@azure/msal-browser 4.20.0 → 4.21.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +30 -0
- package/dist/app/IPublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientApplication.mjs +1 -1
- package/dist/app/PublicClientNext.mjs +1 -1
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/cache/AccountManager.mjs +1 -1
- package/dist/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/cache/BrowserCacheManager.mjs +1 -1
- package/dist/cache/CacheHelpers.mjs +1 -1
- package/dist/cache/CacheKeys.mjs +1 -1
- package/dist/cache/CookieStorage.mjs +1 -1
- package/dist/cache/DatabaseStorage.mjs +1 -1
- package/dist/cache/EncryptedData.mjs +1 -1
- package/dist/cache/LocalStorage.mjs +1 -1
- package/dist/cache/MemoryStorage.mjs +1 -1
- package/dist/cache/SessionStorage.mjs +1 -1
- package/dist/cache/TokenCache.mjs +1 -1
- package/dist/config/Configuration.mjs +1 -1
- package/dist/controllers/ControllerFactory.mjs +1 -1
- package/dist/controllers/NestedAppAuthController.mjs +1 -1
- package/dist/controllers/StandardController.d.ts.map +1 -1
- package/dist/controllers/StandardController.mjs +36 -9
- package/dist/controllers/StandardController.mjs.map +1 -1
- package/dist/controllers/UnknownOperatingContextController.mjs +1 -1
- package/dist/crypto/BrowserCrypto.mjs +1 -1
- package/dist/crypto/CryptoOps.mjs +1 -1
- package/dist/crypto/PkceGenerator.mjs +1 -1
- package/dist/crypto/SignedHttpRequest.mjs +1 -1
- package/dist/custom-auth-path/app/PublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs +2 -3
- package/dist/custom-auth-path/broker/nativeBroker/NativeStatusCodes.mjs.map +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
- package/dist/custom-auth-path/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
- package/dist/custom-auth-path/cache/AccountManager.mjs +1 -1
- package/dist/custom-auth-path/cache/AsyncMemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/BrowserCacheManager.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheHelpers.mjs +1 -1
- package/dist/custom-auth-path/cache/CacheKeys.mjs +1 -1
- package/dist/custom-auth-path/cache/CookieStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/DatabaseStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/EncryptedData.mjs +1 -1
- package/dist/custom-auth-path/cache/LocalStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/MemoryStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/SessionStorage.mjs +1 -1
- package/dist/custom-auth-path/cache/TokenCache.mjs +1 -1
- package/dist/custom-auth-path/config/Configuration.mjs +1 -1
- package/dist/custom-auth-path/controllers/ControllerFactory.mjs +1 -1
- package/dist/custom-auth-path/controllers/StandardController.d.ts.map +1 -1
- package/dist/custom-auth-path/controllers/StandardController.mjs +36 -9
- package/dist/custom-auth-path/controllers/StandardController.mjs.map +1 -1
- package/dist/custom-auth-path/crypto/BrowserCrypto.mjs +1 -1
- package/dist/custom-auth-path/crypto/CryptoOps.mjs +1 -1
- package/dist/custom-auth-path/crypto/PkceGenerator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthConstants.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/CustomAuthAuthority.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/CustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnexpectedError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/core/utils/UrlUtils.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/index.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitCredentialResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
- package/dist/custom-auth-path/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Decode.mjs +1 -1
- package/dist/custom-auth-path/encode/Base64Encode.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/custom-auth-path/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.d.ts.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthError.mjs +3 -4
- package/dist/custom-auth-path/error/NativeAuthError.mjs.map +1 -1
- package/dist/custom-auth-path/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/custom-auth-path/event/EventHandler.mjs +1 -1
- package/dist/custom-auth-path/event/EventType.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs +15 -6
- package/dist/custom-auth-path/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/PopupClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs +4 -4
- package/dist/custom-auth-path/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/custom-auth-path/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/custom-auth-path/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/custom-auth-path/navigation/NavigationClient.mjs +1 -1
- package/dist/custom-auth-path/network/FetchClient.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/custom-auth-path/packageMetadata.d.ts +1 -1
- package/dist/custom-auth-path/packageMetadata.mjs +2 -2
- package/dist/custom-auth-path/protocol/Authorize.d.ts.map +1 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs +5 -1
- package/dist/custom-auth-path/protocol/Authorize.mjs.map +1 -1
- package/dist/custom-auth-path/request/RequestHelpers.mjs +1 -1
- package/dist/custom-auth-path/response/ResponseHandler.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserConstants.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/BrowserUtils.mjs +1 -1
- package/dist/custom-auth-path/utils/Helpers.mjs +1 -1
- package/dist/custom-auth-path/utils/MsalFrameStatsUtils.mjs +1 -1
- package/dist/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/dist/encode/Base64Decode.mjs +1 -1
- package/dist/encode/Base64Encode.mjs +1 -1
- package/dist/error/BrowserAuthError.mjs +1 -1
- package/dist/error/BrowserAuthErrorCodes.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
- package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
- package/dist/error/NativeAuthError.d.ts.map +1 -1
- package/dist/error/NativeAuthError.mjs +3 -4
