@azure/msal-browser 4.15.0 → 4.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (307) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/app/PublicClientNext.mjs +1 -1
  4. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  7. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  8. package/dist/cache/AccountManager.mjs +1 -1
  9. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  10. package/dist/cache/BrowserCacheManager.mjs +1 -1
  11. package/dist/cache/CacheHelpers.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/LocalStorage.mjs +1 -1
  15. package/dist/cache/MemoryStorage.mjs +1 -1
  16. package/dist/cache/SessionStorage.mjs +1 -1
  17. package/dist/cache/TokenCache.mjs +1 -1
  18. package/dist/config/Configuration.mjs +1 -1
  19. package/dist/controllers/ControllerFactory.mjs +1 -1
  20. package/dist/controllers/NestedAppAuthController.d.ts.map +1 -1
  21. package/dist/controllers/NestedAppAuthController.mjs +15 -3
  22. package/dist/controllers/NestedAppAuthController.mjs.map +1 -1
  23. package/dist/controllers/StandardController.mjs +1 -1
  24. package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
  25. package/dist/crypto/BrowserCrypto.mjs +1 -1
  26. package/dist/crypto/CryptoOps.mjs +1 -1
  27. package/dist/crypto/PkceGenerator.mjs +1 -1
  28. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  29. package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
  30. package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  31. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  32. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  33. package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  34. package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
  35. package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
  36. package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
  37. package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
  38. package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
  39. package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
  40. package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
  41. package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
  42. package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
  43. package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
  44. package/dist/custom-auth-path/config/Configuration.mjs +1 -1
  45. package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
  46. package/dist/custom-auth-path/controllers/NestedAppAuthController.d.ts.map +1 -1
  47. package/dist/custom-auth-path/controllers/StandardController.mjs +1 -1
  48. package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
  49. package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
  50. package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
  51. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
  52. package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
  53. package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  54. package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  55. package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  56. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  57. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  58. package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  59. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  60. package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
  61. package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
  62. package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  63. package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  64. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  65. package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  66. package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  67. package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  68. package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  69. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  70. package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  71. package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
  72. package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  73. package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  74. package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  75. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  76. package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  77. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  78. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  79. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  80. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  81. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  82. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  83. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  84. package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  85. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  86. package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  87. package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  88. package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  89. package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
  90. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  91. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  92. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  93. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  94. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  95. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  96. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  97. package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  98. package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  99. package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
  100. package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  101. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  102. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  103. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  104. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  105. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  106. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  107. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  108. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  109. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  110. package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  111. package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  112. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  113. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  114. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  115. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  116. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  117. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
