PerformanceEvents.DeserializeResponse, this.logger, this.performanceClient, this.correlationId)(responseString, this.config.auth.OIDCOptions.serverResponseType, this.logger);
|
|
15192
|
+
return invokeAsync(handleResponseCode, PerformanceEvents.HandleResponseCode, this.logger, this.performanceClient, correlationId)(request, serverParams, pkceVerifier, ApiId.acquireTokenPopup, this.config, authClient, this.browserStorage, this.nativeStorage, this.eventHandler, this.logger, this.performanceClient, this.platformAuthProvider);
|
|
15193
|
+
}
|
|
15090
15194
|
/**
|
|
15091
15195
|
*
|
|
15092
15196
|
* @param validRequest
|
|
@@ -15438,18 +15542,23 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
15438
15542
|
};
|
|
15439
15543
|
this.browserStorage.cacheAuthorizeRequest(redirectRequest, pkceCodes.verifier);
|
|
15440
15544
|
try {
|
|
15441
|
-
|
|
15442
|
-
|
|
15443
|
-
|
|
15444
|
-
|
|
15445
|
-
|
|
15446
|
-
|
|
15447
|
-
|
|
15448
|
-
|
|
15449
|
-
|
|
15450
|
-
|
|
15451
|
-
|
|
15452
|
-
|
|
15545
|
+
if (redirectRequest.httpMethod === HttpMethod.POST) {
|
|
15546
|
+
return await this.executeCodeFlowWithPost(redirectRequest);
|
|
15547
|
+
}
|
|
15548
|
+
else {
|
|
15549
|
+
// Initialize the client
|
|
15550
|
+
const authClient = await invokeAsync(this.createAuthCodeClient.bind(this), PerformanceEvents.StandardInteractionClientCreateAuthCodeClient, this.logger, this.performanceClient, this.correlationId)({
|
|
15551
|
+
serverTelemetryManager,
|
|
15552
|
+
requestAuthority: redirectRequest.authority,
|
|
15553
|
+
requestAzureCloudOptions: redirectRequest.azureCloudOptions,
|
|
15554
|
+
requestExtraQueryParameters: redirectRequest.extraQueryParameters,
|
|
15555
|
+
account: redirectRequest.account,
|
|
15556
|
+
});
|
|
15557
|
+
// Create acquire token url.
|
|
15558
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, request.correlationId)(this.config, authClient.authority, redirectRequest, this.logger, this.performanceClient);
|
|
15559
|
+
// Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
|
|
15560
|
+
return await this.initiateAuthRequest(navigateUrl, onRedirectNavigate);
|
|
15561
|
+
}
|
|
15453
15562
|
}
|
|
15454
15563
|
catch (e) {
|
|
15455
15564
|
if (e instanceof AuthError) {
|
|
@@ -15486,6 +15595,28 @@ class RedirectClient extends StandardInteractionClient {
|
|
|
15486
15595
|
}, this.config.system.redirectNavigationTimeout);
|
|
15487
15596
|
});
|
|
15488
15597
|
}
|
|
15598
|
+
/**
|
|
15599
|
+
* Executes classic Authorization Code flow with a POST request.
|
|
15600
|
+
* @param request
|
|
15601
|
+
*/
|
|
15602
|
+
async executeCodeFlowWithPost(request) {
|
|
15603
|
+
const correlationId = request.correlationId;
|
|
15604
|
+
// Get the frame handle for the silent request
|
|
15605
|
+
const discoveredAuthority = await invokeAsync(this.getDiscoveredAuthority.bind(this), PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority, this.logger, this.performanceClient, correlationId)({
|
|
15606
|
+
requestAuthority: request.authority,
|
|
15607
|
+
requestAzureCloudOptions: request.azureCloudOptions,
|
|
15608
|
+
requestExtraQueryParameters: request.extraQueryParameters,
|
|
15609
|
+
account: request.account,
|
|
15610
|
+
});
|
|
15611
|
+
this.browserStorage.cacheAuthorizeRequest(request);
|
|
15612
|
+
const form = await getCodeForm(document, this.config, discoveredAuthority, request, this.logger, this.performanceClient);
|
|
15613
|
+
form.submit();
|
|
15614
|
+
return new Promise((resolve, reject) => {
|
|
15615
|
+
setTimeout(() => {
|
|
15616
|
+
reject(createBrowserAuthError(timedOut, "failed_to_redirect"));
|
|
15617
|
+
}, this.config.system.redirectNavigationTimeout);
|
|
15618
|
+
});
|
|
15619
|
+
}
|
|
15489
15620
|
/**
|
|
15490
15621
|
* Checks if navigateToLoginRequestUrl is set, and:
|
|
15491
15622
|
* - if true, performs logic to cache and navigate
|
|
@@ -15796,6 +15927,15 @@ async function initiateCodeRequest(requestUrl, performanceClient, logger, correl
|
|
|
15796
15927
|
}
|
|
15797
15928
|