- package/dist/error/NativeAuthError.mjs.map +1 -1
- package/dist/error/NativeAuthErrorCodes.mjs +1 -1
- package/dist/error/NestedAppAuthError.mjs +1 -1
- package/dist/event/EventHandler.mjs +1 -1
- package/dist/event/EventMessage.mjs +1 -1
- package/dist/event/EventType.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
- package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs +15 -6
- package/dist/interaction_client/PlatformAuthInteractionClient.mjs.map +1 -1
- package/dist/interaction_client/PopupClient.mjs +1 -1
- package/dist/interaction_client/RedirectClient.mjs +4 -4
- package/dist/interaction_client/RedirectClient.mjs.map +1 -1
- package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
- package/dist/interaction_client/SilentCacheClient.mjs +1 -1
- package/dist/interaction_client/SilentIframeClient.mjs +1 -1
- package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
- package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
- package/dist/interaction_handler/InteractionHandler.mjs +1 -1
- package/dist/interaction_handler/SilentHandler.mjs +1 -1
- package/dist/naa/BridgeError.mjs +1 -1
- package/dist/naa/BridgeProxy.mjs +1 -1
- package/dist/naa/BridgeStatusCode.mjs +1 -1
- package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
- package/dist/navigation/NavigationClient.mjs +1 -1
- package/dist/network/FetchClient.mjs +1 -1
- package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
- package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
- package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
- package/dist/operatingcontext/UnknownOperatingContext.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +5 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/RequestHelpers.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
- package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
- package/dist/utils/BrowserConstants.mjs +1 -1
- package/dist/utils/BrowserProtocolUtils.mjs +1 -1
- package/dist/utils/BrowserUtils.mjs +1 -1
- package/dist/utils/Helpers.mjs +1 -1
- package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
- package/lib/custom-auth-path/msal-custom-auth.cjs +177 -84
- package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
- package/lib/custom-auth-path/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/custom-auth-path/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/custom-auth-path/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/custom-auth-path/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/custom-auth-path/types/packageMetadata.d.ts +1 -1
- package/lib/custom-auth-path/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/msal-browser.cjs +179 -86
- package/lib/msal-browser.cjs.map +1 -1
- package/lib/msal-browser.js +179 -86
- package/lib/msal-browser.js.map +1 -1
- package/lib/msal-browser.min.js +66 -66
- package/lib/types/controllers/StandardController.d.ts.map +1 -1
- package/lib/types/custom_auth/CustomAuthConstants.d.ts +1 -1
- package/lib/types/error/NativeAuthError.d.ts.map +1 -1
- package/lib/types/interaction_client/PlatformAuthInteractionClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/controllers/StandardController.ts +42 -9
- package/src/error/NativeAuthError.ts +1 -2
- package/src/interaction_client/PlatformAuthInteractionClient.ts +17 -5
- package/src/interaction_client/RedirectClient.ts +2 -2
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +8 -0
package/README.md
CHANGED
|
@@ -132,6 +132,36 @@ npm test
|
|
|
132
132
|
npm run test:coverage
|
|
133
133
|
```
|
|
134
134
|
|
|
135
|
+
## Implicit Flow vs Authorization Code Flow with PKCE
|
|
136
|
+
|
|
137
|
+
`@azure/msal-browser` implements the [OAuth 2.0 Authorization Code Flow with PKCE](https://tools.ietf.org/html/rfc7636) for browser-based applications. This is a significant improvement over the Implicit Flow that was used in `@azure/msal`, `msal` or `adal-angular`.
|
|
138
|
+
|
|
139
|
+
### Authorization Code Flow with PKCE
|
|
140
|
+
|
|
141
|
+
The Authorization Code Flow with Proof Key for Code Exchange (PKCE) is the current industry standard for securing OAuth 2.0 authorization in public clients, including single-page applications (SPAs). Key benefits include:
|
|
142
|
+
|
|
143
|
+
- **Enhanced Security**: PKCE provides protection against authorization code interception attacks
|
|
144
|
+
- **No Tokens in URLs**: Tokens are never exposed in the browser's URL or history
|
|
145
|
+
- **Refresh Token Support**: Enables long-lived sessions through refresh tokens
|
|
146
|
+
- **OIDC Compliance**: Fully compliant with OpenID Connect standards
|
|
147
|
+
|
|
148
|
+
### Implicit Flow (Deprecated)
|
|
149
|
+
|
|
150
|
+
The Implicit Flow was the previous standard for SPAs but has been deprecated due to security concerns:
|
|
151
|
+
|
|
152
|
+
- **Tokens in URLs**: Access tokens are returned in URL fragments, making them visible in browser history and server logs
|
|
153
|
+
- **No Refresh Tokens**: Implicit flow cannot securely deliver refresh tokens to public clients
|
|
154
|
+
- **Increased Attack Surface**: Tokens are more susceptible to token leakage attacks
|
|
155
|
+
|
|
156
|
+
### Migration Considerations
|
|
157
|
+
|
|
158
|
+
- **`@azure/msal-browser` only supports Authorization Code Flow with PKCE** - Implicit Flow is not supported
|
|
159
|
+
- If you're migrating from `@azure/msal`, `msal` or `adal-angular`, see our [migration guide](./docs/v1-migration.md)
|
|
160
|
+
- Your Azure AD app registration needs to be configured for the Authorization Code Flow
|
|
161
|
+
- Existing applications using Implicit Flow should migrate to Authorization Code Flow for improved security
|
|
162
|
+
|
|
163
|
+
For more technical details about these flows, refer to the [Microsoft identity platform documentation](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-auth-code-flow).