  118. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  119. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  120. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  121. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  122. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  123. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  124. package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  125. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  126. package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  127. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  128. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  129. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  130. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  131. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  132. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  133. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  134. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  135. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  136. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  137. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  138. package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  139. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  140. package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  141. package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
  142. package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
  143. package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
  144. package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
  145. package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
  146. package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  147. package/dist/custom-auth-path/error/NativeAuthError.mjs +1 -1
  148. package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
  149. package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
  150. package/dist/custom-auth-path/event/EventType.mjs +1 -1
  151. package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
  152. package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  153. package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  154. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts +2 -1
  155. package/dist/custom-auth-path/interaction_client/PopupClient.d.ts.map +1 -1
  156. package/dist/custom-auth-path/interaction_client/PopupClient.mjs +43 -14
  157. package/dist/custom-auth-path/interaction_client/PopupClient.mjs.map +1 -1
  158. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts +5 -0
  159. package/dist/custom-auth-path/interaction_client/RedirectClient.d.ts.map +1 -1
  160. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +42 -15
  161. package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
  162. package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
  163. package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
  164. package/dist/custom-auth-path/interaction_client/SilentIframeClient.d.ts.map +1 -1
  165. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +13 -7
  166. package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs.map +1 -1
  167. package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
  168. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  169. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +7 -3
  170. package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs.map +1 -1
  171. package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
  172. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts +1 -0
  173. package/dist/custom-auth-path/interaction_handler/SilentHandler.d.ts.map +1 -1
  174. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +12 -3
  175. package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs.map +1 -1
  176. package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
  177. package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
  178. package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
  179. package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
  180. package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
  181. package/dist/custom-auth-path/packageMetadata.mjs +2 -2
  182. package/dist/custom-auth-path/protocol/Authorize.d.ts +4 -0
  183. package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
  184. package/dist/custom-auth-path/protocol/Authorize.mjs +15 -2
  185. package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
  186. package/dist/custom-auth-path/request/RequestHelpers.d.ts +11 -1
  187. package/dist/custom-auth-path/request/RequestHelpers.d.ts.map +1 -1
  188. package/dist/custom-auth-path/request/RequestHelpers.mjs +32 -3
  189. package/dist/custom-auth-path/request/RequestHelpers.mjs.map +1 -1
  190. package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
  191. package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
  192. package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
  193. package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
  194. package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
  195. package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
  196. package/dist/encode/Base64Decode.mjs +1 -1
  197. package/dist/encode/Base64Encode.mjs +1 -1
  198. package/dist/error/BrowserAuthError.mjs +1 -1
  199. package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
  200. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  201. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  202. package/dist/error/NativeAuthError.mjs +1 -1
  203. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  204. package/dist/error/NestedAppAuthError.mjs +1 -1
  205. package/dist/event/EventHandler.mjs +1 -1
  206. package/dist/event/EventMessage.mjs +1 -1
  207. package/dist/event/EventType.mjs +1 -1
  208. package/dist/index.mjs +1 -1
  209. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  210. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  211. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  212. package/dist/interaction_client/PopupClient.d.ts +2 -1
  213. package/dist/interaction_client/PopupClient.d.ts.map +1 -1
  214. package/dist/interaction_client/PopupClient.mjs +43 -14
  215. package/dist/interaction_client/PopupClient.mjs.map +1 -1
  216. package/dist/interaction_client/RedirectClient.d.ts +5 -0