return invoke(loadFrameSync, PerformanceEvents.SilentHandlerLoadFrameSync, logger, performanceClient, correlationId)(requestUrl);
|
|
15798
15929
|
}
|
|
15930
|
+
async function initiateCodeFlowWithPost(config, authority, request, logger, performanceClient) {
|
|
15931
|
+
const frame = createHiddenIframe();
|
|
15932
|
+
if (!frame.contentDocument) {
|
|
15933
|
+
throw "No document associated with iframe!";
|
|
15934
|
+
}
|
|
15935
|
+
const form = await getCodeForm(frame.contentDocument, config, authority, request, logger, performanceClient);
|
|
15936
|
+
form.submit();
|
|
15937
|
+
return frame;
|
|
15938
|
+
}
|
|
15799
15939
|
async function initiateEarRequest(config, authority, request, logger, performanceClient) {
|
|
15800
15940
|
const frame = createHiddenIframe();
|
|
15801
15941
|
if (!frame.contentDocument) {
|
|
@@ -16044,10 +16184,16 @@ class SilentIframeClient extends StandardInteractionClient {
|
|
|
16044
16184
|
...request,
|
|
16045
16185
|
codeChallenge: pkceCodes.challenge,
|
|
16046
16186
|
};
|
|
16047
|
-
|
|
16048
|
-
|
|
16049
|
-
|
|
16050
|
-
|
|
16187
|
+
let msalFrame;
|
|
16188
|
+
if (request.httpMethod === HttpMethod.POST) {
|
|
16189
|
+
msalFrame = await invokeAsync(initiateCodeFlowWithPost, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
16190
|
+
}
|
|
16191
|
+
else {
|
|
16192
|
+
// Create authorize request url
|
|
16193
|
+
const navigateUrl = await invokeAsync(getAuthCodeRequestUrl, PerformanceEvents.GetAuthCodeUrl, this.logger, this.performanceClient, correlationId)(this.config, authClient.authority, silentRequest, this.logger, this.performanceClient);
|
|
16194
|
+
// Get the frame handle for the silent request
|
|
16195
|
+
msalFrame = await invokeAsync(initiateCodeRequest, PerformanceEvents.SilentHandlerInitiateAuthRequest, this.logger, this.performanceClient, correlationId)(navigateUrl, this.performanceClient, this.logger, correlationId, this.config.system.navigateFrameWait);
|
|
16196
|
+
}
|
|
16051
16197
|
const responseType = this.config.auth.OIDCOptions.serverResponseType;
|
|
16052
16198
|
// Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
|
|
16053
16199
|
const responseString = await invokeAsync(monitorIframeForHash, PerformanceEvents.SilentHandlerMonitorIframeForHash, this.logger, this.performanceClient, correlationId)(msalFrame, this.config.system.iframeHashTimeout, this.config.system.pollIntervalMilliseconds, this.performanceClient, this.logger, correlationId, responseType);
|
|
@@ -18146,7 +18292,13 @@ class NestedAppAuthController {
|
|
|
18146
18292
|
...this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp),
|
|
18147
18293
|
};
|
|
18148
18294
|
// cache the tokens in the response
|
|
18149
|
-
|
|
18295
|
+
try {
|
|
18296
|
+
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
|
|
18297
|
+
await this.hydrateCache(result, request);
|
|
18298
|
+
}
|
|
18299
|
+
catch (error) {
|
|
18300
|
+
this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
|
|
18301
|
+
}
|
|
18150
18302
|
// cache the account context in memory after successful token fetch
|
|
18151
18303
|
this.currentAccountContext = {
|
|
18152
18304
|
homeAccountId: result.account.homeAccountId,
|
|
@@ -18203,7 +18355,13 @@ class NestedAppAuthController {
|
|
|
18203
18355
|
const response = await this.bridgeProxy.getTokenSilent(naaRequest);
|
|
18204
18356
|
const result = this.nestedAppAuthAdapter.fromNaaTokenResponse(naaRequest, response, reqTimestamp);
|
|
18205
18357
|
// cache the tokens in the response
|
|
18206
|
-
|
|
18358
|
+
try {
|
|
18359
|
+
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
|
|
18360
|
+
await this.hydrateCache(result, request);
|
|
18361
|
+
}
|
|
18362
|
+
catch (error) {
|
|
18363
|
+
this.logger.warningPii(`Failed to hydrate cache. Error: ${error}`, validRequest.correlationId);
|
|
18364
|
+
}
|
|
18207
18365
|
// cache the account context in memory after successful token fetch
|
|
18208
18366
|
this.currentAccountContext = {
|
|
18209
18367
|
homeAccountId: result.account.homeAccountId,
|