|
|
164
|
+
|
|
135
165
|
## Framework Wrappers
|
|
136
166
|
|
|
137
167
|
If you are using a framework such as Angular or React you may be interested in using one of our wrapper libraries:
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { createBrowserConfigurationAuthError } from '../error/BrowserConfigurationAuthError.mjs';
|
|
4
4
|
import { stubbedPublicClientApplicationCalled } from '../error/BrowserConfigurationAuthErrorCodes.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { createController } from '../controllers/ControllerFactory.mjs';
|
|
4
4
|
import { UnknownOperatingContextController } from '../controllers/UnknownOperatingContextController.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
/*
|
|
4
4
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -8,10 +8,9 @@
|
|
|
8
8
|
const USER_INTERACTION_REQUIRED = "USER_INTERACTION_REQUIRED";
|
|
9
9
|
const USER_CANCEL = "USER_CANCEL";
|
|
10
10
|
const NO_NETWORK = "NO_NETWORK";
|
|
11
|
-
const PERSISTENT_ERROR = "PERSISTENT_ERROR";
|
|
12
11
|
const DISABLED = "DISABLED";
|
|
13
12
|
const ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE";
|
|
14
13
|
const UX_NOT_ALLOWED = "UX_NOT_ALLOWED";
|
|
15
14
|
|
|
16
|
-
export { ACCOUNT_UNAVAILABLE, DISABLED, NO_NETWORK,
|
|
15
|
+
export { ACCOUNT_UNAVAILABLE, DISABLED, NO_NETWORK, USER_CANCEL, USER_INTERACTION_REQUIRED, UX_NOT_ALLOWED };
|
|
17
16
|
//# sourceMappingURL=NativeStatusCodes.mjs.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NativeStatusCodes.mjs","sources":["../../../src/broker/nativeBroker/NativeStatusCodes.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAEH;AACO,MAAM,yBAAyB,GAAG,4BAA4B;AAC9D,MAAM,WAAW,GAAG,cAAc;AAClC,MAAM,UAAU,GAAG,aAAa;
|
|
1
|
+
{"version":3,"file":"NativeStatusCodes.mjs","sources":["../../../src/broker/nativeBroker/NativeStatusCodes.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAEH;AACO,MAAM,yBAAyB,GAAG,4BAA4B;AAC9D,MAAM,WAAW,GAAG,cAAc;AAClC,MAAM,UAAU,GAAG,aAAa;AAGhC,MAAM,QAAQ,GAAG,WAAW;AAC5B,MAAM,mBAAmB,GAAG,sBAAsB;AAClD,MAAM,cAAc,GAAG;;;;"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { PlatformAuthConstants, NativeExtensionMethod } from '../../utils/BrowserConstants.mjs';
|
|
4
4
|
import { PerformanceEvents, createAuthError, AuthErrorCodes } from '@azure/msal-common/browser';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { CacheManager, CacheHelpers, TimeUtils, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, createCacheError, CacheErrorCodes, invokeAsync, PerformanceEvents, AccountEntity, Constants, PersistentCacheKeys, StringUtils, AuthenticationScheme, CacheError, DEFAULT_CRYPTO_IMPLEMENTATION, CredentialType } from '@azure/msal-common/browser';
|
|
4
4
|
import { createBrowserAuthError } from '../error/BrowserAuthError.mjs';
|
package/dist/cache/CacheKeys.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { invoke, PerformanceEvents, invokeAsync } from '@azure/msal-common/browser';
|
|
4
4
|
import { generateHKDF, createNewGuid, generateBaseKey, decrypt, encrypt } from '../crypto/BrowserCrypto.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { createBrowserConfigurationAuthError } from '../error/BrowserConfigurationAuthError.mjs';
|
|
4
4
|
import { storageNotSupported } from '../error/BrowserConfigurationAuthErrorCodes.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { AuthToken, Authority, AccountEntity, buildAccountToCache, CacheHelpers, ScopeSet, TimeUtils } from '@azure/msal-common/browser';