  217. package/dist/interaction_client/RedirectClient.d.ts.map +1 -1
  218. package/dist/interaction_client/RedirectClient.mjs +42 -15
  219. package/dist/interaction_client/RedirectClient.mjs.map +1 -1
  220. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  221. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  222. package/dist/interaction_client/SilentIframeClient.d.ts.map +1 -1
  223. package/dist/interaction_client/SilentIframeClient.mjs +13 -7
  224. package/dist/interaction_client/SilentIframeClient.mjs.map +1 -1
  225. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  226. package/dist/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  227. package/dist/interaction_client/StandardInteractionClient.mjs +7 -3
  228. package/dist/interaction_client/StandardInteractionClient.mjs.map +1 -1
  229. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  230. package/dist/interaction_handler/SilentHandler.d.ts +1 -0
  231. package/dist/interaction_handler/SilentHandler.d.ts.map +1 -1
  232. package/dist/interaction_handler/SilentHandler.mjs +12 -3
  233. package/dist/interaction_handler/SilentHandler.mjs.map +1 -1
  234. package/dist/naa/BridgeError.mjs +1 -1
  235. package/dist/naa/BridgeProxy.mjs +1 -1
  236. package/dist/naa/BridgeStatusCode.mjs +1 -1
  237. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  238. package/dist/navigation/NavigationClient.mjs +1 -1
  239. package/dist/network/FetchClient.mjs +1 -1
  240. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  241. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  242. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  243. package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
  244. package/dist/packageMetadata.d.ts +1 -1
  245. package/dist/packageMetadata.mjs +2 -2
  246. package/dist/protocol/Authorize.d.ts +4 -0
  247. package/dist/protocol/Authorize.d.ts.map +1 -1
  248. package/dist/protocol/Authorize.mjs +15 -2
  249. package/dist/protocol/Authorize.mjs.map +1 -1
  250. package/dist/request/RequestHelpers.d.ts +11 -1
  251. package/dist/request/RequestHelpers.d.ts.map +1 -1
  252. package/dist/request/RequestHelpers.mjs +32 -3
  253. package/dist/request/RequestHelpers.mjs.map +1 -1
  254. package/dist/response/ResponseHandler.mjs +1 -1
  255. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  256. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  257. package/dist/utils/BrowserConstants.mjs +1 -1
  258. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  259. package/dist/utils/BrowserUtils.mjs +1 -1
  260. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  261. package/lib/custom-auth-path/msal-custom-auth.cjs +230 -94
  262. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  263. package/lib/custom-auth-path/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  264. package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  265. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts +2 -1
  266. package/lib/custom-auth-path/types/interaction_client/PopupClient.d.ts.map +1 -1
  267. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts +5 -0
  268. package/lib/custom-auth-path/types/interaction_client/RedirectClient.d.ts.map +1 -1
  269. package/lib/custom-auth-path/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  270. package/lib/custom-auth-path/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  271. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts +1 -0
  272. package/lib/custom-auth-path/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  273. package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
  274. package/lib/custom-auth-path/types/protocol/Authorize.d.ts +4 -0
  275. package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
  276. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts +11 -1
  277. package/lib/custom-auth-path/types/request/RequestHelpers.d.ts.map +1 -1
  278. package/lib/msal-browser.cjs +256 -98
  279. package/lib/msal-browser.cjs.map +1 -1
  280. package/lib/msal-browser.js +256 -98
  281. package/lib/msal-browser.js.map +1 -1
  282. package/lib/msal-browser.min.js +68 -68
  283. package/lib/types/controllers/NestedAppAuthController.d.ts.map +1 -1
  284. package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  285. package/lib/types/interaction_client/PopupClient.d.ts +2 -1
  286. package/lib/types/interaction_client/PopupClient.d.ts.map +1 -1
  287. package/lib/types/interaction_client/RedirectClient.d.ts +5 -0
  288. package/lib/types/interaction_client/RedirectClient.d.ts.map +1 -1
  289. package/lib/types/interaction_client/SilentIframeClient.d.ts.map +1 -1
  290. package/lib/types/interaction_client/StandardInteractionClient.d.ts.map +1 -1
  291. package/lib/types/interaction_handler/SilentHandler.d.ts +1 -0
  292. package/lib/types/interaction_handler/SilentHandler.d.ts.map +1 -1
  293. package/lib/types/packageMetadata.d.ts +1 -1
  294. package/lib/types/protocol/Authorize.d.ts +4 -0
  295. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  296. package/lib/types/request/RequestHelpers.d.ts +11 -1
  297. package/lib/types/request/RequestHelpers.d.ts.map +1 -1
  298. package/package.json +2 -2
  299. package/src/controllers/NestedAppAuthController.ts +18 -2
  300. package/src/interaction_client/PopupClient.ts +161 -63
  301. package/src/interaction_client/RedirectClient.ts +86 -35
  302. package/src/interaction_client/SilentIframeClient.ts +49 -28
  303. package/src/interaction_client/StandardInteractionClient.ts +13 -2
  304. package/src/interaction_handler/SilentHandler.ts +24 -1
  305. package/src/packageMetadata.ts +1 -1
  306. package/src/protocol/Authorize.ts +48 -0
  307. package/src/request/RequestHelpers.ts +45 -0
@@ -20,6 +20,7 @@ import {
20
20
  UrlUtils,
21
21
  InProgressPerformanceEvent,
22
22
  CommonAuthorizationUrlRequest,
23
+ HttpMethod,
23
24
  } from "@azure/msal-common/browser";
24
25
  import { StandardInteractionClient } from "./StandardInteractionClient.js";
25
26
  import {
@@ -194,41 +195,45 @@ export class RedirectClient extends StandardInteractionClient {
194
195
  );
195
196
 
196
197
  try {
197
- // Initialize the client
198
- const authClient: AuthorizationCodeClient = await invokeAsync(
199
- this.createAuthCodeClient.bind(this),
200
- PerformanceEvents.StandardInteractionClientCreateAuthCodeClient,
201
- this.logger,
202
- this.performanceClient,
203
- this.correlationId
204
- )({
205
- serverTelemetryManager,
206
- requestAuthority: redirectRequest.authority,
207
- requestAzureCloudOptions: redirectRequest.azureCloudOptions,
208
- requestExtraQueryParameters:
209
- redirectRequest.extraQueryParameters,
210
- account: redirectRequest.account,
211
- });
212
-
213
- // Create acquire token url.
214
- const navigateUrl = await invokeAsync(
215
- Authorize.getAuthCodeRequestUrl,
216
- PerformanceEvents.GetAuthCodeUrl,
217
- this.logger,
218
- this.performanceClient,
219
- request.correlationId
220
- )(
221
- this.config,
222
- authClient.authority,
223
- redirectRequest,
224
- this.logger,
225
- this.performanceClient
226
- );
227
- // Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
228
- return await this.initiateAuthRequest(
229
- navigateUrl,
230
- onRedirectNavigate
231
- );
198
+ if (redirectRequest.httpMethod === HttpMethod.POST) {
199
+ return await this.executeCodeFlowWithPost(redirectRequest);
200
+ } else {
201
+ // Initialize the client
202
+ const authClient: AuthorizationCodeClient = await invokeAsync(
203
+ this.createAuthCodeClient.bind(this),
204
+ PerformanceEvents.StandardInteractionClientCreateAuthCodeClient,
205
+ this.logger,
206
+ this.performanceClient,
207
+ this.correlationId
208
+ )({
209
+ serverTelemetryManager,
210
+ requestAuthority: redirectRequest.authority,
211
+ requestAzureCloudOptions: redirectRequest.azureCloudOptions,
212
+ requestExtraQueryParameters:
213
+ redirectRequest.extraQueryParameters,
214
+ account: redirectRequest.account,
215
+ });
216
+
217
+ // Create acquire token url.
218
+ const navigateUrl = await invokeAsync(
219
+ Authorize.getAuthCodeRequestUrl,
220
+ PerformanceEvents.GetAuthCodeUrl,
221
+ this.logger,
222
+ this.performanceClient,
223
+ request.correlationId
224
+ )(
225
+ this.config,
226
+ authClient.authority,
227
+ redirectRequest,
228
+ this.logger,
229
+ this.performanceClient
230
+ );
231
+ // Show the UI once the url has been created. Response will come back in the hash, which will be handled in the handleRedirectCallback function.
232
+ return await this.initiateAuthRequest(
233
+ navigateUrl,
234
+ onRedirectNavigate
235
+ );
236
+ }
232
237
  } catch (e) {
233
238
  if (e instanceof AuthError) {
234
239
  e.setCorrelationId(this.correlationId);
@@ -294,6 +299,52 @@ export class RedirectClient extends StandardInteractionClient {
294
299
  });
295
300
  }
296
301
 
302
+ /**
303
+ * Executes classic Authorization Code flow with a POST request.
304
+ * @param request
305
+ */
306
+ async executeCodeFlowWithPost(
307
+ request: CommonAuthorizationUrlRequest
308
+ ): Promise<void> {
309
+ const correlationId = request.correlationId;
310
+ // Get the frame handle for the silent request
311
+ const discoveredAuthority = await invokeAsync(
312
+ this.getDiscoveredAuthority.bind(this),
313
+ PerformanceEvents.StandardInteractionClientGetDiscoveredAuthority,
314
+ this.logger,
315
+ this.performanceClient,
316
+ correlationId
317
+ )({
318
+ requestAuthority: request.authority,
319
+ requestAzureCloudOptions: request.azureCloudOptions,
320
+ requestExtraQueryParameters: request.extraQueryParameters,
321
+ account: request.account,
322
+ });
323
+
324
+ this.browserStorage.cacheAuthorizeRequest(request);
325
+
326
+ const form = await Authorize.getCodeForm(
327
+ document,
328
+ this.config,
329
+ discoveredAuthority,
330
+ request,
331
+ this.logger,
332
+ this.performanceClient
333
+ );
334
+
335
+ form.submit();
336
+ return new Promise<void>((resolve, reject) => {
337
+ setTimeout(() => {
338
+ reject(
339
+ createBrowserAuthError(
340