|
|
4
4
|
import { createBrowserAuthError } from '../error/BrowserAuthError.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { StubPerformanceClient, ProtocolMode, Logger, LogLevel, createClientConfigurationError, ClientConfigurationErrorCodes, StubbedNetworkModule, DEFAULT_SYSTEM_OPTIONS, Constants, ServerResponseType, AzureCloudInstance } from '@azure/msal-common/browser';
|
|
4
4
|
import { BrowserConstants, BrowserCacheLocation } from '../utils/BrowserConstants.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { NestedAppOperatingContext } from '../operatingcontext/NestedAppOperatingContext.mjs';
|
|
4
4
|
import { StandardOperatingContext } from '../operatingcontext/StandardOperatingContext.mjs';
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { DEFAULT_CRYPTO_IMPLEMENTATION, buildStaticAuthorityOptions, PerformanceEvents, TimeUtils, AuthError, OIDC_DEFAULT_SCOPES, AccountEntity } from '@azure/msal-common/browser';
|
|
4
4
|
import { InteractionType, CacheLookupPolicy, DEFAULT_REQUEST } from '../utils/BrowserConstants.mjs';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"StandardController.d.ts","sourceRoot":"","sources":["../../src/controllers/StandardController.ts"],"names":[],"mappings":"AAMA,OAAO,EAEH,WAAW,EAEX,cAAc,EACd,MAAM,EACN,uBAAuB,EACvB,OAAO,EAIP,2BAA2B,EAC3B,kBAAkB,EAClB,eAAe,EASf,aAAa,EAIhB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACH,mBAAmB,EAEtB,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAgB,MAAM,4BAA4B,CAAC;AAChF,OAAO,EAEH,KAAK,EAEL,UAAU,EACV,iBAAiB,EAKpB,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAc,MAAM,0BAA0B,CAAC;AAC7E,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,mBAAmB,EAAE,MAAM,8CAA8C,CAAC;AAEnF,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAK5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,4CAA4C,CAAC;AAC/E,OAAO,EAAE,oBAAoB,EAAE,MAAM,+CAA+C,CAAC;AAKrF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AAElF,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EAAE,oBAAoB,EAAE,MAAM,6CAA6C,CAAC;AACnF,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAGpE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AA+BtF,qBAAa,kBAAmB,YAAW,WAAW;IAElD,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,wBAAwB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAG1C,SAAS,CAAC,QAAQ,CAAC,cAAc,EAAE,mBAAmB,CAAC;IAGvD,SAAS,CAAC,QAAQ,CAAC,qBAAqB,EAAE,mBAAmB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,cAAc,CAAC;IAGjD,SAAS,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IAGhD,OAAO,CAAC,UAAU,CAAa;IAG/B,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC;IAGzB,SAAS,CAAC,oBAAoB,EAAE,OAAO,CAAC;IAExC,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,GAAG,CACpC,MAAM,EACN,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CACvC,CAAC;IAGF,SAAS,CAAC,oBAAoB,EAAE,oBAAoB,GAAG,SAAS,CAAC;IAGjE,OAAO,CAAC,uBAAuB,CAA6C;IAG5E,SAAS,CAAC,QAAQ,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;IAGzD,SAAS,CAAC,WAAW,EAAE,OAAO,CAAC;IAG/B,OAAO,CAAC,yBAAyB,CAG/B;IAGF,OAAO,CAAC,mBAAmB,CAAyC;IAEpE,OAAO,CAAC,oBAAoB,CAAC,CAA6B;IAC1D,OAAO,CAAC,kCAAkC,CAAC,CAA6B;IAExE,OAAO,CAAC,QAAQ,CAAwB;IAExC;;;;;;;;;;;;;;;;;;;;OAoBG;gBACS,gBAAgB,EAAE,wBAAwB;WAwFzC,gBAAgB,CACzB,gBAAgB,EAAE,oBAAoB,EACtC,OAAO,CAAC,EAAE,4BAA4B,GACvC,OAAO,CAAC,WAAW,CAAC;IAMvB,OAAO,CAAC,mBAAmB;IAW3B;;;OAGG;IACG,UAAU,CACZ,OAAO,CAAC,EAAE,4BAA4B,EACtC,QAAQ,CAAC,EAAE,OAAO,GACnB,OAAO,CAAC,IAAI,CAAC;IAkFhB;;;;;;OAMG;IACG,qBAAqB,CACvB,IAAI,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAiCvC;;;;OAIG;YACW,6BAA6B;
|
|
1
|
+
{"version":3,"file":"StandardController.d.ts","sourceRoot":"","sources":["../../src/controllers/StandardController.ts"],"names":[],"mappings":"AAMA,OAAO,EAEH,WAAW,EAEX,cAAc,EACd,MAAM,EACN,uBAAuB,EACvB,OAAO,EAIP,2BAA2B,EAC3B,kBAAkB,EAClB,eAAe,EASf,aAAa,EAIhB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACH,mBAAmB,EAEtB,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EAAE,oBAAoB,EAAgB,MAAM,4BAA4B,CAAC;AAChF,OAAO,EAEH,KAAK,EAEL,UAAU,EACV,iBAAiB,EAKpB,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAc,MAAM,0BAA0B,CAAC;AAC7E,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,yCAAyC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACjF,OAAO,EAAE,mBAAmB,EAAE,MAAM,8CAA8C,CAAC;AAEnF,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAK5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,4CAA4C,CAAC;AAC/E,OAAO,EAAE,oBAAoB,EAAE,MAAM,+CAA+C,CAAC;AAKrF,OAAO,EAAE,wBAAwB,EAAE,MAAM,wCAAwC,CAAC;AAElF,OAAO,EAAE,wBAAwB,EAAE,MAAM,iDAAiD,CAAC;AAC3F,OAAO,EAAE,oBAAoB,EAAE,MAAM,6CAA6C,CAAC;AACnF,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AAGpE,OAAO,EAAE,4BAA4B,EAAE,MAAM,4CAA4C,CAAC;AAM1F,OAAO,EAAE,oBAAoB,EAAE,MAAM,gDAAgD,CAAC;AA+BtF,qBAAa,kBAAmB,YAAW,WAAW;IAElD,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,wBAAwB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;IAG1C,SAAS,CAAC,QAAQ,CAAC,cAAc,EAAE,mBAAmB,CAAC;IAGvD,SAAS,CAAC,QAAQ,CAAC,qBAAqB,EAAE,mBAAmB,CAAC;IAG9D,SAAS,CAAC,QAAQ,CAAC,aAAa,EAAE,cAAc,CAAC;IAGjD,SAAS,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,oBAAoB,CAAC;IAGhD,OAAO,CAAC,UAAU,CAAa;IAG/B,SAAS,CAAC,MAAM,EAAE,MAAM,CAAC;IAGzB,SAAS,CAAC,oBAAoB,EAAE,OAAO,CAAC;IAExC,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IAG9C,SAAS,CAAC,QAAQ,CAAC,gBAAgB,EAAE,GAAG,CACpC,MAAM,EACN,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC,CACvC,CAAC;IAGF,SAAS,CAAC,oBAAoB,EAAE,oBAAoB,GAAG,SAAS,CAAC;IAGjE,OAAO,CAAC,uBAAuB,CAA6C;IAG5E,SAAS,CAAC,QAAQ,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;IAGzD,SAAS,CAAC,WAAW,EAAE,OAAO,CAAC;IAG/B,OAAO,CAAC,yBAAyB,CAG/B;IAGF,OAAO,CAAC,mBAAmB,CAAyC;IAEpE,OAAO,CAAC,oBAAoB,CAAC,CAA6B;IAC1D,OAAO,CAAC,kCAAkC,CAAC,CAA6B;IAExE,OAAO,CAAC,QAAQ,CAAwB;IAExC;;;;;;;;;;;;;;;;;;;;OAoBG;gBACS,gBAAgB,EAAE,wBAAwB;WAwFzC,gBAAgB,CACzB,gBAAgB,EAAE,oBAAoB,EACtC,OAAO,CAAC,EAAE,4BAA4B,GACvC,OAAO,CAAC,WAAW,CAAC;IAMvB,OAAO,CAAC,mBAAmB;IAW3B;;;OAGG;IACG,UAAU,CACZ,OAAO,CAAC,EAAE,4BAA4B,EACtC,QAAQ,CAAC,EAAE,OAAO,GACnB,OAAO,CAAC,IAAI,CAAC;IAkFhB;;;;;;OAMG;IACG,qBAAqB,CACvB,IAAI,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAiCvC;;;;OAIG;YACW,6BAA6B;IAkL3C;;;;;;;;OAQG;IACG,oBAAoB,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAmKnE;;;;;;OAMG;IACH,iBAAiB,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAyJvE,OAAO,CAAC,kCAAkC;IAoB1C;;;;;;;;;;;;;;OAcG;IACG,SAAS,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAqGzE;;;;;;;;;OASG;IACG,kBAAkB,CACpB,OAAO,EAAE,wBAAwB,GAClC,OAAO,CAAC,oBAAoB,CAAC;IAqIhC;;;;OAIG;YACW,uBAAuB;IAiDrC;;;;;;OAMG;cACa,qBAAqB,CACjC,aAAa,EAAE,uBAAuB,EACtC,iBAAiB,EAAE,iBAAiB,GACrC,OAAO,CAAC,oBAAoB,CAAC;IA0BhC;;;;;OAKG;IACU,0BAA0B,CACnC,aAAa,EAAE,uBAAuB,EACtC,iBAAiB,EAAE,iBAAiB,GACrC,OAAO,CAAC,oBAAoB,CAAC;IA4BhC;;;;OAIG;cACa,0BAA0B,CACtC,OAAO,EAAE,uBAAuB,GACjC,OAAO,CAAC,oBAAoB,CAAC;IAuBhC;;;;OAIG;IACG,MAAM,CAAC,aAAa,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAY9D;;;;OAIG;IACG,cAAc,CAAC,aAAa,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAYtE;;;OAGG;IACH,WAAW,CAAC,aAAa,CAAC,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBlE;;;OAGG;IACG,UAAU,CAAC,aAAa,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;IAclE;;;;OAIG;IACH,cAAc,CAAC,aAAa,CAAC,EAAE,aAAa,GAAG,WAAW,EAAE;IAW5D;;;;OAIG;IACH,UAAU,CAAC,aAAa,EAAE,aAAa,GAAG,WAAW,GAAG,IAAI;IAU5D;;;;;;;OAOG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAU1D;;;;;;OAMG;IACH,kBAAkB,CAAC,aAAa,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAU7D;;;;;;OAMG;IACH,mBAAmB,CAAC,cAAc,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAU/D;;;OAGG;IACH,gBAAgB,CAAC,OAAO,EAAE,WAAW,GAAG,IAAI,GAAG,IAAI;IASnD;;OAEG;IACH,gBAAgB,IAAI,WAAW,GAAG,IAAI;IAUtC;;;;;OAKG;IACG,YAAY,CACd,MAAM,EAAE,oBAAoB,EAC5B,OAAO,EACD,aAAa,GACb,gBAAgB,GAChB,eAAe,GACf,YAAY,GACnB,OAAO,CAAC,IAAI,CAAC;IA2BhB;;;OAGG;IACU,kBAAkB,CAC3B,OAAO,EAAE,YAAY,GAAG,aAAa,GAAG,gBAAgB,EACxD,KAAK,EAAE,KAAK,EACZ,SAAS,CAAC,EAAE,MAAM,EAClB,iBAAiB,CAAC,EAAE,iBAAiB,GACtC,OAAO,CAAC,oBAAoB,CAAC;IAyBhC;;;OAGG;IACI,oBAAoB,CACvB,OAAO,EAAE,eAAe,GAAG,YAAY,GAAG,gBAAgB,EAC1D,SAAS,CAAC,EAAE,MAAM,GACnB,OAAO;IAkDV;;;;OAIG;IACI,kBAAkB,CACrB,OAAO,EAAE,eAAe,GAAG,YAAY,GAAG,gBAAgB,GAC3D,MAAM;IAYT;;;OAGG;IACI,iBAAiB,CAAC,aAAa,CAAC,EAAE,MAAM,GAAG,WAAW;IAe7D;;;OAGG;IACH,SAAS,CAAC,oBAAoB,CAAC,aAAa,CAAC,EAAE,MAAM,GAAG,cAAc;IAetE;;;OAGG;IACI,wBAAwB,CAC3B,aAAa,CAAC,EAAE,MAAM,GACvB,kBAAkB;IAgBrB;;OAEG;IACH,SAAS,CAAC,uBAAuB,CAC7B,aAAa,CAAC,EAAE,MAAM,GACvB,iBAAiB;IAcpB;;OAEG;IACH,SAAS,CAAC,yBAAyB,CAC/B,aAAa,CAAC,EAAE,MAAM,GACvB,mBAAmB;IActB;;OAEG;IACH,SAAS,CAAC,0BAA0B,CAChC,aAAa,CAAC,EAAE,MAAM,GACvB,oBAAoB;IAevB;;;OAGG;IACH,gBAAgB,CACZ,QAAQ,EAAE,qBAAqB,EAC/B,UAAU,CAAC,EAAE,KAAK,CAAC,SAAS,CAAC,GAC9B,MAAM,GAAG,IAAI;IAIhB;;;OAGG;IACH,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI;IAI7C;;;;;OAKG;IACH,sBAAsB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,MAAM;IAKrE;;;;;OAKG;IACH,yBAAyB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;IAItD;;;OAGG;IACH,0BAA0B,IAAI,IAAI;IAclC;;;OAGG;IACH,2BAA2B,IAAI,IAAI;IAcnC;;OAEG;IACH,aAAa,IAAI,WAAW;IAI5B;;OAEG;IACI,SAAS,IAAI,MAAM;IAI1B;;;OAGG;IACH,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAI/B;;;;OAIG;IACH,wBAAwB,CAAC,GAAG,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI;IAKhE;;;OAGG;IACH,mBAAmB,CAAC,gBAAgB,EAAE,iBAAiB,GAAG,IAAI;IAI9D;;OAEG;IACI,gBAAgB,IAAI,oBAAoB;IAI/C;;OAEG;IACI,oBAAoB,IAAI,kBAAkB;IAIjD;;OAEG;IACI,YAAY,IAAI,OAAO;IAI9B;;;;;;OAMG;IACH,SAAS,CAAC,uBAAuB,CAC7B,OAAO,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,GACnC,MAAM;IAkBT;;;;;;;;OAQG;IACG,aAAa,CAAC,OAAO,CAAC,EAAE,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC;IAS7D;;;;;;OAMG;IACH,UAAU,CAAC,OAAO,CAAC,EAAE,YAAY,GAAG,OAAO,CAAC,oBAAoB,CAAC;IASjE;;;;;OAKG;IACG,kBAAkB,CACpB,OAAO,EAAE,aAAa,GACvB,OAAO,CAAC,oBAAoB,CAAC;IAkDhC;;;;;;OAMG;YACW,yBAAyB;IAsDvC;;;;;OAKG;cACa,uBAAuB,CACnC,OAAO,EAAE,aAAa,GAAG;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,EAClD,OAAO,EAAE,WAAW,GACrB,OAAO,CAAC,oBAAoB,CAAC;IAuKhC;;;;;OAKG;YACW,0BAA0B;IAuFxC;;;OAGG;YACW,oBAAoB;IAYlC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAgBhC,OAAO,CAAC,oBAAoB;CAuB/B"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-browser v4.