+ BrowserAuthErrorCodes.timedOut,
341
+ "failed_to_redirect"
342
+ )
343
+ );
344
+ }, this.config.system.redirectNavigationTimeout);
345
+ });
346
+ }
347
+
297
348
  /**
298
349
  * Checks if navigateToLoginRequestUrl is set, and:
299
350
  * - if true, performs logic to cache and navigate
@@ -15,6 +15,7 @@ import {
15
15
  invoke,
16
16
  ProtocolMode,
17
17
  CommonAuthorizationUrlRequest,
18
+ HttpMethod,
18
19
  } from "@azure/msal-common/browser";
19
20
  import { StandardInteractionClient } from "./StandardInteractionClient.js";
20
21
  import { BrowserConfiguration } from "../config/Configuration.js";
@@ -32,6 +33,7 @@ import {
32
33
  } from "../utils/BrowserConstants.js";
33
34
  import {
34
35
  initiateCodeRequest,
36
+ initiateCodeFlowWithPost,
35
37
  initiateEarRequest,
36
38
  monitorIframeForHash,
37
39
  } from "../interaction_handler/SilentHandler.js";
@@ -337,35 +339,54 @@ export class SilentIframeClient extends StandardInteractionClient {
337
339
  ...request,
338
340
  codeChallenge: pkceCodes.challenge,
339
341
  };
340
- // Create authorize request url
341
- const navigateUrl = await invokeAsync(
342
- Authorize.getAuthCodeRequestUrl,
343
- PerformanceEvents.GetAuthCodeUrl,
344
- this.logger,
345
- this.performanceClient,
346
- correlationId
347
- )(
348
- this.config,
349
- authClient.authority,
350
- silentRequest,
351
- this.logger,
352
- this.performanceClient
353
- );
354
342
 
355
- // Get the frame handle for the silent request
356
- const msalFrame = await invokeAsync(
357
- initiateCodeRequest,
358
- PerformanceEvents.SilentHandlerInitiateAuthRequest,
359
- this.logger,
360
- this.performanceClient,
361
- correlationId
362
- )(
363
- navigateUrl,
364
- this.performanceClient,
365
- this.logger,
366
- correlationId,
367
- this.config.system.navigateFrameWait
368
- );
343
+ let msalFrame: HTMLIFrameElement;
344
+
345
+ if (request.httpMethod === HttpMethod.POST) {
346
+ msalFrame = await invokeAsync(
347
+ initiateCodeFlowWithPost,
348
+ PerformanceEvents.SilentHandlerInitiateAuthRequest,
349
+ this.logger,
350
+ this.performanceClient,
351
+ correlationId
352
+ )(
353
+ this.config,
354
+ authClient.authority,
355
+ silentRequest,
356
+ this.logger,
357
+ this.performanceClient
358
+ );
359
+ } else {
360
+ // Create authorize request url
361
+ const navigateUrl = await invokeAsync(
362
+ Authorize.getAuthCodeRequestUrl,
363
+ PerformanceEvents.GetAuthCodeUrl,
364
+ this.logger,
365
+ this.performanceClient,
366
+ correlationId
367
+ )(
368
+ this.config,
369
+ authClient.authority,
370
+ silentRequest,
371
+ this.logger,
372
+ this.performanceClient
373
+ );
374
+
375
+ // Get the frame handle for the silent request
376
+ msalFrame = await invokeAsync(
377
+ initiateCodeRequest,
378
+ PerformanceEvents.SilentHandlerInitiateAuthRequest,
379
+ this.logger,
380
+ this.performanceClient,
381
+ correlationId
382
+ )(
383
+ navigateUrl,
384
+ this.performanceClient,
385
+ this.logger,
386
+ correlationId,
387
+ this.config.system.navigateFrameWait
388
+ );
389
+ }
369
390
 
370
391
  const responseType = this.config.auth.OIDCOptions.serverResponseType;
371
392
  // Monitor the window for the hash. Return the string value and close the popup when the hash is received. Default timeout is 60 seconds.