|
|
1
|
+
/*! @azure/msal-browser v4.21.0 2025-08-19 */
|
|
2
2
|
'use strict';
|
|
3
3
|
import { CryptoOps } from '../crypto/CryptoOps.mjs';
|
|
4
4
|
import { DEFAULT_CRYPTO_IMPLEMENTATION, buildStaticAuthorityOptions, PerformanceEvents, invokeAsync, invoke, InteractionRequiredAuthError, createClientAuthError, ClientAuthErrorCodes, AccountEntity, PromptValue, Constants, AuthError, getRequestThumbprint, InteractionRequiredAuthErrorCodes } from '@azure/msal-common/browser';
|
|
@@ -242,6 +242,9 @@ class StandardController {
|
|
|
242
242
|
if (useNative && this.platformAuthProvider) {
|
|
243
243
|
rootMeasurement = this.performanceClient.startMeasurement(PerformanceEvents.AcquireTokenRedirect, platformBrokerRequest?.correlationId || "");
|
|
244
244
|
this.logger.trace("handleRedirectPromise - acquiring token from native platform");
|
|
245
|
+
rootMeasurement.add({
|
|
246
|
+
isPlatformBrokerRequest: true,
|
|
247
|
+
});
|
|
245
248
|
const nativeClient = new PlatformAuthInteractionClient(this.config, this.browserStorage, this.browserCrypto, this.logger, this.eventHandler, this.navigationClient, ApiId.handleRedirectPromise, this.performanceClient, this.platformAuthProvider, platformBrokerRequest.accountId, this.nativeInternalStorage, platformBrokerRequest.correlationId);
|
|
246
249
|
redirectResponse = invokeAsync(nativeClient.handleRedirectPromise.bind(nativeClient), PerformanceEvents.HandleNativeRedirectPromiseMeasurement, this.logger, this.performanceClient, rootMeasurement.event.correlationId)(this.performanceClient, rootMeasurement.event.correlationId);
|
|
247
250
|
}
|
|
@@ -377,9 +380,13 @@ class StandardController {
|
|
|
377
380
|
result = nativeClient
|
|
378
381
|
.acquireTokenRedirect(request, atrMeasurement)
|
|
379
382
|
.catch((e) => {
|
|
383
|
+
atrMeasurement.add({
|
|
384
|
+
brokerErrorName: e.name,
|
|
385
|
+
brokerErrorCode: e.errorCode,
|
|
386
|
+
});
|
|
380
387
|
if (e instanceof NativeAuthError &&
|
|
381
388
|
isFatalNativeAuthError(e)) {
|
|
382
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
389
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt platform broker calls
|
|
383
390
|
const redirectClient = this.createRedirectClient(correlationId);
|
|
384
391
|
return redirectClient.acquireToken(request);
|
|
385
392
|
}
|
|
@@ -456,6 +463,9 @@ class StandardController {
|
|
|
456
463
|
let result;
|
|
457
464
|
const pkce = this.getPreGeneratedPkceCodes(correlationId);
|
|
458
465
|
if (this.canUsePlatformBroker(request)) {
|
|
466
|
+
atPopupMeasurement.add({
|
|
467
|
+
isPlatformBrokerRequest: true,
|
|
468
|
+
});
|
|
459
469
|
result = this.acquireTokenNative({
|
|
460
470
|
...request,
|
|
461
471
|
correlationId,
|
|
@@ -463,15 +473,18 @@ class StandardController {
|
|
|
463
473
|
.then((response) => {
|
|
464
474
|
atPopupMeasurement.end({
|
|
465
475
|
success: true,
|
|
466
|
-
isNativeBroker: true,
|
|
467
476
|
accountType: getAccountType(response.account),
|
|
468
477
|
});
|
|
469
478
|
return response;
|
|
470
479
|
})
|
|
471
480
|
.catch((e) => {
|
|
481
|
+
atPopupMeasurement.add({
|
|
482
|
+
brokerErrorName: e.name,
|
|
483
|
+
brokerErrorCode: e.errorCode,
|
|
484
|
+
});
|
|
472
485
|
if (e instanceof NativeAuthError &&
|
|
473
486
|
isFatalNativeAuthError(e)) {
|
|
474
|
-
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
487
|
+
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to continuing to attempt platform broker calls
|
|
475
488
|
const popupClient = this.createPopupClient(correlationId);
|
|
476
489
|
return popupClient.acquireToken(request, pkce);
|
|
477
490
|
}
|
|
@@ -577,7 +590,14 @@ class StandardController {
|
|
|
577
590
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_START, InteractionType.Silent, validRequest);
|
|
578
591
|
let result;
|
|
579
592
|
if (this.canUsePlatformBroker(validRequest)) {
|
|
593
|
+
this.ssoSilentMeasurement?.add({
|
|
594
|
+
isPlatformBrokerRequest: true,
|
|
595
|
+
});
|
|
580
596
|
result = this.acquireTokenNative(validRequest, ApiId.ssoSilent).catch((e) => {
|
|
597
|
+
this.ssoSilentMeasurement?.add({
|
|
598
|
+