@@ -34,7 +34,10 @@ import { RedirectRequest } from "../request/RedirectRequest.js";
34
34
  import { PopupRequest } from "../request/PopupRequest.js";
35
35
  import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
36
36
  import { createNewGuid } from "../crypto/BrowserCrypto.js";
37
- import { initializeBaseRequest } from "../request/RequestHelpers.js";
37
+ import {
38
+ initializeBaseRequest,
39
+ validateRequestMethod,
40
+ } from "../request/RequestHelpers.js";
38
41
 
39
42
  /**
40
43
  * Defines the class structure and helper functions used by the "standard", non-brokered auth flows (popup, redirect, silent (RT), silent (iframe))
@@ -319,7 +322,7 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
319
322
  this.logger
320
323
  );
321
324
 
322
- const validatedRequest: CommonAuthorizationUrlRequest = {
325
+ const interactionRequest: CommonAuthorizationUrlRequest = {
323
326
  ...baseRequest,
324
327
  redirectUri: redirectUri,
325
328
  state: state,
@@ -328,6 +331,14 @@ export abstract class StandardInteractionClient extends BaseInteractionClient {
328
331
  .serverResponseType as ResponseMode,
329
332
  };
330
333
 
334
+ const validatedRequest = {
335
+ ...interactionRequest,
336
+ httpMethod: validateRequestMethod(
337
+ interactionRequest,
338
+ this.config.auth.protocolMode
339
+ ),
340
+ };
341
+
331
342
  // Skip active account lookup if either login hint or session id is set
332
343
  if (request.loginHint || request.sid) {
333
344
  return validatedRequest;
@@ -21,7 +21,7 @@ import {
21
21
  BrowserConfiguration,
22
22
  DEFAULT_IFRAME_TIMEOUT_MS,
23
23
  } from "../config/Configuration.js";
24
- import { getEARForm } from "../protocol/Authorize.js";
24
+ import { getCodeForm, getEARForm } from "../protocol/Authorize.js";
25
25
 
26
26
  /**
27
27
  * Creates a hidden iframe to given URL using user-requested scopes as an id.
@@ -63,6 +63,29 @@ export async function initiateCodeRequest(
63
63
  )(requestUrl);
64
64
  }
65
65
 
66
+ export async function initiateCodeFlowWithPost(
67
+ config: BrowserConfiguration,
68
+ authority: Authority,
69
+ request: CommonAuthorizationUrlRequest,
70
+ logger: Logger,
71
+ performanceClient: IPerformanceClient
72
+ ): Promise<HTMLIFrameElement> {
73
+ const frame = createHiddenIframe();
74
+ if (!frame.contentDocument) {
75
+ throw "No document associated with iframe!";
76
+ }
77
+ const form = await getCodeForm(
78
+ frame.contentDocument,
79
+ config,
80
+ authority,
81
+ request,
82
+ logger,
83
+ performanceClient
84
+ );
85
+ form.submit();
86
+ return frame;
87
+ }
88
+
66
89
  export async function initiateEarRequest(
67
90
  config: BrowserConfiguration,
68
91
  authority: Authority,
@@ -1,3 +1,3 @@
1
1
  /* eslint-disable header/header */
2
2
  export const name = "@azure/msal-browser";
3
- export const version = "4.15.0";
3
+ export const version = "4.16.0";
@@ -210,6 +210,54 @@ export async function getEARForm(
210
210
  return createForm(frame, url, parameters);
211
211
  }
212
212
 
213
+ /**
214
+ * Gets the form that will be posted to /authorize with request parameters when using POST method
215
+ */
216
+ export async function getCodeForm(
217
+ frame: Document,
218
+ config: BrowserConfiguration,
219
+ authority: Authority,
220
+ request: CommonAuthorizationUrlRequest,
221
+ logger: Logger,
222
+ performanceClient: IPerformanceClient
223
+ ): Promise<HTMLFormElement> {
224
+ const parameters = await getStandardParameters(
225
+ config,
226
+ authority,
227
+ request,
228
+ logger,
229
+ performanceClient
230
+ );
231
+
232
+ RequestParameterBuilder.addResponseType(parameters, OAuthResponseType.CODE);
233
+
234
+ RequestParameterBuilder.addCodeChallengeParams(
235
+ parameters,
236
+ request.codeChallenge,
237
+ request.codeChallengeMethod || Constants.S256_CODE_CHALLENGE_METHOD
238
+ );
239
+
240
+ RequestParameterBuilder.addPostBodyParameters(
241
+ parameters,
242
+ request.authorizePostBodyParameters || {}
243
+ );
244
+
245
+ const queryParams = new Map<string, string>();
246
+ RequestParameterBuilder.addExtraQueryParameters(
247
+ queryParams,
248
+ request.extraQueryParameters || {}
249
+ );
250
+
251
+ const url = AuthorizeProtocol.getAuthorizeUrl(
252
+ authority,
253
+ queryParams,
254
+ config.auth.encodeExtraQueryParams,
255
+ request.extraQueryParameters
256
+ );
257
+
258
+ return createForm(frame, url, parameters);
259
+ }
260
+
213
261
  /**
214
262
  * Creates form element in the provided document with auth parameters in the post body
215
263
  * @param frame
@@ -9,9 +9,11 @@ import {
9
9
  BaseAuthRequest,
10
10
  ClientConfigurationErrorCodes,
11
11
  CommonSilentFlowRequest,
12
+ HttpMethod,
12
13
  IPerformanceClient,
13
14
  Logger,
14
15
  PerformanceEvents,
16
+ ProtocolMode,
15
17
  StringUtils,
16
18
  createClientConfigurationError,
17
19
  invokeAsync,
@@ -19,6 +21,8 @@ import {
19
21
  import { BrowserConfiguration } from "../config/Configuration.js";
20
22
  import { SilentRequest } from "./SilentRequest.js";
21
23
  import { hashString } from "../crypto/BrowserCrypto.js";
24
+ import { PopupRequest } from "./PopupRequest.js";
25
+ import { RedirectRequest } from "./RedirectRequest.js";
22
26
 
23
27
  /**
24
28
  * Initializer function for all request APIs
@@ -110,3 +114,44 @@ export async function initializeSilentRequest(
110
114
  forceRefresh: request.forceRefresh || false,
111
115
  };
112
116
  }
117
+
118
+ /**
119
+ * Validates that the combination of request method, protocol mode and authorize body parameters is correct.
120
+ * Returns the validated or defaulted HTTP method or throws if the configured combination is invalid.
121
+ * @param interactionRequest
122
+ * @param protocolMode
123
+ * @returns
124
+ */
125
+ export function validateRequestMethod(
126
+ interactionRequest: BaseAuthRequest | PopupRequest | RedirectRequest,
127
+ protocolMode: ProtocolMode
128
+ ): HttpMethod {
129
+ let httpMethod: HttpMethod | undefined;
130
+ const requestMethod = interactionRequest.httpMethod;
131
+
132
+ if (protocolMode === ProtocolMode.EAR) {
133
+ // Don't override httpMethod if it is already set, default to POST if not set
134
+ httpMethod = requestMethod || HttpMethod.POST;
135
+ // Validate that method is not GET if protocol mode is EAR
136
+ if (httpMethod !== HttpMethod.POST) {
137
+ throw createClientConfigurationError(
138
+ ClientConfigurationErrorCodes.invalidRequestMethodForEAR
139
+ );
140
+ }
141
+ } else {
142
+ // For non-EAR protocol modes, default to GET if httpMethod is not set
143
+ httpMethod = requestMethod || HttpMethod.GET;
144
+ }
145
+
146
+ // Regardless of protocolMode, if there are authorizePostBodyParameters, validate the request method is POST
147
+ if (
148
+ interactionRequest.authorizePostBodyParameters &&
149
+ httpMethod !== HttpMethod.POST
150
+ ) {
151
+ throw createClientConfigurationError(
152
+ ClientConfigurationErrorCodes.invalidAuthorizePostBodyParameters
153
+ );
154
+ }
155
+
156
+ return httpMethod;
157
+ }