brokerErrorName: e.name,
|
|
599
|
+
brokerErrorCode: e.errorCode,
|
|
600
|
+
});
|
|
581
601
|
// If native token acquisition fails for availability reasons fallback to standard flow
|
|
582
602
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
583
603
|
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
@@ -596,7 +616,6 @@ class StandardController {
|
|
|
596
616
|
this.eventHandler.emitEvent(EventType.SSO_SILENT_SUCCESS, InteractionType.Silent, response);
|
|
597
617
|
this.ssoSilentMeasurement?.end({
|
|
598
618
|
success: true,
|
|
599
|
-
isNativeBroker: response.fromNativeBroker,
|
|
600
619
|
accessTokenSize: response.accessToken.length,
|
|
601
620
|
idTokenSize: response.idToken.length,
|
|
602
621
|
accountType: getAccountType(response.account),
|
|
@@ -650,7 +669,6 @@ class StandardController {
|
|
|
650
669
|
this.hybridAuthCodeResponses.delete(hybridAuthCode);
|
|
651
670
|
atbcMeasurement.end({
|
|
652
671
|
success: true,
|
|
653
|
-
isNativeBroker: result.fromNativeBroker,
|
|
654
672
|
accessTokenSize: result.accessToken.length,
|
|
655
673
|
idTokenSize: result.idToken.length,
|
|
656
674
|
accountType: getAccountType(result.account),
|
|
@@ -675,6 +693,9 @@ class StandardController {
|
|
|
675
693
|
}
|
|
676
694
|
else if (request.nativeAccountId) {
|
|
677
695
|
if (this.canUsePlatformBroker(request, request.nativeAccountId)) {
|
|
696
|
+
atbcMeasurement.add({
|
|
697
|
+
isPlatformBrokerRequest: true,
|
|
698
|
+
});
|
|
678
699
|
const result = await this.acquireTokenNative({
|
|
679
700
|
...request,
|
|
680
701
|
correlationId,
|
|
@@ -684,6 +705,10 @@ class StandardController {
|
|
|
684
705
|
isFatalNativeAuthError(e)) {
|
|
685
706
|
this.platformAuthProvider = undefined; // If extension gets uninstalled during session prevent future requests from continuing to attempt
|
|
686
707
|
}
|
|
708
|
+
atbcMeasurement.add({
|
|
709
|
+
brokerErrorName: e.name,
|
|
710
|
+
brokerErrorCode: e.errorCode,
|
|
711
|
+
});
|
|
687
712
|
throw e;
|
|
688
713
|
});
|
|
689
714
|
atbcMeasurement.end({
|
|
@@ -728,7 +753,6 @@ class StandardController {
|
|
|
728
753
|
this.acquireTokenByCodeAsyncMeasurement?.end({
|
|
729
754
|
success: true,
|
|
730
755
|
fromCache: response.fromCache,
|
|
731
|
-
isNativeBroker: response.fromNativeBroker,
|
|
732
756
|
});
|
|
733
757
|
return response;
|
|
734
758
|
})
|
|
@@ -1226,7 +1250,6 @@ class StandardController {
|
|
|
1226
1250
|
atsMeasurement.end({
|
|
1227
1251
|
success: true,
|
|
1228
1252
|
fromCache: result.fromCache,
|
|
1229
|
-
isNativeBroker: result.fromNativeBroker,
|
|
1230
1253
|
accessTokenSize: result.accessToken.length,
|
|
1231
1254
|
idTokenSize: result.idToken.length,
|
|
1232
1255
|
});
|
|
@@ -1361,7 +1384,6 @@ class StandardController {
|
|
|
1361
1384
|
if (request.correlationId) {
|
|
1362
1385
|
this.performanceClient.addFields({
|
|
1363
1386
|
fromCache: response.fromCache,
|
|
1364
|
-
isNativeBroker: response.fromNativeBroker,
|
|
1365
1387
|
}, request.correlationId);
|
|
1366
1388
|
}
|
|
1367
1389
|
return response;
|
|
@@ -1385,7 +1407,12 @@ class StandardController {
|
|
|
1385
1407
|
if (isPlatformAuthAllowed(this.config, this.logger, this.platformAuthProvider, silentRequest.authenticationScheme) &&
|
|
1386
1408
|
silentRequest.account.nativeAccountId) {
|
|
1387
1409
|
this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform");
|
|
1410
|
+
this.performanceClient.addFields({ isPlatformBrokerRequest: true }, silentRequest.correlationId);
|
|
1388
1411
|
return this.acquireTokenNative(silentRequest, ApiId.acquireTokenSilent_silentFlow, silentRequest.account.nativeAccountId, cacheLookupPolicy).catch(async (e) => {
|
|
1412
|
+
this.performanceClient.addFields({
|
|
1413
|
+
brokerErrorName: e.name,
|
|
1414
|
+
brokerErrorCode: e.errorCode,
|
|
1415
|
+
}, silentRequest.correlationId);
|
|
1389
1416
|
// If native token acquisition fails for availability reasons fallback to web flow
|
|
1390
1417
|
if (e instanceof NativeAuthError && isFatalNativeAuthError(e)) {
|
|
1391
1418
|
this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow");
|